Distributed Ledger Technologies (DLTs) and smart contracts are revolutionizing industries by enabling transparent, decentralized, and automated transactions. However, the security of smart contracts remains a significant concern, as vulnerabilities can undermine the reliability of such systems and lead to substantial financial losses. Despite the critical importance of ensuring their integrity, there is a notable lack of automated frameworks to comprehensively assess smart contracts’ security throughout their lifecycle, leaving them susceptible to various threats. This position paper proposes a framework to enhance smart contract security auditing, i.e., to efficiently and effectively support smart contract code analysis and testing and identify critical vulnerabilities. The framework encompasses several key components: identification of a target security profile, prioritization of potential vulnerabilities, systematic testing planning and execution, and a robust auditing and certification process. By establishing a structured approach to testing, we aim to enhance the security and reliability of smart contracts. In addition, we analyze the open challenges that must be addressed to build this framework effectively.
Position Paper: Toward a (Semi-)Automatic Framework for Smart Contract Security Audit / Bonomi, Silvia; Coppa, Emilio; Lenti, Simone; Ruggiero, Claudia. - (2025), pp. 105-109. ( 20th European Dependable Computing Conference, EDCC 2025 Lisboa; Portugal ) [10.1109/edcc66201.2025.00026].
Position Paper: Toward a (Semi-)Automatic Framework for Smart Contract Security Audit
Bonomi, Silvia
;Coppa, Emilio
;Lenti, Simone
;Ruggiero, Claudia
2025
Abstract
Distributed Ledger Technologies (DLTs) and smart contracts are revolutionizing industries by enabling transparent, decentralized, and automated transactions. However, the security of smart contracts remains a significant concern, as vulnerabilities can undermine the reliability of such systems and lead to substantial financial losses. Despite the critical importance of ensuring their integrity, there is a notable lack of automated frameworks to comprehensively assess smart contracts’ security throughout their lifecycle, leaving them susceptible to various threats. This position paper proposes a framework to enhance smart contract security auditing, i.e., to efficiently and effectively support smart contract code analysis and testing and identify critical vulnerabilities. The framework encompasses several key components: identification of a target security profile, prioritization of potential vulnerabilities, systematic testing planning and execution, and a robust auditing and certification process. By establishing a structured approach to testing, we aim to enhance the security and reliability of smart contracts. In addition, we analyze the open challenges that must be addressed to build this framework effectively.| File | Dimensione | Formato | |
|---|---|---|---|
|
Bonomi_Position_preprint_2025.pdf
accesso aperto
Note: DOI: 10.1109/EDCC66201.2025.00026
Tipologia:
Documento in Pre-print (manoscritto inviato all'editore, precedente alla peer review)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
224.58 kB
Formato
Adobe PDF
|
224.58 kB | Adobe PDF | |
|
Bonomi_Position_2025.pdf
solo gestori archivio
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
292.84 kB
Formato
Adobe PDF
|
292.84 kB | Adobe PDF | Contatta l'autore |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
