中圖分類號： TP301
文獻標識碼： A
DOI： 10.19358/j.issn.2096-5133.2021.05.001
引用格式： 趙輝，李星，譚嘉誠，等。 智能合約安全問題與研究現狀[J].信息技術與網絡安全，2021，40（5）：1-6，19.

Research status of smart contract security

Abstract： Smart contract is a program running on the blockchain, which is decentralized and tamperable. It is widely used in finance, energy, Internet of Things and other fields. However, once the smart contract is actually deployed on the real-time network, it can not be changed. While ensuring the security of the contract, defects and errors can not be solved by modifying the contract code, resulting in major security incidents. Therefore, it has become an urgent problem to test the security of the contract before the actual deployment. This paper introduces the security incidents caused by smart contract vulnerabilities, analyzes the common contract vulnerabilities in detail, and summarizes the existing contract analysis tools, which reflects the research and development status of contract security issues.

Key words : smart contract；vulnerability analysis；block chain；security analysis tool