Fundamentals of smart contract security /

Smart contracts are an innovative application of blockchain technology. Acting as decentralized custodians of digital assets, they allow us to transfer value and information more effectively by reducing the need to trust a third party. By eliminating the need for intermediaries, smart contracts have...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autores principales: Ma, Richard (Autor), Gorzny, Jan (Autor), Zulkoski, Edward (Autor), Bak, Kacper (Autor), Mack, Olga V. (Autor)
Otros Autores: Honda, Keisuke (writer of foreword.)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: New York, New York (222 East 46th Street, New York, NY 10017) : Momentum Press, 2019.
Colección:Computer engineering foundations, currents, and trajectories collection.
Temas:
Blockchains (Databases)
Data encryption (Computer science)
Electronic funds transfers.
Chaînes de blocs.
Chiffrement (Informatique)
Transferts électroniques de fonds.
Blockchain.
Smart contracts.
Smart contracts law.
Security.
Cybersecurity.
DLT.
Distributed ledger technology.
Ethereum.
Cryptocurrencies.
Bitcoin.
Fintech.
Innovation.
Decentralization.
Blockchain programming.
Blockchain applications.
Solidity.
Cryptography.
Acceso en línea:Texto completo
Tabla de Contenidos:
  • 1. Introduction. 1.1. What are smart contracts? ; 1.2. A brief history of smart contracts ; 1.3. Uses of smart contracts ; 1.4. Where can smart contracts be used? ; 1.5. Major hacks ; 1.6. The need for secure smart contracts
  • 2. The state of blockchain security. 2.1. Blockchain fundamentals ; 2.2. Blockchain environment security layers
  • 3. Design choices, design flaws, and cryptoeconomics. 3.1. Design choices ; 3.2. Design flaws ; 3.3. Cryptoeconomics
  • 4. Common security flaws. 4.1. Transactions on ethereum in depth ; 4.2. Integer overflows and underflows ; 4.3. Race conditions in ERC20 ; 4.4 Re-entrancy ; 4.5. Transaction-ordering dependence (TOD) and front running ; 4.6. Timestamp dependence ; 4.7. Denial-of-service: exceeding block gas limit ; 4.8. Denial-of-service: transaction revert ; 4.9. Attempts to generate random numbers ; 4.10. Ensuring contracts are called by humans ; 4.11. Zero initial balance assumption ; 4.12. Deprecated call stack depth attack ; 4.13. Library design flaws ; 4.14. Exception handling ; 4.15. Validated arguments and the ethereum short address attack
  • 5. Writing secure smart contracts. 5.1. Engineering processes and standards; 5.2. Testing ; 5.3. Automated smart contract analysis with symbolic execution ; 5.4. Securify ; 5.5. Audits ; 5.6. Guidelines
  • 6. Conclusion. 6.1. Security is a business strategy, not just a technical challenge ; 6.2. Applying an iterative approach to security ; 6.3. Security is a holistic problem that involves people, systems and processes ; 6.4. Building the world of programmable money together.

Ejemplares similares