A Framework and DataSet for Bugs in Ethereum Smart Contracts

Pengcheng Zhang, Feng Xiao, Xiapu Luo

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

1 Citation (Scopus)

Abstract

Ethereum is the largest blockchain platform that supports smart contracts. Users deploy smart contracts by publishing the smart contract's bytecode to the blockchain. Since the data in the blockchain cannot be modified, even if these contracts contain bugs, it is not possible to patch deployed smart contracts with code updates. Moreover, there is currently neither a comprehensive classification framework for Ethereum smart contract bugs, nor detailed criteria for detecting bugs in smart contracts, making it difficult for developers to fully understand the negative effects of bugs and design new approaches to detect bugs. In this paper, to fill the gap, we first collect as many smart contract bugs as possible from multiple sources and divide these bugs into 9 categories by extending the IEEE Standard Classification for Software Anomalies. Then, we design the criteria for detecting each kind of bugs, and construct a dataset of smart contracts covering all kinds of bugs. With our framework and dataset, developers can learn smart contract bugs and develop new tools to detect and locate bugs in smart contracts. Moreover, we evaluate the state-of-the-art tools for smart contract analysis with our dataset and obtain some interesting findings: 1) Mythril, Slither and Remix are the most worthwhile combination of analysis tools. 2) There are still 10 kinds of bugs that cannot be detected by any analysis tool.

Original languageEnglish
Title of host publicationProceedings - 2020 IEEE International Conference on Software Maintenance and Evolution, ICSME 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages139-150
Number of pages12
ISBN (Electronic)9781728156194
DOIs
Publication statusPublished - Sep 2020
Event36th IEEE International Conference on Software Maintenance and Evolution, ICSME 2020 - Virtual, Adelaide, Australia
Duration: 27 Sep 20203 Oct 2020

Publication series

NameProceedings - 2020 IEEE International Conference on Software Maintenance and Evolution, ICSME 2020

Conference

Conference36th IEEE International Conference on Software Maintenance and Evolution, ICSME 2020
Country/TerritoryAustralia
CityVirtual, Adelaide
Period27/09/203/10/20

Keywords

  • Ethereum
  • Smart contract bug
  • Solidity

ASJC Scopus subject areas

  • Software
  • Safety, Risk, Reliability and Quality
  • Modelling and Simulation

Cite this