Analysis of smart contract exploits in Ethereum virtual machine
DOI:
https://doi.org/10.31449/upinf.228Keywords:
binary exploit, cyber security, Ethereum, SolidityAbstract
Over the past decade, interest in cryptocurrencies has grown significantly. Along with this, there has been an increase in the capital locked in smart contracts, which has simultaneously heightened the risk of attacks. Preventing attacks on smart contracts requires an analysis of coding patterns and the environment in which smart contracts operate. This article examines the security of the Ethereum network and its role in the development of decentralized applications (dApps). We review the use of the Ethereum Virtual Machine (EVM), the Solidity programming language, and the compiler in the construction of smart contracts. Additionally, we describe the security challenges faced by the Ethereum ecosystem and analyze three past attacks on decentralized protocols. The article also presents a concrete example of an attack on a smart contract, exploiting a vulnerability in its implementation. The result of this article is the demonstration of a smart contract that functions correctly under normal use but contains a vulnerability that can be exploited to alter its state without authorization.
