Historical analysis of decentralized applications
This report explores the development and application of automated tools and frameworks for analyzing Ethereum-based smart contracts, particularly within the decentralized finance (DeFi) sector. Smart contracts, which enable self-executing agreements, present unique challenges in terms of security...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
Nanyang Technological University
2024
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/181134 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | This report explores the development and application of automated tools and
frameworks for analyzing Ethereum-based smart contracts, particularly within the
decentralized finance (DeFi) sector. Smart contracts, which enable self-executing
agreements, present unique challenges in terms of security and efficiency due to their
immutable nature once deployed. The primary objective of this study is to develop
methods that enhance the functionality of existing program analysis tools, such as
InvCon, Diligent Fuzzing, Mythril, and Foundry, to provide a comprehensive
understanding of smart contract behavior and to identify vulnerabilities and
inefficiencies.
The study outlines the use of InvCon for testing contract invariants, which ensures that
smart contracts behave as expected under various conditions. Diligent Fuzzing is
leveraged to uncover potential vulnerabilities in smart contracts by automatically
generating and testing random inputs. Mythril is used to perform symbolic execution
and taint analysis, identifying common security issues in smart contract code. Foundry
is introduced as a powerful toolchain for managing the writing, testing, and
deployment of smart contracts, streamlining the entire development lifecycle.
Additionally, the concept of proxy contracts is explored, highlighting their importance
in enabling contract upgradeability while preserving state.
While the study encountered challenges, such as compatibility issues with older
Solidity versions and the complexity of blockchain technology, it successfully
establishes a foundation for future advancements in smart contract analysis. The
findings illustrate the potential for automated testing to improve the security and
functionality of decentralized applications. This report also provides recommendations
for further research, including cross-chain compatibility, gas optimization, and the
integration of AI-driven analysis frameworks. The methodologies developed here pave
the way for more robust security practices in the blockchain ecosystem. |
|---|