Related papers: Rectifying Administrated ERC20 Tokens

Rectifying Administrated ERC20 Tokens

URL: http://arxiv.org/abs/2107.10979v1
Date: Sat, 17 Jul 2021 18:40:34 GMT
Title: Rectifying Administrated ERC20 Tokens
Authors: Nikolay Ivanov, Hanqing Guo, and Qiben Yan
Abstract summary: Many smart contracts are administrated, and the owners of these tokens carry lesser social and legal responsibilities. This entails two major problems: a) the owners of the tokens have the ability to quickly steal all the funds and disappear from the market; and b) if the private key of the owner's account is stolen, all the assets might immediately turn into the property of the attacker. We introduce SafelyAdministrated - a library that enforces a responsible ownership and management of ERC20 tokens.
Score: 9.185979263744263
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: The developers of Ethereum smart contracts often implement administrating patterns, such as censoring certain users, creating or destroying balances on demand, destroying smart contracts, or injecting arbitrary code. These routines turn an ERC20 token into an administrated token - the type of Ethereum smart contract that we scrutinize in this research. We discover that many smart contracts are administrated, and the owners of these tokens carry lesser social and legal responsibilities compared to the traditional centralized actors that those tokens intend to disrupt. This entails two major problems: a) the owners of the tokens have the ability to quickly steal all the funds and disappear from the market; and b) if the private key of the owner's account is stolen, all the assets might immediately turn into the property of the attacker. We develop a pattern recognition framework based on 9 syntactic features characterizing administrated ERC20 tokens, which we use to analyze existing smart contracts deployed on Ethereum Mainnet. Our analysis of 84,062 unique Ethereum smart contracts reveals that nearly 58% of them are administrated ERC20 tokens, which accounts for almost 90% of all ERC20 tokens deployed on Ethereum. To protect users from the frivolousness of unregulated token owners without depriving the ability of these owners to properly manage their tokens, we introduce SafelyAdministrated - a library that enforces a responsible ownership and management of ERC20 tokens. The library introduces three mechanisms: deferred maintenance, board of trustees and safe pause. We implement and test SafelyAdministrated in the form of Solidity abstract contract, which is ready to be used by the next generation of safely administrated ERC20 tokens.

Related papers

DogeFuzz: A Simple Yet Efficient Grey-box Fuzzer for Ethereum Smart Contracts [38.770693229208355]
We present DogeFuzz, an infrastructure for fuzzing smart contracts. We compare DogeFuzz with state-of-the-art fuzzers for smart contracts.
arXiv Detail & Related papers (2024-09-03T11:08:53Z)
Demystifying and Detecting Cryptographic Defects in Ethereum Smart Contracts [14.203991954526789]
We conducted the first study aimed at demystifying and detecting cryptographic defects in smart contracts. We proposed CrySol, a fuzzing-based tool to automate the detection of cryptographic defects in smart contracts. We collected a large-scale dataset containing 25,745 real-world crypto-related smart contracts and evaluated CrySol's effectiveness on it.
arXiv Detail & Related papers (2024-08-09T08:40:08Z)
Who Wins Ethereum Block Building Auctions and Why? [2.762397703396294]
The MEV-Boost block auction contributes approximately 90% of all blocks. Between October 2023 and March 2024, only three builders produced 80% of them. We identify features that play a significant role in builders' ability to win blocks and earn profits.
arXiv Detail & Related papers (2024-07-18T22:49:37Z)
End-user Comprehension of Transfer Risks in Smart Contracts [16.333145153972566]
We focus on five transfer risks with severe impact on transfer outcomes and user objectives. We conducted a user study investigating end-user comprehension of smart contract transfer risks with 110 participants and USDT/MetaMask. We performed manual and automated source code analysis of the next top (78) ERC-20 smart contracts (after USDT) to identify the prevalence of these risks.
arXiv Detail & Related papers (2024-07-16T07:18:45Z)
Vulnerability Scanners for Ethereum Smart Contracts: A Large-Scale Study [44.25093111430751]
In 2023 alone, such vulnerabilities led to substantial financial losses exceeding a billion of US dollars. Various tools have been developed to detect and mitigate vulnerabilities in smart contracts. This study investigates the gap between the effectiveness of existing security scanners and the vulnerabilities that still persist in practice.
arXiv Detail & Related papers (2023-12-27T11:26:26Z)
Unpacking How Decentralized Autonomous Organizations (DAOs) Work in Practice [54.47385318258732]
Decentralized Autonomous Organizations (DAOs) have emerged as a novel way to coordinate a group of entities towards a shared vision. In just a few years, over 4,000 DAOs have been launched in various domains, such as investment, education, health, and research. Despite such rapid growth and diversity, it is unclear how theses actually work in practice and to what extent they are effective in achieving their goals.
arXiv Detail & Related papers (2023-04-17T01:30:03Z)
Who is Gambling? Finding Cryptocurrency Gamblers Using Multi-modal Retrieval Methods [46.17004007514548]
We propose a tool termed ETHGamDet to discover gambling behaviors and identify the contracts and addresses involved in gambling. The tool is able to automatically detect the smart contracts and addresses involved in gambling by scrutinizing the smart contract code and address transaction records. We present a novel LightGBM model with memory components, which possesses the ability to learn from its own misclassifications.
arXiv Detail & Related papers (2022-11-27T10:07:13Z)
Token Spammers, Rug Pulls, and SniperBots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB) [50.888293380932616]
We study the ecosystem of the tokens and liquidity pools. We find that about 60% of tokens are active for less than one day. We estimate that 1-day rug pulls generated $240 million in profits.
arXiv Detail & Related papers (2022-06-16T14:20:19Z)
Detecting DeFi Securities Violations from Token Smart Contract Code [0.4263043028086136]
Decentralized Finance (DeFi) is a system of financial products and services built and delivered through smart contracts on various blockchains. This study aims to uncover whether we can identify DeFi projects potentially engaging in securities violations based on their tokens' smart contract code.
arXiv Detail & Related papers (2021-12-06T01:44:08Z)
Blockchains through ontologies: the case study of the Ethereum ERC721 standard in OASIS (Extended Version) [0.0]
This paper reports on how to leverage the emphOntology for Agents, Systems, and Integration of Services as a general means for the semantic representation of smart contracts stored on blockchain as software agents. Special attention is paid to non-fungible tokens (NFTs), whose management through the ERC721 standard is presented as a case study.
arXiv Detail & Related papers (2021-09-07T06:54:11Z)
ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning [80.85273827468063]
Existing machine learning-based vulnerability detection methods are limited and only inspect whether the smart contract is vulnerable. We propose ESCORT, the first Deep Neural Network (DNN)-based vulnerability detection framework for smart contracts. We show that ESCORT achieves an average F1-score of 95% on six vulnerability types and the detection time is 0.02 seconds per contract.
arXiv Detail & Related papers (2021-03-23T15:04:44Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.