The paper systematically reviews the research progress in the field of DeFi security, focusing on key areas such as vulnerability detection, attack tracking, risk assessment, and automated repair.

Comprehensive Review of Smart Contract and DeFi Security: Attack, Vulnerability Detection, and Automated Repair

Recently, the Goplus team’s review paper titled "Comprehensive Review of Smart Contract and DeFi Security: Attack, Vulnerability Detection, and Automated Repair" has been officially accepted by the top journal in the first district of the Chinese Academy of Sciences, "Expert Systems With Applications"!

"Expert Systems With Applications" was founded in 1990 and is an authoritative journal in the fields of computer science and artificial intelligence under Elsevier. The current impact factor of the journal is 7.5, and it is a top journal in the first district of the Chinese Academy of Sciences, classified as Q1 in the JCR.

With the rapid development of DeFi and the formation of a peer-to-peer financial ecosystem, a large amount of assets locked in protocols have become targets for attackers, resulting in billions of dollars in security losses. Although many protective strategies have been proposed by both industry and academia, systematic and comprehensive research on DeFi and smart contract security is still relatively lacking.

To fill the research gap in this field, the paper systematically reviews the research progress in DeFi security, focusing on key areas such as vulnerability detection, attack tracking, risk assessment, and automated repair. Specific content includes:

• A systematic summary of the main security threats faced by DeFi, categorizing historical attack events into six major types;
• Empirical evaluation of nine mainstream DeFi security tools, covering vulnerability detection and risk assessment functions;
• Analysis of the applicability and effectiveness of 38 smart contract vulnerability detection tools;
• Preliminary exploration of the application potential of eight automated repair tools in DeFi scenarios.

To support subsequent research and tool development, the paper also constructs and opens a standard dataset containing 99 DeFi protocols and a total of 7,340 smart contracts, covering six types of typical attack types, helping the DeFi community enhance overall security levels.

This research not only provides a systematic and comprehensive reference framework for academia but also offers evaluation and defense guidance for practical applications, which is expected to play a positive role in promoting the construction of DeFi security infrastructure.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。