Vulnerabilities of Ethereum smart contracts often cause serious financial damage. Whereas the Solidity compiler has been updated to prevent vulnerabilities, its effectiveness has not been revealed so far, to the best of our knowledge. In this paper, we shed light on the impact of compiler versions of vulnerabilities of Ethereum smart contracts. To this end, we collected 503,572 contracts with Solidity source codes in the Ethereum blockchain and then analyzed their vulnerabilities. For three vulnerabilities with high severity, i.e., Locked Money, Using tx.origin, and Unchecked Call, we show that their appearance rates are decreased by virtue of major updates of the Solidity compiler. We then found the following four key insights. First, after the release of version 0.6, the appearance rate for Locked Money has decreased. Second, regardless of compiler updates, the appearance rate for Using tx.origin is significantly low. Third, although the appearance rate for Unchecked Call has decreased in version 0.8, it still remains high due to various factors, including code clones. Fourth, through analysis of code clones, our promising results show that the appearance rate for Unchecked Call can be further decreased by removing the code clones.

翻译：以太坊智能合约的漏洞常常导致严重的经济损失。尽管Solidity编译器已通过更新来预防漏洞，但据我们所知，其有效性迄今尚未得到揭示。本文重点研究了编译器版本对以太坊智能合约漏洞的影响。为此，我们收集了以太坊区块链中503,572份带有Solidity源代码的合约，并分析了其漏洞。针对三种高危漏洞，即锁定资金、使用tx.origin和未检查调用，我们证明了通过Solidity编译器的主要更新，它们出现率有所下降。进而发现了以下四个关键洞察：第一，自0.6版本发布后，锁定资金漏洞的出现率已下降；第二，无论编译器如何更新，使用tx.origin漏洞的出现率始终显著偏低；第三，尽管未检查调用漏洞的出现率在0.8版本中有所下降，但由于代码克隆等多种因素，其比率仍然较高；第四，通过对代码克隆的分析，我们发现通过消除代码克隆可以进一步降低未检查调用漏洞的出现率。