SMART CONTRACTS: VULNERABILITIES AND REAL ATTACKS

Smart contracts have a piece of code which are executed under certain conditions and are deployed on blockchain. Some of the applications of smart contracts are crypto assets, Health care applications, voting, IOT, digital rights, gambling, escrow, music rights management, record keeping, smart property and e-governance. Smart contracts plays a crucial role in these applications but adversaries exploit smart contracts due to vulnerabilities in smart contracts and millions of dollars are drained within few years, like The DAO attack, King of the Ether Throne, Multi-player games, Parity Multisig Wallet, Rubixi, GovernMental, Dynamic libraries and Batch Transfer Overflow. Due to these reasons, an extensive research is required on attacks on smart contracts with efficient detective and preventive methods. In this paper, we concentrate on vulnerabilities of smart contracts which are the root cause of the attacks. The existing work on these attacks has discussed only a few of the vulnerabilities and there is a need to cover all smart contract vulnerabilities over Ethereum. The taxonomy of vulnerabilities is listed below with smart contract code and the investigations done on how the attackers are exploiting the Smart Contracts with these vulnerabilities.