Detection of vulnerabilities in smart contracts specifications in ethereum platforms Conference Paper uri icon

abstract

  • Ethereum is the principal ecosystem based on blockchain that provides a suitable environment for coding and executing smart contracts, which have been receiving great attention due to the commercial apps and among the scientific community. The process of writing secure and well performing contracts in the Ethereum platform is a major challenge for developers. It consists of the application of non-conventional programming paradigms due to the inherent characteristics of the execution of distributed computing programs. Furthermore, the errors in the deployed contracts could have serious consequences because of the immediate linkage between the contract code and the financial transactions. The direct handling of the assets means that the errors can be more relevant for security and have greater economic consequences than a mistake in the conventional apps. In this paper, we propose a tool for the detection of vulnerabilities in high-level languages based on automatized static analysis.
  • In order to help the user to search for relevant information, Question and Answering (Q&A) Systems provide the possibility to formulate the question freely in a natural language, retrieving the most appropriate and concise answers. These systems interpret the user question to understand his information needs and return him the more adequate replies in a semantic sense; they do not perform a statistical word search like happens in the existing search engines. There are several approaches to developing and deploying Q&A Systems, making it hard to choose the best way to build the system. To turn easier this process, we are proposing a way to automatically create Q&A Systems (AcQA) based on DSLs, thus allowing the setup and the validation of the Q&A System independent of the implementation techniques. With our proposal (AcQA language), we want the developers to focus on the data and contents, instead of implementation details. We conducted an experiment to assess the feasibility of using AcQA. The study was carried out with people from the computer science field and shows that our language simplifies the development of a Q&A System.

publication date

  • January 1, 2020