Comprehensive Review of Smart Contract and DeFi Security: Attack, Vulnerability Detection, and Automated Repair
Recently, the Goplus team's comprehensive review paper on smart contract and decentralized finance (DeFi) security, titled "Comprehensive Review of Smart Contract and DeFi Security: Attack, Vulnerability Detection, and Automated Repair", was officially accepted by the top-tier journal "Expert Systems With Applications" from the Chinese Academy of Sciences!
"Expert Systems With Applications", founded in 1990, is an authoritative journal in computer science and artificial intelligence under Elsevier, with a current impact factor of 7.5, ranked as a top-tier journal in the Chinese Academy of Sciences, and classified as Q1 in JCR.
As DeFi rapidly develops and forms a peer-to-peer financial ecosystem, the large amount of assets locked in protocols have become targets for attackers, causing billions of dollars in security losses. Although the industry and academic circles have proposed many protection strategies, systematic and comprehensive research on DeFi and smart contract security remains relatively lacking.
To fill the research gap in this field, the paper systematically reviewed the research progress in DeFi security, focusing on key directions such as vulnerability detection, attack tracking, risk assessment, and automated repair. Specific content includes:
· Systematically summarizing the main security threats faced by DeFi and categorizing historical attack events into six types;
· Empirically evaluating 9 mainstream DeFi security tools, covering vulnerability detection and risk assessment functions;
· Analyzing the applicability and effectiveness of 38 smart contract vulnerability detection tools;
· Preliminarily exploring the application potential of 8 automated repair tools in DeFi scenarios.
To support subsequent research and tool development, the paper has also built and opened a standard dataset containing 99 DeFi protocols and a total of 7,340 smart contracts, covering six typical attack types, helping the DeFi community improve overall security levels.
This research not only provides a systematic and comprehensive reference framework for the academic community but also offers guidance for assessment and defense in practical applications, and is expected to play a positive role in promoting the construction of DeFi security infrastructure.
