The recent proliferation of blockchain-based decentralized applications (DApp) has catalyzed transformative advancements in distributed systems, with extensive deployments observed across financial, entertainment, media, and cybersecurity domains. These trustless architectures, characterized by their decentralized nature and elimination of third-party intermediaries, have garnered substantial institutional attention. Consequently, the escalating security challenges confronting DApp demand rigorous scholarly investigation. This study initiates with a systematic analysis of behavioral patterns derived from empirical DApp datasets, establishing foundational insights for subsequent methodological developments. The principal security vulnerabilities in Ethereum-based smart contracts developed via Solidity are then critically examined. Specifically, reentrancy vulnerability attacks are addressed by formally representing contract logic using highly expressive code fragments. This enables precise source code-level detection via bidirectional long short-term memory networks with attention mechanisms (BLSTM-ATT). Regarding privacy preservation challenges, contemporary solutions are evaluated through dual analytical lenses: identity privacy preservation and transaction anonymity enhancement, while proposing future research trajectories in cryptographic obfuscation techniques.
翻译:近年来,基于区块链的去中心化应用(DApp)的激增推动了分布式系统的变革性发展,在金融、娱乐、媒体和网络安全等领域均观察到广泛部署。这些无信任架构以其去中心化特性和消除第三方中介的特点,已引起大量机构关注。因此,DApp面临日益严峻的安全挑战亟需严谨的学术研究。本研究始于对经验性DApp数据集行为模式的系统性分析,为后续方法学发展奠定基础性认知。随后,对基于Solidity开发的以太坊智能合约中的主要安全漏洞进行了批判性审视。具体而言,通过使用高表达性代码片段对合约逻辑进行形式化表示,以解决重入漏洞攻击问题。这使得能够通过带有注意力机制的双向长短期记忆网络(BLSTM-ATT)实现精确的源代码级检测。关于隐私保护挑战,本研究通过双重分析视角评估了现有解决方案:身份隐私保护与交易匿名性增强,同时提出了密码学混淆技术领域的未来研究方向。