Analyzing the Impact of Elusive Faults on Blockchain Reliability
Blockchain recently became very popular due to its use in cryptocurrencies and potential application in various domains (e.g., retail, healthcare, insurance). The smart contract is a key part of blockchain systems and specifies an agreement between transaction participants. Nowadays, smart contracts are being deployed carrying residual faults, including severe vulnerabilities that lead to different types of failures at runtime. Fault detection tools can be used to detect faults that may then be removed from the code before deployment. However, in the case of smart contracts, the common opinion is that tools are immature and ineffective. In this work, we carry out a fault injection campaign to empirically analyze the runtime impact that realistic faults present in smart contracts may have on the reliability of blockchain systems. We place particular attention on the faults that elude popular smart contract verification tools and show if and in which ways the faults lead the blockchain system to fail at runtime. Results show general poor detection and, to some extent, complementary performance by the three tools used. The results also show that several elusive faults are responsible for severe blockchain failures.
READ FULL TEXT