Skip to content

Academic Smart Contract Papers. Welcome developers or researchers to add more published papers to this list.

License

Notifications You must be signed in to change notification settings

blue-lotus-lab/Academic_Smart_Contract_Papers

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 

Repository files navigation

Academic Smart Contract Papers

A curated Smart Contract related academic papers. All papers are sorted based on the conference name and published year.

Welcome developers or researchers to add more published papers to this list.

You can find my TLDR notes for some papers.

The cryptocurrency donation address: 0xCC28B05fE858CDbc8692E3272A4451111bDCf700.

Welcome to visit my homepage and Google Scholar.

Table of Listed Conferences

Security & Crypto Networking & Database Software Engineering & Programming Language System Architecture
IEEE S&P SIGMETRICS ICSE EuroSys
ACM CCS ICDE ESEC/FSE ACM SOSP
USENIX Security VLDB ASE IEEE ICDCS
NDSS ACM SIGMOD ACM PLDI OSDI
IEEE DSN IEEE INFOCOM ACM OOPSLA Usenix ATC
SRCS IMC ISSTA
RAID WWW ACM POPL
CAV

Table of Listed Journals

Also including:


Conference


S&P

2024

[security] NURGLE: Exacerbating Resource Consumption in Blockchain State Storage via MPT Manipulation.

[security] Pianist: Scalable zkRollups via Fully Distributed Zero-Knowledge Proofs.

[security] Large-Scale Study of Vulnerability Scanners for Ethereum Smart Contracts | MyTLDR.

[security] POMABuster: Detecting Price Oracle Manipulation Attacks in Decentralized Finance | MyTLDR.

[security] Conning the Crypto Conman: End-to-End Analysis of Cryptocurrency-based Technical Support Scams

[security] Certifying Zero-Knowledge Circuits with Refinement Types.

[security] Formal Model-Driven Analysis of Resilience of GossipSub to Attacks from Misbehaving Peers | MyTLDR.

[security] Specular: Towards Secure, Trust-minimized Optimistic Blockchain Execution.

[security] Towards Smart Contract Fuzzing on GPUs.

[security] SMARTINV: Multimodal Learning for Smart Contract Invariant Inference| MyTLDR.

[security] Nyx: Detecting Exploitable Front-Running Vulnerabilities in Smart Contracts | MyTLDR.

[security] Optimal Flexible Consensus and its Application to Ethereum.

[security] Chronos: Finding Timeout Bugs in Practical Distributed Systems by Deep-Priority Fuzzing with Transient Delay.

[security] Pulling off the mask: Forensic analysis of the deceptive creator wallets behind smart contract fraud.

2023

[financail] WeRLman: To Tackle Whale (Transactions), Go Deep (RL) | MyTLDR.

[security] Clockwork Finance: Automated Analysis of Economic Security in Smart Contracts | MyTLDR.

[security] SoK: Decentralized Finance (DeFi) Attacks | MyTLDR.

[security] Tyr: Finding Consensus Failure Bugs in Blockchain System with Behaviour Divergent Model.

[security] Three Birds with One Stone: Efficient Partitioning Attacks on Interdependent Cryptocurrency Networks | MyTLDR.

2022

[security] Quantifying Blockchain Extractable Value: How dark is the forest? | MyTLDR.

[security] SAILFISH: Vetting Smart Contract State-Inconsistency Bugs in Seconds.

2021

[security] SmartPulse: Automated Checking of Temporal Properties in Smart Contracts | MyTLDR.

[security] sGUARD: Towards Fixing Vulnerable Smart Contracts Automatically

[finance] On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocols.

[security] Compositional Security for Reentrant Applications | MyTLDR.

[security] High-Frequency Trading on Decentralized On-Chain Exchanges.

2020

[security] Flash Boys 2.0: Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instability.

[security] VerX: Safety Verification of Smart Contracts | MyTLDR.

[security] VeriSmart: A Highly Precise Safety Verifier for Ethereum Smart Contracts.

[security] Executable Operational Semantics of Solidity | MyTLDR.

2016

[application] Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts.


CCS

2023

[security] Demystifying DeFi MEV Activities in Flashbots Bundle | MyTLDR.

[security] Cryptocurrency wallets, security, usability, multi-device wallets.

[security] Fait Accompli Committee Selection: Improving the Size-Security Tradeoff of Stake-Based Committees.

[security] The Locality of Memory Checking

[security] Lanturn: Measuring Economic Security of Smart Contracts Through Adaptive Learning | MyTLDR.

[security] Under the Dark: A Systematical Study of Stealthy Mining Pools (Ab)use in the Wild.

[security] TxPhishScope: Towards Detecting and Understanding Transaction-based Phishing on Ethereum | MyTLDR.

[security] How Hard is Takeover in DPoS Blockchains? Understanding the Security of Coin-based Voting Governance.

[security] Uncovering Impact of Mental Models towards Adoption of Multi-device Crypto-Wallets.

[security] Uncle Maker: (Time)Stamping Out The Competition in Ethereum | MyTLDR.

[security] TrustBoost: Boosting Trust among Interoperable Blockchains.

[security] Analyzing the Real-World Security of the Algorand Blockchain.

[security] Phoenix: Detect and Locate Resilience Issues in Blockchain via Context-Sensitive Chaos | MyTLDR.

[security] Fuzz on the Beach: Fuzzing Solana Smart Contracts | MyTLDR.

[security] Cybercrime Bitcoin Revenue Estimations: Quantifying the Impact of Methodology and Coverage.

2022

[security] Empirical Analysis of EIP-1559: Transaction Fees, Waiting Time, and Consensus Security.

[security] Towards Automated Safety Vetting of Smart Contracts in Decentralized Applications | MyTLDR.

[security] VRust: Automated Vulnerability Detection for Solana Smart Contracts | MyTLDR.

[security] Watch Your Back: Identifying Cybercrime Financial Relationships in Bitcoin through Back-and-Forth Exploration.

[security] Understanding Security Issues in the NFT Ecosystem.

2021

[security] DETER: Denial of Ethereum Txpool sERvices.

[security] SyncAttack: Double-spending in Bitcoin Without Mining Power.

2020

[security] ACE: Asynchronous and Concurrent Execution of Complex Smart Contracts | MyTLDR.

[security] eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts.

[security] Bdos: Blockchain denial-of-service.

2019

[SoftwareAnalysis] TokenScope: Automatically Discovering Inconsistent Cryptocurrency Tokens.

[security] Learning to Fuzz from Symbolic Execution with Application to Smart Contracts. | MyTLDR.

[security] Zkay: Specifying and Enforcing Data Privacy in Smart Contracts.

2018

[security] Securify: Practical Security Analysis of Smart Contracts.

[security] BitML: a calculus for Bitcoin smart contracts Massimo.

2017

[security] Betrayal, Distrust, and Rationality: Smart Counter-Collusion Contracts for Verifiable Cloud Computing.

2016

[security] Making Smart Contracts Smarter | MyTLDR.

[security] Formal verification of smart contracts: Short paper.

[security] Town crier: An authenticated data feed for smart contracts.


USENIX Security

2024

[security] All Your Tokens are Belong to Us: Demystifying Address Verification Vulnerabilities in Solidity Smart Contracts.

[security] Speculative Denial-of-Service Attacks in Ethereum.

[security] Practical Security Analysis of Zero-Knowledge Proof Circuits | MyTLDR.

2023

[security] Smart Learning to Find Dumb Contracts.

[security] Confusum Contractum: Confused Deputy Vulnerabilities in Ethereum Smart Contracts.

[security] Panda: Security Analysis of Algorand Smart Contracts.

[security] Proxy Hunting: Understanding and Characterizing Proxy-based Upgradeable Smart Contracts in Blockchains.

[security] The Blockchain Imitation Game.

[security] A Large Scale Study of the Ethereum Arbitrage Ecosystem | MyTLDR.

[security] A Mixed-Methods Study of Security Practices of Smart Contract Developers | MyTLDR.

[security] Smart Learning to Find Dumb Contracts | MyTLDR.

[security] Snapping Snap Sync: Practical Attacks on Go Ethereum Synchronising Nodes | MyTLDR.

[security] Token Spammers, Rug Pulls, and Sniper Bots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB) | MyTLDR.

[security] Automated Inference on Financial Security of Ethereum Smart Contracts | MyTLDR.

[security] Your Exploit is Mine: Instantly Synthesizing Counterattack Smart Contract | MyTLDR.

[security] Anatomy of a High-Profile Data Breach: Dissecting the Aftermath of a Crypto-Wallet Case.

[security] Mixed Signals: Analyzing Ground-Truth Data on the Users and Economics of a Bitcoin Mixing Service.

[security] Is Your Wallet Snitching On You? An Analysis on the Privacy Implications of Web3.

2022

[security] How to Peel a Million: Validating and Expanding Bitcoin Clusters.

[security] Total Eclipse of the Heart – Disrupting the InterPlanetary File System.

2021

[security] Evil Under the Sun: Understanding and Discovering Attacks on Ethereum Decentralized Applications.

[security] EOSAFE: Security Analysis of EOSIO Smart Contracts.

[security] SmarTest: Effectively Hunting Vulnerable Transaction Sequences in Smart Contracts through Language Model-Guided Symbolic Execution | MyTLDR.

[security] Smart Contract Vulnerabilities: Vulnerable Does Not Imply Exploited.

[security] EVMPatch: Timely and Automated Patching of Ethereum Smart Contracts.

[security] Frontrunner Jones and the Raiders of the Dark Forest: An Empirical Study of Frontrunning on the Ethereum Blockchain.

2020

[security] ETHBMC: A Bounded Model Checker for Smart Contracts | MyTLDR.

[security] TXSPECTOR: Uncovering Attacks in Ethereum from Transactions.

[security] An Ever-evolving Game: Evaluation of Real-world Attacks and Defenses in Ethereum Ecosystem.

[security] BlockSci: Design and applications of a blockchain analysis platform

2019

[security] The art of the scam: Demystifying honeypots in ethereum smart contracts | MyTLDR.

[application] FastKitten: Practical Smart Contracts on Bitcoin.

[security] Tracing Transactions Across Cryptocurrency Ledgers.

2018

[security] Erays: Reverse Engineering Ethereum's Opaque Smart Contracts.

[security] teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts.

[application] Arbitrum: Scalable, private smart contracts.

[security] Enter the Hydra: Towards principled bug bounties and exploit-resistant smart contracts.

2017

[security] SmartPool: Practical Decentralized Pooled Mining.


NDSS

2024

[security] Proof of Backhaul: Trustfree Measurement of Broadband Bandwidth

[security] A Two-Layer Blockchain Sharding Protocol Leveraging Safety and Liveness for Enhanced Performance.

[security] Pisces: Private and Compliable Cryptocurrency Exchange.

[security] Front-running Attack in Sharded Blockchains and Fair Cross-shard Consensus.

[security] Content Censorship in the InterPlanetary File System.

[security] DRAINCLoG: Detecting Rogue Accounts with Illegally-obtained NFTs using Classifiers Learned on Graphs.

[security] VETEOS: Statically Vetting EOSIO Contracts for the “Groundhog Day” Vulnerabilities

[security] Not your Type! Detecting Storage Collision Vulnerabilities in Ethereum Smart Contracts | MyTLDR.

[security] Abusing the Ethereum Smart Contract Verification Services for Fun and Profit | MyTLDR.

2023

[security] Double and Nothing: Understanding and Detecting Cryptocurrency Giveaway Scams | MyTLDR.

[security] Partitioning Ethereum without Eclipsing It.

[security] LOKI: State-Aware Fuzzing Framework for the Implementation of Blockchain Consensus Protocols.

[security] BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects.

[security] Smarter Contracts: Detecting Vulnerabilities in Smart Contracts with Deep Transfer Learning | MyTLDR.

2021

[application] Bitcontracts: Supporting Smart Contracts in Legacy Blockchains.

[Sercurity] As Strong As Its Weakest Link: How to Break Blockchain DApps at RPC Service.

[Sercurity] SquirRL: Automating Attack Analysis on Blockchain Incentive Mechanisms with Deep Reinforcement Learning.

2020

[security] SODA: A Generic Online Detection Framework for Smart Contracts.

[security] Broken Metre: Attacking Resource Metering in EVM.

2019

[security] YODA: Enabling computationally intensive contracts on blockchains with Byzantine and Selfish nodes.

[security] Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks.

2018

[security] "Zeus": Analyzing Safety of Smart Contracts.

[security] Chainspace: A Sharded Smart Contracts Platform.


CAV

2022

[security] SolCMC: Solidity Compiler’s Model Checker | MyTLDR.

2020

[security] Synthesis of super-optimized smart contracts using max-smt.

2018

[security] TxT: Real-Time Transaction Encapsulation for Ethereum Smart Contracts


ESEC/FSE

2024

[security] Static Application Security Testing (SAST) Tools for Smart Contracts: How Far Are We?).

[security] SmartAxe: Detecting Cross-Chain Vulnerabilities in Bridge Smart Contracts via Fine-Grained Static Analysis.

[security] Demystifying Invariant Effectiveness for Securing Smart Contracts.

[security] Efficiently Detecting Reentrancy Vulnerabilities in Complex Smart Contracts.

2023

[security] Demystifying the Composition and Code Reuse in Solidity Smart Contracts | MyTLDR.

[security] Understanding Solidity Event Logging Practices in the Wild.

[software engineering] EtherDiffer: Differential Testing on RPC Services of Ethereum Nodes | MyTLDR.

[security] SmartFix: Fixing Vulnerable Smart Contracts by Accelerating Generate-and-Verify Repair using Statistical Models

[security] TransRacer: Function Dependence-Guided Transaction Race Detection for Smart Contracts

[security] DeepInfer: Deep Type Inference from Smart Contract Bytecode | MyTLDR.

2022

[security] MANDO-GURU: vulnerability detection for smart contract source code by heterogeneous graph embeddings.

[security] An Empirical Study of Blockchain System Vulnerabilities: Modules, Types, and Patterns.

[security] Declarative Smart Contracts.

[security] SolSEE: a source-level symbolic execution engine for solidity

2021

[security] ÐArcher: Detecting On-Chain-Off-Chain Synchronization Bugs in Decentralized Applications.

[application] Making Smart Contract Development More Secure and Easier.

[application] iBatch: Saving Ethereum Fees via Secure and Cost-Effective Batching of Smart-Contract Invocations.

2020

[security] Towards Automated Verification of Smart Contract Fairness.

[security] ModCon: a model-based testing platform for smart contracts.

[security] HARVEY: A Greybox Fuzzer for Smart Contracts.

2019

[security] EVMFuzzer: Detect EVM vulnerabilities via fuzz testing.

[security] A graph-based framework for analysing the design of smart contracts.


ISSTA

2024

[security] LENT-SSE: Leveraging Executed and Near Transactions for Speculative Symbolic Execution of Smart Contracts.

[security] ldentifying Smart Contract Security Issues in Code Snippets from Stack Overflow.

[security] Empirical Study of Move Smart Contract Security: Introducing MoveScan for Enhanced Analysis.

[security] Following the "Thread": Toward Finding Manipulatable Bottlenecks In Blockchain Clients.

[security] FunRedisp: Reordering Function Dispatch in Smart Contract to Reduce Invocation Gas Fees.

[security] Midas: Mining Profitable Exploits in On-Chain Smart Contracts via Feedback-Driven Fuzzing and Differential Analysis.

[security] DeFort: Automatic Detection and Analysis of Price Manipulation Attacks in DeFi Applications.

[security] DAppFL: Just-in-Time Fault Localization for Decentralized Applications in Web3.

2023

[security] SmartState: Detecting State-Reverting Vulnerabilities in Smart Contracts via Fine-Grained State-Dependency Analysis | MyTLDR.

[security] iSyn: Semi-automated Smart Contract Synthesis from Legal Financial Agreements | MyTLDR.

[security] Beyond “Protected” and “Private”: An Empirical Security Analysis of Custom Function Modifiers in Smart Contracts | MyTLDR.

[security] Automated Generation of Security-Centric Descriptions for Smart Contract Bytecode.

[security] Detecting State Inconsistency Bugs in DApps via On-Chain Transaction Replay and Fuzzing | MyTLDR.

[security] ItyFuzz: Snapshot-Based Fuzzer for Smart Contract

[security] Toward Automated Detecting Unanticipated Price Feed in Smart Contract | MyTLDR.

[security] DeFiTainter: Detecting Price Manipulation Vulnerabilities in DeFi Protocols | MyTLDR.

[security] Definition and Detection of Defects in NFT Smart Contracts | MyTLDR.

2022

[security] WASAI: uncovering vulnerabilities in Wasm smart contracts | MyTLDR.

[security] Finding permission bugs in smart contracts with role mining | MyTLDR.

[security] eTainter: detecting gas-related vulnerabilities in smart contracts | MyTLDR.

[security] Park: accelerating smart contract vulnerability detection via parallel-fork symbolic execution.

[security] SmartDagger: a bytecode-based static analysis approach for detecting cross-contract vulnerability.

[security] SpCon: Finding Smart Contract Permission Bugs with Role Mining

2021

[security] Empirical Evaluation of Smart Contract Testing: What Is the Best Choice?.

[security] SCStudio: A Secure and Efficient Integrated Development Environment for Smart Contracts..

2020

[security] How effective are smart contract analysis tools? evaluating smart contract static analysis tools using bug injection.

[security] Echidna: effective, usable, and fast fuzzing for smart contracts.

[security] EShield: protect smart contracts against reverse engineering.

2019

[security] SAFEVM: a safety verifier for Ethereum smart contracts.

[security] Exploiting the laws of order in smart contracts.


ASE

2023

[security] DeFiWarder: Protecting DeFi Apps from Token Leaking Vulnerabilities | MyTLDR.

[security] SmartCoCo: Checking Comment-code Inconsistency in Smart Contracts via Constraint Propagation and Binding.

2022

[security] A Unified Specification Mining Framework for Smart Contracts.

[security] InvCon: A Dynamic Invariant Detector for Ethereum Smart Contracts.

[security] Learning Contract Invariants Using Reinforcement Learning.

[security] Effectively Generating Vulnerable Transaction Sequences in Smart Contracts with Reinforcement Learning-guided Fuzzing.

[security] Reentrancy Vulnerability Detection and Localization: A Deep Learning Based Two-phase Approach.

[security] Identifying Solidity Smart Contract API Documentation Errors.

[security] Xscope: Hunting for Cross-Chain Bridge Attacks

[secutiry] Property-Based Automated Repair of DeFi Protocols

[security] Towards Effective Static Analysis Approaches for Security Vulnerabilities in Smart Contracts

2021

[security] GASOL: Gas Analysis and Optimization for Ethereum Smart Contracts.

[security] Automating User Notice Generation for Smart Contract Functions.

[security] Characterizing Transaction-Reverting Statements in Ethereum Smart Contracts.

[security] SMARTIAN: Enhancing Smart Contract Fuzzing with Static and Dynamic Analyses.

[security] SigRec: Automatic Recovery of Function Signatures in Smart Contracts.

2020

[security] Cross-Contract Static Analysis for Detecting Practical Reentrancy Vulnerabilities in Smart Contracts.

[security] Demystifying Loops in Smart Contracts.

[security] Summary-Based Symbolic Evaluation for Smart Contracts.

[security] Finding Ethereum Smart Contracts Security Issues by Comparing History Versions.

2019

[security] Manticore: A User-Friendly Symbolic Execution Framework for Binaries and Smart Contracts.

[security] MuSC: A Tool for Mutation Testing of Ethereum Smart Contract.

[security] Securing Smart Contracts in Blockchain.

2018

[security] ContractFuzzer: Fuzzing Smart Contracts for Vulnerability.

[security] S-gram: towards semantic-aware security auditing for Ethereum smart contracts.


ICSE

2025

[security] Safeguarding DeFi Smart Contracts against Oracle Deviations.

[security] Hyperion: Unveiling DApp Inconsistencies using LLM and Dataflow-GuidedSymbolic Execution.

[security] Demystifying and Detecting Cryptographic Defects in Ethereum SmartContracts.

2024

[security] SCVHunter: Smart Contract Vulnerability Detection Based on Heterogeneous Graph Attention Network | MyTLDR.

[security] FlashSyn: Flash Loan Attack Synthesis via Counter Example Driven Approximation.

[security] Stop Pulling my Rug: Exposing Rug Pull Risks in Crypto Token to Investors.

[security] Improving Smart Contract Security with Contrastive Learning-based Vulnerability Detection.

[security] Towards Finding Accounting Errors in Smart Contracts.

[security] Are We There Yet? Unraveling the State-of-the-Art Smart Contract Fuzzers.

[security] PrettySmart: Detecting Permission Re-delegation Vulnerability for Token Behaviors in Smart Contracts.

[security] When Contracts Meets Crypto: Exploring Developers' Struggleswith Ethereum Cryptographic APIs

[security] PonziGuard: Detecting Ponzi Schemes on Ethereum with Contract Runtime Behavior Graph (CRBG).

[security] Revealing Hidden Threats: An Empirical Study of Library Misuse in Smart Contracts | MyTLDR.

[security] Uncover the Premeditated Attacks: Detecting Exploitable Reentrancy Vulnerabilities by Identifying Attacker Contracts.

[security] Smart Contract and DeFi Security Tools: Do They Meet the Needs of Practitioners?.

[security] Safeguarding DeFi Smart Contracts against Oracle Deviations.

[security] Verifying Declarative Smart Contracts.

[security] GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis | | MyTLDR.

2023

[security] SmartMark: Software Watermarking Scheme for Smart Contracts.

[security] AChecker: Statically Detecting Smart Contract Access Control Vulnerabilities | MyTLDR.

[security] BSHUNTER: Detecting and Tracing Defects of Bitcoin Scripts.

[security] Demystifying Exploitable Bugs in Smart Contracts.

[security] Turn the Rudder: A Beacon of Reentrancy Detection for Smart Contracts on Ethereum

2022

[security] Utilizing Parallelism in Smart Contracts on Decentralized Blockchains by Taming Application-Inherent Conflicts.

2021

[security] Smart Contract Security: a Practitioners’ Perspective.

2020

[security] Empirical Review of Automated Analysis Tools on 47,587 Ethereum Smart Contracts.

[security] sFuzz-An Efficient Adaptive Fuzzer for Solidity Smart Contracts.

[security] Targeted Greybox Fuzzing with Static Lookahead Analysis.

[security] Gap between Theory and Practice : An Empirical Study of Security Patches in Solidity.

[security] Seraph: Enabling Cross-Platform Security Analysis For EVM and WASM Smart Contracts.

2019

[security] Gigahorse: Thorough, Declarative Decompilation of Smart Contracts.

[security] VULTRON: Catching Vulnerable Smart Contracts Once and for All.

2018

[security] ReGuard: Finding Reentrancy Bugs in Smart Contracts.


SOSP

2021

[security] Forerunner: Constraint-based Speculative Transaction Execution for Ethereum | MyTLDR.

2017

[application] Algorand: Scaling Byzantine Agreements for Cryptocurrencies.


OSDI

2023

[performance] LVMT: An Efficient Authenticated Storage for Blockchain.

2021

[security] Finding Consensus Bugs in Ethereum via Multi-transaction Differential Fuzzing.


INFOCOM

2024

[application] IPFS in the Fast Lane: Accelerating Record Storage with Optimistic Provide.

[application] Federated Analytics-Empowered Frequent Pattern Mining for Decentralized Web 3.0 Applications.

[performance] DEthna: Accurate Ethereum Network Topology Discovery with Marked Transactions.

[performance] Broker2Earn: Towards Maximizing Broker Revenue and System Liquidity for Sharded Blockchains.

[Performance] Account Migration across Blockchain Shards using Fine-tuned Lock Mechanism.

[security] ConFuzz: Towards Large Scale Fuzz Testing of Smart Contracts in Ethereum.

2023

[security] Latency-First Smart Contract: Overclock the Blockchain for a while.

[security] A Decentralized Truth Discovery Approach to the Blockchain Oracle Problem.

2022

[application] S-Store: A Scalable Data Store towards Permissioned Blockchain Sharding.

2021

[security] Code is the (F)Law: Demystifying and Mitigating Blockchain Inconsistency Attacks Caused by Software Bugs.

[application] Counter-Collusion Smart Contracts for Watchtowers in Payment Channel Networks.

[mine] Characterizing Ethereum's Mining Power Decentralization at a Deeper Level.

2020

[application] ET-DeaL: A P2P Smart Contract-based Secure Energy Trading Scheme for Smart Grid Systems.

[application] A Solution for State Conflicts of Smart Contract in Interaction with Non-blockchain.

[application] ChainIDE 2.0: Facilitating Smart Contract Development for Consortium Blockchain.

[application] EncELC: Hardening and Enriching Ethereum Light Clients with Trusted Enclaves.

2019

[application] Interledger Smart Contracts for Decentralized Authorization to Constrained Things.

2018

[graph analysis] Understanding ethereum via graph analysis.


WWW

2024

[security] Towards Understanding Crypto-Asset Risks on Ethereum Caused by Key Leakage on the Internet.

[Finance] Interface Illusions: Uncovering the Rise of Visual Scams in Cryptocurrency Wallets.

[Finance] DenseFlow: Spotting Cryptocurrency Money Laundering in Ethereum Transaction Graphs.

[Finance] Unveiling the Paradox of NFT Prosperity.

[security] Advancing Web 3.0: Making Smart Contracts Smarter on Blockchain.

[security] Characterizing Ethereum Upgradable Smart Contracts and Their Security Implications.

[security] ZipZap: Efficient Training of Language Models for Large-Scale Fraud Detection on Blockchain.

[security] Investigations of Top-Level Domain Name Collisions in Blockchain Naming Services.

[security] Interface Illusions: Uncovering the Rise of Visual Scams in Cryptocurrency Wallets.

2023

[Finance] Ready, Aim, Snipe! Analysis of Sniper Bots and their Impact on the DeFi Ecosystem.

[Finance] On How Zero-Knowledge Proof Blockchain Mixers Improve, and Worsen User Privacy.

[Finance] Know Your Transactions: Real-time and Generic Transaction Semantic Representation on Blockchain & Web3 Ecosystem | MyTLDR.

[security] BERT4ETH: A Pre-trained Transformer for Ethereum Fraud Detection | MyTLDR.

2022

[Finance] Cyclic Arbitrage in Decentralized Exchanges.

[security] TTAGN: Temporal Transaction Aggregation Graph Network for Ethereum Phishing Scams Detection.

2021

[Finance] Towards Understanding Cryptocurrency Derivatives:A Case Study of BitMEX.

[graph analysis] Temporal Analysis of the Entire Ethereum Blockchain Network.

[Finance] Detecting and Quantifying Wash Trading on Decentralized Cryptocurrency Exchanges.

[application] Towards understanding and demystifying bitcoin mixing services.

2020

[graph analysis] Measurements, Analyses, and Insights on the Entire Ethereum Blockchain Network.

[graph analysis] Traveling the token world: A graph analysis of Ethereum ERC20 token ecosystem.


DSN

2024

[security] Byzantine Attacks Exploiting Penalties in Ethereum PoS.

[security] PAROLE: Profitable Arbitrage in Optimistic Rollup with ERC-721 Token Transactions.

2020

[security] SMACS: Smart Contract Access Control Service.

[security] Data-Driven Model-Based Analysis of the Ethereum Verifier's Dilemma.

[security] Smart Contracts on the Move.

[mine] Impact of Geo-Distribution and Mining Pools on Blockchains: A Study of Ethereum.

2019

[application] FabZK: Supporting Privacy-Preserving, Auditable Smart Contracts in Hyperledger Fabric.

2018

[security] Towards Model-Driven Engineering of Smart Contracts for Cyber-Physical Systems.


PLDI

2024

[verification] Consolidating Smart Contracts with Behavioral Contracts.

[optimization] SuperStack: Superoptimization of Stack-Bytecode via Greedy, Constraint-Based, and SAT Techniques.

2023

[security] Automated Detection of Under-constrained Circuits in Zero-Knowledge Proofs | MyTLDR.

2021

[security] Practical Smart Contract Sharding with Ownership and Commutativity Analysis.

2020

[security] Behavioral Simulation for Smart Contracts.

[security] Ethainter: A Smart Contract Security Analyzer for Composite Vulnerabilities.

[security] Securing Smart Contract with Runtime Validation.


ESORICS

2023

[security] n-MVTL Attack: Optimal Transaction Reordering Attack on DeFi.

[security] When is Slower Block Propagation More Profitable for Large Miners?.

2020

[security] PrivacyGuard: Enforcing Private Data Usage Control with Blockchain and Off-chain Contract Execution.

2019

[security] Practical Mutation Testing for Smart Contracts.

[application] PDFS: Practical Data Feed Service for Smart Contracts.

[security] The Operational Cost of Ethereum Airdrops.

[security] Annotary: A Concolic Execution System for Developing Secure Smart Contracts.

[security] An Efficient Micropayment Channel on Ethereum.

[security] A Minimal Core Calculus for Solidity Contracts.

2018

[security] Succinctly Verifiable Sealed-Bid Auction Smart Contract.

2017

[security] In Code We Trust? - Measuring the Control Flow Immutability of All Smart Contracts Deployed on Ethereum.


SANER

2023

[security] An Empirical Study of Smart Contract Decompilers.

[security] Automatic Identification of Crash-inducing Smart Contracts.

[security] Security Code Recommendations for Smart Contract.

[security] Combine sliced joint graph with graph neural networks for smart contract vulnerability detection.

2022

[security] When They Go Low: Automated Replacement of Low-level Functions in Ethereum Smart Contracts.

[security] A Bytecode-based Approach for Smart Contract Classification.

[security] A Tool to check the Ownership of Solana's Smart Contracts.

[security] On the use of Petri Nets in Smart Contracts modeling, generation and verification.

[security] Analysis Of The Relationship Between Smart Contracts' Categories and Vulnerabilities.

[security] Goal and Policy Based Code Generation and Deployment of Smart Contracts.

2021

[security] Understanding Code Reuse in Smart Contracts.

2020

[security] SMARTSHIELD: Automatic Smart Contract Protection Made Easy.

[security] EthPloit: From Fuzzing to Efficient Exploit Generation against Smart Contracts.

2019

[security] Towards Generating Cost-Effective Test-Suite for Ethereum Smart Contract.

[security] EVM*: From Offline Detection to Online Reinforcement for Ethereum Virtual Machine.

2018

[security] SmartInspect: solidity smart contract inspector.

[security] Smart contracts vulnerabilities: a call for blockchain software engineering?.

[security] The ICO phenomenon and its relationships with ethereum smart contract environment.

[security] Smart contracts: security patterns in the ethereum ecosystem and solidity.

2017

[application] Under-optimized smart contracts devour your money.


OOPSLA

2023

[security] Asparagus: Automated Synthesis of Parametric Gas Upper-bounds for Smart Contracts | MyTLDR.

2022

[security] Synthesis-powered optimization of smart contracts via data type refactoring | MyTLDR.

[security] Elipmoc: Advanced Decompilation of Ethereum Smart Contracts.

[security] A Study of Inline Assembly in Solidity Smart Contracts.

[security] SigVM: Enabling Event-Driven Execution for Truly Decentralized Smart Contracts.

2021

[security] Symbolic Value-Flow Static Analysis: Deep, Precise, Complete Modeling of Ethereum Smart Contracts.

[security] Rich Specifications for Ethereum Smart Contract Verification.

[security] Pluto: Exposing Vulnerabilities in Inter-Contract Scenarios.

2020

[security] Precise Static Modelling of Ethereum "Memory".

[security] Taming Callbacks for Smart Contract Modularity.

2019

[security] Detecting Nondeterministic Payment Bugs in Ethereum Smart Contracts.

[security] Safer Smart Contract Programming with Scilla.

2018

[security] MadMax: surviving out-of-gas conditions in Ethereum smart contracts.


IMC

2023

[security] Ethereum's Proposer-Builder Separation: Promises and Realities | MyTLDR.

[security] The Cloud Strikes Back: Investigating the Decentralization of IPFS.

2022

[security] A flash(bot) in the pan: measuring maximal extractable value in private pools.

[security] Challenges in decentralized name management: the case of ENS.

2021

[security] TopoShot: uncovering Ethereum's network topology leveraging replacement transactions.

2018

[measure] Measuring ethereum network peers | MyTLDR.

[security] analyzing ethereum's contract topology.


SIGMETRICS

2024

[security] Miracle or Mirage? A Measurement Study of NFT Rug Pulls

2023

[performance] Strategic Latency Reduction in Blockchain Peer-to-Peer Networks | MyTLDR.

[security] Characterizing Cryptocurrency-themed Malicious Browser Extensions.

2022

[performance] Tuxedo: Maximizing Smart Contract computation in PoW Blockchains.

[security] Trade or Trick? Detecting and Characterizing Scam Tokens on Uniswap Decentralized Exchange.

2021

[SIGMETRICS2021] Tracking Counterfeit Cryptocurrency End-to-end.

[SIGMETRICS2021] SADPonzi: Detecting and Characterizing Ponzi Schemes in Ethereum Smart Contracts | MyTLDR.

2018

[SIGMETRICS2020] Understanding (Mis)Behavior on the EOSIO Blockchain.


ACSAC

2021

[security] SolSaviour: A Defending Framework for Deployed Defective Smart Contracts.

2019

[security] SmarTor: Smarter Tor with Smart Contracts.

2018

[security] Finding The Greedy, Prodigal, and Suicidal Contracts at Scale.

[security] Osiris: Hunting for Integer Bugs in Ethereum Smart Contracts.


APSEC

2020

[security] Source Code Obfuscation for Smart Contracts.

2019

[security] SIF: A Framework for Solidity Contract Instrumentation and Analysis.

[security] SolAnalyser: A Framework for Analysing and Testing Smart Contracts.

2018

[security] Fuse: An Architecture for Smart Contract Fuzz Testing Service.


RAID

2022

[security] Penny Wise and Pound Foolish: Quantifying the Risk of Unlimited Approval of ERC20 Tokens on Ethereum | MyTLDR.

[security] Elysium: Context-Aware Bytecode-Level Patching to Automatically Heal Vulnerable Smart Contracts

2019

[security] Towards a first step to understand the cryptocurrency stealing attack on ethereum.


ICDCS

2023

[storage] GeckoDAG: Towards A Lightweight DAG-based Blockchain via Reducing Data Redundancy

[security] Detecting Flash Loan Based Attacks in Ethereum

[security] Towards Decentralized Adaptive Control of Cryptocurrency Liquidity via Auction.

[applicaton] A Game of NFTs: Characterizing NFT Wash Trading in the Ethereum Blockchain.

[security] Smart Contract Parallel Execution with Fine-Grained State Accesses | MyTLDR.

2022

[Application] Blockchain Machine: A Network-Attached Hardware Accelerator for Hyperledger Fabric.

2020

[security] Fair and Efficient Gossip in Hyperledger Fabri.

[security] TinyEVM: Off-Chain Smart Contracts on Low-Power IoT Devices.

2019

[security] DataEther: Data Exploration Framework For Ethereum.

[security] Read-Uncommitted Transactions for Smart Contract Performance.

2018

[security] MPCSToken: Smart Contract Enabled Fault-Tolerant Incentivisation for Mobile P2P Crowd Services.


POPL

2022

[security] SolType: Refinement Types for Arithmetic Overflow in Solidity.


2018

[security] Online detection of effectively callback free objects with applications to smart contracts.

[security] Vandal: A Scalable Security Analysis Framework for Smart Contracts.


Journal


TOSEM

[TOSEM] TokenAware: Accurate and Efficient Bookkeeping Recognition for Token Smart Contracts.

[TOSEM] FunFuzz: A Function-oriented Fuzzer for Smart Contract Vulnerability Detection with High Effectiveness and Efficiency.

[TOSEM] CLFuzz: Vulnerability Detection of Cryptographic Algorithm Implementation via Semantic-Aware Fuzzing.

[TOSEM] sGuard+: Machine Learning Guided Rule-based AutomatedVulnerability Repair on Smart Contracts..

[TOSEM] Is my transaction done yet? an empirical study of transaction processing times in the ethereum blockchain platform.

[TOSEM] Securing the Ethereum from Smart Ponzi Schemes: Identification Using Static Features.

[TOSEM] Pied-Piper: Revealing the Backdoor Threats in Ethereum ERC Token Contracts.

[TOSEM] Time-travel Investigation: Toward Building a Scalable Attack Detection Framework on Ethereum.

[TOSEM] Developing Cost-Effective Blockchain-Powered Applications: A Case Study of the Gas Usage of Smart Contract Transactions in the Ethereum Blockchain Platform.

[TOSEM] Why Do Smart Contracts Self-Destruct? Investigating the Selfdestruct Function on Ethereum.

TSE

[TSE24] ContractCheck: Checking Ethereum Smart Contracts in Fine-Grained Level.

[TSE23] Combatting Front-Running in Smart Contracts: Attack Mining, Benchmark Construction and Vulnerability Detector Evaluation.

[TSE23] CRPWarner: Warning the Risk of Contract-related Rug Pull in DeFi Smart Contracts.

[TSE] VulHunter: Hunting Vulnerable Smart Contracts at EVM Bytecode-Level via Multiple Instance Learning.

[TSE] Large-Scale Empirical Study of Inline Assembly on 7.6 Million Ethereum Smart Contracts.

[TSE] Demystifying Random Number in Ethereum Smart Contract: Taxonomy, Vulnerability Identification, and Attack Detection

[TSE] DEFECTCHECKER: Automated Smart Contract Defect Detection by Analyzing EVM Bytecode.

[TSE] Checking smart contracts with structural code embedding.

[TSE] Code Cloning in Smart Contracts on the Ethereum Platform: An Extended Replication Study.

[TSE] Defining smart contract defects on ethereum.

[TSE] Pluto: Exposing Vulnerabilities in Inter-Contract Scenarios.

[TSE] Smart Contract Development: Challenges and Opportunities.

TIFS

[TIFS23] ExGen: Cross-platform, Automated Exploit Generation for Smart Contract Vulnerabilities.

[TIFS23] Black Swan in Blockchain: Micro Analysis of Natural Forking.

[TIFS23] Correct-by-Design Interacting Smart Contracts and a Systematic Approach for Verifying ERC20 and ERC721 Contracts With VeriSolid.

[TIFS23] Combatting Front-Running in Smart Contracts: Attack Mining, Benchmark Construction and Vulnerability Detector Evaluation.

[TIFS23] Fishing for Fraudsters: Uncovering Ethereum Phishing Gangs With Blockchain Data.

[TIFS23] Rethinking Smart Contract Fuzzing: Fuzzing With Invocation Ordering and Important Branch Revisiting.

[TIFS23] EVM-Shield: In-Contract State Access Control for Fast Vulnerability Detection and Prevention.

[TIFS23] Towards Understanding Asset Flows in Crypto Money Laundering Through the Lenses of Ethereum Heists.

[TIFS23] sChain: An Efficient and Secure Solution for Improving Blockchain Storage.

[TIFS23] Breaking the Anonymity of Ethereum Mixing Services Using Graph Feature Learning.

[TIFS22] Behavior-aware Account De-anonymization on Ethereum Interaction Graph.

[TIFS22] TxT: Real-Time Transaction Encapsulation for Ethereum Smart Contracts.

[TIFS21] Hunting Vulnerable Smart Contracts via Graph Embedding Based Bytecode Matching.

[TIFS22] Rethinking Smart Contract Fuzzing: Fuzzing With Invocation Ordering and Important Branch Revisiting.

TDSC

[TDSC] DeFiRanger: Detecting DeFi Price Manipulation Attacks.

[TDSC] Highly Available Blockchain Nodes With N-Version Design.

[TDSC] Correct-by-Design Interacting Smart Contracts and a Systematic Approach for Verifying ERC20 and ERC721 Contracts With VeriSolid.

[TDSC] Oracle-Supported Dynamic Exploit Generation for Smart Contracts.

[TDSC] Obfuscating verifiable Random Functions for Proof-of-Stake Blockchains.

[TDSC] Correct-by-Design Interacting Smart Contracts and a Systematic Approach for Verifying ERC20 and ERC721 Contracts With VeriSolid.

[TDSC] ExGen: Cross-platform, Automated Exploit Generation for Smart Contract Vulnerabilities.

Miscellaneous

[arxiv] Large Language Models for Blockchain Security: A Systematic Literature Review.

[arxiv] DISL: Fueling Research with A Large Dataset of Solidity Smart Contracts.

[ASPLOS22] Who Goes First? Detecting Go Concurrency Bugs via Message Reordering.

[DASFAA24] DS-Ponzi: Anti-jamming Detection of Ponzi Scheme on Ethereum Utilizing Dynamic-Static Features of Smart Contract Codes.

[TKDE24] Unravelling Token Ecosystem of EOSIO Blockchain.

[WINE2023] Routing MEV in Constant Function Market Makers.

[TCAD 2023] A Semantic-Integrated LSM-Tree Based Key-Value Storage Engine for Blockchain Systems.

[FAST23] COLE: A Column-based Learned Storage for Blockchain Systems.

[ISCA23] An Algorithm and Architecture Co-design for Accelerating Smart Contracts in Blockchain.

[SODA23] Foundations of Transaction Fee Mechanism Design.

[IEEE Computer] The Multibillion Dollar Software Supply Chain of Ethereum.

[ACM DTL] Chaos Engineering of Ethereum Blockchain Clients In ACM Distributed Ledger Technologies: Research and Practice.

[SIGKDD23] Demystifying Fraudulent Transactions and Illicit Nodes in the Bitcoin Network for Financial Forensics.

[SIGKDD23] Diga: Guided Diffusion Model for Graph Recovery in Anti-Money Laundering.

[ICDE23] Scaling Blockchain Consensus via a Robust Shared Mempool.

[SC23] FISCO-BCOS: An Enterprise-grade Permissioned Blockchain System with High-performance.

[Usenix ATC24] SlimArchive: A Lightweight Architecture for Ethereum Archive Nodes.

[Usenix ATC22] An Off-The-Chain Execution Environment for Scalable Testing and Profiling of Smart Contracts.

[Usenix ATC21] RainBlock: Faster Transaction Processing in Public Blockchains.

[EORUSYS23] Diablo: A Benchmark Suite for Blockchains | MyTLDR.

[EORUSYS21] Ethanos: efficient bootstrapping for full nodes on account-based blockchain.

[EORUSYS18] Hyperledger fabric: a distributed operating system for permissioned blockchains.

[JSAC22] Detecting Arbitrage on Ethereum Through Feature Fusion and Positive-Unlabeled Learning.

[TPDS24] PaVM: A Parallel Virtual Machine for Smart Contract Execution and Validation.

[TPDS] SmartVM: A Smart Contract Virtual Machine for Fast On-Chain DNN Computations.

[CHI23] Code Will Tell: Visual Identification of Ponzi Schemes on Ethereum.

[CHI22] Impact and User Perception of Sandwich Attacks in the DeFi Ecosystem.

[CHI21] Efect of the Gas Price Surges on User Activity in the DAOs of the Ethereum Blockchain.

[POMACS2021] Trade or Trick? Detecting and Characterizing Scam Tokens on Uniswap Decentralized Exchange.

[HPCA20] BBS: Micro-Architecture Benchmarking Blockchain Systems through Machine Learning and Fuzzy Set.

[VLDB24] FlexChain: An Elastic Disaggregated Blockchain.

[VLDB24] L2chain: Towards High-performance, Confidential and Secure Layer-2 Blockchain Solution for Decentralized Applications.

[VLDB24] Spectrum: Speedy and Strictly-Deterministic Smart Contract Transactions for Blockchain Ledgers.

[VLDB23] ChainDash: An Ad-Hoc Blockchain Data Analytics System.

[VLDB23] Auto-Tuning with Reinforcement Learning for Permissioned Blockchain Systems.

[VLDB22] Hybrid Blockchain Database Systems: Design and Performance.

[AsiaCCS22] Eliminating Sandwich Attacks with the Help of Game Theory.

[TC21] Precise Dynamic Symbolic Execution for Nonuniform Data Access in Smart Contracts.

[sigmod23] ChainKV: A Semantics-Aware Key-Value Store for Ethereum System.

[sigmod23] LETUS: A Log-Structured Efficient Trusted Universal BlockChain Storage.

[sigmod21] Why Do My Blockchain Transactions Fail? A Study of Hyperledger Fabric.

[ICPC] A multi-modal transformer-based code summarization approach for smart contracts.

[ICPC 2022] An Empirical Investigation on the Trade-off between Smart Contract Readability and Gas Consumption.

[ICPC 2022] Peculiar: Smart Contract Vulnerability Detection Based on Crucial Data Flow Graph and Pre-training Techniques.

[ICPC 2020] Inheritance software metrics on smart contracts.

[ICPC 2019] Recommending Differentiated Code to Support Smart Contract Update.

[ICPC 2019] Enabling clone detection for ethereum via smart contract birthmarks.

[WETSEB 2018] SmartCheck: Static Analysis of Ethereum Smart Contracts.

[EDCC 2018] Runtime Verification of Ethereum Smart Contracts.

[ICSCA 2018] Formal Modeling and Verification of Smart Contracts.

[SRDS 2020] Protect Your Smart Contract Against Unfair Payment.

[SRDS 2020] TZ4Fabric: Executing Smart Contracts with ARM TrustZone (Practical Experience Report).

[IJCAI 2020] Smart Contract Vulnerability Detection Using Graph Neural Networks.

[ISSRE2019] MPro: Combining Static and Symbolic Analysis for Scalable Testing of Smart Contract.

[CPP2021] Extracting Smart Contracts Tested and Verified in Coq.

[SAC2022] Model checking of vulnerabilities in smart contracts: a solidity-to-CPN approach.

[Eurosp23] EF/CF: High Performance Smart Contract Fuzzing for Exploit Generation.

[CSFW] Kevm: A complete formal semantics of the ethereum virtual machine.

[DAC20] BPU: A blockchain processing unit for accelerated smart contract execution.

[TOPLAS20] Obsidian: Typestate and Assets for Safer Blockchain Programming.

License

CC0

This list is released into the public domain.

About

Academic Smart Contract Papers. Welcome developers or researchers to add more published papers to this list.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published