As the largest public blockchain-based platform supporting smart contracts, Ethereum has accumulated a large number of user transaction records since its debut in 2014. Analysis of Ethereum ...transaction records, however, is still relatively unexplored till now. Modeling the transaction records as a static simple graph, existing methods are unable to accurately characterize the temporal and multiplex features of the edges. In this brief, we first model the Ethereum transaction records as a complex network by incorporating time and amount features of the transactions, and then design several flexible temporal walk strategies for random-walk based graph representation of this large-scale network. Experiments of temporal link prediction on real Ethereum data demonstrate that temporal information and multiplicity characteristic of edges are indispensable for accurate modeling and understanding of Ethereum transaction networks.
•Framework and solution for shipment tracking and delivery.•Demonstrate how IoT and blockchain technologies can ensure shipment tracking.•Describe the overall system for efficient shipment ...tracking.•Application to multi-echelon and multi-party settings.
Efficient tracking of shipments is critical in managing global trade and logistics activities. The volume of global container movement combined with information opaqueness and process complexity necessitates implementing a robust technology solution with real time tracking capabilities. Blockchain is an emerging technology that offers the necessary platform to track and manage shipment movements in the supply chain using a peer-to-peer, secured, distributed ledger, and without intermediaries or trusted third parties. In this paper, we propose a blockchain-based solution for efficient supply chain management involving items shipped via smart containers. Our proposed solution utilizes the features of smart contracts in Ethereum blockchain to govern and manage interactions between the sender and receiver. Shipped items are included in smart containers equipped with Internet of Things (IoT) sensors that can be used to track and monitor predefined shipping conditions related to temperature, geographical location, humidity, pressure, light exposure, sudden fall, broken seal, etc. Ethereum smart contracts are used to manage shipment conditions, automate payments, legitimize receiver and also issue a refund in case of violations to predefined conditions. In the paper, we present and discuss key aspects related to architectural design, entity relations, interactions among participants, information flow, implementation and testing of the overall system functionality with a potential business case applied to vaccine supply chain. The Smart contracts were implemented in Solidity language and tested using Remix IDE environment, the code has been made publicly available for academic, research and practice community.
In the increasing literature dealing with the potential applications of blockchain technology in the energy sector, one key aspect is under-estimated: the use of renewal energies to fuel the energy ...consumed by the blockchain technology. The vast majority of blockchain-based projects use the Proof-of-Work (POW) consensus algorithm, which paradoxically is well-known to consume a high level of electricity - how can a new solution promote green energy with transactions that are validated through a non-green process (POW protocol)? This perspective discusses this apparent contradiction by debating the extent to which the cryptographic validation of the POW-based blockchain technology (illustrated by Bitcoin here) can really fuelled with green electricity. I explain that the vast majority of the literature dealing with the ecological influence of Bitcoin mainly focus on the energetic dimension under-estimating the environmental impact. Integrating research about Life Cycle Assessments, I suggest here a conceptual framework rejecting the implicit assumption that renewable energy fuelled mining industry would make POW based operations greener. In the light of the recent ban of mining operations in China and Iran, the issue discussed in this article is timely for policymakers who need to promote the development of standards for mining operations related equipment in order to avoid potential negative environmental side effects.
•Analyse the link POW-based Blockchain technology and renewables energies.•Advocate for a decrease in crypto-mining activities.•Promote research for new crypto-mining algorithms.•Promote the use of a non Proof-of-Work based Blockchain technology.
The Smart Contract Weakness Classification Registry (SWC Registry) is a widely recognized list of smart contract weaknesses specific to the Ethereum platform. Despite the SWC Registry not being ...updated with new entries since 2020, the sustained development of smart contract analysis tools for detecting SWC-listed weaknesses highlights their ongoing significance in the field. However, evaluating these tools has proven challenging due to the absence of a large, unbiased, real-world dataset. To address this problem, we aim to build a large-scale SWC weakness dataset from real-world DApp projects. We recruited 22 participants and spent 44 person-months analyzing 1,199 open-source audit reports from 29 security teams. In total, we identified 9,154 weaknesses and developed two distinct datasets, i.e., DAPPSCAN-SOURCE and DAPPSCAN-BYTECODE. The DAPPSCAN-SOURCE dataset comprises 39,904 Solidity files, featuring 1,618 SWC weaknesses sourced from 682 real-world DApp projects. However, the Solidity files in this dataset may not be directly compilable for further analysis. To facilitate automated analysis, we developed a tool capable of automatically identifying dependency relationships within DApp projects and completing missing public libraries. Using this tool, we created DAPPSCAN-BYTECODE dataset, which consists of 6,665 compiled smart contract with 888 SWC weaknesses. Based on DAPPSCAN-BYTECODE, we conducted an empirical study to evaluate the performance of state-of-the-art smart contract weakness detection tools. The evaluation results revealed sub-par performance for these tools in terms of both effectiveness and success detection rate, indicating that future development should prioritize real-world datasets over simplistic toy contracts.
As blockchain platforms are becoming increasingly noticeable in financial services and beyond, questions arise regarding their suitability to compete with or replace existing payment systems and ...marketplaces and redesign the financial infrastructures of the future. Prominent among these concerns are issues around governance and control in distributed ledgers: How are distributed ledger technologies governed? Can blockchains address complex administration problems? What key issues of note for practitioners and academics have emerged thus far? In this paper we aim to review the existing governance practices of established or popular blockchain and decentralized autonomous organization (DAO) systems with a view to understanding how they hold up in times of crises. What questions are raised when they are compromised or faced consensus challenges in coordinating action especially around control and accountability? We use a translational process, generating focal insights about present concerns from the reference point of completed academic studies and extensive practitioner consultation. Rather than adopting a declarative approach attempting to provide all the answers, we draw insights from the IT platform governance literature to offer a critical perspective for asking the right questions around key governance issues in financial infrastructure such as decision rights, control mechanisms, and incentives.
Blockchain is an emerging technology which has attracted wide attention in recent years. As one of the blockchain applications, cryptocurrency has developed rapidly in recent years, attracting ...criminals to commit fraud and money laundering. Therefore, to better protect the legitimate interests of users and help formulate an effective supervision, it is necessary to track and follow transaction records on blockchain-based systems. This paper studies the problem of transaction tracking in Ethereum from a network perspective, aiming to study explainable strategies for money flow generation. We first collect the space-intensive transaction data from Ethereum blockchain and model them as temporal weighted multi-digraphs. A variety of tracking strategies considering different transaction factors (i.e., frequency and amount) are proposed, and the corresponding random-walk based link predictions method are designed for evaluation. Our method gets explainable results from the experiments, demonstrating that both transaction frequency and amount influence the generation of new transactions in Ethereum. This means when tracking the money flow among Ethereum accounts, we should pay more attention to those transaction paths having a shorter time interval and a larger amount. From these transaction features, the proposed random-walk based link prediction framework is found to be an effective method for transaction tracking. Furthermore, we show an application of transaction tracking via link prediction effectively enhance the ability to detect the suspicious accounts in Ethereum.
A remarkable interest in the Internet of Things (IoT)-based smart cities from both academia and industry has been observed in recent years. Smart cities can offer various smart applications such as ...intelligent transportation, industry 4.0, smart banking, among others, for boosting the life quality of citizens. Security is one of the key challenges of a smart city. One can enable smart cities with a blockchain to offer enhanced security via storing transactions in a secure, transparent, decentralized, and immutable ledger. However, both blockchain and smart cities are in their infancy and significant research efforts are needed to integrate them. In this paper, we comprehensively review the role of blockchain in enabling IoT-based smart cities. First, we present the evolution of blockchain technology in terms of constituent technologies, consensus algorithms, and blockchain platforms. Second, we discuss and critically evaluate various smart applications enabled by blockchain. Third, we present real-world blockchain implementation in smart cities as case studies. Fourth, we present the key requirements to integrate blockchain with smart cities. Finally, we present open research challenges along with their key causes and possible solutions.
•Chronological review of blockchain genesis, inception, and evolution.•Detailed review of applications of blockchain in smart environments in the smart city.•Discussion as case studies of blockchain real-world implementation.•Identification of data-centric requirements for blockchain-based smart cities.•Discussion on open research challenges for blockchain-based smart cities.
Blockchain technology has been an emerging solution to various problems in the healthcare sector. Its applications in the healthcare sector range from securing patient data to increasing transparency ...in the pharmaceutical supply chain. Here, consumer electronic devices are used to collect and process healthcare data before uploading them to a blockchain network. Many schemes have been already developed using blockchain technology, Mobile Edge Computing (MEC), and consumer electronic devices to exchange Electronic Medical Records (EMR) efficiently. However, they face many critical concerns like data security, automation, and scalability. A novel blockchain-based EMR sharing scheme is proposed in this work to solve these problems. It protects the system during the entire Health Information Exchange (HIE) process between the patient and doctor. Here, consumer electronic devices and MEC are used to generate and upload EMRs and diagnosis reports. The proposed scheme utilizes Advanced Encryption Standard (AES), Rivest Shamir and Adleman (RSA), Edwards-curve Digital Signature Algorithm (EdDSA), Elliptic Curve Digital Signature Algorithm (ECDSA) techniques, and Inter-Planetary File System (IPFS) to securely store EMRs, so that they cannot be tampered with and are always available to authorized users. Experimental results of the proposed scheme show its efficiency compared to other existing well-known schemes.
Revealing Hidden Threats: An Empirical Study of Library Misuse in Smart Contracts Huang, Mingyuan; Chen, Jiachi; Jiang, Zigui ...
Proceedings of the IEEE/ACM 46th International Conference on Software Engineering, Proceedings of the 46th IEEE/ACM International Conference on Software Engineering,
02/2024
Conference Proceeding
Smart contracts are Turing-complete programs that execute on the blockchain. Developers can implement complex contracts, such as auctions and lending, on Ethereum using the Solidity programming ...language. As an object-oriented language, Solidity provides libraries within its syntax to facilitate code reusability and reduce development complexity. Library misuse refers to the incorrect writing or usage of libraries, resulting in unexpected results, such as introducing vulnerabilities during library development or incorporating an unsafe library during contract development. Library misuse could lead to contract defects that cause financial losses. Currently, there is a lack of research on library misuse. To fill this gap, we collected more than 500 audit reports from the official websites of five audit companies and 223,336 real-world smart contracts from Etherscan to measure library popularity and library misuse. Then, we defined eight general patterns for library misuse; three of them occurring during library development and five during library utilization, which covers the entire library lifecycle. To validate the practicality of these patterns, we manually analyzed 1,018 real-world smart contracts and publicized our dataset. We identified 905 misuse cases across 456 contracts, indicating that library misuse is a widespread issue. Three patterns of misuse are found in more than 50 contracts, primarily due to developers lacking security awareness or underestimating negative impacts. Additionally, our research revealed that vulnerable libraries on Ethereum continue to be employed even after they have been deprecated or patched. Our findings can assist contract developers in preventing library misuse and ensuring the safe use of libraries.
Defining Smart Contract Defects on Ethereum Chen, Jiachi; Xia, Xin; Lo, David ...
IEEE transactions on software engineering,
2022-Jan.-1, 2022-1-1, 20220101, Letnik:
48, Številka:
1
Journal Article
Recenzirano
Odprti dostop
Smart contracts are programs running on a blockchain. They are immutable to change, and hence can not be patched for bugs once deployed. Thus it is critical to ensure they are bug-free and ...well-designed before deployment. A Contract defect is an error, flaw or fault in a smart contract that causes it to produce an incorrect or unexpected result, or to behave in unintended ways. The detection of contract defects is a method to avoid potential bugs and improve the design of existing code. Since smart contracts contain numerous distinctive features, such as the gas system. decentralized , it is important to find smart contract specified defects. To fill this gap, we collected smart-contract-related posts from Ethereum StackExchange, as well as real-world smart contracts. We manually analyzed these posts and contracts; using them to define 20 kinds of contract defects . We categorized them into indicating potential security, availability, performance, maintainability and reusability problems. To validate if practitioners consider these contract as harmful, we created an online survey and received 138 responses from 32 different countries. Feedback showed these contract defects are harmful and removing them would improve the quality and robustness of smart contracts. We manually identified our defined contract defects in 587 real world smart contract and publicly released our dataset. Finally, we summarized 5 impacts caused by contract defects. These help developers better understand the symptoms of the defects and removal priority.