Analysis of Solidity programming pitfalls and compiler-based solutions

Supervisor(s)Univ.-Prof. Dr. Rainer Böhme


Solidity is a high-level programming language used for so-called ``smart contracts’’ on the Ethereum Virtual Machine (EVM). The aim of this thesis is to avoid common smart contract programming pitfalls by improving the Solidity compiler. Selected weaknesses identified in the literature can be addressed either with automatic code insertion or by issuing warnings to the developer. Suggested improvements are evaluated in terms of performance (i.e., cost/gas) impact and other suitable criteria, including the possible uptake of patches into the main branch of the Solidity compiler.


  • Atzei, N., Bartoletti, M., and Cimoli, T. A Survey of Attacks on Ethereum Smart Contracts. In M. Maffei and M. Ryan, eds., Principles of Security and Trust. Lecture Notes in Computer Science 10204, Springer, Berlin Heidelberg, 2017, pp. 164–186.
  • Luu, L., Chu, D.-H., Olickel, H., Saxena, P., and Hobor, A. Making Smart Contracts Smarter. In Proceedings of the ACM Conference on Computer and Communication Security (CCS). 2016, pp. 254–269.