Rethinking Blockchain Security: Position Paper
This addresses security issues for blockchain developers and users, but it is incremental as it builds on existing software testing and framework concepts.
The paper tackles the problem of security breaches in blockchain technology by analyzing incidents using a STIX-formatted database, identifying smart contracts and protocol incentives as key categories, and proposing software testing for smart contracts and the PRESTO framework for protocol comparison.
Blockchain technology has become almost as famous for incidents involving security breaches as for its innovative potential. We shed light on the prevalence and nature of these incidents through a database structured using the STIX format. Apart from OPSEC-related incidents, we find that the nature of many incidents is specific to blockchain technology. Two categories stand out: smart contracts, and techno-economic protocol incentives. For smart contracts, we propose to use recent advances in software testing to find flaws before deployment. For protocols, we propose the PRESTO framework that allows us to compare different protocols within a five-dimensional framework.