中图分类号： TP301
文献标识码： A
DOI： 10.19358/j.issn.2096-5133.2021.05.001
引用格式： 赵辉，李星，谭嘉诚，等。 智能合约安全问题与研究现状[J].信息技术与网络安全，2021，40（5）：1-6，19.

Research status of smart contract security

Abstract： Smart contract is a program running on the blockchain, which is decentralized and tamperable. It is widely used in finance, energy, Internet of Things and other fields. However, once the smart contract is actually deployed on the real-time network, it can not be changed. While ensuring the security of the contract, defects and errors can not be solved by modifying the contract code, resulting in major security incidents. Therefore, it has become an urgent problem to test the security of the contract before the actual deployment. This paper introduces the security incidents caused by smart contract vulnerabilities, analyzes the common contract vulnerabilities in detail, and summarizes the existing contract analysis tools, which reflects the research and development status of contract security issues.

Key words : smart contract；vulnerability analysis；block chain；security analysis tool