Automated Tools for Secure Ethereum Smart Contract Development

Automated Tools for Secure Ethereum Smart Contract Development

This paper provides an overview of automated tools for secure development of Ethereum smart contracts. The article discusses current vulnerabilities specific to smart contracts, such as re-entrancy vulnerability, insufficient access control, price oracle manipulation, and others. Each vulnerability...

Full description

Saved in:
Bibliographic Details
Main Authors: Andrey Chaheev, Zakhar Nazarov
Format: Article
Language:Russian
Published: The Fund for Promotion of Internet media, IT education, human development «League Internet Media» 2025-04-01
Series:Современные информационные технологии и IT-образование
Subjects:
blockchain
ethereum
smart-contract
security
vulnerabilities
automated tools
Online Access:https://sitito.cs.msu.ru/index.php/SITITO/article/view/1190
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This paper provides an overview of automated tools for secure development of Ethereum smart contracts. The article discusses current vulnerabilities specific to smart contracts, such as re-entrancy vulnerability, insufficient access control, price oracle manipulation, and others. Each vulnerability is accompanied by an illustration of the vulnerable code. Next, we discuss different types of existing automated tools for secure smart contract development: static analyzer, linter, symbolic executor, fuzzing, and machine learning-based approaches. For each type of tool, a corresponding real solution is considered, which is one of the best in its category. These are open-source solutions such as the Slither static analyzer, the Solhint linter, the Mythril symbolic executor, and the Foundry framework, which includes fuzzing capabilities. The current effectiveness of modern solutions is also considered, which shows that current threats are poorly detected by existing tools. Based on this, directions for the further development of new tools for the secure development of smart contracts are proposed. The obtained results can be used to gain a deeper understanding of smart contract security issues, as well as to enhance the security of decentralized applications and develop automated smart contract auditing methods.
ISSN:2411-1473

Similar Items