Blockchain Security Knowledge Base
Published in
3 min readJul 20, 2021
Special for immunefi.com
Start from:
Resources:
- Flash Crash for Cash: Cyber Threats in Decentralized Finance: https://arxiv.org/pdf/2106.10740.pdf
- The Eye of Horus: Spotting and Analyzing Attacks on Ethereum Smart Contracts:
https://arxiv.org/pdf/2101.06204.pdf - BLOCKEYE:
https://arxiv.org/pdf/2103.02873.pdf - Topological Anomaly Detection in Dynamic Multilayer Blockchain Networks:
https://arxiv.org/pdf/2106.01806.pdf - GoHammer Blockchain Performance Test Tool:
https://arxiv.org/pdf/2105.00847.pdf - EtherClue: Digital investigation of attacks on Ethereum smart contracts:
https://arxiv.org/pdf/2104.05293.pdf - A Survey of Security Vulnerabilities in Ethereum Smart Contracts:
https://arxiv.org/pdf/2105.06974.pdf - An approach to detect Denial of Service Vulnerability in Ethereum Smart Contracts:
https://arxiv.org/pdf/2106.01340.pdf - AGSolT: a Tool for Automated Test-Case Generation for Solidity Smart Contracts:
https://arxiv.org/pdf/2102.08864.pdf - Temporal-Amount Snapshot MultiGraph for Ethereum Transaction Tracking:
https://arxiv.org/pdf/2102.08013.pdf - Demystifying Cryptocurrency Mining Attacks: A Semi-supervised Learning Approach Based on Digital Forensics and Dynamic Network Characteristics:
https://arxiv.org/pdf/2102.10634.pdf - Reentrancy Vulnerability Identification in Ethereum Smart Contracts:
https://arxiv.org/pdf/2105.02881.pdf - A General Framework for the Security Analysis of Blockchain Protocols:
https://arxiv.org/pdf/2009.09480v2.pdf - Coinbugs: Enumerating Common Blockchain Implementation-Level Vulnerabilities:
https://arxiv.org/pdf/2104.06540.pdf - Vulnerabilities and Open Issues of Smart Contracts: A Systematic Mapping:
https://arxiv.org/pdf/2104.12295.pdf - SuMo: A Mutation Testing Strategy for Solidity Smart Contracts:
https://arxiv.org/pdf/2105.03626.pdf - (In)Stability for the Blockchain: Deleveraging Spirals and Stablecoin Attacks:
https://arxiv.org/pdf/1906.02152.pdf - A Framework and DataSet for Bugs in Ethereum Smart Contracts:
https://arxiv.org/pdf/2009.02066.pdf - Extracting Smart Contracts Tested and Verified in Coq:
https://arxiv.org/pdf/2012.09138.pdf - Trustless, privacy-preserving blockchain bridges:
https://arxiv.org/pdf/2102.04660.pdf - Security checklists for Ethereum smart contract development: patterns and best practices:
https://arxiv.org/pdf/2008.04761.pdf - Dynamic Vulnerability Detection on Smart Contracts Using Machine Learning:
https://arxiv.org/pdf/2102.07420.pdf - Targeting the Weakest Link: Social Engineering Attacks in Ethereum Smart Contracts:
https://arxiv.org/pdf/2105.00132.pdf - OptSmart: A Space Efficient Optimistic Concurrent Execution of Smart Contracts:
https://arxiv.org/pdf/2102.04875.pdf - DEFECTCHECKER: Automated Smart Contract Defect Detection by Analyzing EVM Bytecode:
https://arxiv.org/pdf/2009.02663.pdf - SmartBugs: A Framework to Analyze Solidity Smart Contracts:
https://arxiv.org/pdf/2007.04771.pdf - Profiling Gas Leaks in Solidity Smart Contracts:
https://arxiv.org/pdf/2008.05449.pdf - Ethereum SmartContract Vulnerability Detection using Deep Neural Network and Transfer Learning:
https://arxiv.org/pdf/2103.12607.pdf - SCSGuard: Deep Scam Detection for Ethereum Smart Contracts:
https://arxiv.org/pdf/2105.10426.pdf - CLOAK: A Framework For Development of Confidential Blockchain Smart Contracts:
https://arxiv.org/pdf/2106.13926.pdf - DeFi Developer RoadMap:
https://github.com/OffcierCia/DeFi-Developer-Road-Map
Tools:
- Mythril:
https://github.com/ConsenSys/mythril - Oyente:
https://github.com/melonproject/oyente - Security Scanner:
https://securify.chainsecurity.com - CryptoFin Solidity Auditing Checklist:
https://github.com/cryptofinlabs/audit-checklist - MythX:
https://mythx.io - SmartCheck:
https://tool.smartdec.net - EVM disassembler:
https://github.com/crytic/ethersplay - Alternative EVM disassembler:
https://github.com/Arachnid/evmdis - Visualise Solidity control flow:
https://github.com/raineorshine/solgraph - Symbolic execution tool on Smart Contracts:
https://github.com/trailofbits/manticore - A Solidity static analysis framework:
https://github.com/crytic/slither - The SECBIT static analysis extension to Solidity compiler:
https://github.com/sec-bit/adelaide - A modular verifier for Solidity smart contracts:
https://github.com/SRI-CSL/solidity - Buggy ERC20 Tokens:
https://github.com/sec-bit/awesome-buggy-erc20-tokens - A visual Solidity architecture analyzer:
https://piet.slock.it - Solidity function profiler:
https://github.com/EricR/sol-function-profiler - Hot-reloading solidity test framework:
https://github.com/hillstreetlabs/espresso - A special implementation of the Ethereum virtual machine:
https://github.com/dapphub/dapptools/tree/master/src/hevm - Solidity lexical preprocessor:
https://github.com/Lamarkaz/psol - Plugin for testing smart contracts:
https://github.com/cobraframework/pytest-cobra