The summary of our recent TSE paper “Code Cloning in Smart Contracts on the Ethereum Platform: An Extended Replication Study” (https://doi.org/10.1109/TSE.2022.3207428) co-authored with Faizan Khan, Daniel Varro, and Shane McIntosh is available via the Smart Contract Research Forum: https://www.smartcontractresearch.org/t/research-summary-code-cloning-in-smart-contracts-on-the-ethereum-platform-an-extended-replication-study/2542.
Once deployed, smart contracts are immutable, thus, defects in the deployed code cannot be fixed. Yet, over 27% of smart contract code deployed to the Ethereum platform are Type-1 clones, i.e., exact replicas (copy-paste) of some other pieces of code, allowing for an easy spread of security vulnerabilities across the overall code base. While this number is on par with the clone ratio reported in traditional software systems, the immutable nature of deployed source code massively exacerbates the security threats on blockchain platforms. We report an array of interesting insights. Have a read!
From a methodological standpoint, this is an extended replication of the study by Kondo et al. (https://doi.org/10.1007/s10664-020-09852-5). Huge shout-out to the authors for their transparent research and for fostering replicability.
Replication studies are absolutely crucial in natural sciences for the independent verification of measurements. However, computer science and software engineering research, in particular, are yet to adopt this good practice. The ACM Empirical Standards (https://acmsigsoft.github.io/EmpiricalStandards/tools) will soon cover this area with a dedicated supplement to guide your prospective replication efforts. Stay tuned!