A Comparative Evaluating Auditing Tools for Unverified Smart Contracts on Ethereum Blockchain

Abstract

The Ethereum blockchain has transformed decentralized finance (DeFi) and is widely used to issue ERC20 tokens. However, many of these tokens rely on unverified smart contracts, which pose serious security risks. Hackers can take advantage of vulnerabilities in these unverified ERC20 tokens, leading to scams, financial losses, and a decline in user trust. Although several tools are available to audit smart contracts, their effectiveness in analyzing unverified ERC20 tokens remains uncertain. This study examines three auditing tools HoneyBadger, Maian, and Mythril by testing how well they detect security issues in unverified ERC20 tokens. The SmartBugs framework was used to support the auditing process, enabling parallel execution, standardized reports, and bulk auditing of contracts. For a thorough evaluation, two datasets were used: one from 50,581 Ethereum blockchain blocks and another from the DappRadar list of blacklisted ERC20 tokens. These datasets were chosen to provide a broad and realistic view of how the tools perform on both typical and high-risk contracts. The tools were compared based on their ability to detect issues, their execution speed, and their overall effectiveness. The results revealed clear differences in performance: some tools were better at finding vulnerabilities accurately, while others focused more on speed than depth. This study emphasizes the need to improve smart contract auditing methods and highlights the importance of developing more effective security tools to strengthen the Ethereum blockchain