Systematization of Knowledge (SoK): Decentralized Finance (DeFi) Attacks

Accepted by the 44th IEEE Symposium on Security and Privacy

Liyi Zhou, Xihan Xiong, Jens Ernstberger, Stefanos Chaliasos, Zhipeng Wang, Ye Wang, Kaihua Qin, Roger Wattenhofer, Dawn Song, Arthur Gervais

Other Papers Using This Dataset

Smart Contract and Defi Security: Insights From Tool Evaluations and Practitioner Surveys (Link)

Accepted by the 46th International Conference on Software Engineering (ICSE 2024)
Stefanos Chaliasos, Marcos Antonios Charalambous, Liyi Zhou, Rafaila Galanopoulou, Arthur Gervais, Dimitris Mitropoulos, Ben Livshits

Towards Automated Security Analysis of Smart Contracts based on Execution Property Graph (Link)

Kaihua Qin, Zhe Ye, Zhun Wang, Weilin Li, Liyi Zhou, Chao Zhang, Dawn Song, Arthur Gervais

Blockchain Large Language Models (Link)

Yu Gai*, Liyi Zhou*, Kaihua Qin, Dawn Song, Arthur Gervais

Do You Still Need a Manual Smart Contract Audit? (Link)

Isaac David, Liyi Zhou, Kaihua Qin, Dawn Song, Lorenzo Cavallaro, Arthur Gervais

Another Cat and Mouse Game

Analogous to traditional information security, DeFi incidents can be perceived as a cat-and-mouse game where defenders attempt to minimize the security risk surface and attackers seek to breach these defenses. In what follows, we extract key insights from our paper:


Understudied network+consensus layer incidents

Limited tools and studies target network & consensus incidents, suggesting undiscovered vulnerabilities.


Low coverage for protocol layer incidents

Security tools lack sufficient coverage for protocol layer vulnerabilities due to DeFi’s composability.


Repeated on-chain oracle manipulation

Ethereum & Binance Smart Chain face frequent oracle manipulations, emphasizing the need for better detection tools.


Permission-less interactions are dangerous

Uncontrolled interactions can broaden attack surfaces; a whitelist approach for example, might mitigate risks.


The identities of the attackers may be revealed

Many attackers source funds without mixers, potentially exposing their identities via auxiliary services.


Adversaries can be front-run during the rescue time frame

Some adversaries test their code on-chain, risking being detected and front-run by defenders.


Absence of intrusion detection tools

Few incidents trigger immediate alerts, signifying a need for robust real-time detection tools.


Adversarial and vulnerable contracts are detectable

State-of-the-art analysis can detect vulnerable contracts by comparing them with known incidents.

How To Cite This Dataset?

The original dataset can be cited using the reference provided below:

title={Sok: Decentralized finance (defi) attacks},
author={Zhou, Liyi and Xiong, Xihan and Ernstberger, Jens and Chaliasos, Stefanos and Wang, Zhipeng and Wang, Ye and Qin, Kaihua and Wattenhofer, Roger and Song, Dawn and Gervais, Arthur},
booktitle={2023 IEEE Symposium on Security and Privacy (SP)},

The subsequent publications have helped us revise the original dataset:

title={Smart contract and defi security: Insights from tool evaluations and practitioner surveys},
author={Chaliasos, Stefanos and Charalambous, Marcos Antonios and Zhou, Liyi and Galanopoulou, Rafaila and Gervais, Arthur and Mitropoulos, Dimitris and Livshits, Ben},
journal={arXiv preprint arXiv:2304.02981},

title={Towards Automated Security Analysis of Smart Contracts based on Execution Property Graph},
author={Qin, Kaihua and Ye, Zhe and Wang, Zhun and Li, Weilin and Zhou, Liyi and Zhang, Chao and Song, Dawn and Gervais, Arthur},
journal={arXiv preprint arXiv:2305.14046},