As blockchain technology continues to advance, the secure deployment of smart contracts has become increasingly prevalent, underscoring the critical need for robust security measures. This surge in usage has led to a rise in security breaches, often resulting in substantial financial losses for users. This paper presents a comprehensive survey of smart contract quality assurance, from understanding vulnerabilities to evaluating the effectiveness of detection tools. Our work is notable for its innovative classification of forty smart contract vulnerabilities, mapping them to established attack patterns. We further examine nine defense mechanisms, assessing their efficacy in mitigating smart contract attacks. Furthermore, we develop a labeled dataset as a benchmark encompassing ten common vulnerability types, which serves as a critical resource for future research. We also conduct comprehensive experiments to evaluate fourteen vulnerability detection tools, providing a comparative analysis that highlights their strengths and limitations. In summary, this survey synthesizes state-of-the-art knowledge in smart contract security, offering practical recommendations to guide future research and foster the development of robust security practices in the field.

中文翻译：

---

智能合约质量保证调查


随着区块链技术的不断进步，智能合约的安全部署变得越来越普遍，这凸显了对强大安全措施的迫切需求。这种使用量的激增导致安全漏洞的增加，通常会给用户带来巨大的经济损失。本文对智能合约质量保证进行了全面调查，从了解漏洞到评估检测工具的有效性。我们的工作以其对 40 个智能合约漏洞的创新分类而著称，并将它们映射到已建立的攻击模式。我们进一步研究了九种防御机制，评估了它们在缓解智能合约攻击方面的有效性。此外，我们开发了一个标记数据集作为基准，其中包含十种常见的漏洞类型，作为未来研究的关键资源。我们还进行了全面的实验，以评估 14 种漏洞检测工具，提供比较分析，突出它们的优势和局限性。总之，这项调查综合了智能合约安全方面的最新知识，提供了实用的建议，以指导未来的研究并促进该领域稳健安全实践的发展。