Blockchain recently became very popular due to its use in cryptocurrencies and potential application in various domains (e.g., retail, healthcare, insurance). The smart contract is a key part of blockchain systems and specifies an agreement between transaction participants. Nowadays, smart contracts are being deployed carrying residual faults, including severe vulnerabilities that lead to different types of failures at runtime. Fault detection tools can be used to detect faults that may then be removed from the code before deployment. However, in the case of smart contracts, the common opinion is that tools are immature and ineffective. In this work, we carry out a fault injection campaign to empirically analyze the runtime impact that realistic faults present in smart contracts may have on the reliability of blockchain systems. We place particular attention on the faults that elude popular smart contract verification tools and show if and in which ways the faults lead the blockchain system to fail at runtime. Results show general poor detection and, to some extent, complementary performance by the three tools used. The results also show that several elusive faults are responsible for severe blockchain failures.

翻译：区块链因在加密货币中的应用及在零售、医疗、保险等领域的潜在应用而近期广受关注。智能合约是区块链系统的关键组成部分，规定了交易参与者之间的协议。当前，部署的智能合约中仍存在残留缺陷，包括可能导致运行时各类故障的严重漏洞。缺陷检测工具可用于检测这些缺陷，并可在部署前从代码中移除。然而，针对智能合约的普遍观点认为现有工具尚不成熟且效果有限。本研究通过注入故障实验，实证分析智能合约中真实缺陷对区块链系统可靠性的运行时影响。我们重点关注那些能规避主流智能合约验证工具的缺陷，并揭示这些缺陷是否及如何导致区块链系统在运行时发生故障。结果表明，所使用的三种工具普遍存在检测能力不足，且在某种程度上具有互补性。研究还显示，多个难以察觉的缺陷是造成严重区块链故障的原因。