Abstract:
Smart contracts are programs running on a blockchain. They are immutable to change, and hence can not be patched for bugs once deployed. Thus it is critical to ensure the...Show MoreMetadata
Abstract:
Smart contracts are programs running on a blockchain. They are immutable to change, and hence can not be patched for bugs once deployed. Thus it is critical to ensure they are bug-free and well-designed before deployment. A Contract defect is an error, flaw or fault in a smart contract that causes it to produce an incorrect or unexpected result, or to behave in unintended ways. The detection of contract defects is a method to avoid potential bugs and improve the design of existing code. Since smart contracts contain numerous distinctive features, such as the gas system. decentralized, it is important to find smart contract specified defects. To fill this gap, we collected smart-contract-related posts from Ethereum StackExchange, as well as real-world smart contracts. We manually analyzed these posts and contracts; using them to define 20 kinds of contract defects. We categorized them into indicating potential security, availability, performance, maintainability and reusability problems. To validate if practitioners consider these contract as harmful, we created an online survey and received 138 responses from 32 different countries. Feedback showed these contract defects are harmful and removing them would improve the quality and robustness of smart contracts. We manually identified our defined contract defects in 587 real world smart contract and publicly released our dataset. Finally, we summarized 5 impacts caused by contract defects. These help developers better understand the symptoms of the defects and removal priority.
Published in: IEEE Transactions on Software Engineering ( Volume: 48, Issue: 1, 01 January 2022)
Funding Agency:
Faculty of Information Technology, Monash University, Melbourne, VIC, Australia
Jiachi Chen is currently working toward the PhD degree in the Faculty of Information Technology, Monash University, Melbourne, Australia. Prior to join Monash University, he spent two years with the Hong Kong Polytechnic University and half a year with Zhejiang University in China both as a research assistant. His research interests include mining software repository and smart contract analysis.
Jiachi Chen is currently working toward the PhD degree in the Faculty of Information Technology, Monash University, Melbourne, Australia. Prior to join Monash University, he spent two years with the Hong Kong Polytechnic University and half a year with Zhejiang University in China both as a research assistant. His research interests include mining software repository and smart contract analysis.View more
Faculty of Information Technology, Monash University, Melbourne, VIC, Australia
Xin Xia received the bachelor’s and PhD degrees in computer science and software engineering from Zhejiang University, Hangzhou, China, in 2009 and 2014, respectively. He is an ARC DECRA fellow and a lecturer with the Faculty of Information Technology, Monash University, Australia. Prior to joining Monash University, he was a postdoctoral research fellow with the Software Practices Lab, University of British Columbia in C...Show More
Xin Xia received the bachelor’s and PhD degrees in computer science and software engineering from Zhejiang University, Hangzhou, China, in 2009 and 2014, respectively. He is an ARC DECRA fellow and a lecturer with the Faculty of Information Technology, Monash University, Australia. Prior to joining Monash University, he was a postdoctoral research fellow with the Software Practices Lab, University of British Columbia in C...View more
School of Information Systems, Singapore Management University, Singapore
David Lo received the PhD degree in computer science from the National University of Singapore, Singapore, in 2008. He is a ACM distinguished member and an associate professor of information systems with Singapore Management University. His research interest is in the intersection of software engineering and data science, encompassing socio-technical aspects and analysis of different kinds of software artefacts, with the ...Show More
David Lo received the PhD degree in computer science from the National University of Singapore, Singapore, in 2008. He is a ACM distinguished member and an associate professor of information systems with Singapore Management University. His research interest is in the intersection of software engineering and data science, encompassing socio-technical aspects and analysis of different kinds of software artefacts, with the ...View more
Faculty of Information Technology, Monash University, Melbourne, VIC, Australia
John Grundy is Australian laureate fellow and professor of software engineering with Monash University, Australia. He has published widely in automated software engineering, domain-specific visual languages, model-driven engineering, software architecture, and empirical software engineering, amoung many other areas. He is fellow of the Automated Software Engineering and fellow of Engineers Australia.
John Grundy is Australian laureate fellow and professor of software engineering with Monash University, Australia. He has published widely in automated software engineering, domain-specific visual languages, model-driven engineering, software architecture, and empirical software engineering, amoung many other areas. He is fellow of the Automated Software Engineering and fellow of Engineers Australia.View more
Department of Computing, Hong Kong Polytechnic University, Hong Kong
Xiapu Luo received the PhD degree from the Hong Kong Polytechnic University, Hong Kong, and then spent two years with the Georgia Institute of Technology as a postdoctoral fellow. He is an associate professor with the Department of Computing, Hong Kong Polytechnic University. His current research interests include mobile security and privacy, blockchain and smart contract, network security and privacy, software engineerin...Show More
Xiapu Luo received the PhD degree from the Hong Kong Polytechnic University, Hong Kong, and then spent two years with the Georgia Institute of Technology as a postdoctoral fellow. He is an associate professor with the Department of Computing, Hong Kong Polytechnic University. His current research interests include mobile security and privacy, blockchain and smart contract, network security and privacy, software engineerin...View more
School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China
Ting Chen received the PhD degree from the University of Electronic Science and Technology of China (UESTC), Chengdu, China, 2013. Now, he is an associate professor with the UESTC. His research interest focuses on blockchain, smart contract, and program analysis.
Ting Chen received the PhD degree from the University of Electronic Science and Technology of China (UESTC), Chengdu, China, 2013. Now, he is an associate professor with the UESTC. His research interest focuses on blockchain, smart contract, and program analysis.View more
Contents Faculty of Information Technology, Monash University, Melbourne, VIC, Australia
Jiachi Chen is currently working toward the PhD degree in the Faculty of Information Technology, Monash University, Melbourne, Australia. Prior to join Monash University, he spent two years with the Hong Kong Polytechnic University and half a year with Zhejiang University in China both as a research assistant. His research interests include mining software repository and smart contract analysis.
Jiachi Chen is currently working toward the PhD degree in the Faculty of Information Technology, Monash University, Melbourne, Australia. Prior to join Monash University, he spent two years with the Hong Kong Polytechnic University and half a year with Zhejiang University in China both as a research assistant. His research interests include mining software repository and smart contract analysis.View more
Faculty of Information Technology, Monash University, Melbourne, VIC, Australia
Xin Xia received the bachelor’s and PhD degrees in computer science and software engineering from Zhejiang University, Hangzhou, China, in 2009 and 2014, respectively. He is an ARC DECRA fellow and a lecturer with the Faculty of Information Technology, Monash University, Australia. Prior to joining Monash University, he was a postdoctoral research fellow with the Software Practices Lab, University of British Columbia in Canada, and a research assistant professor with Zhejiang University in China. To help developers and testers improve their productivity, his current research focuses on mining and analyzing rich data in software repositories to uncover interesting and actionable information. For more information,please visit https://xin-xia.github.io/.
Xin Xia received the bachelor’s and PhD degrees in computer science and software engineering from Zhejiang University, Hangzhou, China, in 2009 and 2014, respectively. He is an ARC DECRA fellow and a lecturer with the Faculty of Information Technology, Monash University, Australia. Prior to joining Monash University, he was a postdoctoral research fellow with the Software Practices Lab, University of British Columbia in Canada, and a research assistant professor with Zhejiang University in China. To help developers and testers improve their productivity, his current research focuses on mining and analyzing rich data in software repositories to uncover interesting and actionable information. For more information,please visit https://xin-xia.github.io/.View more
School of Information Systems, Singapore Management University, Singapore
David Lo received the PhD degree in computer science from the National University of Singapore, Singapore, in 2008. He is a ACM distinguished member and an associate professor of information systems with Singapore Management University. His research interest is in the intersection of software engineering and data science, encompassing socio-technical aspects and analysis of different kinds of software artefacts, with the goal of improving software quality and developer productivity. His work has been published in premier and major conferences and journals in the area of software engineering, AI, and cybersecurity.
David Lo received the PhD degree in computer science from the National University of Singapore, Singapore, in 2008. He is a ACM distinguished member and an associate professor of information systems with Singapore Management University. His research interest is in the intersection of software engineering and data science, encompassing socio-technical aspects and analysis of different kinds of software artefacts, with the goal of improving software quality and developer productivity. His work has been published in premier and major conferences and journals in the area of software engineering, AI, and cybersecurity.View more
Faculty of Information Technology, Monash University, Melbourne, VIC, Australia
John Grundy is Australian laureate fellow and professor of software engineering with Monash University, Australia. He has published widely in automated software engineering, domain-specific visual languages, model-driven engineering, software architecture, and empirical software engineering, amoung many other areas. He is fellow of the Automated Software Engineering and fellow of Engineers Australia.
John Grundy is Australian laureate fellow and professor of software engineering with Monash University, Australia. He has published widely in automated software engineering, domain-specific visual languages, model-driven engineering, software architecture, and empirical software engineering, amoung many other areas. He is fellow of the Automated Software Engineering and fellow of Engineers Australia.View more
Department of Computing, Hong Kong Polytechnic University, Hong Kong
Xiapu Luo received the PhD degree from the Hong Kong Polytechnic University, Hong Kong, and then spent two years with the Georgia Institute of Technology as a postdoctoral fellow. He is an associate professor with the Department of Computing, Hong Kong Polytechnic University. His current research interests include mobile security and privacy, blockchain and smart contract, network security and privacy, software engineering, and Internet measurement. His work appeared in top conferences and journals and led to several best paper awards.
Xiapu Luo received the PhD degree from the Hong Kong Polytechnic University, Hong Kong, and then spent two years with the Georgia Institute of Technology as a postdoctoral fellow. He is an associate professor with the Department of Computing, Hong Kong Polytechnic University. His current research interests include mobile security and privacy, blockchain and smart contract, network security and privacy, software engineering, and Internet measurement. His work appeared in top conferences and journals and led to several best paper awards.View more
School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China
Ting Chen received the PhD degree from the University of Electronic Science and Technology of China (UESTC), Chengdu, China, 2013. Now, he is an associate professor with the UESTC. His research interest focuses on blockchain, smart contract, and program analysis.
Ting Chen received the PhD degree from the University of Electronic Science and Technology of China (UESTC), Chengdu, China, 2013. Now, he is an associate professor with the UESTC. His research interest focuses on blockchain, smart contract, and program analysis.View more
