[1] 马昂,潘晓,吴雷,等.区块链技术基础及应用研究综述[J].信息安全研究,2017,3(11):968-983.(MA A, PAN X, WU L, et al. A survey of the basic technology and application of block chain[J]. Journal of Information Security Research, 2017, 3(11):968-983.)
[2] BUTERIN V. Ethereum:a next-generation smart contract and decentralized application platform[EB/OL]. (2014-01-23)[2018-09-08]. https://bitcoinmagazine.com/articles/ethereum-next-generation-cryptocurrency-decentralized-application-platform-1390528211/.
[3] 长铗,韩锋,杨涛.区块链:从数字货币到信用社会[M].北京:中信出版社,2016:62-73.(CHANG J, HAN F, YANG T. Blockchain:From Digital Currency to Credit Society[M]. Beijing:China CITIC Press, 2016:62-73.)
[4] NCC Group. Decentralized application security project top 10 of 2018[EB/OL]. (2018-07-08)[2018-09-08]. https://www.dasp.co/index.html.
[5] SECBIT. Frequent smart contracts events, security development requires standardization[EB/OL]. (2018-05-07)[2018-10-20]. https://www.jianshu.com/p/9d78f5110af1.
[6] MANNING A. Solidity security:comprehensive list of known attack vectors and common anti-patterns[EB/OL]. (2018-05-30)[2019-01-03]. https://blog.sigmapri-me.io/solidity-security.html.
[7] ARIAS L, SPAGNUOLO F, GIORDANO F, et al. OpenZeppelin[EB/OL]. (2016-07-31)[2018-12-06]. https://github.com/OpenZeppelin/openzeppelin-Solidity.
[8] ATZEI N, BARTOLETTI M, CIMOLI T. A survey of attacks on Ethereum smart contracts (SoK)[C]//Proceedings of the 2017 International Conference on Principles of Security and Trust. Berlin:Springer, 2017:164-186.
[9] FEY G. Assessing system vulnerability using formal verification techniques[C]//Proceedings of the 2011 International Conference on Mathematical and Engineering Methods in Computer Science. Berlin:Springer, 2011:47-56.
[10] CSDN Research and Development Technology. Formal verification is a sharp weapon for smart contracts safety[EB/OL]. (2018-06-12)[2018-09-08]. https://blog.csdn.net/CDLianan/article/details/80665163.
[11] Certik.用形式化验证的方式构建安全的智能合约和区块链生态系统[EB/OL].(2018-07-11)[2019-01-06]. https://baijiahao.baidu.com/s?id=1605131670683321304&wfr=spider&for=pc.(Certik:Constructing secure smart contract and block chain ecosystem by formal verification[EB/OL]. (2018-07-11)[2019-01-06].https://baijiahao.baidu.com/s?id=1605131670683321304&wfr=spider&for=pc.)
[12] BHARGAVAN K, SWAMY N, ZANELLA B S, et al. Formal verification of smart contracts:short paper[C]//Proceedings of the 2016 Association for Computing Machinery Workshop. New York:ACM, 2016:91-96.
[13] YANG X, YANG Z, SUN H Y, et al. Formal verification for Ethereum smart contract using Coq[J]. International Journal of Information and Communication Engineering, 2018, 12(6):125-130.
[14] HIRAI Y. pirapira/eth-isabelle[EB/OL]. (2016-04-24)[2018-12-18]. https://github.com/pirapira/eth-isabelle.
[15] MARCHE C, MELQUIOND G, FILLIATRE J C, et al. AdaCore/why3[EB/OL]. (2009-11-29)[2018-12-18]. https://github.com/AdaCore/why3.
[16] BEKRAR S, BEKRAR C, GROZ R, et al. Finding software vulnerabilities by smart fuzzing[C]//Proceedings of the 4th International Conference on Software Testing, Verification and Validation. Piscataway, NJ:IEEE, 2011:427-430.
[17] SMITH J P, PEREZ B, CHRISTIE C, et al. Trailofbits/echidna[EB/OL].(2018-06-12)[2018-09-08]. https://github.com/trailofbits/echidna.
[18] JIANG B, LI Y, CHAN W K. ContractFuzzer:fuzzing smart contracts for vulnerability detection[C]//Proceedings of the 33rd IEEE/ACM International Conference on Automated Software Engineering. New York:ASE, 2018:259-268.
[19] 吴世忠,郭涛,董国伟.软件漏洞分析技术[M].北京:科学出版社,2014:215-268.(WU S Z, GUO T, DONG G W. Software Vulnerability Analysis Technology[M]. Beijing:Science Press, 2014:215-268.)
[20] LUU L, CHU D H, OLICKEL H, et al. Making smart contracts smarter[C]//Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM, 2016:254-269.
[21] MOSSBERG M, IVNITSKIY Y, SMITH J P, et al. trailofbits/manticore[EB/OL]. (2017-02-12)[2018-09-08]. https://github.com/trailofbits/manticore.
[22] NIKOLIC I, KOLLURI A, SERGEY I, et al. Finding the greedy, prodigal, and suicidal contracts at scale[EB/OL]. (2018-02-06)[2018-11-14]. https://arxiv.org/pdf/1802.06038.pdf.
[23] TSANKOV P, DAN A, COHEN D D. Securify:practical security analysis of smart contracts[C]//Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM, 2018:67-82.
[24] KRUPP J, ROSSOW C. teEther:gnawing at Ethereum to automatically exploit smart contracts[C]//Proceedings of the 27th USENIX Security Symposium. Berkeley, CA:USENIX Association, 2018:1317-1333.
[25] MUELLER B, HONIG J, PARASARAM N, et al. ConsenSys/mythril[EB/OL]. (2017-09-17)[2018-12-04]. https://github.com/ConsenSys/mythril. |