DApps Ecosystems: Mapping the Network Structure of Smart Contract Interactions

Data availability - The datasets analysed during the current study can be retrieved using the tool presented in Smart contracts data of Dapps are publicly available from their respective Github repositories [https://github.com/DerwenAI/disparity_filter]. To support future work in this area, we have made our dataset publicly available via the Zenodo repository https://zenodo.org/records/12731531 and https://zenodo.org/records/13772792.Preprint available on arxiv - https://doi.org/10.48550/arXiv.2401.01991Decentralized applications (DApps) built on blockchain platforms such as Ethereum and coded in languages such as Solidity, have recently gained attention for their potential to disrupt traditional centralized systems. Despite their rapid adoption, limited research has been conducted to understand the underlying code structure of these applications. In particular, each DApp is composed of multiple smart contracts, each containing a number of functions that can be called to trigger a specific event, e.g., a token transfer. In this paper, we reconstruct and analyse the network of contracts and functions calls within the DApp, which is helpful to unveil vulnerabilities that can be exploited by malicious attackers. We show how decentralization is architecturally implemented, identifying common development patterns and anomalies that could influence the system’s robustness and efficiency. We find a consistent network structure characterized by modular, self-sufficient contracts and a complex web of function interactions, indicating common coding practices across the blockchain community. Critically, a small number of key functions within each DApp play a central role in maintaining network connectivity, making them potential targets for cyber attacks and highlighting the need for robust security measures.Ethereum foundation grant FY23-104

A Curated Solidity Smart Contracts Repository of Metrics and Vulnerability

Smart contracts (SCs) significance and popularity increased exponentially with the escalation of decentralised applications (dApps), which revolutionised programming paradigms where network controls rest within a central authority. Since SCs constitute the core of such applications, developing and deploying contracts without vulnerability issues become key to improve dApps robustness to external attacks. This paper introduces a dataset that combines smart contract metrics with vulnerability data identified using Slither, a leading static analysis tool proficient in detecting a wide spectrum of vulnerabilities. Our primary goal is to provide a resource for the community that supports exploratory analysis, such as investigating the relationship between contract metrics and vulnerability occurrences. Further, we discuss the potential of this dataset for the development and validation of predictive models aimed at identifying vulnerabilities, thereby contributing to the enhancement of smart contract security. Through this dataset, we invite researchers and practitioners to study the dynamics of smart contract vulnerabilities, fostering advancements in detection methods and ultimately, fortifying the resilience of smart contracts

The emotional side of software developers in JIRA

Issue tracking systems store valuable data for testing hypotheses concerning maintenance, building statistical prediction models and (recently) investigating developer affectiveness. For the latter, issue tracking systems can be mined to explore developers emotions, sentiments and politeness |affects for short. However, research on affect detection in software artefacts is still in its early stage due to the lack of manually validated data and tools. In this paper, we contribute to the research of affects on software artefacts by providing a labeling of emotions present on issue comments. We manually labeled 2,000 issue comments and 4,000 sentences written by developers with emotions such as love, joy, surprise, anger, sadness and fear. Labeled comments and sentences are linked to software artefacts reported in our previously published dataset (containing more than 1K projects, more than 700K issue reports and more than 2 million issue comments). The enriched dataset presented in this paper allows the investigation of the role of affects in software development

A Preliminary Analysis on the Code Generation Capabilities of GPT-3.5 and Bard AI Models for Java Functions

The preprint version archived on this insttutional repository is available online at: https://arxiv.org/abs/2305.09402 . It has not been certified by peer review.This paper evaluates the capability of two state-of-the-art artificial intelligence (AI) models, GPT-3.5 and Bard, in generating Java code given a function description. We sourced the descriptions from CodingBat.com, a popular online platform that provides practice problems to learn programming. We compared the Java code generated by both models based on correctness, verified through the platform's own test cases. The results indicate clear differences in the capabilities of the two models. GPT-3.5 demonstrated superior performance, generating correct code for approximately 90.6% of the function descriptions, whereas Bard produced correct code for 53.1% of the functions. While both models exhibited strengths and weaknesses, these findings suggest potential avenues for the development and refinement of more advanced AI-assisted code generation tools. The study underlines the potential of AI in automating and supporting aspects of software development, although further research is required to fully realize this potential

A New Monitor and Control Power Supply PCB for Biasing LNAs of Large Radio Telescopes Receivers

The biasing of low noise amplifiers (LNA) is of paramount importance for the receivers of large radio telescopes. High stability, optimal trade-off between gain and noise figure, remote control, and mitigation of the radio frequency interferences (RFIs) are all desirable features in the choice of the electronic board devoted to power supply the LNAs. In this paper, we propose the design and characterization of a multilayer printed circuit board (PCB), named GAIA, able to meet all the aforementioned requirements. The GAIA board is a 3-Unit, four-layer, rack-mountable, programmable PCB for the remote biasing of the LNAs, with monitor and control capabilities, specifically designed to operate in the receivers of the 64-m diameter Sardinia Radio Telescope (SRT). We describe the architecture, layout, and measurements of the GAIA board. Our results show that the GAIA power supply provides high stability of the output bias voltages and, in comparison with the old analogic biasing board used so far in the SRT receivers, it shows comparable or better frequency stability, other than a remarkable mitigation of the RFIs

A Preliminary Analysis of Software Metrics in Decentralised Applications

This study examines software metrics in decentralized applications (dApps) to analyze their structural and behavioral characteristics as they grow in complexity. Sixty dApps were categorized into Small (3 to 29 contracts), Medium (30 to 46 contracts), and Large (47 to 206 contracts) based on their contract count. Initial analysis showed a non-normal data distribution, leading to the use of Spearman's correlation method. Findings revealed that Medium dApps have strong correlations between metrics like 'Average Local Variables' and 'Maximum Local Variables', while Large dApps show higher correlations between 'Number of Functions' and 'State Variable Count', indicating more complex contract structures. The higher Coupling Between Objects (CBO) in large dApps suggests increased interactions with other contracts or libraries, potentially elevating security risks. These insights are valuable for developers and stakeholders in the blockchain and IoT sectors, aiding in understanding how dApps evolve with increasing complexity and the implications on software metric relationships