The research states that the security of the Ethereum platform could be compromised by the simple and obvious copying of smart contracts made by people and other contracts.
According to the published report, there is little diversity in the origin of smart contracts, which means that all the vulnerabilities found in the contracts have probably been reproduced thousands of times.
Entitled "Analyzing the Ethereum Contract Topology" by Luciana Kiffer and Alan Mislo of Northeastern University and Dave Levin of the University of Maryland, they examined how smart contracts are created and how Ethereum users interact with each other. This exploration revealed that most of the smart contracts on the network supporting this important ecosystem cryptocurrency "come from direct or very close copies" of previous contracts.
According to Kiffer, Mislo and Levin, who had already studied the decentralized network of Ethereum, the "reuse of the code" is a risky practice, because due to the "lack of diversity" in the contracts, the copy could have replicated code errors. To reach this conclusion, the researchers used a modified version of the Ethereum client, geth, with which they analyzed five million blockages of the chain, which covers the activities of the network since its inception in 2015.
Among the five million blocks, 125,177 smart contracts were analyzed. The report revealed that over 100,000 contracts come from just 16,373 clusters. The researchers also state that 51.1% of the contracts analyzed comes from the top 5 clusters, with the number one responsible for 26,144 token contracts, while the second is "composed of contracts involved in the October DDoS attack. 2016.
In addition to "significant code reuse", the results of interactions recorded in the geth client, known as the Ethereum Virtual Machine, stipulate that contracts are currently "three times more likely to be created by other contracts than by users" and 60% of these "have never been linked." On the other hand, the percentage of contracts created by the user hardly reaches 10%.
(…) We find that today's contracts are three times more likely to be created by other contracts than users, and that over 60% of contracts have never been correlated. Furthermore, we obtain the default bytecode of all contracts and look for similarity; we discover that less than 10% of the contracts created by the user are unique and less than 1% of the contracts created by the contract are unique.
Kiffer, Mislo and Levin
Analyzing the topology of the Ethereum contracts
According to the researchers, the simplicity with which an intelligent contract can be copied is "probably the driving force behind the success of Ethereum". However, possible errors in contracts are risks to be taken into consideration, mainly because Ethereum has a history of errors or technical failures.
Recall that in 2016, after DAO hacking, the appearance of Ethereum Classic and DDoS attacks on its platform, a vulnerability in smart contracts was detected. The bug was linked to the storage variables of smart contracts and left open the possibility of overcoming the size of contracts and overwriting certain types of contracts.
This bug was corrected with an update to Solidity, the Ethereum programming language, and marked the end of a complex year for Ethereum developers. A similar scenario to the current one, since in 2018 the proposed reduction of premiums per block, the fall in prices and the announced changes for the last quarter of the year, have questioned the current state of the "computer blockchain" ".
Join our Telegram channel or Follow @CaptainAltcoin
The writers and authors of CapitanAltcoin may or may not have a personal interest in any of the projects and activities mentioned. None of the contents on CaptainAltcoin is an investment advice, nor does it replace the advice of a certified financial planner.