Auditing blockchain smart contracts

Abstract

The purpose of this paper is to present the main focus areas in smart contracts securing and to propose a procedure and a sample audit plan of an upload/download files smart contract on a blockchain-based platform designed for data and information sharing. Smart contracts and blockchain oracles definition and types are discussed and summarized. The smart contracts and blockchains securing issues and activities are systemized in four directions: code writing, security and penetration testing, blockchain security testing and vulnerability scanning tools. A five-step smart contract audit plan is suggested, adopted to the smart contract's current functional specifications and program code complexity. The audit plan is illustrated by example.