English
Related papers

Related papers: EOSFuzzer: Fuzzing EOSIO Smart Contracts for Vulne…

200 papers

Due to their widespread use in industry, several techniques have been proposed in the literature to fuzz REST APIs. Existing fuzzers for REST APIs have been focusing on detecting crashes (e.g., 500 HTTP server error status code). However,…

Software Engineering · Computer Science 2026-04-02 Omur Sahin , Man Zhang , Andrea Arcuri

We provide three detailed case studies of vulnerabilities in smart contracts, and show how property-based testing would have found them: 1. the Dexter1 token exchange; 2. the iToken; 3. the ICO of Brave's BAT token. The last example is, in…

Logic in Computer Science · Computer Science 2022-10-07 Mikkel Milo , Eske Hoy Nielsen , Danil Annenkov , Bas Spitters

Gray-box fuzzing is widely used for testing embedded systems (ESes). State-of-the-art (SOTA) gray-box fuzzers test ES firmware in fully emulated environments without real peripherals. They emulate missing peripherals to achieve decent code…

Cryptography and Security · Computer Science 2025-04-21 Wei-Lun Huang , Kang G. Shin

Smart contract is the building block of blockchain systems that enables automated peer-to-peer transactions and decentralized services. With the increasing popularity of smart contracts, blockchain systems, in particular Ethereum, have been…

Cryptography and Security · Computer Science 2021-05-24 Huiwen Hu , Yuedong Xu

In recent years, fuzzing has been widely applied not only to application software but also to system software, including the Linux kernel and firmware, and has become a powerful technique for vulnerability discovery. Among these approaches,…

Cryptography and Security · Computer Science 2026-03-27 Masami Ichikawa

Smart contracts written in Solidity are programs used in blockchain networks, such as Etherium, for performing transactions. However, as with any piece of software, they are prone to errors and may present vulnerabilities, which malicious…

Logic in Computer Science · Computer Science 2021-11-29 Kunjian Song , Nedas Matulevicius , Eddie B. de Lima Filho , Lucas C. Cordeiro

In the growing field of blockchain technology, smart contracts exist as transformative digital agreements that execute transactions autonomously in decentralised networks. However, these contracts face challenges in the form of security…

Cryptography and Security · Computer Science 2024-07-12 Christopher De Baets , Basem Suleiman , Armin Chitizadeh , Imran Razzak

Smart contract vulnerabilities have led to billions in losses, yet finding actionable exploits remains challenging. Traditional fuzzers rely on rigid heuristics and struggle with complex attacks, while human auditors are thorough but slow…

Cryptography and Security · Computer Science 2026-01-13 Arthur Gervais , Liyi Zhou

Firmware serves as the critical interface between hardware and software in computing systems, making any bugs or vulnerabilities particularly dangerous as they can cause catastrophic system failures. While fuzzing is a promising approach…

Cryptography and Security · Computer Science 2026-02-03 Dakshina Tharindu , Aruna Jayasena , Prabhat Mishra

Network applications are routinely under attack. We consider the problem of developing an effective and efficient fuzzer for the recently ratified QUIC network protocol to uncover security vulnerabilities. QUIC offers a unified transport…

Cryptography and Security · Computer Science 2025-03-26 Kian Kai Ang , Damith C. Ranasinghe

Smart contracts, integral to blockchain ecosystems, enable decentralized applications to execute predefined operations without intermediaries. Their ability to enforce trustless interactions has made them a core component of platforms such…

Cryptography and Security · Computer Science 2025-06-10 Mesut Ozdag

The proxy design pattern allows Ethereum smart contracts to be simultaneously immutable and upgradeable, in which an original contract is split into a proxy contract containing the data storage and a logic contract containing the…

Cryptography and Security · Computer Science 2024-09-23 Cheng-Kang Chen , Wen-Yi Chu , Muoi Tran , Laurent Vanbever , Hsu-Chun Hsiao

Ethereum smart contracts are highly powerful, immutable, and able to retain massive amounts of tokens. However, smart contracts keep attracting attackers to benefit from smart contract flaws and Ethereum unexpected behavior. Thus,…

Cryptography and Security · Computer Science 2024-04-10 Wejdene Haouari , Abdelhakim Senhaji Hafid , Marios Fokaefs

Cryptocurrency has seen an explosive growth in recent years, thanks to the evolvement of blockchain technology and its economic ecosystem. Besides Bitcoin, thousands of cryptocurrencies have been distributed on blockchains, while hundreds…

Cryptography and Security · Computer Science 2020-06-12 Ru Ji , Ningyu He , Lei Wu , Haoyu Wang , Guangdong Bai , Yao Guo

The rapid advancement of blockchain technology has precipitated the widespread adoption of Ethereum and smart contracts across a variety of sectors. However, this has also given rise to numerous fraudulent activities, with many speculators…

Cryptography and Security · Computer Science 2026-02-02 Chunyi Zhang , Qinghong Wei , Xiaoqi Li

Solana has quickly emerged as a popular platform for building decentralized applications (DApps), such as marketplaces for non-fungible tokens (NFTs). A key reason for its success are Solana's low transaction fees and high performance,…

Cryptography and Security · Computer Science 2024-12-17 Sven Smolka , Jens-Rene Giesen , Pascal Winkler , Oussama Draissi , Lucas Davi , Ghassan Karame , Klaus Pohl

Internet of Things (IoT) devices offer convenience through web interfaces, web VPNs, and other web-based services, all relying on the HTTP protocol. However, these externally exposed HTTP services resent significant security risks. Although…

Cryptography and Security · Computer Science 2024-11-20 Zhe Yang , Hao Peng , Yanling Jiang , Xingwei Li , Haohua Du , Shuhai Wang , Jianwei Liu

Fuzzing is a technique of finding bugs by executing a software recurrently with a large number of abnormal inputs. Most of the existing fuzzers consider all parts of a software equally, and pay too much attention on how to improve the code…

Cryptography and Security · Computer Science 2019-01-07 Yuwei Li , Shouling Ji , Chenyang Lv , Yuan Chen , Jianhai Chen , Qinchen Gu , Chunming Wu

Many popular blockchain platforms are supporting smart contracts for building decentralized applications. However, the vulnerabilities within smart contracts have led to serious financial loss to their end users. For the EOSIO blockchain…

Software Engineering · Computer Science 2020-08-06 Dong Wang , Bo Jiang , W. K. Chan

Fuzzing is a widely used software security testing technique that is designed to identify vulnerabilities in systems by providing invalid or unexpected input. Continuous fuzzing systems like OSS-FUZZ have been successful in finding security…

Cryptography and Security · Computer Science 2023-07-04 Chaitanya Rahalkar