Blockchain Smart Contract Security: Threats and Mitigation Strategies in a Lifecycle Perspective

Smart contracts, as self-executing agreements on blockchain platforms, promise to eliminate intermediaries and enhance transaction efficiency. However, their susceptibility to security vulnerabilities not only poses risks of substantial financial losses but also erodes trustworthiness in blockchain ecosystems, driving extensive research into enhancing both their security and trustworthiness. We provide a comprehensive review of the current state of smart contract assurance, covering the primary security threats and mitigation strategies throughout the contract lifecycle–from development to deployment, execution, and maintenance. It evaluates both established and advanced vulnerability detection techniques while exploring underexamined areas, including automated repair, secure execution environments, and defenses against malicious attacks. We further propose a framework to ensure the holistic security and trustworthiness of smart contracts, and discuss future directions for research and development, emphasizing the need to address both technical and regulatory challenges to promote widespread adoption.