?url_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Adc&rft.title=Smart+Contract+and+DeFi+Security+Tools%3A%0D%0ADo+They+Meet+the+Needs+of+Practitioners%3F&rft.creator=Chaliasos%2C+Stefanos&rft.creator=Charalambous%2C+Marcos+Antonios&rft.creator=Zhou%2C+Liyi&rft.creator=Galanopoulou%2C+Rafaila&rft.creator=Gervais%2C+Arthur&rft.creator=Mitropoulos%2C+Dimitris&rft.creator=Livshits%2C+Benjamin&rft.description=The+growth+of+the+decentralized+finance+(DeFi)+ecosystem+built+on+blockchain+technology+and+smart+contracts+has+led+to+an+increased+demand+for+secure+and+reliable+smart+contract+development.+However%2C+attacks+targeting+smart+contracts+are+increasing%2C+causing+an+estimated+%246.45+billion+in+financial+losses.+Researchers+have+proposed+various+automated+security+tools+to+detect+vulnerabilities%2C+but+their+real-world+impact+remains+uncertain.%0D%0AIn+this+paper%2C+we+aim+to+shed+light+on+the+effectiveness+of+automated+security+tools+in+identifying+vulnerabilities+that+can+lead+to+high-profile+attacks%2C+and+their+overall+usage+within+the+industry.+Our+comprehensive+study+encompasses+an+evaluation+of+five+SoTA+automated+security+tools%2C+an+analysis+of+127+high-impact+real-world+attacks+resulting+in+%242.3+billion+in+losses%2C+and+a+survey+of+49+developers+and+auditors+working+in+leading+DeFi+protocols.+Our+findings+reveal+a+stark+reality%3A+the+tools+could+have+prevented+a+mere+8%25+of+the+attacks+in+our+dataset%2C+amounting+to+%24149+million+out+of+the+%242.3+billion+in+losses.+Notably%2C+all+preventable+attacks+were+related+to+reentrancy+vulnerabilities.+Furthermore%2C+practitioners+distinguish+logic-related+bugs+and+protocol+layer+vulnerabilities+as+significant+threats+that+are+not+adequately+addressed+by+existing+security+tools.+Our+results+emphasize+the+need+to+develop+specialized+tools+catering+to+the+distinct+demands+and+expectations+of+developers+and+auditors.+Further%2C+our+study+highlights+the+necessity+for+continuous+advancements+in+security+tools+to+effectively+tackle+the+ever-evolving+challenges+confronting+the+DeFi+ecosystem.&rft.publisher=Association+for+Computing+Machinery+(ACM)&rft.date=2024-02-06&rft.type=Proceedings+paper&rft.language=eng&rft.source=+++++In%3A++Proceedings+of+the+46th+International+Conference+on+Software+Engineering+(ICSE+2024).++(pp.+art+no-60).++Association+for+Computing+Machinery+(ACM)%3A+Lisbon%2C+Portugal.+(2024)+++++&rft.format=text&rft.identifier=https%3A%2F%2Fdiscovery.ucl.ac.uk%2Fid%2Feprint%2F10182359%2F7%2FGervais_Smart%2520Contract%2520and%2520DeFi%2520Security_3597503.pdf&rft.identifier=https%3A%2F%2Fdiscovery.ucl.ac.uk%2Fid%2Feprint%2F10182359%2F&rft.rights=open