JavaScript is disabled for your browser. Some features of this site may not work without it.
HACK THIS CONTRACT

Author
Jain, Aayushi
Abstract
Smart contracts are computer programs on top of blockchains that can be executed by a network of mutually distrusting nodes, without the need of an external trusted authority. Since smart contracts handle and transfer assets of considerable value between two parties, the security of the contract program is of utmost importance. Despite prior work in the form of numerous blog posts, Internet discussion forums, DASP top 10, ConsenSys best practices and research papers has been done to tackle vulnerabilities in Ethereum smart contracts, the problem is that students only hear about them in the lecture or read about them online. However, they don’t have a concrete notion of what form they take or how they come about. This thesis describes the development process of an educational tool, ’Hack This Contract’ (website) aimed at helping students learn/identify security vulnerabilities in smart contracts and also motivate the need for secure smart contract development. Whilst, in the first half of development, additional contracts replicating the Parity Multisig Wallet Hack have been incorporated, analysis of students’ feedback has shifted the focus of the second half of development towards realizing the need for secure authentication mechanism and implementation of the same. Ultimately, I have shared my findings, experiences as well as challenges encountered during the design of such a system and discussed to what extent was ’Hack This Contract’ effective in addressing its goals.
Description
35 pages
Date Issued
2020-05Subject
Educational Tool; Smart Contracts; Vulnerabilities
Committee Chair
Azenkot, Shiri
Committee Member
Estrin, Deborah
Degree Discipline
Information Science
Degree Name
M.S., Information Science
Degree Level
Master of Science
Type
dissertation or thesis