English
Related papers

Related papers: Detecting Buggy Contracts via Smart Testing

200 papers

Smart contracts enable contract terms to be automatically executed and verified on the blockchain, and recent years have witnessed numerous applications of them in areas such as financial institutions and supply chains. The execution logic…

Software Engineering · Computer Science 2025-12-16 Lantian Li , Yuyu Chen , Jingwen Wu , Yue Pan , Zhongxing Yu

Fuzzing has emerged as a powerful technique for finding security bugs in complicated real-world applications. American fuzzy lop (AFL), a leading fuzzing tool, has demonstrated its powerful bug finding ability through a vast number of…

Cryptography and Security · Computer Science 2023-07-06 Tai D. Nguyen , Long H. Pham , Jun Sun

Fuzzing has proven to be a highly effective approach to uncover software bugs over the past decade. After AFL popularized the groundbreaking concept of lightweight coverage feedback, the field of fuzzing has seen a vast amount of scientific…

Static bug finders have been widely-adopted by developers to find bugs in real world software projects. They leverage predefined heuristic static analysis rules to scan source code or binary code of a software project, and report violations…

Software Engineering · Computer Science 2021-12-24 Junjie Wang , Yuchao Huang , Song Wang , Qing Wang

The high rate of false alarms from static analysis tools and Large Language Models (LLMs) complicates vulnerability detection in Solidity Smart Contracts, demanding methods that can formally or empirically prove the presence of defects.…

Software Engineering · Computer Science 2025-09-17 Ştefan-Claudiu Susan , Andrei Arusoaie , Dorel Lucanu

EOSIO is one typical public blockchain platform. It is scalable in terms of transaction speeds and has a growing ecosystem supporting smart contracts and decentralized applications. However, the vulnerabilities within the EOSIO smart…

Software Engineering · Computer Science 2020-08-07 Yuhe Huang , Bo Jiang , W. K. Chan

Context: Exhaustive fuzzing of modern JavaScript engines is infeasible due to the vast number of program states and execution paths. Coverage-guided fuzzers waste effort on low-risk inputs, often ignoring vulnerability-triggering ones that…

Software Engineering · Computer Science 2025-12-23 Kishan Kumar Ganguly , Tim Menzies

While smart contracts are foundational elements of blockchain applications, their inherent susceptibility to security vulnerabilities poses a significant challenge. Existing training datasets employed for vulnerability detection tools may…

Cryptography and Security · Computer Science 2024-10-31 Cuong Tran Manh , Hieu Dinh Vo

Despite the rapid growth of smart contracts, they are suffering numerous security vulnerabilities due to the absence of reliable development and testing. In this article, we apply the metamorphic testing technique to detect smart contract…

Software Engineering · Computer Science 2023-03-07 Jiahao Li

Fuzz testing has enjoyed great success at discovering security critical bugs in real software. Recently, researchers have devoted significant effort to devising new fuzzing techniques, strategies, and algorithms. Such new ideas are…

Cryptography and Security · Computer Science 2018-10-22 George Klees , Andrew Ruef , Benji Cooper , Shiyi Wei , Michael Hicks

This paper describes Slither, a static analysis framework designed to provide rich information about Ethereum smart contracts. It works by converting Solidity smart contracts into an intermediate representation called SlithIR. SlithIR uses…

Software Engineering · Computer Science 2019-08-28 Josselin Feist , Gustavo Grieco , Alex Groce

Smart contract is the building block of blockchain systems that enables automated peer-to-peer transactions and decentralized services. With the increasing popularity of smart contracts, blockchain systems, in particular Ethereum, have been…

Cryptography and Security · Computer Science 2021-05-24 Huiwen Hu , Yuedong Xu

Smart contracts are executable programs that enable the building of a programmable trust mechanism between multiple entities without the need of a trusted third-party. Researchers have developed several security scanners in the past couple…

Cryptography and Security · Computer Science 2020-12-15 William Zhang , Sebastian Banescu , Leonardo Passos , Steven Stewart , Vijay Ganesh

Vulnerable software represents a tremendous threat to modern information systems. Vulnerabilities in widespread applications may be used to spread malware, steal money and conduct target attacks. To address this problem, developers and…

Cryptography and Security · Computer Science 2018-07-06 Maksim Shudrak , Vyacheslav Zolotarev

Due to the inherent immutability of blockchain technology, smart contract updates require their deployment at new addresses rather than modifying existing ones, thus fragmenting version histories and creating critical blind spots for…

Software Engineering · Computer Science 2025-07-09 Fatou Ndiaye Mbodji , Vinny Adjibi , Moustapha Awwalou Diouf , Gervais Mendy , Kui Liu , Jacques Klein , Tegawende Bissyande

Modern computing is shifting from homogeneous CPU-centric systems to heterogeneous systems with closely integrated CPUs and GPUs. While the CPU software stack has benefited from decades of memory safety hardening, the GPU software stack…

Cryptography and Security · Computer Science 2026-03-09 Mingkai Li , Joseph Devietti , Suman Jana , Tanvir Ahmed Khan

Reentrancy vulnerability as one of the most notorious vulnerabilities, has been a prominent topic in smart contract security research. Research shows that existing vulnerability detection presents a range of challenges, especially as smart…

Software Engineering · Computer Science 2024-03-19 Zexu Wang , Jiachi Chen , Yanlin Wang , Yu Zhang , Weizhe Zhang , Zibin Zheng

Programs executed on a blockchain - smart contracts - have high financial stakes; their correctness is crucial. We argue, that this correctness needs to be foundational: correctness needs to be based on the operational semantics of their…

Softwarization and virtualization in 5G and beyond require rigorous testing against vulnerabilities and unintended emergent behaviors for critical infrastructure and network security assurance. Formal methods operates efficiently in…

Cryptography and Security · Computer Science 2023-07-13 Jingda Yang , Ying Wang

Smart contracts are self-executing programs that manage financial transactions on blockchain networks. Developers commonly rely on third-party code libraries to improve both efficiency and security. However, improper use of these libraries…

Software Engineering · Computer Science 2026-04-02 Yishun Wang , Wenkai Li , Xiaoqi Li , Zongwei Li , Lei Xie , Yuqing Zhang