DiVA

diva-portal.org

Digitala Vetenskapliga Arkivet

EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Dirty-Waters: Investigation of the Software Supply Chain of JavaScript Cryptocurrency Wallets
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
2024 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Cryptocurrency wallets are the essential tools for users engaging with cryp- tocurrencies. Like many software projects, they use third-party code, forming a complex software supply chain. Given the high stakes associated with cryp- tocurrency incentives, these wallets are often targets of motivated adversaries. This thesis explores the dependencies in cryptocurrency wallets, emphasizing the challenges and risks posed by their software supply chain. To address these challenges, we employ the Design Science Research (DSR) methodology, devel- oping and evaluating a new tool, Dirty-Waters. This tool is designed to collect and analyze data from source code repositories and package registries. It aims to unveil the transparency status in the software supply chain of cryptocur- rency wallets. Our quantitative and qualitative results reveal a lack of concern about the transparency of different packages. These findings provide insights for enhancing secure dependency management.
Place, publisher, year, edition, pages
2024.
Keywords [en]
Sofware Supply Chain, Cryptocurrency Wallet, Security, npm
National Category
Software Engineering
Identifiers
URN: urn:nbn:se:su:diva-242683OAI: oai:DiVA.org:su-242683DiVA, id: diva2:1955574
Available from: 2025-04-30 Created: 2025-04-30

Open Access in DiVA

fulltext(2024 kB)23 downloads
File information
File name FULLTEXT01.pdfFile size 2024 kBChecksum SHA-512
40ea4906c33044bf11cddf55026fb1af4d5141b91466e36bc0ecb97f8255571caee612732213906853f6589c775dc928164f0f43730611ffb68cfaadf4674bb2
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Liu, Yi
By organisation
Department of Computer and Systems Sciences
Software Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 23 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 18 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.46.0
|
WCAG
|
About DiVA Portal
|
About the DiVA Consortium