Smart Contracts, Vulnerability Exploitation in Solidity Smart Contracts and Best Practices

Speaker:  RK Shyamasundar – Mumbai, India
Topic(s):  Security and Privacy


Smart contracts have been subjected to several attacks that have exploited various vulnerabilities of languages like Solidity,  which has resulted in huge financial losses. The functioning and deployment of smart contracts are somewhat different from classical programming environments. Once a smart contract is up and running, changing it, is very complicated and nearly infeasible as the contract was expected to be immutable when created. If we find a defect in a deployed smart contract, a new version of that contract has to be created and deployed with concurrence from the stakeholders. Further, when a new version of an existing contract is deployed, data stored in the previous contract does not get transferred automatically to the newly refined contract. We have to manually populate the new contract with the past data which makes it very cumbersome and not very trustworthy. As neither updating a contract nor rolling back an update is possible, it greatly increases the complexity of implementation and places a huge responsibility while being deployed initially on the blockchain.

In this talk, we shall first provide an introduction to smart contracts and discuss the structure of smart contracts written in one of the widely used smart contract languages Solidity on Ethereum. Then, we illustrate how several features of the language have been exploited leading to huge financial losses. We further, discuss best practices to overcome such exploitations of vulnerabilities of the language.

About this Lecture

Number of Slides:  70
Duration:  60 minutes
Languages Available:  English
Last Updated: 

Request this Lecture

To request this particular lecture, please complete this online form.

Request a Tour

To request a tour with this speaker, please complete this online form.

All requests will be sent to ACM headquarters for review.