Skip to content

Latest commit

 

History

History
814 lines (409 loc) · 33.1 KB

README.md

File metadata and controls

814 lines (409 loc) · 33.1 KB

Academic Smart Contract Papers

A curated Smart Contract related academic papers. All papers are sorted based on the conference name and published year. Welcome developers or researchers to add more published paper to this list.

Table of Listed Conferences



S&P

2023

[security] Clockwork Finance: Automated Analysis of Economic Security in Smart Contracts

[security] Tyr: Finding Consensus Failure Bugs in Blockchain System with Behaviour Divergent Model

2022

[security] Quantifying Blockchain Extractable Value: How dark is the forest?

[security] SAILFISH: Vetting Smart Contract State-Inconsistency Bugs in Seconds.

2021

[security] SmartPulse: Automated Checking of Temporal Properties in Smart Contracts.

[security] sGUARD: Towards Fixing Vulnerable Smart Contracts Automatically.

[finance] On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocols.

[security] Compositional Security for Reentrant Applications.

[security] High-Frequency Trading on Decentralized On-Chain Exchanges.

2020

[security] Flash Boys 2.0: Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instability.

[security] VerX: Safety Verification of Smart Contracts.

[security] VeriSmart: A Highly Precise Safety Verifier for Ethereum Smart Contracts.

[security] Executable Operational Semantics of Solidity.

2016

[application] Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts.


CCS

2022

[security] Empirical Analysis of EIP-1559: Transaction Fees, Waiting Time, and Consensus Security.

[security] Towards Automated Safety Vetting of Smart Contracts in Decentralized Applications.

[security] VRust: Automated Vulnerability Detection for Solana Smart Contracts.

[security] Understanding Security Issues in the NFT Ecosystem.

2021

[security] DETER: Denial of Ethereum Txpool sERvices.

2020

[security] ACE: Asynchronous and Concurrent Execution of Complex Smart Contracts.

[security] eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts.

2019

[SoftwareAnalysis] TokenScope: Automatically Discovering Inconsistent Cryptocurrency Tokens.

[security] Learning to Fuzz from Symbolic Execution with Application to Smart Contracts.

[security] Zkay: Specifying and Enforcing Data Privacy in Smart Contracts.

2018

[security] Securify: Practical Security Analysis of Smart Contracts.

[security] BitML: a calculus for Bitcoin smart contracts Massimo.

2017

[security] Betrayal, Distrust, and Rationality: Smart Counter-Collusion Contracts for Verifiable Cloud Computing.

2016

[security] Making Smart Contracts Smarter.

[security] Formal verification of smart contracts: Short paper.

[security] Town crier: An authenticated data feed for smart contracts.


USENIX Security

2022

[security] How to Peel a Million: Validating and Expanding Bitcoin Clusters.

2021

[security] Evil Under the Sun: Understanding and Discovering Attacks on Ethereum Decentralized Applications.

[security] EOSAFE: Security Analysis of EOSIO Smart Contracts.

[security] SmarTest: Effectively Hunting Vulnerable Transaction Sequences in Smart Contracts through Language Model-Guided Symbolic Execution.

[security] Smart Contract Vulnerabilities: Vulnerable Does Not Imply Exploited.

[security] EVMPatch: Timely and Automated Patching of Ethereum Smart Contracts.

[security] Frontrunner Jones and the Raiders of the Dark Forest: An Empirical Study of Frontrunning on the Ethereum Blockchain.

2020

[security] ETHBMC: A Bounded Model Checker for Smart Contracts.

[security] TXSPECTOR: Uncovering Attacks in Ethereum from Transactions.

[security] An Ever-evolving Game: Evaluation of Real-world Attacks and Defenses in Ethereum Ecosystem.

[security] BlockSci: Design and applications of a blockchain analysis platform

2019

[security] The art of the scam: Demystifying honeypots in ethereum smart contracts.

[application] FastKitten: Practical Smart Contracts on Bitcoin.

[security] Tracing Transactions Across Cryptocurrency Ledgers.

2018

[security] Erays: Reverse Engineering Ethereum's Opaque Smart Contracts.

[security] teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts.

[application] Arbitrum: Scalable, private smart contracts.

[security] Enter the Hydra: Towards principled bug bounties and exploit-resistant smart contracts.


NDSS

2023

[security] BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects

2021

[application] Bitcontracts: Supporting Smart Contracts in Legacy Blockchains.

[Sercurity] As Strong As Its Weakest Link: How to Break Blockchain DApps at RPC Service.

[Sercurity] SquirRL: Automating Attack Analysis on Blockchain Incentive Mechanisms with Deep Reinforcement Learning.

2020

[security] SODA: A Generic Online Detection Framework for Smart Contracts.

[security] Broken Metre: Attacking Resource Metering in EVM.

2019

[security] Seth: Protecting Existing Smart Contracts Against Re-Entrancy Attacks.

[security] YODA: Enabling computationally intensive contracts on blockchains with Byzantine and Selfish nodes.

[security] Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks.

2018

[security] "Zeus": Analyzing Safety of Smart Contracts.

[security] Chainspace: A Sharded Smart Contracts Platform.

ESEC/FSE

2022

[security] An Empirical Study of Blockchain System Vulnerabilities: Modules, Types, and Patterns.

[security] Declarative Smart Contracts.

2021

[security] ÐArcher: Detecting On-Chain-Off-Chain Synchronization Bugs in Decentralized Applications.

[application] Making Smart Contract Development More Secure and Easier.

[application] iBatch: Saving Ethereum Fees via Secure and Cost-Effective Batching of Smart-Contract Invocations.

2020

[security] Towards Automated Verification of Smart Contract Fairness.

[security] ModCon: a model-based testing platform for smart contracts.

[security] HARVEY:A Greybox Fuzzer for Smart Contracts.

2019

[security] EVMFuzzer: Detect EVM vulnerabilities via fuzz testing.

[security] A graph-based framework for analysing the design of smart contracts.


ISSTA

2022

[security] WASAI: uncovering vulnerabilities in Wasm smart contracts.

[security] Finding permission bugs in smart contracts with role mining.

[security] eTainter: detecting gas-related vulnerabilities in smart contracts.

[security] Park: accelerating smart contract vulnerability detection via parallel-fork symbolic execution.

[security] SmartDagger: a bytecode-based static analysis approach for detecting cross-contract vulnerability.

2021

[security] Empirical Evaluation of Smart Contract Testing: What Is the Best Choice?.

2020

[security] How effective are smart contract analysis tools? evaluating smart contract static analysis tools using bug injection.

[security] Echidna: effective, usable, and fast fuzzing for smart contracts.

[security] EShield: protect smart contracts against reverse engineering.

2019

[security] SAFEVM: a safety verifier for Ethereum smart contracts.

[security] Exploiting the laws of order in smart contracts.


ASE

2022

[security] Effectively Generating Vulnerable Transaction Sequences in Smart Contracts with Reinforcement Learning-guided Fuzzing.

[security] Reentrancy Vulnerability Detection and Localization: A Deep Learning Based Two-phase Approach.

[security] Identifying Solidity Smart Contract API Documentation Errors.

2021

[security] GASOL: Gas Analysis and Optimization for Ethereum Smart Contracts.

[security] Automating User Notice Generation for Smart Contract Functions.

[security] Characterizing Transaction-Reverting Statements in Ethereum Smart Contracts.

[security] SMARTIAN: Enhancing Smart Contract Fuzzing with Static and Dynamic Analyses.

[security] SigRec: Automatic Recovery of Function Signatures in Smart Contracts.

2020

[security] Cross-Contract Static Analysis for Detecting Practical Reentrancy Vulnerabilities in Smart Contracts.

[security] Demystifying Loops in Smart Contracts.

[security] Summary-Based Symbolic Evaluation for Smart Contracts.

[security] Finding Ethereum Smart Contracts Security Issues by Comparing History Versions.

2019

[security] Manticore: A User-Friendly Symbolic Execution Framework for Binaries and Smart Contracts.

[security] MuSC: A Tool for Mutation Testing of Ethereum Smart Contract.

[security] Securing Smart Contracts in Blockchain.

2018

[security] ContractFuzzer: Fuzzing Smart Contracts for Vulnerability.

[security] S-gram: towards semantic-aware security auditing for Ethereum smart contracts.


ICSE

2023

[security] Demystifying Exploitable Bugs in Smart Contracts.

2022

[security] Utilizing Parallelism in Smart Contracts on Decentralized Blockchains by Taming Application-Inherent Conflicts.

2021

[security] Smart Contract Security: a Practitioners’ Perspective.

2020

[security] Empirical Review of Automated Analysis Tools on 47,587 Ethereum Smart Contracts.

[security] sFuzz-An Efficient Adaptive Fuzzer for Solidity Smart Contracts.

[security] Smart Contract Development: Challenges and Opportunities.

[security] Targeted Greybox Fuzzing with Static Lookahead Analysis.

[security] Gap between Theory and Practice : An Empirical Study of Security Patches in Solidity.

[security] Seraph: Enabling Cross-Platform Security Analysis For EVM and WASM Smart Contracts.

2019

[security] Gigahorse: Thorough, Declarative Decompilation of Smart Contracts.

[security] VULTRON: Catching Vulnerable Smart Contracts Once and for All.

2018

[security] ReGuard: Finding Reentrancy Bugs in Smart Contracts.


SOSP

2021

[security] Forerunner: Constraint-based Speculative Transaction Execution for Ethereum.


OSDI

2021

[security] Finding Consensus Bugs in Ethereum via Multi-transaction Differential Fuzzing.


INFOCOM

2022

[application] S-Store: A Scalable Data Store towards Permissioned Blockchain Sharding.

2021

[application] Counter-Collusion Smart Contracts for Watchtowers in Payment Channel Networks.

[mine] Characterizing Ethereum's Mining Power Decentralization at a Deeper Level.

2020

[application] ET-DeaL: A P2P Smart Contract-based Secure Energy Trading Scheme for Smart Grid Systems.

[application] A Solution for State Conflicts of Smart Contract in Interaction with Non-blockchain.

[application] ChainIDE 2.0: Facilitating Smart Contract Development for Consortium Blockchain.

[application] EncELC: Hardening and Enriching Ethereum Light Clients with Trusted Enclaves.

2019

[application] Interledger Smart Contracts for Decentralized Authorization to Constrained Things.

2018

[graph analysis] Understanding ethereum via graph analysis.


DSN

2020

[security] SMACS: Smart Contract Access Control Service.

[security] Data-Driven Model-Based Analysis of the Ethereum Verifier's Dilemma.

[security] Smart Contracts on the Move.

[mine] Impact of Geo-Distribution and Mining Pools on Blockchains: A Study of Ethereum.

2019

[application] FabZK: Supporting Privacy-Preserving, Auditable Smart Contracts in Hyperledger Fabric.

2018

[security] Towards Model-Driven Engineering of Smart Contracts for Cyber-Physical Systems.


PLDI

2021

[security] Practical Smart Contract Sharding with Ownership and Commutativity Analysis.

2020

[security] Behavioral Simulation for Smart Contracts.

[security] Ethainter: A Smart Contract Security Analyzer for Composite Vulnerabilities.

[security] Securing Smart Contract with Runtime Validation.


ESORICS

2020

[security] PrivacyGuard: Enforcing Private Data Usage Control with Blockchain and Off-chain Contract Execution.

2019

[security] Practical Mutation Testing for Smart Contracts.

[application] PDFS: Practical Data Feed Service for Smart Contracts.

[security] The Operational Cost of Ethereum Airdrops.

[security] Annotary: A Concolic Execution System for Developing Secure Smart Contracts.

[security] An Efficient Micropayment Channel on Ethereum.

[security] A Minimal Core Calculus for Solidity Contracts.

2018

[security] Succinctly Verifiable Sealed-Bid Auction Smart Contract.

2017

[security] In Code We Trust? - Measuring the Control Flow Immutability of All Smart Contracts Deployed on Ethereum.


SANER

2021

[security] Understanding Code Reuse in Smart Contracts.

2020

[security] SMARTSHIELD: Automatic Smart Contract Protection Made Easy.

[security] EthPloit: From Fuzzing to Efficient Exploit Generation against Smart Contracts.

2019

[security] Towards Generating Cost-Effective Test-Suite for Ethereum Smart Contract.

[security] EVM*: From Offline Detection to Online Reinforcement for Ethereum Virtual Machine.

2018

[security] SmartInspect: solidity smart contract inspector.

[security] Smart contracts vulnerabilities: a call for blockchain software engineering?.

[security] The ICO phenomenon and its relationships with ethereum smart contract environment.

[security] Smart contracts: security patterns in the ethereum ecosystem and solidity.

2017

[application] Under-optimized smart contracts devour your money.


OOPSLA

2022

[security] Elipmoc: Advanced Decompilation of Ethereum Smart Contracts.

2021

[security] Symbolic Value-Flow Static Analysis: Deep, Precise, Complete Modeling of Ethereum Smart Contracts.

[security] Rich Specifications for Ethereum Smart Contract Verification.

[security] Pluto: Exposing Vulnerabilities in Inter-Contract Scenarios.

2020

[security] Precise Static Modelling of Ethereum "Memory".

[security] Taming Callbacks for Smart Contract Modularity.

2019

[security] Detecting Nondeterministic Payment Bugs in Ethereum Smart Contracts.

[security] Safer Smart Contract Programming with Scilla.

2018

[security] MadMax: surviving out-of-gas conditions in Ethereum smart contracts.


ACSAC

2021

[security] SolSaviour: A Defending Framework for Deployed Defective Smart Contracts.

2019

[security] SmarTor: Smarter Tor with Smart Contracts.

2018

[security] Finding The Greedy, Prodigal, and Suicidal Contracts at Scale.

[security] Osiris: Hunting for Integer Bugs in Ethereum Smart Contracts.


APSEC

2020

[security] Source Code Obfuscation for Smart Contracts.

2019

[security] SIF: A Framework for Solidity Contract Instrumentation and Analysis.

[security] SolAnalyser: A Framework for Analysing and Testing Smart Contracts.

2018

[security] Fuse: An Architecture for Smart Contract Fuzz Testing Service.


WWW

2022

[security] TTAGN: Temporal Transaction Aggregation Graph Network for Ethereum Phishing Scams Detection.

2021

[Finance] Towards Understanding Cryptocurrency Derivatives:A Case Study of BitMEX.

[graph analysis] Temporal Analysis of the Entire Ethereum Blockchain Network.

[Finance] Detecting and Quantifying Wash Trading on Decentralized Cryptocurrency Exchanges.

[application] [Towards understanding and demystifying bitcoin mixing services](Towards Understanding and Demystifying Bitcoin Mixing Services).

2020

[graph analysis] Measurements, Analyses, and Insights on the Entire Ethereum Blockchain Network.

[graph analysis] Traveling the token world: A graph analysis of Ethereum ERC20 token ecosystem.


ICDCS

2020

[security] TinyEVM: Off-Chain Smart Contracts on Low-Power IoT Devices.

2019

[security] DataEther: Data Exploration Framework For Ethereum.

[security] Read-Uncommitted Transactions for Smart Contract Performance.

2018

[security] MPCSToken: Smart Contract Enabled Fault-Tolerant Incentivisation for Mobile P2P Crowd Services.


POPL

2022

[security] SolType: Refinement Types for Arithmetic Overflow in Solidity.


2018

[security] Vandal: A Scalable Security Analysis Framework for Smart Contracts.


OTHERS

[security] TokenAware: Accurate and Efficient Bookkeeping Recognition for Token Smart Contracts.

Zheyuan He, Shuwei Song, Yang Bai, Xiapu Luo, Ting Chen, Wensheng Zhang, Peng He, Hongwei Li, Xiaodong Lin, Xiaosong Zhang. TOSEM

[MEV] A flash(bot) in the pan: measuring maximal extractable value in private pools.

Ben Weintraub, Christof Ferreira Torres, Cristina Nita-Rotaru, Radu State. IMC22

[security] Challenges in decentralized name management: the case of ENS.

Pengcheng Xia, Haoyu Wang, Zhou Yu, Xinyu Liu, Xiapu Luo, Guoai Xu, Gareth Tyson . IMC22

[security] TopoShot: uncovering Ethereum's network topology leveraging replacement transactions.

Kai Li, Yuzhe Tang, Jiaqi Chen, Yibo Wang, Xianghong Liu. IMC21

[application] SmartVM: A Smart Contract Virtual Machine for Fast On-Chain DNN Computations.

Tao Li, Yaozheng Fang, Ye Lu, Jinni Yang, Zhaolong Jian, Zhiguo Wan, Yusen Li. TPDS

[security] TSecuring the Ethereum from Smart Ponzi Schemes: Identification Using Static Features.

Zibin Zheng, Weili Chen, Zhijie Zhong, Zhiguang Chen, Yutong Lu. TOSEM

[security] Impact and User Perception of Sandwich Attacks in the DeFi Ecosystem.

Ye Wang, Patrick Zuest, Yaxing Yao, Zhicong Lu, Roger Wattenhofer. CHI 2022

[security] SolCMC: Solidity Compiler’s Model Checker.

Leonardo Alt, Martin Blicha, Antti E. J. Hyvärinen & Natasha Sharygina. CAV 2022

[security] Synthesis of super-optimized smart contracts using max-smt.

E.Albert, P Gordillo, A Rubio, MA Schett . CAV 2020

[security] Pied-Piper: Revealing the Backdoor Threats in Ethereum ERC Token Contracts.

Fuchen Ma, Meng Ren, Lerong Ouyang, Yuanliang Chen, Juan Zhu, Ting Chen, Yingli Zheng, Xiao Dai, Yu Jiang, Jiaguang Sun. TOSEM2022

[security] Time-travel Investigation: Toward Building a Scalable Attack Detection Framework on Ethereum.

Siwei Wu, Lei Wu, Yajin Zhou, Runhuai Li, Zhi Wang, Xiapu Luo, Cong Wang, Kui Ren. TOSEM2022

[security] Code Cloning in Smart Contracts on the Ethereum Platform: An Extended Replication Study.

Faizan Khan, Istvan David, Daniel Varro, Shane McIntosh.

[security] Penny Wise and Pound Foolish: Quantifying the Risk of Unlimited Approval of ERC20 Tokens on Ethereum.

Dabao Wang, Hang Feng, Siwei Wu, Yajin Zhou, Lei Wu, and Xingliang Yuan. Raid2022

[security] Trade or Trick? Detecting and Characterizing Scam Tokens on Uniswap Decentralized Exchange.

Xia, Pengcheng and Wang, Haoyu and Gao, Bingyu and Su, Weihang and Yu, Zhou and Luo, Xiapu and Zhang, Chao and Xiao, Xusheng and Xu, Guoai. POMACS2021

[application] An Off-The-Chain Execution Environment for Scalable Testing and Profiling of Smart Contracts.

Yeonsoo Kim and Seongho Jeong, Kamil Jezek, Bernd Burgstaller, Bernhard Scholz. Usenix ATC22.

[security] Inheritance software metrics on smart contracts.

Ashish Rajendra Sai, Conor Holmes, Jim Buckley, Andrew Le Gear. ICPC '2020

[security] Recommending Differentiated Code to Support Smart Contract Update.

Yuan Huang, Queping Kong, Nan Jia, Xiangping Chen, Zibin Zheng. ICPC '2019

[security] Enabling clone detection for ethereum via smart contract birthmarks.

Han Liu, Zhiqiang Yang, Yu Jiang, Wenqi Zhao, Jiaguang Sun. ICPC '2019

[security] SmartCheck: Static Analysis of Ethereum Smart Contracts.

Sergei Tikhomirov, Ekaterina Voskresenskaya, Ivan Ivanitskiy, Ramil Takhaviev, Evgeny Marchenko, Yaroslav Alexandrov. WETSEB '2018

[security] Runtime Verification of Ethereum Smart Contracts.

Joshua Ellul, Gordon J. Pace. EDCC '2018

[security] Formal Modeling and Verification of Smart Contracts.

X. Bai, Zijing Cheng. ICSCA '2018

[security] Protect Your Smart Contract Against Unfair Payment.

Yue Li, Han Liu, Zhiqiang Yang, Bin Wang, Qian Ren, Lei Wang and Bangdao Chen. SRDS '2020

[security] TZ4Fabric: Executing Smart Contracts with ARM TrustZone (Practical Experience Report).

Christina Müller, Marcus Brandenburger, Christian Cachin, Pascal Felber, Christian Göttel and Valerio Schiavoni. SRDS '2020

[security] Smart Contract Vulnerability Detection Using Graph Neural Networks.

Yuan Zhuang, Zhenguang Liu, Peng Qian, Qi Liu, Xiang Wang, Qinming He. IJCAI'20

[security] Towards a first step to understand the cryptocurrency stealing attack on ethereum.

Zhen Cheng, Xinrui Hou, Runhuai Li, Yajin Zhou, Xiapu Luo, Jinku Li, Kui Ren. RAID2019

[application] Developing Cost-Effective Blockchain-Powered Applications: A Case Study of the Gas Usage of Smart Contract Transactions in the Ethereum Blockchain Platform.

Abdullah A. Zarir, Gustavo Ansaldi Oliva, Zhen Ming (Jack) Jiang, Ahmed E. Hassan.

[security] MPro: Combining Static and Symbolic Analysis for Scalable Testing of Smart Contract.

William Zhang, Sebastian Banescu, Leonardo Pasos, Steven T. Stewart, Vijay Ganesh. ISSRE2019

[security] Tracking Counterfeit Cryptocurrency End-to-end.

Bingyu Gao, Haoyu Wang, Pengcheng Xia, Siwei Wu, Yajin Zhou, Xiapu Luo, Gareth Tyson. SIGMETRICS2021

[security] SADPonzi: Detecting and Characterizing Ponzi Schemes in Ethereum Smart Contracts.

W Chen, X Li, Y Sui, N He, H Wang, L Wu. SIGMETRICS2021

[security] Understanding (Mis)Behavior on the EOSIO Blockchain.

Aditya Gopalan, Abishek Sankararaman, Anwar Walid, Sriram Vishwanath . SIGMETRICS2020.

[security] Extracting Smart Contracts Tested and Verified in Coq.

Danil Annenkov, Mikkel Milo, Jakob Botsch Nielsen, Bas Spitters. CPP2021

[security] Why Do Smart Contracts Self-Destruct? Investigating the Selfdestruct Function on Ethereum.

Jiachi Chen, Xin Xia, David Lo, John Grundy. TOSEM 2021

[security] Large-Scale Empirical Study of Inline Assembly on 7.6 Million Ethereum Smart Contracts.

Zhou Liao, Shuwei Song, Hang Zhu, Xiapu Luo, Zheyuan He, Renkai Jiang, Ting Chen, Jiachi Chen, Tao Zhang, and Xiao-song Zhang. TSE22

[security] Model checking of vulnerabilities in smart contracts: a solidity-to-CPN approach.

Ikram Garfatta, Kaïs Klai, Mohamed Graïet, Walid Gaaloul. SAC2022

[security] DEFECTCHECKER: Automated Smart Contract Defect Detection by Analyzing EVM Bytecode.

Jiachi Chen, Xin Xia, David Lo, John Grundy, Xiapu Luo, Ting Chen. TSE22

[security] An Empirical Investigation on the Trade-off between Smart Contract Readability and Gas Consumption.

Anna Vacca; Michele Fredella; Andrea Di Sorbo; Corrado A. Visaggio; Gerardo Canfora. (ICPC2022)

[security] Peculiar: Smart Contract Vulnerability Detection Based on Crucial Data Flow Graph and Pre-training Techniques.

Yihao, QinBo, LinXiaoguang, MaoYan, LeiZhuo, ZhangShangwen Wang. (ISSRE 2021)

License

CC0

This list is released into the public domain.