Related papers: Rectifying Administrated ERC20 Tokens

Rectifying Administrated ERC20 Tokens

URL: http://arxiv.org/abs/2107.10979v1
Date: Sat, 17 Jul 2021 18:40:34 GMT
Title: Rectifying Administrated ERC20 Tokens
Authors: Nikolay Ivanov, Hanqing Guo, and Qiben Yan
Abstract summary: Many smart contracts are administrated, and the owners of these tokens carry lesser social and legal responsibilities. This entails two major problems: a) the owners of the tokens have the ability to quickly steal all the funds and disappear from the market; and b) if the private key of the owner's account is stolen, all the assets might immediately turn into the property of the attacker. We introduce SafelyAdministrated - a library that enforces a responsible ownership and management of ERC20 tokens.
Score: 9.185979263744263
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: The developers of Ethereum smart contracts often implement administrating patterns, such as censoring certain users, creating or destroying balances on demand, destroying smart contracts, or injecting arbitrary code. These routines turn an ERC20 token into an administrated token - the type of Ethereum smart contract that we scrutinize in this research. We discover that many smart contracts are administrated, and the owners of these tokens carry lesser social and legal responsibilities compared to the traditional centralized actors that those tokens intend to disrupt. This entails two major problems: a) the owners of the tokens have the ability to quickly steal all the funds and disappear from the market; and b) if the private key of the owner's account is stolen, all the assets might immediately turn into the property of the attacker. We develop a pattern recognition framework based on 9 syntactic features characterizing administrated ERC20 tokens, which we use to analyze existing smart contracts deployed on Ethereum Mainnet. Our analysis of 84,062 unique Ethereum smart contracts reveals that nearly 58% of them are administrated ERC20 tokens, which accounts for almost 90% of all ERC20 tokens deployed on Ethereum. To protect users from the frivolousness of unregulated token owners without depriving the ability of these owners to properly manage their tokens, we introduce SafelyAdministrated - a library that enforces a responsible ownership and management of ERC20 tokens. The library introduces three mechanisms: deferred maintenance, board of trustees and safe pause. We implement and test SafelyAdministrated in the form of Solidity abstract contract, which is ready to be used by the next generation of safely administrated ERC20 tokens.

Related papers

Characterizing Transfer Graphs of Suspicious ERC-20 Tokens [0.2621730497733947]
This paper seeks to understand how fraudulent schemes may be characterized and develop methods for detecting them. A common use of smart contracts is implementing fungible tokens with the ERC-20 interface. By parsing the event logs emitted by these ERC-20 contracts over 20 different periods of 100K blocks, we construct token transfer graphs for each of the available ERC-20 tokens.
arXiv Detail & Related papers (2025-01-20T18:49:01Z)
Collaborative and parametric insurance on the Ethereum blockchain [0.0]
This paper introduces a blockchain-based insurance scheme that integrates parametric and collaborative elements. A pool of investors, referred to as surplus providers, locks funds in a smart contract, enabling blockchain users to underwrite parametric insurance contracts. The smart contract is developed in Solidity, a high-level programming language for the blockchain, and deployed on the Sepolia testnet.
arXiv Detail & Related papers (2024-12-03T20:03:40Z)
DogeFuzz: A Simple Yet Efficient Grey-box Fuzzer for Ethereum Smart Contracts [38.770693229208355]
We present DogeFuzz, an infrastructure for fuzzing smart contracts. We compare DogeFuzz with state-of-the-art fuzzers for smart contracts.
arXiv Detail & Related papers (2024-09-03T11:08:53Z)
Demystifying and Detecting Cryptographic Defects in Ethereum Smart Contracts [14.203991954526789]
We conducted the first study aimed at demystifying and detecting cryptographic defects in smart contracts. We proposed CrySol, a fuzzing-based tool to automate the detection of cryptographic defects in smart contracts. We collected a large-scale dataset containing 25,745 real-world crypto-related smart contracts and evaluated CrySol's effectiveness on it.
arXiv Detail & Related papers (2024-08-09T08:40:08Z)
Who Wins Ethereum Block Building Auctions and Why? [2.762397703396294]
The MEV-Boost block auction contributes approximately 90% of all blocks. Between October 2023 and March 2024, only three builders produced 80% of them. We identify features that play a significant role in builders' ability to win blocks and earn profits.
arXiv Detail & Related papers (2024-07-18T22:49:37Z)
Vulnerability Scanners for Ethereum Smart Contracts: A Large-Scale Study [44.25093111430751]
In 2023 alone, such vulnerabilities led to substantial financial losses exceeding a billion of US dollars. Various tools have been developed to detect and mitigate vulnerabilities in smart contracts. This study investigates the gap between the effectiveness of existing security scanners and the vulnerabilities that still persist in practice.
arXiv Detail & Related papers (2023-12-27T11:26:26Z)
Empirical Review of Smart Contract and DeFi Security: Vulnerability Detection and Automated Repair [36.46679501556185]
Decentralized Finance (DeFi) is emerging as a peer-to-peer financial ecosystem. smart contracts hold a massive amount of value, making them an attractive target for attacks. This paper reviews the progress made in the field of smart contract and DeFi security from the perspective of both vulnerability detection and automated repair.
arXiv Detail & Related papers (2023-09-05T17:00:42Z)
Unpacking How Decentralized Autonomous Organizations (DAOs) Work in Practice [54.47385318258732]
Decentralized Autonomous Organizations (DAOs) have emerged as a novel way to coordinate a group of entities towards a shared vision. In just a few years, over 4,000 DAOs have been launched in various domains, such as investment, education, health, and research. Despite such rapid growth and diversity, it is unclear how theses actually work in practice and to what extent they are effective in achieving their goals.
arXiv Detail & Related papers (2023-04-17T01:30:03Z)
Token Spammers, Rug Pulls, and SniperBots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB) [50.888293380932616]
We study the ecosystem of the tokens and liquidity pools. We find that about 60% of tokens are active for less than one day. We estimate that 1-day rug pulls generated $240 million in profits.
arXiv Detail & Related papers (2022-06-16T14:20:19Z)
Blockchains through ontologies: the case study of the Ethereum ERC721 standard in OASIS (Extended Version) [0.0]
This paper reports on how to leverage the emphOntology for Agents, Systems, and Integration of Services as a general means for the semantic representation of smart contracts stored on blockchain as software agents. Special attention is paid to non-fungible tokens (NFTs), whose management through the ERC721 standard is presented as a case study.
arXiv Detail & Related papers (2021-09-07T06:54:11Z)
ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning [80.85273827468063]
Existing machine learning-based vulnerability detection methods are limited and only inspect whether the smart contract is vulnerable. We propose ESCORT, the first Deep Neural Network (DNN)-based vulnerability detection framework for smart contracts. We show that ESCORT achieves an average F1-score of 95% on six vulnerability types and the detection time is 0.02 seconds per contract.
arXiv Detail & Related papers (2021-03-23T15:04:44Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.