This paper providing a comprehensive systematization of such vulnerabilities basing on a slice of the Common Weakness Enumeration (CWE).

Moreover, some relevant propagation cases among different vulnerabilities and CWE groups, observed in exploited contracts, are highlighted.

Since we can not patch it after deployment on the blockchain. so it may lead to financial losses for the bugged contract's owner.

Motivation and contribution

focusing on code-related vulnerabilities.