Detection of vulnerabilities in smart contracts specifications in ethereum platforms
Conference Paper
Overview
Research
Identity
Additional Document Info
View All
Overview
abstract
Ethereum is the principal ecosystem based on blockchain that provides a suitable environment
for coding and executing smart contracts, which have been receiving great attention due to the
commercial apps and among the scientific community. The process of writing secure and well
performing contracts in the Ethereum platform is a major challenge for developers. It consists of
the application of non-conventional programming paradigms due to the inherent characteristics of
the execution of distributed computing programs. Furthermore, the errors in the deployed contracts
could have serious consequences because of the immediate linkage between the contract code and
the financial transactions. The direct handling of the assets means that the errors can be more
relevant for security and have greater economic consequences than a mistake in the conventional
apps. In this paper, we propose a tool for the detection of vulnerabilities in high-level languages
based on automatized static analysis.
In order to help the user to search for relevant information, Question and Answering (Q&A) Systems
provide the possibility to formulate the question freely in a natural language, retrieving the most
appropriate and concise answers. These systems interpret the user question to understand his
information needs and return him the more adequate replies in a semantic sense; they do not perform
a statistical word search like happens in the existing search engines. There are several approaches to
developing and deploying Q&A Systems, making it hard to choose the best way to build the system.
To turn easier this process, we are proposing a way to automatically create Q&A Systems (AcQA)
based on DSLs, thus allowing the setup and the validation of the Q&A System independent of the
implementation techniques. With our proposal (AcQA language), we want the developers to focus
on the data and contents, instead of implementation details. We conducted an experiment to assess
the feasibility of using AcQA. The study was carried out with people from the computer science field
and shows that our language simplifies the development of a Q&A System.