International Research Journal of Innovations in Engineering and Technology - IRJIET International Open Access, Monthly, Peer Reviewed, Reputed Journal ISSN (online): 2581-3048

Impact Factor (2025): 6.9

DOI Prefix: 10.47001/IRJIET

Strengthening Smart Contracts: An Investigation into Vulnerability Detection and Mitigation in Smart Contracts with a Web Application Based Tool

Abstract

This research paper explores enhancing the security of Ethereum smart contracts by addressing four core vulnerabilities: reentrancy, integer overflow/underflow, delegate call exploits, and true randomness. The final purpose of this study is the creation of a web application designed to automate vulnerability detection in Solidity code. This tool offers several advantages, such as automating the identification process, ensuring comprehensive analysis, and minimizing manual intervention. Furthermore, its cost-effective nature provides advanced security scanning, making it accessible to both individual developers and resource constrained organizations. The application significantly reduces the time required for vulnerability assessment. Moreover, its user-friendly interface accommodates users with various levels of technical analysis. By mitigating critical vulnerabilities and offering a practical, automated, and user-friendly approach, this research contributes to improving the security of Ethereum smart contracts in the blockchain ecosystem.

Country : Sri Lanka

1 Kalana Jayasinghe2 Ravindu Illeperuma3 Induja Abeyrathne4 Janindu Abeywickrama5 Chethana Liyanapathirana

  1. Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, 10115, Sri Lanka
  2. Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, 10115, Sri Lanka
  3. Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, 10115, Sri Lanka
  4. Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, 10115, Sri Lanka
  5. Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, 10115, Sri Lanka

IRJIET, Volume 7, Issue 10, October 2023 pp. 660-667

doi.org/10.47001/IRJIET/2023.710085

Full Paper
Download

References

  1. Chainlink Developers, “Introduction to Chainlink VRF,” Chainlink, 2022. [Online]. Available: https://docs.chain.link/docs/chainlink-vrf/.
  2. RANDAO: A DAO working as RNG of Ethereum,” GitHub, 20-Feb-2019. [Online]. Available: https://github.com/randao/randao.
  3. Introducing Quanta blockchain lottery protocol,” Medium, 16Aug-2016. [Online]. Available: https://medium.com/quanta/introducingquanta-blockchain-lottery-protocol-9b88a9c3ee5c.
  4. K. Chatterjee, A. K. Goharshady, and A. Pourdamghani, ”Probabilistic Smart Contracts: Secure Randomness on the Blockchain,” CoRR, vol. abs/1902.07986, 2019. [Online]. Available: https://arxiv.org/abs/1902.07986.
  5. R. A. M. A. A. A. M.,. S. Alharby, “A survey on integer overflow and underflow vulnerabilities in smart contracts,” Journal of Ambient Intelligence and Humanized Computing, pp. 971-982., 2020.
  6. H. W. Y. L. X.,. H. Chen, “A runtime monitoring strategy to mitigate integer overflow and underflow vulnerabilities in smart contracts,” pp. 477-481, 2019.
  7. Z. H. C. C. W. Z. M., L. X. Zhang, “A hybrid methodology for detecting integer overflow vulnerabilities in smart contracts,” Journal of Computer Science and Technology, pp. 600-616.
  8. M. H. Zhai and D. Lo, “Reentrancy Attack and Mitigation in Ethereum Smart Contracts,” in 2018 IEEE International Conference on Software Maintenance and Evolution (ICSME), Madrid, Spain, 2018, pp. 724-728.
  9. A.Juels and J. A. O. Garay, “The Tail at Scale,” in 2019 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2019, pp. 903-920.
  10. J. Juels and R. S. S. Pradhan, ”Grazing Attacks: A Hazards-toProperties Attack against Smart Contracts,” in 2020 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2020, pp. 853868.
  11. M. Weissbacher, C. Schubert, H. Schosser, and M. Affenzeller, “A Control Flow Graph-Based Heuristic for the Detection of Vulnerable Smart Contracts,” in 2021 IEEE Congress on Evolutionary Computation (CEC), Krakow, Poland, 2021, pp. 2835-2842.
  12. S. S. Kushwaha, S. Joshi, D. Singh, M. Kaur and H. -N. Lee, “Systematic Review of Security Vulnerabilities in Ethereum Blockchain Smart Contract,” in IEEE Access, vol. 10, pp. 6605-6621, 2022, doi: 10.1109/ACCESS.2021.3140091
  13. Z. Liu, P. Qian, J. Yang, L. Liu, X. Xu, Q. He, and X. Zhang, "Rethinking Smart Contract Fuzzing: Fuzzing With Invocation Ordering and Important Branch Revisiting," arXiv preprint arXiv:2301.03943, 2023.

Copyright @ 2026-2017 IRJIET. All Right Reserved.

Developed by Byzero Technologies