從智能合約技術風險看去中心化金融與傳統金融

蔡見昇; Chien-Sheng Tsai

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/92749

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	陳瑀屏	zh_TW
dc.contributor.advisor	Yu-Ping Chen	en
dc.contributor.author	蔡見昇	zh_TW
dc.contributor.author	Chien-Sheng Tsai	en
dc.date.accessioned	2024-06-19T16:07:07Z	-
dc.date.available	2024-06-20	-
dc.date.copyright	2024-06-19	-
dc.date.issued	2024	-
dc.date.submitted	2024-06-13	-
dc.identifier.citation	1. Nakamoto, S. (2008). Bitcoin: A Peer-to-Peer Electronic Cash System. 2. Claessens, S., Kose, M. A., & Terrones, M. E. (2010). What happens during recessions, crunches and busts? Economic Policy. 3. Mishkin, F. S., & Eakins, S. G. (2012). Financial markets and institutions. 4. Guiso, L., Sapienza, P., & Zingales, L. (2008). Trusting the stock market. Journal of Finance. 5. Arner, D. W., Barberis, J. N., & Buckley, R. P. (2015). The evolution of fintech: A new post-crisis paradigm? Georgetown Journal of International Law. 6. Nofer, M., Gomber, P., Hinz, O., & Schiereck, D. (2017). Blockchain. Business & Information Systems Engineering. 7. Popov, S. (2017). The Tangle. 8. Szabo, N. (1997). Formalizing and securing relationships on public networks. First Monday. 9. Jensen, A., von Wachter, S., & Ross, J. (2021). Growth of DeFi derivatives markets. 10. Buterin, V. (2013). Ethereum White Paper. 11. Coingecko. (2022). Market Report. 12. Buterin, V. (2016). The future of financial infrastructure: An ambitious look at how blockchain can reshape financial services. World Economic Forum. 13. Bernanke, B. (2015). The courage to act: A memoir of a crisis and its aftermath. 14. Medium. (n.d.). Ethereum memory pool: How does it work? Retrieved from https://medium.com/coinmonks/ethereum-memory-pool-how-does-it-work-6b6d8edfa0eb 15. Etherscan. (n.d.). Parity fund event. Retrieved from https://etherscan.io/address/0x863df6bfa4469f3ead0be8f9f2aae51c91a907b4 16. Rekt. (n.d.). Rekt leaderboard. Retrieved from https://rekt.news/leaderboard/ 17. Blastscan. (n.d.). Munchables hack transaction. Retrieved from https://blastscan.io/tx/0x9a7e4d16ed15b0367b8ad677eaf1db6a2a54663610696d69e1b4aa1a08f55c95 18. GitHub. (n.d.). Hashmasks. Retrieved from https://github.com/nftlendhub/hashmasks 19. ResearchGate. (n.d.). Blockchain stack model. Retrieved from https://www.researchgate.net/figure/Blockchain-stack-model_fig2_364191206 20. Ejable. (n.d.). Blockchain technology. Retrieved from https://www.ejable.com/tech-corner/blockchain/blockchain-technology/ 21. Trozze, A., Kleinberg, B., & Davies, T. (2021). Detecting DeFi securities violations from token smart contract code. Journal of Financial Innovation. 22. Mishkin, F. S. (2015). The Economics of Money, Banking, and Financial Markets (10th ed.). Pearson. 23. Allen, F., & Santomero, A. (2001). What do financial intermediaries do? Journal of Banking & Finance, 25(2), 271-294. 24. Hull, J. C. (2012). Options, Futures, and Other Derivatives (8th ed.). Prentice Hall. 25. Bhattacharya, S., & Thakor, A. V. (1993). Contemporary banking theory. Journal of Financial Intermediation, 3(1), 2-50. 26. Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. 27. Buterin, V. (2015). Ethereum: A next-generation smart contract and decentralized application platform. 28. Antonopoulos, A. M., & Wood, G. (2018). Mastering Ethereum: Building smart contracts and dapps. 29. Tapscott, D., & Tapscott, A. (2016). Blockchain revolution: How the technology behind bitcoin is changing money, business, and the world. 30. Szabo, N. (1997). The idea of smart contracts.	-
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/92749	-
dc.description.abstract	新創技術如區塊鏈和智能合約為全新的完全去中心化和開放式金融服務開啟了大門，這些服務無需傳統金融體系中的中介機構即可運作，這也稱之為去中心化金融( Decentralized Finance, 簡稱 DeFi ) 。DeFi 是一個開放且去中心化的點對點開源金融系統。本論文將從去中心化金融的底層技術 “智能合約” 的程式碼解析出發，介紹常見的智能合約風險，再透過分析真實的駭客攻擊事件來凸顯去中心化金融潛在的技術風險與其改善的方法，最後比較除了技術風險之外，去中心化金融的優勢以及劣勢。此論文首先透過取得開源程式碼分析，來了解哪些智能合約可能暴露在被駭客攻擊的風險中，並提出相對應提升程式碼安全性的方法。接著，透過執行文獻回顧來比較傳統金融與去中心化金融的優劣。研究結果顯示，DeFi 的優勢包括透明度、去中心化、開放性、效率、創新等；然而，其劣勢包括技術風險、缺乏監管、可擴展性、系統性風險、甲骨文問題和非法活動等。本研究的目的是透過合約程式碼分析，使智能合約撰寫者了解常見的風險，以期未來具有低安全性的智能合約逐漸減少，並為降低去中心化金融的技術風險做出貢獻。同時，本研究也比較了去中心化金融的優劣勢與傳統金融的差異，期望能為大眾提供對於 DeFi 的有價值見解。	zh_TW
dc.description.abstract	Innovative technologies such as blockchain and smart contracts have paved the way for Decentralized Finance (DeFi)—a fully decentralized and open financial system that operates independently of traditional financial intermediaries. This paper begins by analyzing the code underpinning DeFi's core technology, smart contracts, to identify prevalent risks. It then explores potential technical vulnerabilities within decentralized finance, drawing on real-world hacking incidents to suggest mitigation strategies. The paper also conducts a comparative analysis of the strengths and weaknesses of both traditional and decentralized finance. The initial phase of the research involves a detailed examination of open-source smart contracts to pinpoint potential security flaws and propose measures to enhance their security. This is followed by a comprehensive review of existing literature to contrast the advantages and disadvantages of traditional and decentralized finance. The findings indicate that while DeFi offers benefits such as transparency, efficiency, and innovation, it also faces significant challenges including technical vulnerabilities, regulatory gaps, scalability constraints, systemic risks, dependency on external information (oracle issues), and susceptibility to illicit activities. The aim of this study is to shed light on common vulnerabilities in smart contract code and to propose solutions that could reduce the prevalence of insecure contracts. Additionally, by comparing the pros and cons of decentralized finance with those of traditional finance, this research seeks to provide valuable insights into the evolving landscape of DeFi for both the academic community and the general public.	en
dc.description.provenance	Submitted by admin ntu (admin@lib.ntu.edu.tw) on 2024-06-19T16:07:07Z No. of bitstreams: 0	en
dc.description.provenance	Made available in DSpace on 2024-06-19T16:07:07Z (GMT). No. of bitstreams: 0	en
dc.description.tableofcontents	第1章緒論 01 1.1 研究背景 01 1.2 研究動機 01 1.3 研究目標 02 1.4 研究方法 02 第2章文獻回顧 03 2.1 傳統金融市場與機構 03 2.1.1 金融市場的目的 03 2.1.2 金融市場的類型 04 2.1.3 金融中介機構 04 2.1.4 2008年金融危機和信任喪失 05 2.2 技術知識 06 2.2.1 分散式賬本技術 06 2.2.2 區塊鏈 07 2.2.3 區塊鏈共識機制 08 2.2.4 智能合約 09 2.2.5 以太坊 10 2.3 去中心化金融 10 2.3.1 DeFi 架構 11 2.3.2 資產代幣化 12 2.3.3 穩定幣 13 2.3.4 地址與錢包 13 2.3.5 DeFi 應用 13 第3章智能合約常見風險與改善措施 15 3.1 中心化風險 (Centralization risk) 16 3.2 拒絕服務風險 (Denial of Service DoS) 18 3.3 delegatecall 的使用與風險 22 3.4 邏輯錯誤 (Logic Error) 22 3.5 重入攻擊 (Reentrancy Attack) 24 3.6 前置交易 (Front Running) 26 3.7 三明治攻擊 (Sandwich Attack) 28 第4章智能合約攻擊案例分析 30 4.1 Munchables Hack 事件 31 4.2 Parity Fund 凍結事件 33 4.3 Hashmasks 事件 37 第5章傳統金融與去中心化金融的比較 39 第6章總結 44 參考文獻 45	-
dc.language.iso	zh_TW	-
dc.subject	去中心化金融	zh_TW
dc.subject	加密貨幣	zh_TW
dc.subject	區塊鏈	zh_TW
dc.subject	智能合約	zh_TW
dc.subject	駭客攻擊	zh_TW
dc.subject	cryptocurrency	en
dc.subject	hacker attacks	en
dc.subject	smart contracts	en
dc.subject	decentralized finance	en
dc.subject	blockchain	en
dc.title	從智能合約技術風險看去中心化金融與傳統金融	zh_TW
dc.title	Examining the risks of smart contract technology: A comparison of decentralized finance (DeFi) and traditional finance	en
dc.type	Thesis	-
dc.date.schoolyear	112-2	-
dc.description.degree	碩士	-
dc.contributor.oralexamcommittee	陳聿宏;陳俊廷	zh_TW
dc.contributor.oralexamcommittee	Yu-Hung Chen;Chun-Ting Chen	en
dc.subject.keyword	區塊鏈,去中心化金融,智能合約,駭客攻擊,加密貨幣,	zh_TW
dc.subject.keyword	blockchain,decentralized finance,smart contracts,hacker attacks,cryptocurrency,	en
dc.relation.page	47	-
dc.identifier.doi	10.6342/NTU202401150	-
dc.rights.note	未授權	-
dc.date.accepted	2024-06-14	-
dc.contributor.author-college	管理學院	-
dc.contributor.author-dept	國際企業學系	-
顯示於系所單位：	國際企業學系

文件中的檔案：

檔案	大小	格式
ntu-112-2.pdf 未授權公開取用	2.44 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。