Almost one million Ethereum smart contracts have been recently scanned by researchers. The result of the scan revealed that 34,200 contracts are vulnerable, and they could be exploited. This means that the users could have their assets frozen, deleted or stolen by the attackers.
Smart contracts vulnerabilities
The smart contracts had some vulnerabilities that can be easily exploited. That is because smart contracts are also pieces of code. For example, back in 2016, TheDAO organization was the target of an attack, and a hacker managed to steal more than $50 million worth of Ether.
This event determined the researchers from National University of Singapore (NUS) to analyze more Ethereum smart contract. They managed to do that, after they created a tool named Oyente back in 2016.
This tool is able to scan Ethereum contracts in order to detect bugs. They began by analyzing 19,366 Ethereum smart contracts. They discovered that 8.833 were vulnerable.
The researchers began scanning smart contracts once again, after another contract bug was exploited last fall. That time, a GitHub user Devops199 locked more than $285 million worth of Ether in Parity wallets with a bug he found.
A new tool was created. This one was named Maian and it is even better when it comes to at-scale scanning. This tool discovered that 3.5% of the contracts had a major vulnerability that could be used by attackers. The research team warned users once again.
What are smart contracts?
Smart contracts are a number of coded operations that are automatically executed when an input to the contract is sent. For example, the owner of a contract can choose how many bids he or she wants for the object. The condition is set in the contract, and once it is met, the Ether transaction begins.