A Study on Ethereum’s Smart Contract Vulnerabilities
LUJAIN MOHAMMED IBRAHIM ALHAJRI
Many critical sectors, such as the government sector, seek to implement their services based on blockchain technology to benefit from its advantages, such as security and transparency. Since blockchain technology is very complex and requires heavy computations and supercomputers to implement it from scratch, there is a need for a platform that can be used to implement any application or service based on blockchain technology. Ethereum is one platform inspired by Bitcoin – it is considered the leading platform used by financial and non-financial industries to build applications based on blockchain. Ethereum implements applications that act in a decentralised manner, called DApps. These DApps implemented by scripts to run in a less vulnerable situation as possible which called Smart Contracts. Smart contracts targeted by critical attacks by exploiting severe vulnerabilities. This project aims to identify comprehensive Ethereum smart contract vulnerabilities that susceptible to attack. This project studies and analyze the causes of these vulnerabilities and find the prevention methods to avoid these vulnerabilities. This project simulates three different attacks scenarios for the most severe three vulnerabilities. Also, this project tests these scenarios by deploying it to the Ethereum public test network. Meaning this project proves experimentally how the smart contract code can be exploited and how to secure it. Furthermore, concerning other existing researches, there is no academic research examined smart contract vulnerabilities practically, which make this work as an addition to the cybersecurity academic field. Also, this work can be a proposal to Ethereum blockchain developers to attain practical solutions to prevents these vulnerabilities in the future improvements of the Ethereum smart contract.