Content uploaded by Tharaka Hewa
Author content
All content in this area was uploaded by Tharaka Hewa on Mar 12, 2021
Content may be subject to copyright.
Date of publication xxxx 00, 0000, date of current version xxxx 00, 0000.
Digital Object Identifier 10.1109/ACCESS.2020.DOI
Survey on Blockchain based Smart
Contracts: Technical Aspects and Future
Research
Tharaka Mawanane Hewa1, (Student Member, IEEE), Yining Hu2, (Student Member, IEEE),
Madhusanka Liyanage3, (Senior Member, IEEE), Salil Kanhare4, (Senior Member, IEEE) and
Mika Ylianttila 5, (Senior Member, IEEE)
1,3,5Centre for Wireless Communication, University of Oulu, Oulu, Finland, (e-mail: firstname.lastname@oulu.fi)
2IBM Australia (e-mail: yining.hu@ibm.com)
3School of Computer Science, University College Dublin, Ireland, (e-mail: madhusanka@ucd.ie)
4Department of Computer Science and Engineering, University of New South Wales, Sydney, Australia, (e-mail: salil.kanhare@unsw.edu)
ABSTRACT
The industrial and computing research context revolutionized in various directions during the last decades.
The blockchain-based smart contract embraced as a significant research interest due to its distinguishing
features such as decentralized storage of transactions, autonomous execution of contract codes, and
decentralized establishment of the trust. Blockchain-based smart contracts can transform the working
architecture of almost all industries towards elevated service standards. The use cases of blockchain
based smart contracts range from industrial applications such as cryptocurrency systems towards logistics,
agriculture, real estate, energy trading and so forth. The decentralization concept of blockchain is one of
the biggest leaps in technology research since future computing got a super momentum towards the Internet
of Things (IoT) and edge computing. A plethora of research is in progress to investigate the opportunities
for the applicability of smart contracts and blockchain technologies to various industries. It is important
to identify the technical aspects of blockchain-based smart contracts to further improve and sharpen the
capabilities which already owed. This survey is conducted to identify the significant technical aspects of
blockchain-based smart contracts with the associated future research directions.
INDEX TERMS Blockchain, Concurrency, Ethereum, Hyperledger Fabric, IoT, Smart Contracts, Security,
Scalability
I. INTRODUCTION
The computation associated services including financial
transactions, video streaming, email, and telecommunication
mostly adopted a centralized architecture [1] with the in-
fluence of design principles such as cloud computing. Mail
servers, video streaming servers as well as payment autho-
rization systems have been deployed in centralized comput-
ing infrastructure and users consume these services adopte
the client-server architecture. However, the future evolution-
ary directions of computing research reflect that the number
of subscribers of computational services expands enormously
[2]–[4]. The Industry 4.0 revolution has anticipated the con-
tribution of industrial IoT, Machine to Machine communica-
tion and Artificial Intelligence (AI). The centralized systems
have scalability limitations with the future massive demand
expansions of computing. Therefore, the computing research
community is highly motivated to investigate a novel archi-
tectural strategy for sustaining in the computational demand
for the next generation [5]. In addition, privacy, availability,
access control, and data integrity are major concerns in
computing research. Blockchain-based smart contracts aug-
mented their employability as a technology breakthrough to
the future industry by built-in decentralization with integrity,
autonomous execution and accuracy [6].
The blockchain is a decentralized, distributed and im-
mutable ledger which is composed of a cryptographically
linked chain of blocked records. The collection of records
is called blocks and the records are usually called transac-
tions or events. The decentralized ledger is shared within all
contributory members in the blockchain network [7]. Trans-
actions are added to the ledger upon verification and agree-
ment process between the parties on-board in the blockchain.
VOLUME 4, 2016 1
The cryptographic link is the backbone of blockchain. The
important keywords associated with blockchain are the de-
centralization,immutability and cryptographic link.
Decentralization: The decentralization reflects the trans-
actional(store and retrieve data) capability of blockchain
based smart contracts without a single point of failure. The
ledger is available on each node and in contrast with central-
ized database management systems [8], the access to the data
does not depend on a centralized service.
Immutability: The records in the distributed ledger are
immutable once logged [9]. The attempt to forge the ledger
record on a particular block will disqualify it and fail the
data integrity of the entire blockchain. The immutability of
the ledger ensured using cryptographic techniques such as
hashing and digital signatures which will explain in the paper.
The alterations of ledger is a computationally expensive task.
Cryptographic Link: The cryptographic link is the back-
bone of trust of the entire blockchain [10]. The immutability
of blockchain is achieved through the cryptographic link es-
tablished with hashing and digital signatures [11]. Neither the
transaction or block can be altered since it requires altering
all subsequent blocks.
A. PAPER MOTIVATION
Blockchain-based smart contracts have an immense ap-
plication context, ranging from various financial applica-
tions [18]–[24], to health-care applications [25]–[32]. Cor-
rectly programming smart contracts, however, has been
shown to be challenging. For example, a financial loss [33]
was caused by bad programming practices.
There exist several surveys on blockchain-based smart
contracts. Wright et al. [34] present the benefits and draw-
backs of the emerging decentralized technology and its re-
quirement to the expansion of a new subset of law that termed
as Lex Cryptographia and highlighted the requirement of the
regulation of blockchain-based smart contract based organi-
zations under legal theory. Wüst et al. [35] critically analyze
the applicability of blockchain for a particular application
scenario proposing a structured methodology to determine
the relevant technical solutions and evaluated with some
significant real-world applications. Clack et al. [36] explored
the design landscape of potential formats for storage and
transmission of smart legal agreements in association with
blockchain technology specifically for the financial services
context. Wang et al. [37] also provides a comprehensive
overview of blockchain-powered smart contracts highlight-
ing the distinguished challenges in the smart contracts along
with future trends. Nonetheless, existing research works have
not thoroughly studied the technical aspects of smart con-
tracts. They also have not explored the potential of integrat-
ing smart contracts to other technologies, such as artificial
intelligence and game theory.
B. OUR CONTRIBUTION
In this paper we aim to conduct a through survey focus-
ing on several technical aspects of smart contracts. More
specifically, we discuss issues on the security, privacy, gas
cost, concurrency of existing smart contract programming
languages and make the following contributions:
•We first discuss existing issues and proposed solutions
on the security, privacy, gas cost and concurrency of
smart contracts.
•We then discuss the lessons learned and future research
directions for the development of smart contracts to im-
prove their security, privacy, gas cost and concurrency.
•We also discuss other future research topics that involve
integrating smart contracts with other technologies in-
cluding artificial intelligence and game theory.
C. OUTLINE OF THE PAPER
The paper persists with five sections. SectionI provides a
brief introduction to the paper. Table 1 consists of a few
important surveys conducted in the smart contract context
previously. Section II consists of significant prerequisites for
understanding smart contracts. Important concepts of cryp-
tography, including hashing, digital signatures are explained.
The principles of blockchain and its core modules are also
discussed. In addition, the evolution of blockchain towards
smart contracts along with important historical milestones
are examined in the paper. Section III holds significant por-
tion of the core contribution of this survey. Table 2 contains
the key components of some leading smart contract platforms
in the market. Section III includes the significant technical
aspects of the blockchain-based smart contracts. The content
includes the security attacks, precautions and best practices to
eliminate these attacks, performance optimization and scala-
bility improvement techniques. The significant insights from
the technical aspects of the blockchain-based smart contract
and important considerations for shaping the future research
directions were elaborated in Section IV. Other future re-
search directions, such as combining smart contracts with
game theory and artificial intelligence are later discussed in
Section V. Finally, Section VI concludes the survey.
II. BACKGROUND
The concept of smart contracts was first introduced by Nick
Szabo. Ethereum [20] is one of the most prominent smart
contract platforms with multitudinous applications in differ-
ent contexts. Initially, smart contracts were targeted only for
financial applications such as ERC20 Tokens [38]. Over time,
the invention of smart contract platforms diversified due to
various industrial requirements [39].
A. HISTORY OF SMART CONTRACTS
Figure 1 illustrates the important milestones of the historical
evolution of blockchain-based smart contracts. The intro-
duction of the concept of smart contracts by Nick Szabo
to the world in 1994 is the birth of smart contracts. The
invention of Ethereum is one of the most important leaps of
the smart contract history. The public Ethereum blockchain
allowed the users to get on board and deploy smart contract
2VOLUME 4, 2016
TABLE 1. Previous Surveys on Smart Contracts
Ref Year Description Comparison with our contribution
[12] 2019 Security and Privacy on Blockchain: A comprehensive overview on
security and privacy of blockchain, with techniques to enforce security
and privacy of smart contacts.
We extend the discussion on security and privacy further and
discuss the additional technical aspects such as performance
optimization, concurrency, scalability and formal verification.
[13] 2019 Applications of Distributed Ledger Technologies to the Internet
of Things: A Survey: Provides an analysis on the blockchain in the
application perspective.
Our paper has focused the technical aspects of utilizing of
smart contracts on different applications including IoTs.
[14] 2019 Inter Blockchain Communication: A Survey: A comprehensive dis-
cussion on cross blockchain communication techniques.
Our paper discusses several relevant technical aspects, not
limiting to one specific topic.
[15] 2018 A Survey of Blockchain Applications in Different Domains : Pro-
vides an overview on the application contexts of blockchain in domains
including currency, healthcare, copyright protection, and insurance.
Our paper has mainly focused the technical aspects of utilizing
of smart contracts different applications.
[16] 2018 Understanding the Software Development Practices of Blockchain
Projects: A Survey: Includes results of a formal survey to identify
the software engineering practices including requirement analysis, task
assignment, testing, and verification of blockchain software projects.
We discuss the technical aspects rather than discussing in the
application perspective.
[17] 2018 A Survey on Opportunities and Challenges of Blockchain Tech-
nology Adoption for Revolutionary Innovation: Discussed the
blockchain adoption across the significant sectors in the Industry 4.0.
We discuss the technical aspects in general rather than focus
on single applications.
1994
Smart
Contracts
Introduced to
the world by
Nick Szabo
20182013 2014 2015 2016 2017
Invention of
Ethereum by
Vitalik
Buterin and
Team
R3 Company
which invented
Corda Smart
Contract was
founded by
David E.
Rutter
Hyperledger
Fabric was
stareted by tye
support of
Linux
Foundation
Waves smart
contract
platform was
invented
Initiation of
consideration
in the legal
adoptability of
Smart
Contract
Broadening the research into
avenues such as AI, ML,
Telecommunication
FIGURE 1. Evolution timeline of significant blockchain platforms [40]–[43].
applications in the public blockchains. Ethereum was pri-
marily targeted for currency exchange at the beginning. The
Hyperledger Fabric project initiated in collaboration with the
Linux Foundation. The direction of Hyperledger Fabric has
deviated from Ethereum’s since Hyperledger was intended as
an enterprise blockchain. Many platforms being developed
target the enterprise requirements. The research focused on
the legalization of smart contracts with the maturity of smart
contract context with multiple platforms and diverse use
cases. The next generation of research is highly focused
on the position of smart contracts in the emerging research
topics in computer science.
VOLUME 4, 2016 3
Initialization of
Blockchain
Network
Transaction
Verification
Transaction
Completion
12.0
4
15.1
7
21.4
3
24.5
6
32.6
8
Cryptocurrency
Transfer
Stock Exchange
Transaction
3-D Printing Instruction
Receipt
API
Blockchain service is integrated via API to any of everyday application such as cryptocurrency transferring, stock exchange, or even 3-D printing application
Blockchain Network
Transaction submitted to a peer
node Transaction verified
Digital Signature checking
Dobule spending checking, if applicable
Permissions checking
Blockchain Network
Smart Contract Installed in the
Blockchain Network
Terms and Conditions of
Agreement
Smart Contract Executed Block Generated with
Transactions
Blockchain Network
Block Approved by
Approving Nodes
(Consensus)
Share Block with All
Nodes in Blockchain
Transaction Completed
and Blockchain was
Consistently Updated
within the Nodes
Step 0
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Step 8
FIGURE 2. High-level transaction flow of a typical blockchain integration.
B. FEATURES OF BLOCKCHAIN-BASED SMART
CONTRACTS
Smart contracts are self-enforcing and self-executing pro-
grams which actuate the terms and conditions of a particular
agreement using software codes and computational infras-
tructure. The smart contracts are decentralised programs that
extend the use of the underlying blockchain network [44].
The program is immutable and it is cryptographically verified
to ensure its trustworthiness.
Some features of smart contracts inherit from the un-
derlying blockchain technology. These features enable the
employability of smart contracts across diverse domains [45].
Generally speaking, smart contracts execute in the peer to
peer mode without the intervention of a centralized third
party. They provide service availability without any central-
ized dependency. And allow automated transaction execution
when pre-defined conditions are reached [46]. Below we
detail the key features of blockchain-based smart contracts.
1) Elimination of Trusted Third Party and Autonomous
Execution
The most significant advantage of blockchain-based smart
contracts is decentralization [47]. The requirement of trusted
intermediaries such as brokers, agents or service providers
can be dislodged when a particular system integrated with
blockchain-based smart contracts. Elimination of a trusted
third party will reduce the transaction costs and authority
imposed by centralized entities. One of the most significant
examples is cryptocurrency which embraced smart contracts
to altering the role of trusted third parties such as central
banks [48]. The centralized third parties impose high costs
for transactions and behave as the ultimate governing bodies.
The users need to adhere to the regulations imposed by the
centralized authority.
In contrast, smart contracts provide the agreement proce-
dure to be defined by the participants themselves maximizing
democracy [49]. The participants define the rules and regula-
tions for the smart contract establishment and deploy upon
mutual agreement. The programmed condition and flow of
events are supposed to execute once the blockchain reached
4VOLUME 4, 2016
a specific pre-defined state. The specific state will be defined
in the smart contract upon agreement of all parties in the
blockchain network. This state can be any condition such as
a specific balance of wallet funds, or a specific time bound,
etc. The execution is then automatic without intervening a
centralized third party. The service availability is guaranteed
since the operation does not rely on a centralized third party
and execute peer-to-peer. The autonomous execution as per
the conditions ensures the accuracy of operation without
human error or even without biased actions. Therefore, the
smart contract is a promising solution for most applications
which require alternatives without trusted third parties.
2) Forge Resistance and Immutability
The integrity of the transaction records in distributed ledger
is verified with digital signatures [50]. Furthermore, the in-
dividual transactions verified and approved prior appending
to the ledger. The ever-growing ledger consists of approved
transactions which are immutable. The alteration cannot be
committed by an individual. Smart contract code deployed
on the blockchain are immutable. The code can be deployed
on each node using various techniques. For instance, as an
executable enclosed in the container. The smart contract code
is tamper-evident and the tampered smart contracts cannot
be executed. However, smart contracts can be updated if
required upon the agreement of nodes in the blockchain
network. Therefore, all parties in the blockchain network
can trust the smart contract and trust that the executed code
contains the logics disclosed to and agreed by each member
of the blockchain network.
3) Transparency
Transparency [51] is one of the significant distinguishing fea-
tures inherited to the smart contracts from blockchain [52].
The transparency of the smart contract is twofold. Firstly, the
code defined in smart contracts is transparent to intervening
parties as well as to the public. Secondly, the set of transac-
tions included in the blocks are also transparent to the public.
Hence the intervening parties of the blockchain network can
trust the logic and transactions in the blockchain network
[53]. In a more concrete example, if the smart contract logic
defined by a governing authority who is a participant of
blockchain network [54], the particular operation executed
upon to the logic can be regarded as trusted and unbiased
since the code is publicly visible. Furthermore, the transac-
tion added to the ledger is also publicly visible to ensure trust
[55]. In contrast, the centralized service architecture is not
transparent and is prone to vulnerabilities such as man-in-the-
middle attacks. The centralized databases are also vulnerable
and impossible to trace if any modification occurred on
the data on rest. The smart contract code transparency [56]
ensures members of the blockchain ecosystem to publicly
verify its execution correctness.
C. DEPLOYMENT AND EXECUTION
Figure 2 portraits significant milestones of the initialization
and transaction processing of the blockchain-based smart
contracts. The initial step (Step 0) involves initialization of
smart contracts. After defining the terms and conditions as a
software program, the smart contract requires to be installed
on the network. The smart contract deployed in each node is
identical in all aspects to ensure the fairness and fulfill the
principal requirement of blockchain-based smart contracts.
There are many interfacing techniques in the market for
each blockchain network, when smart contracts are required
to connect with the external business systems. The REST
API created with Hyperledger Fabric SDK [57] or Ethereum
SDK [58] based applications are significant examples. The
blockchain network receives transactions from the interfac-
ing applications (Step 1). Once the blockchain network has
received the transaction, the transactions are verified for sev-
eral conditions (Step 2). The digital signature is essential to
authenticate that the transaction is legitimate and is aroused
by the actual member of the network. Furthermore, there
are platform-specific checks in some blockchain networks.
For instance, the Bitcoin platform checks for the double-
spending in this step [59]. Once the transaction is legitimate,
the transaction is flagged (Step 3) as a legitimate transaction,
and the smart contract gets executed (Step 4). The transaction
is added to the block and the finalized block is generated
by a mining node (Step 5). The confirmed block is then
disseminated within the network (Step 6), and receives ap-
provals from every node (Step 7) based on the pre-defined
consensus rule. Once the consensus condition is met, the
block is appended to the blockchain (Step 8).
III. TECHNICAL ASPECTS OF SMART CONTRACTS
The scientific research on blockchain-based smart contracts
mesmerized on different directions of the technical special-
ization. Started as a minimal decentralized immutable ledger,
the blockchain technology has emerged with vital features
such as improved security, scalability and optimal operation
thanks to the contribution of the research conducted world-
wide. The significant technical aspects of blockchain-based
smart contracts are discussed in this section. Figure 3 shows
a quick overview of technical aspects of smart contracts.
A. SECURITY ATTACKS, VULNERABILITIES AND
POSSIBLE SOLUTIONS
Smart contracts are beginning to be widely adopted in many
industry use cases. Security is of vital importance in con-
sideration of smart contracts as it affects the functionality of
entire blockchain. The various attacks on the smart contracts,
existing research over these attacks, and potential solutions
are discussed in this section. Due to the wide adoption of
Ethereum smart contracts in real-life use cases and security
attacks occurred in recent years, in this section we focus
only on Ethereum to discuss the attacks and vulnerabilities
of smart contracts [72]. Table 3 summarizes the attacks and
corresponding solutions.
VOLUME 4, 2016 5
Securit y At tacks and Vuln erabili ties
Technical Aspects of
Blockchain and Smart
Contracts
- Re-entrency vulnerability
- Underflow/ O verflow errors
- Sybil attacks
- Bad randomness
- Double spending attacks
- M ajority attacks
- Destroyable contracts
- Exception disorder
- Call stack vulnerability
- Unbounded computational power intensive
operations
Securit y Solut ions
Securi ty At tacks, Vu lnerabil iti es and Securi ty
Solut ions in Sm art Cont racts
- SmartCheck
- M AIAN
- ReGuard
- ContractFuzzer
- Oyente
- S-gram
- Vandal
- Prosity
- M adMax
- Ethereum Eclipse Attacks and Solutions
- Securify
- Semantic Framework for Security An alysis of
Ethereum
- TrustChain
- Zeus
- EtherTrust
- M anticore
- Cryptocurrency Smart Contracts for Distributed
Consensus of Public Randomness
Pri vacy Issues
- Transaction data privacy
- Smart contract logic privacy
- User privacy
- Smart contract execution privacy
Soluti ons
Privacy I ssues and Solut ions in Sm art Cont racts
- SmartCheck
- H awk
- Trading System with Enhanced User Privacy
- Privacy Preserving and Cost Optimal Mobil e
Crowdsensing using Smart Contracts and
Blockchain
- ProvChain
- ChainSpace
- Arbit rum
- Ekiden
- ShadowEth
- Supporting Private Data on Hyperledger Fabric
- Enigma M iscalleneous Solut ions for Vu lnerabil ity D etecti on and
Reccom ondat ions for Progr amm ing Smart Cont racts
- Secure programming practices
- Formal modeling
- Vulnerability asessment
- Automata based solutions
- ChainSpace
- Arbit rum
Concur rency Im provement in Smart Co ntract s
- Mul ti-Version Transaction Ordering
- Basic Timestamp Ordering
Scalabili ty I mpr ovement i n Sm art Cont racts
- Off- chain execution
- Sharding
- Satellite chains
Perform ance Opt imizat ion in Smart Cont racts
- Off- chain execution
- Transaction cost monitoring
Smart Co ntract Platfor ms and Consensus Mechani sms
- Proof of Work
- Proof of Stake
- Proof of Stake
- Proof of Capacity
- Proof of Burn
- Byzantine Fault Tolerence
- Proof of Elapsed Time
- Proof of Authority
- Proof of Weight
Consensus Mechanisms
- Ethereum
- Hyperledger Fabric
- N EM
- R3 Corda
- Stellar
- Waves
Smart Contr act Platfor ms
FIGURE 3. Overview of the technical aspects of smart contracts
1) Different Attacks and Vulnerabilities
There exist multitudinous attacks in the smart contract con-
text [73]. These attacks lead due to numerous reasons such
as programming errors, restrictions in the programming lan-
guages, and security loopholes. The results of these attacks
consist of many complications for the blockchain networks
and their accuracy, loss of native cryptocurrency and termi-
nate the availability of the system. The attacks can be identi-
fied on both public and private blockchain platforms. The role
of smart contracts and their accuracy can be more momentous
in the public blockchains than in private blockchains. The
debugging or any correction is a cumbersome process [74]
since the contracts adopted to all nodes in a blockchain
network.
Re-entrency vulnerability (A1): In general terms, the
re-entrancy vulnerability exploited when one smart contract
invokes another smart contract iteratively and the smart con-
tract that initiates the invocation is malicious. Such attacks
were ample in the Ethereum platform. Eventually, the invok-
ing smart contract’s Ethers are transferred to the malicious
contract’s account. Mehar et al. [33] described the DAO
attack, an anonymous hacker stole USD50M worth Ethers
from the 168M invested through a virtual venture capital
raising in 2016. A coder found some loophole, once a split
function is invoked, the code retrieves Ether first and update
balance later and not checking whether is it a recursive call.
The attacker recursively calls split functions and retrieves
their funds before the code checking the balance.
Underflow/Overflow errors (A2): Underflow or overflow
occurred when the result of a particular arithmetic operation
was either less or more than the minimum or maximum
numeric data type utilized in the smart contract platform.
The Ethereum platform is using uint256 [75]. Conceptually,
the Ether balance of 0 can be transformed into the maximum
value of the uint256 or Ether balance of maximum value can
transform into 0. However, the programmers are required to
consider such circumstances when coding the contract [76].
There are libraries available to eliminate the known issues,
which will discuss in upcoming sections.
Sybil attacks (A3): Sybil attack [77] occurs when a mem-
ber attempts to take over the peer network by conceiving fake
identities explicitly. Such circumstances [78] will lead to a
disproportionate control of the network which can lead to
the hijacking of the distributed blockchain peer ecosystem.
For instance, if the consensus is based on the majority voting
of a particular blockchain, the members explicitly created on
the attack can take over the consensus of the network. The
system is prone to such a risk when the onboarding process
to the blockchain is very minimal and automated.
Bad randomness (A4): Randomness is required in the
smart contracts, especially in gaming and gambling context.
In addition to that, there are utility functions which require
randomness [79]. The approaches for random or pseudo-
random number generation will be vulnerable in some cir-
cumstances [80]. The usage of block variables and block
hashes as sources of entropy can be vulnerable.
Double spending attacks (A5): The spending of the native
token is common in almost all smart contract platforms [81].
In each transaction, there is a risk that the same user can
spend a particular token two or more times [82]. This type
6VOLUME 4, 2016
TABLE 2. Some Leading Smar t Contract Platforms in the Market
Platform Ref Description
Ethereum [20] Ethereum is a public blockchain platform which
enables the users to deploy smart contracts pub-
licly. The computational resource consumption
for the execution of the smart contract evaluated
and the native cryptocurrency is Ether.
Hyperledger [42] Hyperleder Fabric is an open source blockchain
platform invented by the Linux foundation and
few other organizations. The platform developed
as an enterprise blockchain platform and there is
no native cryptocurrency attached to the Hyper-
ledger platform.
NEM [60] NEM is blockchain platform which designed for
the enterprise and enables asset definition which
can be mapped as the realistic industrial instru-
ments such as legal items and shipping docu-
ments.
R3 Corda [41] R3 Corda is a scalable blockchain platform which
enables privacy features and designed for the
industrial integration.
Stellar [61] Stellar is a blockchain based multi-currency pay-
ment platform which is comparably efficient in
terms of computational resource consumption.
Waves [43] The Waves platform is a cryptocurrency platform
which also integrated with a dollar payment gate-
way to make the wallet users capable for the
replenishment in US dollars.
Ethereum
Classic
[62] Ethereum Classic was formed by forking
Ethereum, which enables transactions for a lower
cost. It is evloving as an improved version of
Ethereum.
Tezos [63] Tezos is defined as a self-amending crypto ledger,
with native cryptocurrency and two types of ac-
counts as implicit accounts and originated ac-
counts. The smart contracts are attached to the
originated accounts.
NEO [64] Neo is developed intending a smart economy.
Neo can be used for digitize the assets such as
digital certificates.
Cardano [65] Cardano smart contract platform is the first plat-
form being backed by the peer-reviewing and sci-
entific study. The Cardano has introduced a new
programming language called Plutus to develope
smart contracts.
EOS [66] EOS is developed mainly targeting to build the
horizontally and vertically scalable decentralized
applications. EOS has addressed many aspects
including parallel processing, governance and
improved usability.
Qtum [67] Qtum is a smart contract platform which is
known as a hybrid of Bitcoin and Ethereum. It
is adapted to the UTXO model of Bitcoin and
included native cryptocurrency.
Lisk [68] Lisk is a smart contract platform that enables
Javascript-based decentralized applications. The
authors have introduced the concept of side-chain
and SDK which can be attached to the blockchain
if required.
ARK [69] ARK platform was developed with improved
consensus and scalability. The authors defined
the improved simplicity which allows a user to
deploy a new blockchain and a token at the push
of a button.
RSK [70] RSK is a scalable blockchain which enables near
realtime payments with Turing complete smart
contract incorporation to the Bitcoin blockchain.
NXT [71] NXT provides a template based smart contracts
which are non Turing complete. The smart con-
tract templates require to match with the busi-
ness.
of attacks known as the double spending attacks [83].
Majority attacks (A6): Majority attack occurs when some
malicious users or groups take over the control to rewrite
transaction history or prevent new transactions from confirm-
ing [84]. The attack can occur when a particular blockchain
consortium adopted with majority voting consensus [85].
Depending on the user requirement, sometimes the mining
or block and transaction verification is offloaded to some
dedicated leading peers of each member of the consortium.
If the majority of leading peers are hijacked by the malicious
user, the similar circumstance occurred.
Destroyable contracts (A7): The self-destruct vulnerabil-
ity [86] removes the content of a smart contract by deleting
the bytecode at the particular addresses. Furthermore, it
sends all contract’s funds to a specific target address, mak-
ing the contract non-functional. Exception disorder (A8):
Exception disorder occurs due to the exceptions lead to a
failure when they were not properly handled [87]. Exception
handling is an important practice in programming, either
blockchain or any other context. The improper handling of
exceptions, especially when one contract invokes another,
affects the operability of the entire network [88]. Hence, the
exception disorder is highlighted as major vulnerability.
Call stack vulnerability (A9): The call stack’s depth is
limited up to a certain value in the execution environment of
the smart contract. For instance, in Ethereum the call stack’s
depth limited to 1024 frames. The operation fails when the
depth of the call reaches the limitation. This can occur due to
various reasons such as programming errors [89].
Unbounded computational power intensive operations
(A10): Each operation on the smart contracts requires con-
sumption of computational power [90]. For instance, the
cost for the computational power in Ethereum is called
Gas. The gas utilized to evaluate the computational resource
consumption of a particular operation on the smart contract.
Unbounded and unrestricted computational power intensive
operations lead to various errors and eventually affect to the
system [91].
2) Potential Solutions
Security issues caused by semantic flaws can lead to massive
financial loss. Destefanis et al. [109] presented a case-study
regarding a smart contract library named as Parity. The prob-
lem was due to poor programming practices which caused
500,000 Ethers to freeze in 2017.1The authors analyzed the
chronology of events and identified that the problem occurred
due to negligent programming practices.
Since the smart contract program is deployed in every node
of the blockchain system, the requirement of the accuracy of
the smart contract is supreme. The smart contract is required
to be depleted by vulnerabilities and programming errors
before pushing into the thousands of blockchain nodes. There
has been a number of research works conducted to address
various security attacks over smart contracts. We discuss
1Equals to 150M USD in year 2017.
VOLUME 4, 2016 7
TABLE 3. Secur ity Attacks and Solutions
Ref Description
Re-entrency vulnerability (A1)
Underflow/ Overflow errors (A2)
Sybil attacks (A3)
Bad randomness (A4)
Double spending attacks (A5)
Majority attacks (A6)
Destroyable contracts (A7)
Exception disorder (A8)
Call stack vulnerability (A9)
Unbounded computational power
intensive operations(A10)
[92] SmartCheck : Comprehensive analysis tool to detect code issues
in Ethereum smart contracts X X X
[93] MAIAN : Inter-procedural symbolic analysis and validation of
Ethereu, X X
[94] ReGuard : Fuzzy-based analyzer to detect re-entrency vulnera-
bilites in Ethereum X
[95] ContractFuzzer : Fuzzy framework to detect vulnerabilities in
Ethereum X X X
[96] Oyente : A framework to detect bugs in the smart contracts
X X X X
[97] S-gram : Prediction tool fo potential vulnerabilities by irregular
token sequences X
[98] Vandal : Security analysis framework for Ethereum with conver-
sion capability of EVM byte code into semnatic relations X X X
[99] Prosity : Decompiler for Ethereum which generates readable So-
lidity syntaxes from bytecode X X X
[100]
MadMax : Static programming analysis technique to detect gas
focused vulnerabilities X X
[101]
Ethereum Eclipse Attacks and Solutions : Vulnerabilities in
consensus and block synchronization and countermeasures
X
[102]
Securify : Scalable security analyzer for Ethereum X
[103]
Semantic analysis framework : Semantic security analysis
framework for Ethereum using F* programming language X X
[104]
TrustChain : Permission-less tamper proof data structure with sybil
resistance X X
[105]
Zeus : Correctness verifier and fairness validator for smart contracts
X
[106]
EtherTrust : Automated static analyzer for EVM bytecode X
[107]
MantiCore : Binary analyzer for Ethereum smart contracts to
detect logic bombs X
[108]
Cryptocurrency smart contracts for distributed consensus of
public randomness : A secured random number generator X
8VOLUME 4, 2016
these research works from the three main categories below:
identifying semantic flaws,security check tools and formal
verification.
a: Identifying semantic flaws
A number of research studies have analysed these semantic
flaws and identified programming practices to mitigate them.
For example, Atzei et al. [110] analyzed the vulnerabil-
ities of Ethereum, which is popular in the industry. The
vulnerabilities were grouped into three classes according to
the level they are introduced, as Solidity, EVM bytecode,
or blockchain. The authors highlighted that they expect the
non-Turing complete, human readable languages will resolve
some of the issues identified.
Delmolino et al. [111] documented some important in-
sights from teaching smart contract programming to under-
graduate students in the University of Maryland. The authors
exposed common errors in designing safe and secure smart
contracts, and highlighted the importance of fixing these
errors in programming.
Similarly, Wöhrer et al. [112] presented several security
patterns which are applicable to Solidity developers in order
to mitigate typical attack scenarios in Ethereum platform.
The patterns declared included protection of re-entrancy at-
tacks, enabling mutexes etc. The authors planned for creating
a structured and informative design pattern language for
Solidity.
b: Security check tools
Further, multiple security check tools have also been pro-
posed to prevent semantic flaws of smart contracts.
Several studies have tackled the re-entry attack. Liu et al.
[94] presented the tool ReGuard, which are usable to iden-
tify re-entrency bugs in smart contracts. It is a fuzzy-based
analyzer which automatically detects the re-entrency bugs in
Ethereum smart contracts. ReGuard iteratively generates ran-
dom diverse transactions to test the vulnerability. Similarly,
Jiang et al. [95] presented ContractFuzzer, a comprehensive
fuzzing framework to detect seven types of vulnerabilities in
Ethereum smart contracts. The authors identified few signif-
icant types of attacks such as gas-less send and re-entrency
vulnerability. The authors identified the false negative rate
optimized when comparing with other platforms.
Other research works looked into Ethereum bytecode. For
example, Brent et al. [98] provided a security analysis frame-
work for Ethereum smart contracts. It provides an analysis
pipeline for the conversion of the low-level EVM bytecode
into semantic logic relations. The evaluation conveyed that
Vandal is fast and robust as well as outperforming leading
state-of-art tools with successful analysis of 95 of all 141,000
unique contracts with an average runtime of 4.15 seconds.
Suiche et al. [99] presented Prosity, a decompiler which
generates readable Solidity syntaxes from EVM bytecode.
The decompiled contracts can perform with static and dy-
namic analysis as required. Grishchenko et al. [103] later
presented a complete small-step semantics of EVM bytecode
and formalized a significantly large fragment of EVM using
F*, which is a popular programming language used for
similar verification programmed proof assistant. The authors
also successfully validated it against official Ethereum test
suite. The authors further defined number of salient security
properties for smart contracts. More recently, Mossberg et al.
[107] introduced an open source dynamic execution frame-
work named Manticore to analyse the binaries of Ethereum
smart contracts. The framework provides analysis to find
issues including logic bombs. The API provides flexibility to
customize the utilization of framework. This supports scala-
bility up to larger contracts. The authors tested the tool with
Oyente and observed outperforming results and EtherTrust
showed better precision on a benchmark rather than state-of-
art solutions.
As Ethereum contracts consume gas, the gas cost on the
smart contract execution has also become a vital concern.
GRECH et al. [100] classified and identified the gas focused
on vulnerabilities found in the Ethereum smart contracts.
The gas is the cost of a particular smart contract execution
on public Ethereum network and gas-focused vulnerabilities
mainly referred to the codes with exhaustive execution to
consume allocated gas for the smart contract. In addition
to that, the authors presented MadMax, which are some
static programming analysis techniques usable to detect gas
related vulnerabilities with significantly high confidence. The
approach included low-level analysis for decompilation in
declerative program analysis techniques for higher level anal-
ysis which validated with 6.6 million contracts.
Nikolic’ et al. [93] implemented MAIAN, which employs
an inter-procedural symbolic analysis and concrete validator
to identify real exploits. The tool identifies three main types
bugs including suicidal contracts that can kill by anyone,
prodigal contracts that can send Ethers to anyone and greedy
contracts which does not allow to get Ether to anyone. The
tool evaluated with analysis of one million contracts and
flags 34,200 contracts vulnerable spending 10 seconds per
contract.
More general-purposes security check tools were also
proposed. For example, Tikhomirov et al. [92] proposed
SmartCheck, a comprehensive analysis tool that detects se-
curity issues of Ethereum smart contracts. The authors evalu-
ated the tool on a massive dataset of real-life contracts and
yielded successful results. They also stated the capability
of development of the tool in future directions including
improvement of grammar. Smartcheck has also been shown
to be more effective in automated security testing than other
tools [113]. Another example, Tsankov et al. [102] presented
Securify, a security analyzer for Ethereum smart contract.
It is scalable, fully automated and capable of proving the
contract behaviors are safe or unsafe corresponding to a
given property and tested with more than 18k contracts. The
analysis is a two stepped process which includes a symbolic
analysis of contract’s dependency graph to extract precise
semantic information and checking for the compliance viola-
tion patterns. Luu et al. [96] proposed a symbolic execution
VOLUME 4, 2016 9
tool named as Oyente to find potential security bugs. The
tool flagged 8,833 contracts as vulnerable out of the 19,366
including the DAO bug which led to a 60 million USD loss.
Later, Kalra et al. [105] also presented the framework Zeus,
which can be utilized to verify the correctness and validate
the fairness of smart contracts. They also defined the correct-
ness as adherence to safe programming practices and fair-
ness as the adherence to agreed upon higher-level business
logic. The framework significantly outperforms Oyente with
zero false negatives in their data set. Mavridou et al. [114]
introduced FSolidM, which included a meticulous semantics
for designing contracts as finite state machines. The authors
presented a tool for creating Finite State Machine (FSM) on a
user friendly graphical interface which automatically gener-
ates Ethereum smart contracts. The authors also introduced a
set of design patterns which can implement as plugins and
easily possible to integrate to enhance security and func-
tionality. Liu et al. [97] proposed a semantic-aware security
auditing technique called S-gram for Ethereum. The authors
combined N-gram language modeling as well as lightweight
static semantic labelling and to learn statistical regulators
of contract tokens and to capture high-level semantics such
as the flow sensitivity of a transaction. The authors showed
that S-gram is usable to predict potential vulnerabilities in
identify irregular token sequences and possible to optimize
existing in-depth analyzers.
c: Formal verification
Formal verification in general refers to formally verifying
the correctness of a computer program. Formal verification is
important in the context of smart contracts as smart contracts
may hold financial values and are often made accessible
to everyone on a blockchain. Several research studies have
investigated the formal verification of smart contracts, and
applied formal verification on different stages during the
deployment of smart contracts. For example, Bhagavan et al.
[115] outlined a framework to analyze and verify runtime
safety. While Abdellatif et al. [116] and Nehai et al. [117]
proposed to verify smart contracts in their execution envi-
ronment. Albert et al. [118] on the other hand proposed the
EthIR framework to analyze Ethereum bytecode.
B. PRIVACY ISSUES AND SOLUTIONS
Decentralization is a core principle of the blockchain based
smart contracts. The decentralization in blockchain makes
the transaction ledger and smart contracts transparent to all
peers in the network as a feature of security. The transparency
is not recommended for certain circumstances. The in-built
transparency is a significant privacy concern in blockchain
based smart contracts. Table 4 reflects the related works and
corresponding privacy solutions.
1) Different Privacy Concerns
Privacy is a broader domain in terms of the smart contract
[131]. Due to the distributed nature of smart contracts, there
are few major privacy concerns [132]. These privacy con-
TABLE 4. Pr ivacy Issues and Solutions
Ref Description
Transaction data privacy (I1)
Smart contract logic privacy (I2)
User privacy (I3)
Privacy in execution of smart contracts (I4)
[119]
Hawk X X
[120]
Trading system with enhanced
user privacy X
[121]
Privacy preserving and cost op-
timal mobile crowdsensing using
smart contracts and blockchain
X
[122]
ProvChain X
[123]
ChainSpace X
[124]
Arbitrum X
[125]
Ekiden X
[126]
TownCrier X
[127]
ShadowEth X
[128]
Supporting private data on Hyper-
ledger Fabric with secure multi-
party computation X
[129]
Enigma X
[130]
Zether X
cerns [133] need to be addressed in order to increase the
employability of smart contracts to the industry [134].
Transaction data privacy (I1): In certain circumstances
[135], the members in the network will not prefer trans-
parency since it will reveal some sensitive information such
as trade secrets, pricing information. Eventhough the system
associated with blockchain, the required measures for privacy
preservation should be integrated [136], [137].
Smart contract logic privacy (I2): The smart contract
publicly deployed in all nodes of the blockchain [130]. Due
to some requirements, the business logic of the organization
required to be incorporated in the blockchain. The business
logics may include sensitive information such as commis-
sions, bonuses. The revealing of such sensitive information
through the smart contract will be a privacy concern of the
10 VOLUME 4, 2016
organizations.
User privacy (I3): User privacy highly concerned in some
significant applications of blockchain based smart contracts.
The users incorporate the smart contracts are required to
be private in certrain circumstances. For an instance, the
solutions like health information systems do not prefer by
the users if the personal identity information being revealed
in the ledger. The privacy of user identity is also a significant
concern in the implementation of blockchain based smart
contracts [138].
Privacy in execution of smart contracts (I4): The smart
contracts are programs which execute on the computational
infrastructure [139]. In blockchain, the smart contracts re-
quired to execute on the nodes. The instructions executed
on the machine can be accessed using multiple approaches
[140], [141]. For an instance, the password entered by a
user required to be loaded in to the memory and can be
viewed in clear form using memory dump tools. These type
of lower level data thefts at the execution regarded as privacy
violations in certain circumstances [142].
2) Potential Solutions
We below discuss and categorize various possible solutions
on how to preserve smart contract privacy.
a: Preserving privacy of transaction data
Ibáñez et al. [143] presented significant insights on differ-
ent aspects of blockchain technology including general data
protection regulation and its applicability on blockchain as
an enabler for data protection. The authors discussed appli-
cation of smart contracts on permissioned blockchains and
permissionless blockchains in association with appropriate
data controllers. The authors categorized the two types of
solutions in enabling compliance, as integration of different
cryptographical functions and private computation schemes
without revealing contents of transactions and application of
blockchains as decentralized verification machines.
Juels et al. [144] illustrated the emergence of the criminal
smart contracts which will facilitate to reveal the confidential
information. The authors illustrated a few issues including
theft of cryptographic keys by criminal smart contracts. Their
results highlighted creating policies and technical safeguard-
ing measures against criminal smart contracts to ensure the
smart contracts’ beneficial objectives.
Kosba et. al [119] presents Hawk, a privacy preserving
smart contracts, which dissipated the privacy hurdle encoun-
tered in Bitcoin and Ethereum as a currency. The authors
propose a framework, which enables a non specialist pro-
grammer to write a privacy preserving smart contract. Hawk
guarantees on-chain privacy, which cryptographically hides
the flow of money and amount from public’s view.
b: Protecting user privacy
Niya et al. [120] demonstrated a design and implementa-
tion of a trading application which utilized Ethereum smart
contracts. The application is developed with flexibility in
requesting user identity directly by the seller and the buyer.
Lightweight blockchain is established to facilitate data ex-
change in device-to-device channels.
Chatzopoulos et al. [121] proposed a new architecture for
the event based spatial crowdsensing tasks in association with
the blockchain and technology with user privacy preserva-
tion. The architecture utilizes smart contracts to allow crowd-
sensing service providers to submit their requests, run cost
optimal auctions and handle payments.
Liang et al. [122] designed and implemented ProvChain,
which is a decentralized architecture for trusted cloud data
provenance. Provchain provides significant security features
such as tamper-proof provenance and user privacy. The main
operational phases are provenance data collection, prove-
nance data storage and provenance data validation which
provides tamper-proof records to enable transparency and
data accountability in the cloud.
c: Privacy in the logic
Al Bassam et al. [123] presents ChainSpace, which offers
privacy-friendly extensibility in the smart contract platform.
The platform offers higher scalability than the existing plat-
form achieved through sharding across nodes using a novel
distributed atomic commit protocol named as S-BAC. It also
supports auditability and transparency.
Kalodner et al. [124] presented Arbitrum, which is a cryp-
tocurrency system with smart contracts. Arbitrum’s model
is compatible for private smart contracts which does not
reveal the internal state to the verifiers who involve in the
validation of transactions in certain circumstances. Arbitrum
incentivizes the parties to agree off-chain on the VM’s be-
havior which means that the Arbitrum miners only required
to verify digital signatures without revealing the contract to
confirm that parties agreed on VM’s behavior.
d: Trusted execution environment (TEE)
Trusted execution environment such as Intel SGX [145]
guarantees confidentiality and privacy during code execution.
Zhang et al. [126] presented an authenticated data feed
system which is named as Town Crier. Town Crier provides a
bridge between smart contracts and existing websites which
are commonly trusted for non-blockchain applications. The
frontend and hardware backend combined with the solution
which is enabled with privacy as required.
Cheng et al [125] presented Ekiden, which combines
blockchain with TEE. The authors leveraged a novel archi-
tecture which separates the consensus from execution and
enabled confidentiality preserving smart contracts in trusted
execution environment. The authors planned to extend their
work to enable secure multi-party computation in future.
Yuan et al. [127] presented ShadowEth, which is a sys-
tem that leverages a hardware enclave to ensure the con-
fidentiality of smart contracts in public blockchain like
Ethereum. The system also ensures integrity and availability.
The authors implemented the prototype using Intel SGX on
VOLUME 4, 2016 11
Ethereum network to analyse the security and vulnerability
of the system.
e: Secure multi-party computation
Benhamouda et al. [128] presented a method for making
Hyperledger Fabric blockchain platform compatible with pri-
vate data using secure multi-party computation. The protocol
implemented utilizing Yao’s millionaire problem [146] and
oblivious transfer. The authors associated a helper server,
which separates multi-party computation into off-chain.
Zyskin et al. [129] presented Enigma which is a com-
putational model based on a highly optimized version of
secure multi-party computation named as Enigma which
guarantees a verifiable secret-sharing schemes and ensure
confidentiality. The authors used a modified distributed hash
table to hold secret-shared data with an external blockchain
as the controller of the network to control the access and
identity management. The private components of the smart
contracts run off-chain on Enigma platform and named as
private contracts.
C. REDUCING COMPUTATIONAL OVERHEADS OF
SMART CONTRACTS
The smart contract execution is a resource-intensive process.
The stakeholders of the smart contract should compensate for
the execution for the relevant parties. In Ethereum, the cost
is evaluated in gas. The under-optimal smart contracts are
expensive in the computation and eventually will incur an
additional cost to the users of smart contracts. Furthermore,
the overflown resource consumption of smart contracts will
crash the entire system. Therefore, the optimal execution
condition highly anticipated in the context of smart contracts.
1) Potential Solutions
Idelberger et al. [147] presented important insights with tech-
nical advantages and disadvantages of logic-based smart con-
tracts when featuring ordinary contracts. The authors proved
that a logic based approach can complement advantageously
on its procedural component in few dimensions including
negotiation, formation, storage. The authors emphasized that
logic and procedural approaches are not incompatible in
smart contracts. Chen et al. [148] developed GASPER, a tool
which locates the Ethereum smart contract gas costly patterns
by analyzing the smart contract bytecode. The creators can be
overcharged by under-optimized smart contracts by extra gas
consumption. In the evaluation, the authors discovered 3 rep-
resentative predefined patterns from 4,240 smart contracts.
Kothapalli et al. [149] implemented an incentive compatible
protocol called SmartCast which is running off-chain and
rely on existing cryptocurrency for the reward and punish-
ment mechanism implementation. The approach created a
system which enables the workers to enforce the integrity
can reward for their correct participation in the process
which were enforced through Ethereum smart contracts. The
authors evaluated the feasibility of the approach by building a
prototype implementation which comprises Ethereum smart
contract and off-chain consensus protocol.
D. CONCURRENCY IMPROVEMENTS
Once smart contracts are deployed on a blockchain, they
are expected to execute in multiple instances. To improve
efficiency, several studies have proposed approaches to im-
prove concurrency of smart contracts. Two main categories
of approaches, including Basic Timestamp Ordering (BTO)
and Multi-Version Transaction Ordering (MVTO) were pro-
posed. BTO assigns every transaction a timestamp, and
determines the serializability order of transactions for the
execution or access to a resource based on the timestamps.
MVTO guarantees that if inconsistency is detect between two
transactions that access relevant data items, one of them will
abort. For instance, Zhang et al. [150] proposed a concurrent
scheme to run smart contracts in concurrent manner which
yielded 2.5 times processing speed in block validation with
three working threads. Anjana et al. [151] developed an effi-
cient framework based on Software Transactional Memory
systems (STMs) to enable concurrent execution of smart
contracts. The proposed framework yielded 3.6x and 3.7x
speedups over the serial miners under BTO and MVTO
respectively.
IV. LESSONS LEARNED AND FUTURE WORK
The previous section reflects the significant technical aspects
of the blockchain based smart contracts from a wider per-
spective. The drawbacks and some solutions to existing smart
contracts are analyzed. This section elaborates with signif-
icant insights from the technical aspects of smart contracts
and research directions for further improvements.
A. SECURITY ATTACKS, VULNERABILITIES AND
SECURITY SOLUTIONS IN SMART CONTRACTS
1) Lessons Learned
Ordinary software programming languages can be used in the
programming languages used for smart contracts, e.g., Java,
Javascript, and GoLang. These languages are designed to be
Turing-complete to achieve full functionality. Programming
smart contracts will be exposed to human errors as other
ordinary software programs. The damages resulting from the
programming errors are exponential since the smart contracts
are deployed to all nodes. Smart contracts are distinguishing
since once the code is deployed, they will be distributed on
the entire network which makes it harder to patch as ordi-
nary programs. Therefore, programmers must make sure the
smart contract programs are guaranteed to be bug-free. The
research on improvement of smart contract errors is evolv-
ing and the programmers encouraged to utilize the research
outcomes, such as improved libraries. The programmers are
capable of using a private network to simulate the attacks or
formal penetration testing for the evaluation of the response
in smart contracts for the attack scenario. The smart contracts
required to update with the patches on the smart contract
security vulnerabilities identified by research and make sure
12 VOLUME 4, 2016
the programs developed by them are free of these known
vulnerabilities.
Additionally, the principles of programming are applicable
for smart contract programming. Smart contracts are required
to program with simplicity to eliminate overheads. The dif-
ferent hardware specifications of the blockchain nodes need
to be considered. The integration of loops must be minimized
and recursive executions require elimination and develop-
ment. When the numbers are manipulated, it is essential to
prevent the codes from arithmetic overflows. If there are
specific libraries existing in order to eliminate such errors,
these libraries require to be utilized in the smart contracts.
The codes which will lead to deadlocks require identification
and elimination before the deployment of the smart contract.
Overall, the smart contracts should be designed with consid-
eration of efficiency of memory and computation.
Moreover, as the application areas of smart contracts ex-
pand, the codes need to be formally verified. The formal ver-
ification requires that the particular smart contract, eventually
a computer program executes as per the formal specification
anticipated by the stakeholders. The formal specification of
smart contracts requires to clearly define with the support
of experts. Especially when the underlying blockchains are
integrated with mission-critical systems such as air-traffic
management and healthcare systems, the formal verification
will be a mandatory requirement. The formal verification
should not require any third-party intervention. For instance,
the vulnerability detection requires expert penetration testers
to simulate security attacks and detect vulnerabilities. The se-
curity audits may require expert intervention. But the formal
verification only requires to establish formal specifications
which can be expertise of the developers. The smart contract
developers should be aware of formal verification methods
in order to verify the smart contracts before deployment.
The formal verification identifies significant vulnerabilities
such as locking the funds, sending funds to other accounts
continuously without the account owner’s consent and so on.
The formal verification is a mandatory best practice for future
smart contract developers.
2) Future Work
The smart contract programming languages are Turing-
complete in most of the leading platforms. Turing com-
pleteness leads the entire smart contract system into security
risks as per the previous investigations. Therefore, some of
the smart contract platforms such as Stellar are designed
with Turing incomplete smart contract language. Although
Turing incomplete smart contracts do not provide the full
functionality as Turing complete ones, some of the security
risks are eliminated. Assignment of computational power
consumption limitations such as the gas limit will be a
prudent development consideration in the smart contracts
which will eliminate resource consumption overflows. The
correctness evaluation of smart contracts is an essential con-
sideration in the future development of smart contract sys-
tems. Re-entrancy attack (A1) was addressed in most of the
solutions as per Table 5. Sybil attacks (A3), majority attacks
(A6), destroyable contracts (A7) and exception disorders(A8)
requires addressing further by upcoming security solutions
before attacks leading to financial loss.
In addition to that third party utility libraries requires to de-
velop in parallel. For instance, the on-chain cryptographic op-
erations not supported by the Hyperledger-Fabric platform.
If the smart contracts are used as a cryptographic utility, it is
required to import cryptographic libraries. It is a vital require-
ment to check that the third-party libraries imported are free
of vulnerabilities. If not, importing the libraries will make the
entire blockchain system vulnerable. Syntax improvements
over smart contracts will also allow business stakeholders
to design the smart contracts of their own, with minimal
knowledge of programming. Furthermore, the secure design
principles of smart contracts will evolve as recommended
design patterns as leading programming languages already
defined.
The formal verification of smart contracts is anticipated as
a global standard in future smart contracts development. De-
velopers, platform vendors will adopt the formal verification
compatibility of the blockchain platforms. There are opportu-
nities for researchers to develop frameworks to conveniently
design formal specifications which are the prerequisites for
the formal verification of smart contracts. The techniques
such as AI can be consolidated into the next generation’s
formal verification methodologies. In the future, the service
platforms for formal verification can also be made available
online for popular smart contract platforms. This type of
service architecture can be used to support the AI-assisted
formal verification of smart contracts.
B. PRIVACY ISSUES AND SOLUTIONS
1) Lessons Learned
The main feature of the distributed ledger technology is the
transaction data visibility to all peers of the network. Most
of the people reluctant to adopt blockchain technologies
due to the lack of privacy and transaction data visibility. A
plethora of research conducted in the enhancement of privacy
in distributed ledger technologies. Privacy enhancement is
a mandatory requirement when smart contracts are incor-
porated into future business systems. Since transparency is
a vital strength of blockchain, privacy improvement tech-
niques should not violate the transparency of the blockchain
system. One possible solution is to store data off-chain. To
incorporate privacy and encryption with smart contracts, a
robust key management framework is required. Sometimes
the key management framework requires to link with HSMs
to align with the compliance requirements. As per Table 6,
the smart contract logic privacy requires further attention in
the research as privacy enhancement. Moreover, the privacy
requirement customizations should also be compliant with
the concrete business use case.
VOLUME 4, 2016 13
2) Future Work
In the future, smart contracts can be expected to integrate
with many business systems with different privacy require-
ments. Therefore, more privacy enhancement techniques can
be anticipated from the research. The distributed and trans-
parent nature of blockchain-based smart contracts can be
observed as a contradictory feature from a privacy perspec-
tive. However, different techniques will be utilized in future
smart contract systems to balance privacy and decentraliza-
tion. The smart contract key management will also be an
emerging direction of research in future blockchain systems.
The privacy will be a data security compliance requirement
such as PCI-DSS/ PA-DSS for financial systems and HIPAA
for healthcare data management systems. If the blockchain-
based smart contracts are to be adopted with industry use
cases, it is mandatory to design the smart contracts with
provisions to align with the regulations. In addition to the
transaction data, user privacy is also a vital requirement in
blockchain networks. The future blockchain networks are
required to be designed for the synergistic operation of ex-
isting user management systems. The smart contract systems
are required to be compatible with existing PKI based user
management solutions along with hardware-assisted authen-
tication schemes, such as smart cards or hardware tokens.
Modular architectural design will be an ideal design princi-
ple in future blockchain systems to simplify the integration
with existing platforms. For secure computation using smart
contract data, there also exist various opportunities in appli-
cations such as secure multi-party computation.
C. REDUCING COMPUTATIONAL OVERHEADS OF
SMART CONTRACTS
1) Lessons Learned
Performance optimization is a major requirement of smart
contracts. Smart contracts are often integrated with appli-
cations such as financial, aviation, identity management,
and access control, where real-time operation with minimal
latency and higher throughput are expected. Since the widely
used Ethereum blockchain does not support concurrency,
there exist limitations of expanding the Ethereum’s appli-
cation domain. The storage service of the ledger, consensus
mechanism and smart contract programming languages are
the main dependencies of the performance of smart con-
tracts. In addition, transaction verification of the underly-
ing blockchain also affects performance. For instance, the
double-spending check is additional verification performed
in the financial smart contracts. The smart contract opti-
mization is achievable in different ways. Optimization of
consensus protocol is an effective approach. Multi-Version
Transaction Ordering and Basic-Timestamp Ordering are
some of the consensus optimization techniques. Integration
of the Ripple consensus, Stellar smart contract platform
reduced transaction processing time into 3-5 seconds. The
incorporation of high write throughput also improves the
perforance of the distributed database. The estimation of
gas consumption before the deployment of Ethereum smart
contracts ensures that the execution is restricted within the
limits when deployed on a public blockchain network.
2) Future Works
Since smart contracts are deployed on the public blockchain
and they affect the efficiency of entire blockchain system, it
is important that smart contracts are optimized. Penalization
of under optimal smart contracts will be an effective solu-
tion to eliminate such under optimal conditions. A global
performance rating mechanism for well known blockchain
platforms such as Ethereum can be developed to evaluate
independently the performance of smart contracts. Before
deploying smart contracts in the blockchain, the performance
rating should be approved by the stakeholders. The eval-
uation can be deployed as a service platform. However,
smart contract developers are now biased towards deploying
simplified smart contracts and transferring computational
overheads to off-chain services. If the computational over-
heads are transferred off-chain, the data privacy and integrity
become vulnerable. Furthermore, the off-chain service can be
an additional factor that limits the performance. For off-chain
integration, the REST API can be utilized to pass the data to
be computed to the outside. However, the REST API will
also have certain limitations from a performance perspective.
Therefore, alternative integration techniques such as gRPC
can be used. If the computational overhead is transferred
to Edge nodes in the future, COAP can be used to the
integration.
D. CONCURRENCY IMPROVEMENTS
1) Lessons Learned
Concurrency is essential for the smart contracts to cope
with the future demands. The smart contract execution and
consensus mechanisms should be improved to fulfill the con-
currency demands. The concurrency improvements should
not trade off security features. The block synchronization
and maintenance of the consistency in the ledger require
to be considered when designing concurrency improvement
mechanisms.
2) Future Works
Smart contracts are expected to play a vital role in the indus-
trial IoT context in future. The concurrency improvements
must align with the restricted computing nature of IoT. The
concurrency in consensus mechanisms must be efficient to
fulfill the requirements of IoT.
V. OTHER FUTURE RESEARCH TOPICS
We next examine the possibly of applying other computer
science theories can also be applicable to smart contracts
in different aspects. The applicability and related works of
significant theories of computer science to smart contracts
discussed.
14 VOLUME 4, 2016
1) Smart Contracts and Game Theory
Game theory consists of a set of mathematical tools for
identifying the interactions between agents. The combination
of smart contracts and game theory highlights as emerging
research topics. There are many applications that will be
beneficial to smart contracts. Liu et al. [73] presented a com-
prehensive survey on the application of game theory to smart
contracts. The authors discussed the applicability of game
theory for different aspects of smart contracts such as security
and mining management. The authors also highlighted the
existing challenges and future research directions. Piasecki
[152] discussed the game theory behind smart contract inte-
grated casinos. The author explored that an attacker who is
financially strong can game the system through purchasing
computer power which is beneficial for himself. The author
proposed how to secure the Proof-of-Work blockchain from
the type of attack focused.
2) Smart Contracts and Artificial Intelligence
Artificial Intelligence (AI) can be applied to the smart con-
tracts in different ways. Some AI techniques can be embed-
ded in the smart contract codes, others can be used to vali-
date smart contracts. Furthermore, there are many emerging
applications of Tensor and other deep learning concepts for
the blockchain based smart contracts. Cognitive computing
is another subset of AI which simulates human thoughts on
computing infrastructure.
a: AI for testing and evaluation of smart contracts
AI is generally applicable to the testing of smart contracts.
More specifically, the testing can be focused on directions
such as the performance testing, vulnerability detection, and
correctness evaluation of the smart contracts. The contribu-
tion of AI as a utility service for the blockchain is important
to improve the blockchain based smart contracts and the per-
formance. Marwala et al. [153] presented how to use AI for
the verification of smart contracts. The authors pointed out
important applications of AI to the blockchain-based smart
contract context, such as improvement of security, scalability,
and so on. The authors also highlighted the applicability
of AI-based formal verification for the evaluation of smart
contracts.
b: Federated learning
Federated learning is a decentralized and collaborative learn-
ing approach which is aligned with the decentralization capa-
bility of the blockchain. Federated learning operates without
uploading the raw data as the training datasets. Especially, the
distributed sensitive information, such as healthcare informa-
tion can be integrated with blockchain to achieve different
functionalities, such as data access control and federated
learning. The combination of federated learning and smart
contracts can form new research opportunities. Lu et al. [154]
proposed a blockchain and federated learning based privacy
preservation mechanism for the industrial IoT. The authors
integrated federated learning to the consensus to improve the
computing resource consumption and efficiency in operation.
The open issues associated with the resource-restricted com-
puting infrastructure are also discussed to highlight the data
privacy requirements. Kang et al. [155] proposed a federated
learning system based on a consortium blockchain. The au-
thors designed a contract theory-based incentive mechanism
to evaluate high reputation workers for reliable training to
elaborate on the learning process. The authors also discussed
the improvement requirement of the reputation calculation.
c: Smart contracts and cognitive computing
Cognitive computing is an advanced AI research topic which
enables human thinking in the computing infrastructure.
Cognitive computing is adopted with the human thinking
pattern and limitations in the execution which yields signif-
icantly higher accuracy when comparing with the other AI
techniques. Blockchain-based smart contracts will improve
the service values in the different application scenarios of
cognitive computing. The data transparency, decentralized
access control capability and the decentralized trust are the
significant features of blockchain based smart contracts in
the perspective of cognitive computing. Daniel et al. [156]
conducted a survey on the applicability of cognitive comput-
ing in the healthcare domain. The authors highlighted that
the implementation of blockchain for the healthcare is not a
straightforward and it is important to meet the compliance
requirements.
d: Smart contracts with tensor networks
There are significant applications in the tensor networks for
smart contracts. These applications are relevant to industries
such as financial and retail trade. The predictive modeling,
the customer buying pattern analysis can be associated with
blockchain and tensor networks. Charlie et al. [157] pre-
sented a tensor-based approach to predict smart contract in-
teractions based on their cryptocurrency exchanges. The ten-
sor modeling and stochastic process based approach utilized
to underline the actual exchanges between smart contracts.
The proposed approach is also capable of predicting future
exchanges.
3) Smart contracts in data science
Smart contracts are applicable as a scalable technique in
the data science. Especially, controlling a massive data vol-
ume in a centralized architecture arises performance bot-
tlenecks, failure risks and security risks. The role of smart
contracts for data science is vital in different aspects. The
applications of blockchain-based smart contracts for data
science includes data access control, data integrity, ensuring
decentralized trust, and enabling trusted data sharing mech-
anisms. Karafiloski [158] presented a survey on blockchain
based solutions for bigdata. The authors reviewed different
use cases such as medical record access control, IoT, and
digital property management. Abdullah et al. [159] detailed
authentication techniques associated with blockchain for big
data. The authors discussed the Kerberos authentication and
VOLUME 4, 2016 15
how the blockchain is capable of addressing the limitations
identified. Yue et al. [160] presents a data sharing platform
which ensures traceability. The smart contracts can be used
to enable the data sharing. Xu et al. [161] presented a smart
contract-based storage system, named as Sapphire to support
data analytics in IoT. Uchibeke et al. [162] developed a
blockchain access control system using Hyperledger Fabric
to control the access of large data sets.
VI. CONCLUSION
The paper starts with the concepts which are prerequisites
for the blockchain-based smart contracts. The technical as-
pects of the smart contracts section provides a broad dis-
cussion on the essential features of smart contracts. The
smart contracts and the current research of important top-
ics in computer science also included the technical aspects
section. The lessons learned and the future works section
elaborated with an overview of the future research directions
along with important insights from the technical aspects.
As we can see, the application domains of smart contracts
will expand the future. The gap between human and smart
contracts will be eliminated in future through mobility. The
smart contracts must be improved in the form of efficiency
and transaction processing time and it will expose further
opportunities to smart contracts. The next generation of the
computing requires optimal and lightweight computation.
Hence, the consensus mechanisms are required to improve to
support the operation of blockchain on resource-constrained
future computing infrastructure. The human-smart contract
gap reduction will be a key research concern in future to
improve the usability of smart contracts to solve the problems
in the existing systems.
ACKNOWLEDGMENT
This work has been performed under the framework of 6Gen-
esis Flagship (Grant No: 318927).
REFERENCES
[1] M. Garriga, S. Dalla Palma, M. Arias, A. De Renzis, R. Pareschi,
and D. Andrew Tamburri, “Blockchain and Cryptocurrencies: A Clas-
sification and Comparison of Architecture drivers,” Concurrency and
Computation: Practice and Experience, p. e5992, 2020.
[2] S. Cohen, A. Rosenthal, and A. Zohar, “Reasoning about the Future in
Blockchain Databases,” in 2020 IEEE 36th International Conference on
Data Engineering (ICDE). IEEE, 2020, pp. 1930–1933.
[3] G. Srivastava, R. M. Parizi, and A. Dehghantanha, “The future of
blockchain technology in healthcare internet of things security,” in
Blockchain Cybersecurity, Trust and Privacy. Springer, 2020, pp. 161–
184.
[4] A. Bazarhanova, J. Magnusson, J. Lindman, E. Chou, and A. Nilsson,
“Blockchain-based electronic identification: cross-country comparison of
six design choices,” 2019.
[5] T. Aste, P. Tasca, and T. Di Matteo, “Blockchain technologies: The
foreseeable impact on society and industry,” computer, vol. 50, no. 9,
pp. 18–28, 2017.
[6] S. K. Lo, X. Xu, Y. K. Chiam, and Q. Lu, “Evaluating suitability of apply-
ing blockchain,” in 2017 22nd International Conference on Engineering
of Complex Computer Systems (ICECCS). IEEE, 2017, pp. 158–161.
[7] M. Pilkington, “Blockchain technology: principles and applications,” in
Research handbook on digital transformations. Edward Elgar Publish-
ing, 2016.
[8] M. J. M. Chowdhury, A. Colman, M. A. Kabir, J. Han, and P. Sarda,
“Blockchain versus Database: A Critical Analysis,” in 2018 17th IEEE
International Conference On Trust, Security And Privacy In Computing
And Communications/12th IEEE International Conference On Big Data
Science And Engineering (TrustCom/BigDataSE). IEEE, 2018, pp.
1348–1353.
[9] F. Hofmann, S. Wurster, E. Ron, and M. Böhmecke-Schwafert, “The im-
mutability concept of blockchains and benefits of early standardization,”
in 2017 ITU Kaleidoscope: Challenges for a Data-Driven Society (ITU
K). IEEE, 2017, pp. 1–8.
[10] M. Di Pierro, “What is the blockchain?” Computing in Science &
Engineering, vol. 19, no. 5, pp. 92–95, 2017.
[11] A. Anjum, M. Sporny, and A. Sill, “Blockchain standards for compliance
and trust,” IEEE Cloud Computing, vol. 4, no. 4, pp. 84–90, 2017.
[12] R. Zhang, R. Xue, and L. Liu, “Security and privacy on blockchain,”
ACM Comput. Surv., vol. 52, no. 3, pp. 51:1–51:34, Jul. 2019. [Online].
Available: http://doi.acm.org/10.1145/3316481
[13] Q. Zhu, S. W. Loke, R. Trujillo-Rasua, F. Jiang, and Y. Xiang,
“Applications of distributed ledger technologies to the internet of things:
A survey,” ACM Comput. Surv., vol. 52, no. 6, pp. 120:1–120:34, Nov.
2019. [Online]. Available: http://doi.acm.org/10.1145/3359982
[14] I. A. Qasse, M. Abu Talib, and Q. Nasir, “Inter blockchain
communication: A survey,” in Proceedings of the ArabWIC 6th
Annual International Conference Research Track, ser. ArabWIC 2019.
New York, NY, USA: ACM, 2019, pp. 2:1–2:6. [Online]. Available:
http://doi.acm.org/10.1145/3333165.3333167
[15] W. Chen, Z. Xu, S. Shi, Y. Zhao, and J. Zhao, “A survey of blockchain
applications in different domains,” in Proceedings of the 2018
International Conference on Blockchain Technology and Application,
ser. ICBTA 2018. New York, NY, USA: ACM, 2018, pp. 17–21.
[Online]. Available: http://doi.acm.org/10.1145/3301403.3301407
[16] P. Chakraborty, R. Shahriyar, A. Iqbal, and A. Bosu, “Understanding
the software development practices of blockchain projects: A survey,”
in Proceedings of the 12th ACM/IEEE International Symposium on
Empirical Software Engineering and Measurement, ser. ESEM ’18.
New York, NY, USA: ACM, 2018, pp. 28:1–28:10. [Online]. Available:
http://doi.acm.org/10.1145/3239235.3240298
[17] P. T. Duy, D. T. T. Hien, D. H. Hien, and V.-H. Pham, “A survey
on opportunities and challenges of blockchain technology adoption for
revolutionary innovation,” in Proceedings of the Ninth International
Symposium on Information and Communication Technology, ser. SoICT
2018. New York, NY, USA: ACM, 2018, pp. 200–207. [Online].
Available: http://doi.acm.org/10.1145/3287921.3287978
[18] Btc, “Yes, Bitcoin Can Do Smart Contracts and Particl Demonstrates
How.” [Online]. Available: https://bitcoinmagazine.com/articles/
yes-bitcoin-can-do- smart-contracts-and- particl-demonstrates-how/
[19] S. Lande and R. Zunino, “SoK: Unraveling Bitcoin Smart Contracts,”
Principles of Security and Trust LNCS 10804, p. 217, 2018.
[20] G. Wood, “Ethereum: A Secure Decentralised Generalised Transaction
Ledger,” Ethereum project yellow paper, vol. 151, pp. 1–32, 2014.
[21] Y. Hu, A. Manzoor, P. Ekparinya, M. Liyanage, K. Thilakarathna,
G. Jourjon, A. Seneviratne, and M. E. Ylianttila, “A Delay-Tolerant
Payment Scheme Based on the Ethereum Blockchain,” CoRR, vol.
abs/1801.10295, 2018. [Online]. Available: http://arxiv.org/abs/1801.
10295
[22] D. Hopwood, S. Bowe, T. Hornby, and N. Wilcox, “Zcash Protocol
Specification,” Tech. rep. 2016–1.10. Zerocoin Electric Coin Company,
Tech. Rep., 2016.
[23] E. Duffield and D. Diaz, “Dash: A Privacy-centric Cryptocurrency,” No
Publisher, 2015.
[24] M. T. Rosner and A. Kang, “Understanding and Regulating Twenty-first
Century Payment Systems: The Ripple Case Study,” Mich. L. Rev., vol.
114, p. 649, 2015.
[25] A. Azaria, A. Ekblaw, T. Vieira, and A. Lippman, “MedRec: Using
Blockchain for Medical Data Access and Permission Management,” in
2016 2nd International Conference on Open and Big Data (OBD), Aug
2016, pp. 25–30.
[26] P. Nichol and J. Brandt, “Co-Creation of Trust for Healthcare: The
Cryptocitizen Framework for Interoperability with Blockchain,” 07 2016.
[27] T. Kuo and L. Ohno-Machado, “ModelChain: Decentralized Privacy-
Preserving Healthcare Predictive Modeling Framework on Private
Blockchain Networks,” CoRR, vol. abs/1802.01746, 2018. [Online].
Available: http://arxiv.org/abs/1802.01746
16 VOLUME 4, 2016
[28] G. G. Dagher, J. Mohler, M. Milojkovic, and P. B. Marella, “Ancile:
Privacy-preserving Framework for Access Control and Interoperability
of Electronic Health Records using Blockchain Technology,” Sustainable
cities and society, vol. 39, pp. 283–297, 2018.
[29] X. Yue, H. Wang, D. Jin, M. Li, and W. Jiang, “Healthcare Data Gate-
ways: Found Healthcare Intelligence on Blockchain with Novel Privacy
Risk Control,” Journal of medical systems, vol. 40, no. 10, p. 218, 2016.
[30] S. P. Novikov, O. D. Kazakov, N. A. Kulagina, and N. Y. Azarenko,
“Blockchain and Smart Contracts in a Decentralized Health In-
frastructure,” in 2018 IEEE International Conference" Quality Man-
agement, Transport and Information Security, Information Technolo-
gies"(IT&QM&IS). IEEE, 2018, pp. 697–703.
[31] S. Alexaki, G. Alexandris, V. Katos, and E. N. Petroulakis, “Blockchain-
based Electronic Patient Records for Regulated Circular Healthcare Ju-
risdictions,” in 2018 IEEE 23rd International Workshop on Computer
Aided Modeling and Design of Communication Links and Networks
(CAMAD). IEEE, 2018, pp. 1–6.
[32] T.-T. Kuo, H.-E. Kim, and L. Ohno-Machado, “Blockchain Distributed
Ledger Technologies for Biomedical and Health Care Applications,”
Journal of the American Medical Informatics Association, vol. 24, no. 6,
pp. 1211–1220, 2017.
[33] M. I. Mehar, C. L. Shier, A. Giambattista, E. Gong, G. Fletcher, R. Sanay-
hie, H. M. Kim, and M. Laskowski, “Understanding a revolutionary and
flawed grand experiment in blockchain: The dao attack,” Journal of Cases
on Information Technology (JCIT), vol. 21, no. 1, pp. 19–32, 2019.
[34] A. Wright and P. De Filippi, “Decentralized Blockchain Technology and
the Rise of Lex Cryptographia,” Available at SSRN 2580664, 2015.
[35] K. Wüst and A. Gervais, “Do You Need a Blockchain?” in 2018 Crypto
Valley Conference on Blockchain Technology (CVCBT). IEEE, 2018,
pp. 45–54.
[36] C. D. Clack, V. A. Bakshi, and L. Braine, “Smart Contract Tem-
plates: Essential Requirements and Design Options,” arXiv preprint
arXiv:1612.04496, 2016.
[37] S. Wang, Y. Yuan, X. Wang, J. Li, R. Qin, and F.-Y. Wang, “An Overview
of Smart Contract: Architecture, Applications, and Future Trends,” in
2018 IEEE Intelligent Vehicles Symposium (IV). IEEE, 2018, pp. 108–
113.
[38] N. Reiff, “What Is ERC-20 and What Does It Mean for
Ethereum?” 2020. [Online]. Available: https://www.investopedia.com/
news/what-erc20-and-what-does-it- mean-ethereum/
[39] Z. Zheng, S. Xie, H.-N. Dai, W. Chen, X. Chen, J. Weng, and M. Imran,
“An overview on smart contracts: Challenges, advances and platforms,”
Future Generation Computer Systems, vol. 105, pp. 475–491, 2020.
[40] V. Buterin et al., “A Next-generation Smart Contract and Decentralized
Application Platform,” white paper, vol. 3, p. 37, 2014.
[41] W. Corda, “Corda Technical Whitepaper,”
https://www.corda.net/content/corda-technical-whitepaper.pdf.
[42] H. Fabric, “Hyperledger Fabric,” https://www.hyperledger.org/wp-
content/uploads/2018/07/, 2018.
[43] R. Waves, “Waves ,” https://wavesplatform.com/files/whitepaper_v0.pdf.
[44] I. Bashir, Mastering Blockchain: Distributed Ledger Technology, Decen-
tralization, and Smart Contracts Explained. Packt Publishing Ltd, 2018.
[45] D. Macrinici, C. Cartofeanu, and S. Gao, “Smart Contract Applications
within Blockchain Technology: A Systematic Mapping Study,” Telemat-
ics and Informatics, 2018.
[46] Z. Zheng, S. Xie, H. Dai, X. Chen, and H. Wang, “An Overview of
Blockchain Technology: Architecture, consensus, and Future Trends,” in
2017 IEEE international congress on big data (BigData congress). IEEE,
2017, pp. 557–564.
[47] A. Norta, “Designing a Smart-contract Application Layer for Transacting
Decentralized Autonomous Organizations,” in International Conference
on Advances in Computing and Data Sciences. Springer, 2016, pp.
595–604.
[48] T. Mancini-Griffoli, M. S. M. Peria, I. Agur, A. Ari, J. Kiff, A. Popescu,
and C. Rochon, “Casting Light on Central Bank Digital Currency,” IMF
Staff Discussion Notes, no. 18-08, 2018.
[49] E. Shapiro, “Point: Foundations of e-democracy,” Communications of the
ACM, vol. 61, no. 8, pp. 31–34, 2018.
[50] S. S. Gupta, Blockchain. John Wiley & Sons, Inc, 2017.
[51] F. Rizal Batubara, J. Ubacht, and M. Janssen, “Unraveling transparency
and accountability in blockchain,” in Proceedings of the 20th Annual
International Conference on Digital Government Research, 2019, pp.
204–213.
[52] T. Nugent, D. Upton, and M. Cimpoesu, “Improving Data Transparency
in Clinical Trials using Blockchain Smart Contracts,” F1000Research,
vol. 5, 2016.
[53] F. Yiannas, “A New Era of Food Transparency Powered by Blockchain,”
Innovations: Technology, Governance, Globalization, vol. 12, no. 1-2, pp.
46–56, 2018.
[54] M. Farnaghi and A. Mansourian, “Blockchain, an enabling technology
for transparent and accountable decentralized public participatory gis,”
Cities, vol. 105, p. 102850, 2020.
[55] N. Pokrovskaia, “Tax, financial and social regulatory mechanisms within
the knowledge-driven economy. blockchain algorithms and fog com-
puting for the efficient regulation,” in 2017 XX IEEE International
Conference on Soft Computing and Measurements (SCM). IEEE, 2017,
pp. 709–712.
[56] F. Sander, J. Semeijn, and D. Mahr, “The acceptance of blockchain
technology in meat traceability and transparency,” British Food Journal,
2018.
[57] C. Cachin et al., “Architecture of the Hyperledger Blockchain Fabric,”
in Workshop on distributed cryptocurrencies and consensus ledgers, vol.
310, no. 4, 2016.
[58] C. Dannen, Introducing Ethereum and Solidity. Springer, 2017, vol. 1.
[59] G. O. Karame, E. Androulaki, M. Roeschlin, A. Gervais, and S. ˇ
Capkun,
“Misbehavior in Bitcoin: A Study of Double-spending and Accountabil-
ity,” ACM Transactions on Information and System Security (TISSEC),
vol. 18, no. 1, pp. 1–32, 2015.
[60] R. NEM, “NEM Technical Reference,” https://nem.io/wp-
content/themes/nem/files/NEM_techRef.pdf/.
[61] W. Stellar, “Stellar Whitepaper,” https://stellargold.net/whitepaper.pdf.
[62] E. Classic, “Ethereum Classic,” Ethereum Classic (accessed 16 October
2017) https://ethereumclassic. github. io.
[63] L. Goodman, “Tezos—a Self-amending Crypto-ledger White Paper,”
URL: https://www. tezos. com/static/papers/white_paper. pdf, 2014.
[64] “Neo Blockchain Whitepaper.” [Online]. Available: https://docs.neo.org/
docs/en-us/index.html
[65] “Cardano Blockchain Whitepaper.” [Online]. Available: https://www.
circle.com/marketing/pdfs/research/circle-research-cardano.pdf
[66] “EOS Blockchain Whitepaper.” [Online]. Available:
https://github.com/BlockchainTranslator/EOS/blob/master/TechDoc/
EOS.IO-Technical-WhitePaper-v2.md
[67] “Qtum Blockchain Whitepaper.” [Online]. Available: https://old.qtum.
org/user/pages/03.tech/01.white-papers/QtumWhitepaper.pdf
[68] “Lisk Whitepaper.” [Online]. Available: https://github.com/slasheks/
lisk-whitepaper/blob/development/LiskWhitepaper.md
[69] “ark whitepaper.”
[70] “Rootstock Platform Bitcoin Powered Smart Contract Whitepaper.”
[Online]. Available: https://www.rsk.co/wp-content/uploads/2019/02/
RSK-White-Paper-Updated.pdf
[71] “NXT Whitepaper.” [Online]. Available: https://www.rsk.co/wp-content/
uploads/2019/02/RSK-White-Paper-Updated.pdf
[72] T. Min and W. Cai, “A security case study for blockchain games,” in 2019
IEEE Games, Entertainment, Media Conference (GEM). IEEE, 2019,
pp. 1–8.
[73] Z. Liu, N. C. Luong, W. Wang, D. Niyato, P. Wang, Y.-C. Liang, and D. I.
Kim, “A Survey on Blockchain: a Game Theoretical Perspective,” IEEE
Access, vol. 7, pp. 47 615–47 643, 2019.
[74] Y. Zhang, S. Ma, J. Li, K. Li, S. Nepal, and D. Gu, “SMARTSHIELD:
Automatic Smart Contract Protection Made Easy,” in 2020 IEEE 27th
International Conference on Software Analysis, Evolution and Reengi-
neering (SANER). IEEE, 2020, pp. 23–34.
[75] C. G. Harris, “The risks and challenges of implementing ethereum smart
contracts,” in 2019 IEEE International Conference on Blockchain and
Cryptocurrency (ICBC). IEEE, 2019, pp. 104–107.
[76] S. Kim and S. Ryu, “Analysis of blockchain smart contracts: Techniques
and insights,” in 2020 IEEE Secure Development (SecDev). IEEE, 2020,
pp. 65–73.
[77] P. Otte, M. de Vos, and J. Pouwelse, “Trustchain: A sybil-resistant
scalable blockchain,” Future Generation Computer Systems, vol. 107, pp.
770–780, 2020.
[78] Y. Cai and D. Zhu, “Fraud detections for online businesses: a perspective
from blockchain technology,” Financial Innovation, vol. 2, no. 1, p. 20,
2016.
[79] M. Bellare, Z. Brakerski, M. Naor, T. Ristenpart, G. Segev, H. Shacham,
and S. Yilek, “Hedged public-key encryption: How to protect against bad
VOLUME 4, 2016 17
randomness,” in International Conference on the Theory and Application
of Cryptology and Information Security. Springer, 2009, pp. 232–249.
[80] K. Chatterjee, A. K. Goharshady, and A. Pourdamghani, “Probabilistic
smart contracts: Secure randomness on the blockchain,” in 2019 IEEE
International Conference on Blockchain and Cryptocurrency (ICBC).
IEEE, 2019, pp. 403–412.
[81] D. Efanov and P. Roschin, “The all-pervasiveness of the blockchain
technology,” Procedia Computer Science, vol. 123, pp. 116–121, 2018.
[82] U. W. Chohan, “The double spending problem and cryptocurrencies,”
Available at SSRN 3090174, 2017.
[83] S. Zhang and J.-H. Lee, “Double-spending with a sybil attack in the
bitcoin decentralized network,” IEEE Transactions on Industrial Infor-
matics, vol. 15, no. 10, pp. 5715–5722, 2019.
[84] S. Dey, “Securing majority-attack in blockchain using machine learning
and algorithmic game theory: A proof of work,” in 2018 10th computer
science and electronic engineering (CEEC). IEEE, 2018, pp. 7–10.
[85] J. Moubarak, E. Filiol, and M. Chamoun, “On blockchain security and
relevant attacks,” in 2018 IEEE Middle East and North Africa Communi-
cations Conference (MENACOMM). IEEE, 2018, pp. 1–6.
[86] A. Groce, J. Feist, G. Grieco, and M. Colburn, “What are the actual
flaws in important smart contracts (and how can we find them)?” in
International Conference on Financial Cryptography and Data Security.
Springer, 2020, pp. 634–653.
[87] C. Liu, J. Gao, Y. Li, H. Wang, and Z. Chen, “Studying gas exceptions
in blockchain-based cloud applications,” Journal of Cloud Computing,
vol. 9, no. 1, pp. 1–25, 2020.
[88] H. Hasanova, U.-j. Baek, M.-g. Shin, K. Cho, and M.-S. Kim, “A survey
on blockchain cybersecurity vulnerabilities and possible countermea-
sures,” International Journal of Network Management, vol. 29, no. 2, p.
e2060, 2019.
[89] X. Li, P. Jiang, T. Chen, X. Luo, and Q. Wen, “A survey on the security
of blockchain systems,” Future Generation Computer Systems, vol. 107,
pp. 841–853, 2020.
[90] A. Singh, R. M. Parizi, Q. Zhang, K.-K. R. Choo, and A. Dehghantanha,
“Blockchain smart contracts formalization: Approaches and challenges
to address vulnerabilities,” Computers & Security, vol. 88, p. 101654,
2020.
[91] D. K. Tosh, S. Shetty, X. Liang, C. A. Kamhoua, K. A. Kwiat, and
L. Njilla, “Security implications of blockchain cloud with analysis of
block withholding attack,” in 2017 17th IEEE/ACM International Sym-
posium on Cluster, Cloud and Grid Computing (CCGRID). IEEE, 2017,
pp. 458–467.
[92] S. Tikhomirov, E. Voskresenskaya, I. Ivanitskiy, R. Takhaviev,
E. Marchenko, and Y. Alexandrov, “Smartcheck: Static Analysis of
Ethereum Smart Contracts,” in 2018 IEEE/ACM 1st International Work-
shop on Emerging Trends in Software Engineering for Blockchain (WET-
SEB). IEEE, 2018, pp. 9–16.
[93] I. Nikoli´
c, A. Kolluri, I. Sergey, P. Saxena, and A. Hobor, “Finding the
greedy, prodigal, and suicidal contracts at scale,” in Proceedings of the
34th Annual Computer Security Applications Conference. ACM, 2018,
pp. 653–663.
[94] C. Liu, H. Liu, Z. Cao, Z. Chen, B. Chen, and B. Roscoe, “ReGuard:
Finding Reentrancy Bugs in Smart Contracts,” in Proceedings of the
40th International Conference on Software Engineering: Companion
Proceeedings. ACM, 2018, pp. 65–68.
[95] B. Jiang, Y. Liu, and W. Chan, “Contractfuzzer: Fuzzing Smart Contracts
for Vulnerability Detection,” in Proceedings of the 33rd ACM/IEEE
International Conference on Automated Software Engineering. ACM,
2018, pp. 259–269.
[96] L. Luu, D.-H. Chu, H. Olickel, P. Saxena, and A. Hobor, “Making smart
contracts smarter,” in Proceedings of the 2016 ACM SIGSAC conference
on computer and communications security. ACM, 2016, pp. 254–269.
[97] H. Liu, C. Liu, W. Zhao, Y. Jiang, and J. Sun, “S-gram: Towards
Semantic-aware Security Auditing for Ethereum Smart Contracts,” in
Proceedings of the 33rd ACM/IEEE International Conference on Auto-
mated Software Engineering. ACM, 2018, pp. 814–819.
[98] L. Brent, A. Jurisevic, M. Kong, E. Liu, F. Gauthier, V. Gramoli, R. Holz,
and B. Scholz, “Vandal: A Scalable Security Analysis Framework for
Smart Contracts,” arXiv preprint arXiv:1809.03981, 2018.
[99] M. Suiche, “Porosity: A Decompiler for Blockchain-based Smart Con-
tracts Bytecode,” DEF CON, vol. 25, p. 11, 2017.
[100] N. Grech, M. Kong, A. Jurisevic, L. Brent, B. Scholz, and Y. Smarag-
dakis, “Madmax: Surviving Out-of-Gas Conditions in Ethereum Smart
Contracts,” Proceedings of the ACM on Programming Languages, vol. 2,
no. OOPSLA, p. 116, 2018.
[101] K. Wüst and A. Gervais, “Ethereum Eclipse Attacks,” ETH Zurich, Tech.
Rep., 2016.
[102] P. Tsankov, A. Dan, D. Drachsler-Cohen, A. Gervais, F. Buenzli, and
M. Vechev, “Securify: Practical Security Analysis of Smart Contracts,”
in Proceedings of the 2018 ACM SIGSAC Conference on Computer and
Communications Security. ACM, 2018, pp. 67–82.
[103] I. Grishchenko, M. Maffei, and C. Schneidewind, “A Semantic Frame-
work for the Security Analysis of Ethereum Smart Contracts,” in Interna-
tional Conference on Principles of Security and Trust. Springer, 2018,
pp. 243–269.
[104] P. Otte, M. de Vos, and J. Pouwelse, “TrustChain: A Sybil-resistant
Scalable Blockchain,” Future Generation Computer Systems, 2017.
[105] S. Kalra, S. Goel, M. Dhawan, and S. Sharma, “Zeus: Analyzing safety
of smart contracts,” in 25th Annual Network and Distributed System
Security Symposium, NDSS, 2018, pp. 18–21.
[106] I. Grishchenko, M. Maffei, and C. Schneidewind, “EtherTrust: Sound
Static Analysis of Ethereum Bytecode,” Technische Universität Wien,
Tech. Rep, 2018.
[107] M. Mossberg, F. Manzano, E. Hennenfent, A. Groce, G. Grieco, J. Feist,
T. Brunson, and A. Dinaburg, “Manticore: A User-Friendly Symbolic
Execution Framework for Binaries and Smart Contracts,” arXiv preprint
arXiv:1907.03890, 2019.
[108] P. Mell, J. Kelsey, and J. Shook, “Cryptocurrency Smart Contracts for
Distributed Consensus of Public Randomness,” in International Sym-
posium on Stabilization, Safety, and Security of Distributed Systems.
Springer, 2017, pp. 410–425.
[109] G. Destefanis, M. Marchesi, M. Ortu, R. Tonelli, A. Bracciali, and
R. Hierons, “Smart Contracts Vulnerabilities: A Call for Blockchain
Software Engineering?” in 2018 International Workshop on Blockchain
Oriented Software Engineering (IWBOSE). IEEE, 2018, pp. 19–25.
[110] N. Atzei, M. Bartoletti, and T. Cimoli, “A Survey of Attacks on Ethereum
Smart Contracts (sok),” in International Conference on Principles of
Security and Trust. Springer, 2017, pp. 164–186.
[111] K. Delmolino, M. Arnett, A. Kosba, A. Miller, and E. Shi, “Step by
Step Towards Creating a Safe Smart Contract: Lessons and Insights
from a Cryptocurrency Lab,” in International Conference on Financial
Cryptography and Data Security. Springer, 2016, pp. 79–94.
[112] M. Wohrer and U. Zdun, “Smart contracts: security patterns in the
ethereum ecosystem and solidity,” in 2018 International Workshop on
Blockchain Oriented Software Engineering (IWBOSE), March 2018, pp.
2–8.
[113] R. M. Parizi, A. Dehghantanha, K.-K. R. Choo, and A. Singh, “Empirical
Vulnerability Analysis of Automated Smart Contracts Security Testing
on Blockchains,” in Proceedings of the 28th Annual International Con-
ference on Computer Science and Software Engineering. IBM Corp.,
2018, pp. 103–113.
[114] A. Mavridou and A. Laszka, “Designing Secure Ethereum Smart
Contracts: A Finite State Machine based Approach,” arXiv preprint
arXiv:1711.09327, 2017.
[115] K. Bhargavan, A. Delignat-Lavaud, C. Fournet, A. Gollamudi,
G. Gonthier, N. Kobeissi, A. Rastogi, T. Sibut-Pinote, N. Swamy, and
S. Zanella-Béguelin, “Short Paper: Formal Verification of Smart Con-
tracts,” in Proceedings of the 11th ACM Workshop on Programming
Languages and Analysis for Security (PLAS), in conjunction with ACM
CCS, 2016, pp. 91–96.
[116] T. Abdellatif and K.-L. Brousmiche, “Formal Verification of Smart
Contracts based on Users and Blockchain Behavior Models,” in 2018
9th IFIP International Conference on New Technologies, Mobility and
Security (NTMS). IEEE, 2018, pp. 1–5.
[117] Z. Nehai, P.-Y. Piriou, and F. Daumas, “Model-checking of Smart Con-
tracts,” in IEEE International Conference on Blockchain, 2018, pp. 980–
987.
[118] E. Albert, P. Gordillo, B. Livshits, A. Rubio, and I. Sergey, “EthIR:
A Framework for High-level Analysis of Ethereum Bytecode,” in In-
ternational Symposium on Automated Technology for Verification and
Analysis. Springer, 2018, pp. 513–520.
[119] A. Kosba, A. Miller, E. Shi, Z. Wen, and C. Papamanthou, “Hawk:
The Blockchain Model of Cryptography and Privacy-Preserving Smart
Contracts,” in 2016 IEEE Symposium on Security and Privacy (SP), May
2016, pp. 839–858.
[120] S. R. Niya, F. Shüpfer, T. Bocek, and B. Stiller, “Setting up Flexible
and Light Weight Trading with Enhanced User Privacy using Smart
18 VOLUME 4, 2016
Contracts,” in NOMS 2018-2018 IEEE/IFIP Network Operations and
Management Symposium. IEEE, 2018, pp. 1–2.
[121] D. Chatzopoulos, S. Gujar, B. Faltings, and P. Hui, “Privacy Preserv-
ing and Cost Optimal Mobile Crowdsensing using Smart Contracts on
Blockchain,” in 2018 IEEE 15th International Conference on Mobile Ad
Hoc and Sensor Systems (MASS). IEEE, 2018, pp. 442–450.
[122] X. Liang, S. Shetty, D. Tosh, C. Kamhoua, K. Kwiat, and L. Njilla,
“Provchain: A Blockchain-based Data Provenance Architecture in Cloud
Environment with Enhanced Privacy and Availability,” in Proceedings of
the 17th IEEE/ACM international symposium on cluster, cloud and grid
computing. IEEE Press, 2017, pp. 468–477.
[123] M. Al-Bassam, A. Sonnino, S. Bano, D. Hrycyszyn, and G. Danezis,
“Chainspace: A sharded smart contracts platform,” arXiv preprint
arXiv:1708.03778, 2017.
[124] H. Kalodner, S. Goldfeder, X. Chen, S. M. Weinberg, and E. W. Felten,
“Arbitrum: Scalable, Private Smart Contracts,” in 27th {USENIX}Secu-
rity Symposium ({USENIX}Security 18), 2018, pp. 1353–1370.
[125] R. Cheng, F. Zhang, J. Kos, W. He, N. Hynes, N. Johnson, A. Juels,
A. Miller, and D. Song, “Ekiden: A Platform for Confidentiality-
Preserving, Trustworthy, and Performant Smart Contracts,” 1804.
[126] F. Zhang, E. Cecchetti, K. Croman, A. Juels, and E. Shi, “Town crier: An
authenticated data Feed for Smart Contracts,” in Proceedings of the 2016
aCM sIGSAC conference on computer and communications security.
ACM, 2016, pp. 270–282.
[127] R. Yuan, Y.-B. Xia, H.-B. Chen, B.-Y. Zang, and J. Xie, “Shadoweth:
Private Smart Contract on Public Blockchain,” Journal of Computer
Science and Technology, vol. 33, no. 3, pp. 542–556, 2018.
[128] F. Benhamouda, S. Halevi, and T. T. Halevi, “Supporting Private Data on
Hyperledger Fabric with Secure Multiparty Computation,” IBM Journal
of Research and Development, 2019.
[129] G. Zyskind, O. Nathan, and A. Pentland, “Enigma: Decentral-
ized computation platform with guaranteed privacy,” arXiv preprint
arXiv:1506.03471, 2015.
[130] B. Bünz, S. Agrawal, M. Zamani, and D. Boneh, “Zether: Towards pri-
vacy in a smart contract world,” in International Conference on Financial
Cryptography and Data Security. Springer, 2020, pp. 423–443.
[131] H. Halpin and M. Piekarska, “Introduction to Security and Privacy on
the Blockchain,” in 2017 IEEE European Symposium on Security and
Privacy Workshops (EuroS&PW). IEEE, 2017, pp. 1–3.
[132] Z. Liehuang, G. Feng, S. Meng, L. Yandong, Z. Baokun, M. Hongliang,
and W. Zhen, “Survey on Privacy Preserving Techniques for Blockchain
Technology,” Journal of Computer Research and Development, p. 2170,
2017.
[133] B. K. Mohanta, D. Jena, S. S. Panda, and S. Sobhanayak, “Blockchain
Technology: A Survey on Applications and Security Privacy Challenges,”
Internet of Things, vol. 8, p. 100107, 2019.
[134] R. Henry, A. Herzberg, and A. Kate, “Blockchain access privacy: Chal-
lenges and directions,” IEEE Security & Privacy, vol. 16, no. 4, pp. 38–45,
2018.
[135] Q. Feng, D. He, S. Zeadally, M. K. Khan, and N. Kumar, “A survey
on privacy protection in blockchain system,” Journal of Network and
Computer Applications, vol. 126, pp. 45–58, 2019.
[136] R. Gupta, S. Tanwar, F. Al-Turjman, P. Italiya, A. Nauman, and S. W.
Kim, “Smart contract privacy protection using ai in cyber-physical sys-
tems: tools, techniques and challenges,” IEEE Access, vol. 8, pp. 24746–
24 772, 2020.
[137] N. Kapsoulis, A. Psychas, G. Palaiokrassas, A. Marinakis, A. Litke,
and T. Varvarigou, “Know your customer (kyc) implementation with
smart contracts on a privacy-oriented decentralized architecture,” Future
Internet, vol. 12, no. 2, p. 41, 2020.
[138] A. Dorri, M. Steger, S. S. Kanhere, and R. Jurdak, “Blockchain: A
Distributed Solution to Automotive Security and Privacy,” IEEE Com-
munications Magazine, vol. 55, no. 12, pp. 119–125, 2017.
[139] S. Woo, J. Song, and S. Park, “A distributed oracle using intel sgx for
blockchain-based iot applications,” Sensors, vol. 20, no. 9, p. 2725, 2020.
[140] G. Ayoade, V. Karande, L. Khan, and K. Hamlen, “Decentralized iot
data management using blockchain and trusted execution environment,”
in 2018 IEEE International Conference on Information Reuse and Inte-
gration (IRI). IEEE, 2018, pp. 15–22.
[141] S. Felsen, Á. Kiss, T. Schneider, and C. Weinert, “Secure and private
function evaluation with intel sgx,” in Proceedings of the 2019 ACM
SIGSAC Conference on Cloud Computing Security Workshop, 2019, pp.
165–181.
[142] Z. Bao, Q. Wang, W. Shi, L. Wang, H. Lei, and B. Chen, “When
blockchain meets sgx: An overview, challenges, and open issues,” IEEE
Access, 2020.
[143] L.-D. Ibáñez, K. O’Hara, and E. Simperl, “On Blockchains and the
General Data Protection Regulation,” 2018.
[144] A. Juels, A. Kosba, and E. Shi, “The Ring of Gyges: Investigating
the Future of Criminal Smart Contracts,” in Proceedings of the 2016
ACM SIGSAC Conference on Computer and Communications Security.
ACM, 2016, pp. 283–295.
[145] Intel, “Intel Software Guard Extensions (Intel SGX),” 2020.
[Online]. Available: https://www.intel.com.au/content/www/au/en/
architecture-and-technology/software-guard- extensions.html
[146] WikiPedia, “Yao’s Millionaires’ problem,” 2020. [Online]. Available:
https://splash247.com/blockchain-roaming-in-the- maritime-industry/
[147] F. Idelberger, G. Governatori, R. Riveret, and G. Sartor, “Evaluation of
Logic-based Smart Contracts for Blockchain Systems,” in International
Symposium on Rules and Rule Markup Languages for the Semantic Web.
Springer, 2016, pp. 167–183.
[148] T. Chen, X. Li, X. Luo, and X. Zhang, “Under-optimized Smart Contracts
Devour Your Money,” in 2017 IEEE 24th International Conference on
Software Analysis, Evolution and Reengineering (SANER). IEEE,
2017, pp. 442–446.
[149] A. Kothapalli, A. Miller, and N. Borisov, “Smartcast: An Incentive
Compatible Consensus Protocol using Smart Contracts,” in International
Conference on Financial Cryptography and Data Security. Springer,
2017, pp. 536–552.
[150] A. Zhang and K. Zhang, “Enabling Concurrency on Smart Contracts
using Multiversion Ordering,” in Asia-Pacific Web (APWeb) and Web-
Age Information Management (WAIM) Joint International Conference
on Web and Big Data. Springer, 2018, pp. 425–439.
[151] P. S. Anjana, S. Kumari, S. Peri, S. Rathor, and A. Somani, “An Efficient
Framework for Optimistic Concurrent Execution of Smart Contracts,” in
2019 27th Euromicro International Conference on Parallel, Distributed
and Network-Based Processing (PDP). IEEE, 2019, pp. 83–92.
[152] P. J. Piasecki, “Gaming Self-Contained Provably Fair Smart Contract
Casinos,” Ledger, vol. 1, pp. 99–110, 2016.
[153] T. Marwala and B. Xing, “Blockchain and Artificial Intelligence,” arXiv
preprint arXiv:1802.04451, 2018.
[154] Y. Lu, X. Huang, Y. Dai, S. Maharjan, and Y. Zhang, “Blockchain and
federated learning for privacy-preserved data sharing in industrial iot,”
IEEE Transactions on Industrial Informatics, 2019.
[155] J. Kang, Z. Xiong, D. Niyato, S. Xie, and J. Zhang, “Incentive mechanism
for reliable federated learning: A joint optimization approach to com-
bining reputation and contract theory,” IEEE Internet of Things Journal,
2019.
[156] J. Daniel, A. Sargolzaei, M. Abdelghani, S. Sargolzaei, and B. Amaba,
“Blockchain technology, cognitive computing, and healthcare innova-
tions,” Journal of Advances in Information Technology Vol, vol. 8, no. 3,
2017.
[157] J. Charlier, S. Lagraa, J. Francois et al., “Profiling Smart Contracts
Interactions with Tensor Decomposition and Graph Mining,” 2017.
[158] E. Karafiloski and A. Mishev, “Blockchain solutions for big data chal-
lenges: A literature review,” in IEEE EUROCON 2017-17th International
Conference on Smart Technologies. IEEE, 2017, pp. 763–768.
[159] N. Abdullah, A. Hakansson, and E. Moradian, “Blockchain based ap-
proach to enhance big data authentication in distributed environment,” in
2017 Ninth International Conference on Ubiquitous and Future Networks
(ICUFN). IEEE, 2017, pp. 887–892.
[160] L. Yue, H. Junqin, Q. Shengzhi, and W. Ruijin, “Big data model of secu-
rity sharing based on blockchain,” in 2017 3rd International Conference
on Big Data Computing and Communications (BIGCOM). IEEE, 2017,
pp. 117–121.
[161] Q. Xu, K. M. M. Aung, Y. Zhu, and K. L. Yong, “A blockchain-based
storage system for data analytics in the internet of things,” in New
Advances in the Internet of Things. Springer, 2018, pp. 119–138.
[162] U. U. Uchibeke, K. A. Schneider, S. H. Kassani, and R. Deters,
“Blockchain access control ecosystem for big data security,” in 2018
IEEE International Conference on Internet of Things (iThings) and
IEEE Green Computing and Communications (GreenCom) and IEEE
Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data
(SmartData). IEEE, 2018, pp. 1373–1378.
VOLUME 4, 2016 19
THARAKA HEWA is currently working as a Doc-
toral Student in Centre for Wireless Communica-
tion, University of Oulu, Finland. He received his
Bachelor’s degree in Computer Science from the
University of Colombo School of Computing, Sri
Lanka in 2013, and Master of Science in Infor-
mation Security (Distinction) from the University
of Colombo School of Computing in 2016. From
2012 to 2017, he worked in a leading digital pay-
ment solution provider in Sri Lanka as a Senior
Software Engineer. Within his career in the industry, he contributed to many
projects in mobile banking, internet banking, PKI, Automated Teller Ma-
chines and involved in the system integration and support. He is a certified
engineer for SafeNet Luna SA 6.0 HSM. In 2017, he joined Nanyang Tech-
nological University as a Research Associate. He played a vital role in many
research and implementation projects in different contexts. He contributed to
cybersecurity and digital payment systems and co-authored 2 publications
related to the blockchain applications in the industry with contributing to
1 patent. He contributed to ongoing research and implementation projects
including blockchain for 3D printing, agriculture, luxury watches, music
asset monetization, and aviation. In 2019 he joined Centre for Wireless
Communication and his research focus in developing a blockchain-based
platform as a service for industrial IoT.
Hewa’s research interests are Blockchain, PKI, 5G, Banking Systems
Security, Healthcare Security, and Smart Cities.
YINING HU Yining Hu received her B.E. de-
gree (Electrical) with First Class Honours from
the University of Sydney, Sydney, Australia, and
Harbin Institute of Technology, Harbin, China,
in 2016 (joint program). She received her Ph.D.
degree at the University of New South Wales,
Sydney, Australia, in 2020. During her Ph.D. can-
didature she was also affiliated to Data61-CSIRO,
Sydney, Australia. She joined IBM Australia, Mel-
bourne, Australia, as a Postdoctoral researcher, in
2020. Her main areas of research interest are illicit cryptocurrency transac-
tion analysis, improving the utility of blockchain platforms, and enabling
blockchain interoperability.
MADHUSANKA LIYANAGE (Senior Member,
IEEE) is currently an Ad Astra Fellow/Assistant
Professor at School of Computer Science, Univer-
sity College Dublin, Ireland. He is also an adjunct
professor at the University of Oulu, Finland. He
received his B.Sc. degree (First Class Honours)
in electronics and telecommunication engineering
from the University of Moratuwa, Moratuwa, Sri
Lanka, in 2009, the M.Eng. degree from the Asian
Institute of Technology, Bangkok, Thailand, in
2011, the M.Sc. degree from the University of Nice Sophia Antipolis, Nice,
France, in 2011, and the Ph.D. degree in communication engineering from
the University of Oulu, Oulu, Finland, in 2016. He was also a recipient of
prestigious Marie Skłodowska-Curie Actions Individual Fellowship during
2018-2020. From 2011 to 2012, he worked a Research Scientist at the I3S
Laboratory and Inria, Sophia Antipolis, France. He has been a Visiting Re-
search Fellow at the Department of Computer Science, University of Oxford,
Data61, CSIRO, Sydney, Australia, the Infolabs21, Lancaster University,
U.K., and Computer Science and Engineering, The University of New South
Wales during 2015-2018. In 2020, he has received "2020 IEEE ComSoc
Outstanding Young Researcher" award by IEEE ComSoc EMEA.
He has co-authored over 90 publications including two edited books with
Wiley and one patent. He is the demo co-chair of WCNC 2019, publicity
chair of ISWCS 2019 and poster chair of 6G Summit 2020. He served
as a Technical program Committee Members at EAI M3Apps 2016, 5GU
2017, EUCNC 2017, EUCNC 2018, 5GWF 2018, MASS 2018, MCWN
2018, WCNC 2019, EUCNC 2019, EUCNC 2020, MASS 2020. ICBC
2021 conferences and Technical program co-chair in SecureEdge workshop
at IEEE CIT2017 conference and Blockchain for IoT workshop at IEEE
Globecom 2018, IEEE ICC 2020 and IEEE 5GWF 2020. He has also
served as the session chair in a number of other conferences including
IEEE WCNC 2013, CROWNCOM 2014, 5GU 2014, IEEE CIT 2017, IEEE
PIMRC 2017, 5GWF 2018, Bobynet 2018, Globecom 2018, WCNC 2019,
ICC 2020. Moreover, He has received two best Paper Awards in the areas
of SDMN security (at NGMAST 2015) and 5G Security (at IEEE CSCN
2017). Additionally, he has been awarded three research grants and 22 other
prestigious awards/scholarships during his research career.
Dr. Liyanage has worked for more than twelve EU, international and
national projects in ICT domain. He held responsibilities as a leader of
work packages in several national and EU projects. Currently, he is the
Finnish national coordinator for EU COST Action CA15127 on resilient
communication services. In addition, he is/was serving as a management
committee member for four other EU COST action projects namely EU
COST Action IC1301, IC1303, CA15107 and CA16226. Liyanage has
over three years’ experience in research project management, research
group leadership, research project proposal preparation, project progress
documentation and graduate student co-supervision/mentoring, skills. In
2015, 2016 and 2017, he won the Best Researcher Award at the Centre for
Wireless Communications, University of Oulu for his excellent contribution
in project management and dissemination activities. Additionally, two of the
research projects (MEVICO and SIGMONA projects) received the CELTIC
Excellence Award in 2013 and 2017 respectively.
Dr. Liyanage’s research interests are 5G, SDN, IoT, Blockchain, MEC,
mobile and virtual network security. http://madhusanka.com.
20 VOLUME 4, 2016
SALIL S. KANHERE received his M.S. and
Ph.D. degrees, both in Electrical Engineering from
Drexel University, Philadelphia. He is a Professor
in the School of Computer Science and Engineer-
ing at UNSW Sydney, Australia. He also holds
affiliations with CSIRO’s Data61 and Cyberse-
curity Cooperative Research Centre. He has held
visiting appointments with Institute of Infocom
Research Singapore, Technical University Darm-
stadt, University of Zurich and Graz University
of Technology. His research interests include Internet of Things, pervasive
computing, cyberphysical systems, blockchain, cybersecurity and applied
machine learning. He has published over 250 peer-reviewed articles and
delivered over 50 tutorials and keynote talks on these research topics. He has
received 8 Best Paper Awards. His research has been featured on ABC News
Australia, Forbes, Wired, ZDNET, MIT Technology Review, Computer
World, IEEE Spectrum and other media outlets. He regularly features on
the organizing committee of a number of IEEE and ACM international
conferences. He is the General Chair for the IEEE International Conference
on Blockchain and Cryptocurrency (IEEE ICBC) in 2021. Salil is the Editor
in Chief of the Ad Hoc Networks Journal and on the Editorial Board
of IEEE Transactions on Network Management and Service, Pervasive
and Mobile Computing and Computer Communications. He serves on the
Executive Committee of the IEEE Computer Society’s Technical Committee
on Computer Communications (TCCC). Salil is a Senior Member of both
the IEEE and the ACM. He is a recipient of the Alexander von Humboldt
Research Fellowship.
MIKA YLIANTTILA (Senior Member, IEEE) is
a full-time associate professor (tenure track) at
the Centre for Wireless Communications (CWC),
at the Faculty of Information Technology and
Electrical Engineering (ITEE), University of Oulu,
Finland. He is leading a research team and is the
director of communications engineering doctoral
degree program. Previously he was the director
of Center for Internet Excellence (2012-2015),
vice director of MediaTeam Oulu research group
(2009-2011), and professor (pro tem) in computer science and engineering,
and director of information networks study programme (2005-2010). He
received his doctoral degree on Communications Engineering at the Univer-
sity of Oulu in 2005. He has coauthored more than 150 international peer-
reviewed articles. His research interests include edge computing, network
security, network virtualization and software-defined networking. He is a
Senior Member of IEEE, and Editor in Wireless Networks journal.
VOLUME 4, 2016 21
