中圖分類號(hào): TP301 文獻(xiàn)標(biāo)識(shí)碼: A DOI: 10.19358/j.issn.2096-5133.2021.05.001 引用格式: 趙輝,李星,譚嘉誠,等。 智能合約安全問題與研究現(xiàn)狀[J].信息技術(shù)與網(wǎng)絡(luò)安全,2021,40(5):1-6,19.
Research status of smart contract security
Zhao Hui1,Li Xing1,Tan Jiacheng1,Gai Keke2
(1.Software College,Henan University,Kaifeng 475000,China; 2.School of Cyberspace Science and Technology,Beijing Institute of Technology,Beijing 100081,China)
Abstract: Smart contract is a program running on the blockchain, which is decentralized and tamperable. It is widely used in finance, energy, Internet of Things and other fields. However, once the smart contract is actually deployed on the real-time network, it can not be changed. While ensuring the security of the contract, defects and errors can not be solved by modifying the contract code, resulting in major security incidents. Therefore, it has become an urgent problem to test the security of the contract before the actual deployment. This paper introduces the security incidents caused by smart contract vulnerabilities, analyzes the common contract vulnerabilities in detail, and summarizes the existing contract analysis tools, which reflects the research and development status of contract security issues.
Key words : smart contract;vulnerability analysis;block chain;security analysis tool
