The University of Illinois at Urbana-Champaign
Year in School
REU Faculty Mentor
Research Area Interest
Security and Privacy
Smart Contract Developer Security Practices Survey
Biography & Research Abstract
As blockchain technology has risen in prominence, so too have smart contacts as a method of managing assets on blockchains. These self-executing programs currently control millions of dollars worth of assets and have been the subject of several prominent hacking attacks in recent years. While studies have been done on how developers approach security in other fields of software development, smart contract development is still relatively unexplored. This study is a follow up to a previous study done by Tanusree Sharma, Zhixuan Zhou, Andrew Miller, and Yang Wang in 2021. The study was conducted online and involved an anonymous survey and smart contract code review task. It gathered over 2400 responses from a group of developers with varying ages, education levels, and years of experience. Similar to the previous study we found that standard documentation, reference implementations, and security tools are not sufficient resources to prepare developer to recognize vulnerabilities in smart contract code. An even smaller percentage of developers noticed the vulnerabilities in the code review task, 0% of early stage and 5% of experienced developers as compared to 15% and 55% respectively in the first study. Participants again pointed out shortcomings of current smart contract security tooling such as its lack of features found in other common development tools and the lack of usability.
Jessica is an iCAN program student with BS in Finance & Management Information Systems. She intends to pursue a Master's in Computer Science after completing the program. Her areas of interest are HCI, Software Engineering, and Security.