Skip to Main content Skip to Navigation
New interface
Conference papers

Analysis of Source Code Duplication in Ethreum Smart Contracts

Giuseppe Antonio Pierro 1, 2 Roberto Tonelli 2 
1 RMOD - Analyses and Languages Constructs for Object-Oriented Application Evolution
Inria Lille - Nord Europe, CRIStAL - Centre de Recherche en Informatique, Signal et Automatique de Lille - UMR 9189
Abstract : The practice of writing smart contracts for the Ethereum blockchain is quite recent and still in development. A blockchain developer should expect constant changes in the security software field, as new bugs and security risks are discovered, and new good practices are developed. Following the security practices accepted in the blockchain community is not enough to ensure the writing of secure smart contracts. The paper aims to study the practice of code cloning among the smart contracts by analyzing two corpora. The first corpus, the "Smart-Corpus", includes smart contracts already deployed in the Ethereum blockchain. The second corpus, the "Open-Zeppelin's Solidity Library", is supervised by a community of developers who constantly take care to increase the security and efficiency of the smart contracts included in the corpus. From the comparative analysis of the corpora, we observe that the smart contracts developers frequently duplicate the code by cloning already existing smart contracts which are not part of the "OpenZeppelin corpus". In particular, we found that 79.1% of smart contracts contain duplicated code and only 18.4% of smart contracts reuse the code by implementing a smart corpus belonging to the OpenZeppelin repository. The paper discusses the advantages and the disadvantages of code duplication in the Ethereum blockchain ecosystem, and suggests to refer to the smart contracts of the OpenZeppelin's Solidity Library. The Ethereum blockchain community can indeed benefit from using the tested code presented in OpenZeppelin's Solidity Library to increase its security.
Document type :
Conference papers
Complete list of metadata

https://hal.inria.fr/hal-03358152
Contributor : Lse Lse Connect in order to contact the contributor
Submitted on : Wednesday, September 29, 2021 - 11:17:29 AM
Last modification on : Friday, November 25, 2022 - 6:54:06 PM
Long-term archiving on: : Thursday, December 30, 2021 - 6:47:49 PM

File

Pierr21c-DuplicationAnalysis-S...
Files produced by the author(s)

Identifiers

  • HAL Id : hal-03358152, version 1

Citation

Giuseppe Antonio Pierro, Roberto Tonelli. Analysis of Source Code Duplication in Ethreum Smart Contracts. 2021 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), Mar 2021, Honolulu, United States. ⟨hal-03358152⟩

Share

Metrics

Record views

47

Files downloads

349