Smart contracts are programs that execute transactions involving independent parties and cryptocurrencies. As programs, smart contracts are susceptible to a wide range of errors and vulnerabilities. Such vulnerabilities can result in significant losses. Furthermore, by design, smart contract transactions are irreversible. This creates a need for methods to ensure the correctness and security of contracts pre-deployment. Recently there has been substantial research into such methods. The sheer volume of this research makes articulating state-of-the-art a substantial undertaking. To address this challenge, we present a systematic review of the literature. A key feature of our presentation is to factor out the relationship between vulnerabilities and methods through properties. Specifically, we enumerate and classify smart contract vulnerabilities and methods by the properties they address. The methods considered include static analysis as well as dynamic analysis methods and machine learning algorithms that analyze smart contracts before deployment. Several patterns about the strengths of different methods emerge through this classification process.

翻译：智能合约是一种执行涉及独立参与方与加密货币交易的程序。作为程序，智能合约易受多种错误和漏洞影响，而此类漏洞可能导致重大损失。此外，智能合约交易在设计上具有不可逆性，这迫切要求采用方法确保合约在部署前的正确性与安全性。近年来，针对此类方法的研究已取得显著进展。由于研究成果数量庞大，系统阐述当前技术前沿成为一项繁重任务。为应对这一挑战，本文对相关文献进行了系统性综述。我们通过属性维度梳理漏洞与分析方法间的关联，作为综述的核心特征。具体而言，我们根据属性对智能合约漏洞及分析方法进行分类列举，其中涵盖静态分析、动态分析以及部署前分析智能合约的机器学习算法。通过分类过程，我们揭示了不同分析方法在效能方面的若干规律模式。