Of the nearly one million smart contracts based on Ethereum, critical vulnerabilities were found in over 34200. Such data were released as a result of a large-scale study themed “Finding the Greedy, Prodigal, and Suicidal Contracts at Scale” conducted by five specialists from the National University of Singapore (NUS) and Yale-NUS College and University College London.
In manual mode, the project team analyzed 3759 smart contracts locally using a copy of the Ethereum blockchain part and uncovered unforeseen effects that they considered to be vulnerabilities that could lead to a complete blockage or leakage of funds or the destruction of the smart contract itself. The researchers then repeated the vulnerabilities found, with a performance factor of 89%.
The maximum amount that could be deduced using the identified vulnerabilities was determined by the authors at 4905 Ether ($ 4.4 million). In addition, according to their data, the network has already blocked 6239 Ether ($ 7.5 million), of which 313 Ether ($ 379,940) were frozen after the destruction of some smart contracts.
The authors of the study did not set themselves the task of warning specific projects about their vulnerabilities and did not disclose their list publicly. At the moment, the results of the team’s work are on peer review.