ResearchTrend.AI
122
0
v1v2v3 (latest)

Security Vulnerabilities in Ethereum Smart Contracts: A Systematic Analysis

Jixuan Wu
Lei Xie
Xiaoqi Li
ArXiv (abs)PDFHTML
Abstract

Smart contracts are a secure and trustworthy application that plays a vital role in decentralized applications in various fields such as insurance,the internet, and gaming. However, in recent years, smart contract security breaches have occurred frequently, and due to their financial properties, they have caused huge economic losses, such as the most famous security incident "The DAO" which caused a loss of over 60millioninEthereum.Thishasdrawnalotofattentionfromallsides.Writingasecuresmartcontractisnowacriticalissue.ThispaperfocusesonEthersmartcontractsandexplainsthemaincomponentsofEther,smartcontractarchitectureandmechanism.TheenvironmentusedinthispaperistheEthernetenvironment,usingremixonlinecompilationplatformandSoliditylanguage,accordingtothefoursecurityeventsofAmericanChain,TheDAO,ParityandKotET,theprinciplesofintegeroverflowattack,reentrantattack,accesscontrolattackanddenialofserviceattackarestudiedandanalyzedaccordingly,andthescenariosofthesevulnerabilitiesarereproduced,andthemeasurestopreventthemaregiven.Finally,preventivemeasuresaregiven.Inaddition,theprinciplesofshortaddressattack,earlytransactionattackandprivilegedfunctionexposureattackarealsointroducedindetail,andsecuritymeasuresareproposed.Asvulnerabilitiescontinuetoemerge,theirclassificationwillalsoevolve.Theanalysisandresearchofthecurrentvulnerabilitiesarealsotolayasolidfoundationforavoidingmorevulnerabilities.60 million in Ethereum. This has drawn a lot of attention from all sides. Writing a secure smart contract is now a critical issue. This paper focuses on Ether smart contracts and explains the main components of Ether, smart contract architecture and mechanism. The environment used in this paper is the Ethernet environment, using remix online compilation platform and Solidity language, according to the four security events of American Chain, The DAO, Parity and KotET, the principles of integer overflow attack, reentrant attack, access control attack and denial of service attack are studied and analyzed accordingly, and the scenarios of these vulnerabilities are reproduced, and the measures to prevent them are given. Finally, preventive measures are given. In addition, the principles of short address attack, early transaction attack and privileged function exposure attack are also introduced in detail, and security measures are proposed. As vulnerabilities continue to emerge, their classification will also evolve. The analysis and research of the current vulnerabilities are also to lay a solid foundation for avoiding more vulnerabilities.

View on arXiv
@article{wu2025_2504.05968,
  title={ Security Vulnerabilities in Ethereum Smart Contracts: A Systematic Analysis },
  author={ Jixuan Wu and Lei Xie and Xiaoqi Li },
  journal={arXiv preprint arXiv:2504.05968},
  year={ 2025 }
}
Comments on this paper

We use cookies and other tracking technologies to improve your browsing experience on our website, to show you personalized content and targeted ads, to analyze our website traffic, and to understand where our visitors are coming from. See our policy.