{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,16]],"date-time":"2026-03-16T10:04:20Z","timestamp":1773655460226,"version":"3.50.1"},"reference-count":377,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2026,1,30]],"date-time":"2026-01-30T00:00:00Z","timestamp":1769731200000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100000780","name":"European Commission","doi-asserted-by":"publisher","award":["CUP D53D23008400006"],"award-info":[{"award-number":["CUP D53D23008400006"]}],"id":[{"id":"10.13039\/501100000780","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100024370","name":"Ministero dell'Istruzione dell'Universita e della Ricerca","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100024370","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100021856","name":"Ministero dell'Universit\u00e0 e della Ricerca","doi-asserted-by":"publisher","award":["CUP D42B24002220004"],"award-info":[{"award-number":["CUP D42B24002220004"]}],"id":[{"id":"10.13039\/501100021856","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100021856","name":"Ministero dell'Universit\u00e0 e della Ricerca","doi-asserted-by":"publisher","award":["PRIN 2022"],"award-info":[{"award-number":["PRIN 2022"]}],"id":[{"id":"10.13039\/501100021856","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Journal of Systems and Software"],"published-print":{"date-parts":[[2026,6]]},"DOI":"10.1016\/j.jss.2026.112788","type":"journal-article","created":{"date-parts":[[2026,2,4]],"date-time":"2026-02-04T07:53:46Z","timestamp":1770191626000},"page":"112788","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":1,"special_numbering":"C","title":["Smart contract vulnerabilities, tools, and benchmarks: An updated systematic literature review"],"prefix":"10.1016","volume":"236","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-1128-0863","authenticated-orcid":false,"given":"Gerardo","family":"Iuliano","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3861-1902","authenticated-orcid":false,"given":"Dario","family":"Di Nucci","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"key":"10.1016\/j.jss.2026.112788_bib0001","series-title":"2024 6th International Conference on Blockchain Computing and Applications (BCCA)","first-page":"684","article-title":"A systematic review of the blockchain technology security challenges and threats classification","author":"Abubakar","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0002","series-title":"Cyberspace Safety and Security: 13th International Symposium, CSS 2021, Virtual Event, November 9\u201311, 2021, Proceedings","first-page":"79","article-title":"Vulnerability and transaction behavior based detection of malicious smart contracts","author":"Agarwal","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0003","series-title":"Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"386","article-title":"SAFEVM: a safety verifier for ethereum smart contracts","author":"Albert","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0004","series-title":"2018 International Conference on Cloud Computing, Big Data and Blockchain (ICCBB)","first-page":"1","article-title":"Blockchain-based smart contracts: a systematic mapping study of academic research (2018)","author":"Alharby","year":"2018"},{"key":"10.1016\/j.jss.2026.112788_bib0005","first-page":"1","article-title":"Sescon: secure ethereum smart contracts by vulnerable patterns\u2019 detection","volume":"2021","author":"Ali","year":"2021","journal-title":"Secur. Commun. Netw."},{"key":"10.1016\/j.jss.2026.112788_bib0006","series-title":"Mastering Ethereum: Building Smart Contracts and Dapps","author":"Antonopoulos","year":"2018"},{"key":"10.1016\/j.jss.2026.112788_bib0007","series-title":"Proceedings of the 3rd ACM International Symposium on Blockchain and Secure Critical Infrastructure","first-page":"47","article-title":"Eth2Vec: learning contract-wide code representations for vulnerability detection on ethereum smart contracts","author":"Ashizawa","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0008","series-title":"Proceedings of the 35th Annual ACM Symposium on Applied Computing","first-page":"353","article-title":"Etherolic: a practical security analyzer for smart contracts","author":"Ashouri","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0009","doi-asserted-by":"crossref","DOI":"10.1109\/ACCESS.2020.2995183","article-title":"GasFuzzer: fuzzing ethereum smart contract binaries to expose gas-oriented exception security vulnerabilities","author":"Ashraf","year":"2020","journal-title":"IEEE Access"},{"key":"10.1016\/j.jss.2026.112788_bib0010","series-title":"Proceedings of the International Conference on Runtime Verification","first-page":"113","article-title":"Monitoring smart contracts: contractlarva and open challenges beyond","author":"Azzopardi","year":"2018"},{"key":"10.1016\/j.jss.2026.112788_bib0011","doi-asserted-by":"crossref","DOI":"10.1016\/j.jss.2022.111445","article-title":"SuMo: a mutation testing approach and tool for the ethereum blockchain","volume":"193","author":"Barboni","year":"2022","journal-title":"J. Syst. Software"},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0012","doi-asserted-by":"crossref","first-page":"225","DOI":"10.1007\/s11219-023-09637-1","article-title":"ReSuMo: a regression strategy and tool for mutation testing of solidity smart contracts","volume":"32","author":"Barboni","year":"2023","journal-title":"Software Qual. J."},{"key":"10.1016\/j.jss.2026.112788_bib0013","series-title":"Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security","first-page":"91","article-title":"Formal verification of smart contracts","author":"Bhargavan","year":"2016"},{"key":"10.1016\/j.jss.2026.112788_bib0014","unstructured":"BlockSec Team, 2025. Blocksec. https:\/\/blocksecteam.medium.com\/. Accessed: 2025-04-12."},{"key":"10.1016\/j.jss.2026.112788_bib0015","series-title":"2022 IEEE Symposium on Security and Privacy (SP)","first-page":"161","article-title":"Sailfish: vetting smart contract state-inconsistency bugs in seconds","author":"Bose","year":"2022"},{"issue":"4","key":"10.1016\/j.jss.2026.112788_bib0016","doi-asserted-by":"crossref","first-page":"571","DOI":"10.1016\/j.jss.2006.07.009","article-title":"Lessons from applying the systematic literature review process within the software engineering domain","volume":"80","author":"Brereton","year":"2007","journal-title":"J. Syst. Software"},{"key":"10.1016\/j.jss.2026.112788_bib0017","unstructured":"Btc relay, 2016. Btc relay. http:\/\/btcrelay.org\/."},{"key":"10.1016\/j.jss.2026.112788_bib0018","first-page":"1","article-title":"Chain interoperability","volume":"9","author":"Buterin","year":"2016","journal-title":"R3 Res. Pap."},{"key":"10.1016\/j.jss.2026.112788_bib0019","first-page":"22","article-title":"Ethereum white paper","volume":"1","author":"Buterin","year":"2013","journal-title":"GitHub Repository"},{"issue":"37","key":"10.1016\/j.jss.2026.112788_bib0020","first-page":"2-1","article-title":"A next-generation smart contract and decentralized application platform","volume":"3","author":"Buterin","year":"2014","journal-title":"white Pap."},{"key":"10.1016\/j.jss.2026.112788_bib0021","doi-asserted-by":"crossref","DOI":"10.1016\/j.jss.2022.111550","article-title":"Combine sliced joint graph with graph neural networks for smart contract vulnerability detection","volume":"195","author":"Cai","year":"2023","journal-title":"J. Syst. Software"},{"issue":"5","key":"10.1016\/j.jss.2026.112788_bib0022","doi-asserted-by":"crossref","first-page":"4007","DOI":"10.1109\/TNSE.2023.3324942","article-title":"SCcheck: a novel graph-driven and attention-enabled smart contract vulnerability detection framework for web 3.0 ecosystem","volume":"11","author":"Cao","year":"2023","journal-title":"IEEE Trans. Netw. Sci. Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0023","first-page":"1","article-title":"SCcheck: a novel graph-driven and attention-enabled smart contract vulnerability detection framework for web 3.0 ecosystem","author":"Cao","year":"2023","journal-title":"IEEE Trans. Netw. Sci. Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0024","series-title":"ICC 2023 - IEEE International Conference on Communications","first-page":"5135","article-title":"Data flow-driven and attention mechanism-enabled smart contract vulnerability detection for secure and green blockchain-based service networks","author":"Cao","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0025","series-title":"2020 International Conference on COMmunication Systems & NETworkS (COMSNETS)","first-page":"1","article-title":"Reputation based routing in MANET using blockchain","author":"Careem","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0026","unstructured":"CertiK, 2025. Certik. https:\/\/www.certik.com\/. Accessed: 2025-04-12."},{"key":"10.1016\/j.jss.2026.112788_bib0027","unstructured":"Chaliasos, S., Charalambous, M. A., Zhou, L., 2023. Smart contract and defi security tools: do they meet the needs of practitioners?https:\/\/synthical.com\/article\/ed404388-ffad-11ed-9b54-72eb57fa10b3. arXiv: 2304.02981."},{"key":"10.1016\/j.jss.2026.112788_bib0028","series-title":"Proceedings of the 46th IEEE\/ACM International Conference on Software Engineering","first-page":"1","article-title":"Smart contract and defi security tools: do they meet the needs of practitioners?","author":"Chaliasos","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0029","series-title":"Proceedings of the International Conference on Formal Engineering Methods","first-page":"286","article-title":"sCompile: critical path identification and analysis for smart contracts","author":"Chang","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0030","series-title":"Proceedings of the 2019 IEEE International Conference on Blockchain (Blockchain)","first-page":"319","article-title":"Deviant: a mutation testing tool for solidity smart contracts","author":"Chapman","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0031","series-title":"Proceedings of the 34th ACM\/SIGAPP Symposium on Applied Computing","first-page":"400","article-title":"The treewidth of smart contracts","author":"Chatterjee","year":"2019"},{"issue":"4","key":"10.1016\/j.jss.2026.112788_bib0032","first-page":"1","article-title":"When chatgpt meets smart contract vulnerability detection: how far are we?","volume":"34","author":"Chen","year":"2023","journal-title":"ACM Trans. Software Eng. Method."},{"key":"10.1016\/j.jss.2026.112788_bib0033","series-title":"Proceedings of the IEEE\/ACM 46th International Conference on Software Engineering","first-page":"1","article-title":"Verifying declarative smart contracts","author":"Chen","year":"2024"},{"issue":"5","key":"10.1016\/j.jss.2026.112788_bib0034","article-title":"Safecheck: detecting smart contract vulnerabilities based on static program analysis methods","volume":"7","author":"Chen","year":"2024","journal-title":"Secur. Privacy"},{"key":"10.1016\/j.jss.2026.112788_bib0035","series-title":"Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"1198","article-title":"Identifying smart contract security issues in code snippets from stack overflow","author":"Chen","year":"2024"},{"issue":"7","key":"10.1016\/j.jss.2026.112788_bib0036","doi-asserted-by":"crossref","first-page":"2189","DOI":"10.1109\/TSE.2021.3054928","article-title":"DefectChecker: automated smart contract defect detection by analyzing EVM bytecode","volume":"48","author":"Chen","year":"2022","journal-title":"IEEE Trans. Software Eng."},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0037","doi-asserted-by":"crossref","first-page":"327","DOI":"10.1109\/TSE.2020.2989002","article-title":"Defining smart contract defects on ethereum","volume":"48","author":"Chen","year":"2022","journal-title":"IEEE Trans. Software Eng."},{"issue":"2","key":"10.1016\/j.jss.2026.112788_bib0038","doi-asserted-by":"crossref","first-page":"31","DOI":"10.1007\/s10515-023-00392-y","article-title":"Tips: towards automating patch suggestion for vulnerable smart contracts","volume":"30","author":"Chen","year":"2023","journal-title":"Autom. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0039","series-title":"Proceedings of the International Conference on Information Security Practice and Experience","first-page":"3","article-title":"An adaptive gas cost mechanism for ethereum to defend against under-priced dos attacks","author":"Chen","year":"2017"},{"issue":"8","key":"10.1016\/j.jss.2026.112788_bib0040","doi-asserted-by":"crossref","first-page":"3066","DOI":"10.1109\/TSE.2021.3078342","article-title":"SigRec: automatic recovery of function signatures in smart contracts","volume":"48","author":"Chen","year":"2021","journal-title":"IEEE Trans. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0041","series-title":"2019 ACM\/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM)","first-page":"1","article-title":"A large-scale empirical study on control flow identification of smart contracts","author":"Chen","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0042","series-title":"2019 ACM\/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM)","first-page":"1","article-title":"A large-scale empirical study on control flow identification of smart contracts","author":"Chen","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0043","series-title":"Proceedings of the IEEE\/ACM 46th International Conference on Software Engineering","first-page":"1","article-title":"Improving smart contract security with contrastive learning-based vulnerability detection","author":"Chen","year":"2024"},{"issue":"FSE","key":"10.1016\/j.jss.2026.112788_bib0044","doi-asserted-by":"crossref","first-page":"1772","DOI":"10.1145\/3660786","article-title":"Demystifying invariant effectiveness for securing smart contracts","volume":"1","author":"Chen","year":"2024","journal-title":"Proc. ACM Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0045","series-title":"Proceedings of the 39th IEEE\/ACM International Conference on Automated Software Engineering","first-page":"2399","article-title":"OpenTracer: a dynamic transaction trace analyzer for smart contract invariant generation and beyond","author":"Chen","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0046","series-title":"Data Privacy Management, Cryptocurrencies and Blockchain Technology: ESORICS 2019 International Workshops, DPM 2019 and CBT 2019, Luxembourg, September 26\u201327, 2019, Proceedings 14","first-page":"244","article-title":"Multi-stage contracts in the UTXO model","author":"Chepurnoy","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0047","series-title":"2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE)","first-page":"227","article-title":"SMARTIAN: enhancing smart contract fuzzing with static and dynamic data-flow analyses","author":"Choi","year":"2021"},{"issue":"3","key":"10.1016\/j.jss.2026.112788_bib0048","doi-asserted-by":"crossref","first-page":"3544","DOI":"10.1109\/TR.2024.3480010","article-title":"DeepFusion: smart contract vulnerability detection via deep learning and data fusion","volume":"74","author":"Chu","year":"2024","journal-title":"IEEE Trans. Reliab."},{"key":"10.1016\/j.jss.2026.112788_bib0049","doi-asserted-by":"crossref","DOI":"10.1016\/j.infsof.2023.107221","article-title":"A survey on smart contract vulnerabilities: data sources, detection and repair","author":"Chu","year":"2023","journal-title":"Inf. Softw Technol."},{"key":"10.1016\/j.jss.2026.112788_bib0050","unstructured":"Code4rena, 2025. Code4rena. https:\/\/code4rena.com\/. Accessed: 2025-04-12."},{"key":"10.1016\/j.jss.2026.112788_bib0051","series-title":"2021 IEEE\/ACM 29th International Conference on Program Comprehension (ICPC)","first-page":"127","article-title":"Ethersolve: computing an accurate control-flow graph from ethereum bytecode","author":"Contro","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0052","doi-asserted-by":"crossref","DOI":"10.1109\/ACCESS.2021.3057565","article-title":"Static profiling and optimization of ethereum smart contracts using resource analysis","author":"Correas","year":"2021","journal-title":"IEEE Access"},{"key":"10.1016\/j.jss.2026.112788_bib0053","unstructured":"Cross-market manipulation, 2023, Cross-market manipulation. https:\/\/en.wikipedia.org\/wiki\/Market-manipulation#Cross-market-manipulation."},{"key":"10.1016\/j.jss.2026.112788_bib0054","series-title":"2024 International Conference on Computer, Information and Telecommunication Systems (CITS)","first-page":"1","article-title":"Smart contract vulnerability detection with self-ensemble pre-trained language models","author":"Dai","year":"2024"},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0055","doi-asserted-by":"crossref","DOI":"10.1088\/1742-6596\/2289\/1\/012010","article-title":"SuperDetector: a framework for performance detection on vulnerabilities of smart contracts","volume":"2289","author":"Dai","year":"2022","journal-title":"J. Phys. Conf. Ser."},{"key":"10.1016\/j.jss.2026.112788_bib0056","series-title":"Introducing Ethereum and Solidity","volume":"1","author":"Dannen","year":"2017"},{"key":"10.1016\/j.jss.2026.112788_bib0057","doi-asserted-by":"crossref","first-page":"413","DOI":"10.1016\/j.future.2024.01.004","article-title":"Edit: a data inspection tool for smart contracts temporal behavior modeling and prediction","volume":"154","author":"De Salve","year":"2024","journal-title":"Future Gener. Comput. Syst."},{"key":"10.1016\/j.jss.2026.112788_bib0058","doi-asserted-by":"crossref","first-page":"7246","DOI":"10.3390\/s23167246","article-title":"Smart contract vulnerability detection based on deep learning and multimodal decision fusion","volume":"23","author":"Deng","year":"2023","journal-title":"Sensors"},{"key":"10.1016\/j.jss.2026.112788_bib0059","series-title":"Proceedings of the IEEE\/ACM 46th International Conference on Software Engineering","first-page":"1","article-title":"Safeguarding DeFi smart contracts against oracle deviations","author":"Deng","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0060","series-title":"2023 38th IEEE\/ACM International Conference on Automated Software Engineering (ASE)","first-page":"2102","article-title":"Smartbugs 2.0: an execution framework for weakness detection in ethereum smart contracts","author":"Di Angelo","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0061","series-title":"Financial Cryptography and Data Security. FC 2023 International Workshops","first-page":"439","article-title":"Consolidation of ground truth sets for weakness detection in smart contracts","author":"Di Angelo","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0062","article-title":"Evolution of automated weakness detection in ethereum bytecode: a comprehensive study","volume":"29","author":"Di Angelo","year":"2023","journal-title":"Empir. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0063","doi-asserted-by":"crossref","DOI":"10.1016\/j.jss.2021.111193","article-title":"Profiling gas consumption in solidity smart contracts","volume":"186","author":"Di Sorbo","year":"2022","journal-title":"J. Syst. Software"},{"key":"10.1016\/j.jss.2026.112788_bib0064","series-title":"2021 IEEE 26th Pacific Rim International Symposium on Dependable Computing (PRDC)","first-page":"17","article-title":"An empirical evaluation of the effectiveness of smart contract verification tools","author":"Dia","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0065","series-title":"Proceedings of the 2024 IEEE\/ACM 46th International Conference on Software Engineering: Companion Proceedings","first-page":"324","article-title":"Hunting DeFi vulnerabilities via context-sensitive concolic verification","author":"Ding","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0066","series-title":"Proceedings of the 2024 8th International Conference on Big Data and Internet of Things","first-page":"236","article-title":"Erinys: efficient fuzzing by function invoke sequence generation for smart contracts","author":"Dong","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0067","series-title":"Proceedings of the CCF China Blockchain Conference","first-page":"83","article-title":"A new approach to prevent reentrant attack in solidity smart contracts","author":"Dong","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0068","series-title":"Artificial Intelligence and Security","first-page":"166","article-title":"A general framework of smart contract vulnerability mining based on control flow graph matching","author":"Du","year":"2020"},{"issue":"8","key":"10.1016\/j.jss.2026.112788_bib0069","doi-asserted-by":"crossref","first-page":"1647","DOI":"10.1109\/JAS.2023.123642","article-title":"Attacks against cross-chain systems and defense approaches: a contemporary survey","volume":"10","author":"Duan","year":"2023","journal-title":"IEEE\/CAA J. Autom. Sin."},{"issue":"4","key":"10.1016\/j.jss.2026.112788_bib0070","doi-asserted-by":"crossref","first-page":"4354","DOI":"10.1109\/TNSM.2023.3278311","article-title":"A new smart contract anomaly detection method by fusing opcode and source code features for blockchain services","volume":"20","author":"Duan","year":"2023","journal-title":"IEEE Trans. Netw. Serv. Manage."},{"key":"10.1016\/j.jss.2026.112788_bib0071","series-title":"Proceedings of the ACM\/IEEE 42nd International Conference on Software Engineering","first-page":"530","article-title":"Empirical review of automated analysis tools on 47,587\u202fethereum smart contracts","author":"Durieux","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0072","series-title":"Proceedings of the World Conference on Information Systems and Technologies","first-page":"538","article-title":"DOORchain: Deep ontology-based operation research to detect malicious smart contracts","author":"El-Dosuky","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0073","series-title":"Proceedings of the 39th IEEE\/ACM International Conference on Automated Software Engineering","first-page":"2240","article-title":"Oracle-guided vulnerability diversity and exploit synthesis of smart contracts using LLMs","author":"Eshghie","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0074","series-title":"Proceedings of the 25th International Conference on Evaluation and Assessment in Software Engineering","first-page":"305","article-title":"Dynamic vulnerability detection on smart contracts using machine learning","author":"Eshghie","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0075","series-title":"Proceedings of the 39th IEEE\/ACM International Conference on Automated Software Engineering","first-page":"2378","article-title":"HighGuard: cross-chain business logic monitoring of smart contracts","author":"Eshghie","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0076","series-title":"Collaborative Computing: Networking, Applications and Worksharing","first-page":"335","article-title":"Smart contract vulnerability detection based on dual attention graph convolutional network","author":"Fan","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0077","series-title":"Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"1157","article-title":"Beyond \u201cprotected\u201d and \u201cprivate\u201d: an empirical security analysis of custom function modifiers in smart contracts","author":"Fang","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0078","series-title":"2024 IEEE International Conference on Big Data (BigData)","first-page":"6240","article-title":"A systematic literature review of decentralized applications in web3: identifying challenges and opportunities for blockchain developers","author":"Faruk","year":"2024"},{"issue":"3","key":"10.1016\/j.jss.2026.112788_bib0079","doi-asserted-by":"crossref","first-page":"1733","DOI":"10.3390\/app13031733","article-title":"MSmart: smart contract vulnerability analysis and improved strategies based on smartcheck","volume":"13","author":"Fei","year":"2023","journal-title":"Applied Sciences"},{"key":"10.1016\/j.jss.2026.112788_bib0080","series-title":"2019 IEEE\/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB)","first-page":"8","article-title":"Slither: a static analysis framework for smart contracts","author":"Feist","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0081","series-title":"Proceedings of the 2019 IEEE\/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB)","first-page":"8","article-title":"Slither: a static analysis framework for smart contracts","author":"Feist","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0082","series-title":"2023 IEEE Conference on Software Testing, Verification and Validation (ICST)","first-page":"141","article-title":"MagicMirror: towards high-coverage fuzzing of smart contracts","author":"Feng","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0083","series-title":"Proceedings of the 35th IEEE\/ACM International Conference on Automated Software Engineering","first-page":"1349","article-title":"Smartbugs: a framework to analyze solidity smart contracts","author":"Ferreira","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0084","series-title":"Proceedings of the 15th ACM Asia Conference on Computer and Communications Security","first-page":"584","article-title":"AEGIS: Shielding vulnerable smart contracts against attacks","author":"Ferreira Torres","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0085","series-title":"Financial Cryptography and Data Security","first-page":"33","article-title":"The eye of horus: spotting and analyzing attacks on ethereum smart contracts","author":"Ferreira Torres","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0086","series-title":"Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses","first-page":"115","article-title":"Elysium: context-aware bytecode-level patching to automatically heal vulnerable smart contracts","author":"Ferreira Torres","year":"2022"},{"key":"10.1016\/j.jss.2026.112788_bib0087","unstructured":"Frontrunning, 2023. Frontrunninghttps:\/\/en.wikipedia.org\/wiki\/Front-running."},{"key":"10.1016\/j.jss.2026.112788_bib0088","doi-asserted-by":"crossref","first-page":"147327","DOI":"10.1109\/ACCESS.2019.2947146","article-title":"A critical-path-coverage-based vulnerability detection method for smart contracts","volume":"7","author":"Fu","year":"2019","journal-title":"IEEE Access"},{"key":"10.1016\/j.jss.2026.112788_bib0089","doi-asserted-by":"crossref","first-page":"147327","DOI":"10.1109\/ACCESS.2019.2947146","article-title":"A critical-path-coverage-based vulnerability detection method for smart contracts","volume":"7","author":"Fu","year":"2019","journal-title":"IEEE Access"},{"key":"10.1016\/j.jss.2026.112788_bib0090","series-title":"Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering","first-page":"1110","article-title":"EVMFuzzer: detect EVM vulnerabilities via fuzz testing","author":"Fu","year":"2019"},{"issue":"5","key":"10.1016\/j.jss.2026.112788_bib0091","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3641846","article-title":"sGuard+: machine learning guided rule-based automated vulnerability repair on smart contracts","volume":"33","author":"Gao","year":"2024","journal-title":"ACM Trans. Software Eng. Method."},{"key":"10.1016\/j.jss.2026.112788_bib0092","series-title":"Proceedings of the 2019 IEEE\/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion)","first-page":"23","article-title":"Easyflow: keep ethereum away from overflow","author":"Gao","year":"2019"},{"issue":"12","key":"10.1016\/j.jss.2026.112788_bib0093","doi-asserted-by":"crossref","first-page":"2874","DOI":"10.1109\/TSE.2020.2971482","article-title":"Checking smart contracts with structural code embedding","volume":"47","author":"Gao","year":"2020","journal-title":"IEEE Trans. Software Eng."},{"issue":"12","key":"10.1016\/j.jss.2026.112788_bib0094","doi-asserted-by":"crossref","first-page":"2874","DOI":"10.1109\/TSE.2020.2971482","article-title":"Checking smart contracts with structural code embedding","volume":"47","author":"Gao","year":"2021","journal-title":"IEEE Trans. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0095","article-title":"When and how to update systematic reviews: consensus and checklist","volume":"354","author":"Garner","year":"2016","journal-title":"BMJ"},{"key":"10.1016\/j.jss.2026.112788_bib0096","series-title":"Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"415","article-title":"How effective are smart contract analysis tools? Evaluating smart contract static analysis tools using bug injection","author":"Ghaleb","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0097","series-title":"Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"728","article-title":"eTainter: detecting gas-related vulnerabilities in smart contracts","author":"Ghaleb","year":"2022"},{"key":"10.1016\/j.jss.2026.112788_bib0098","series-title":"Proceedings of the 45th International Conference on Software Engineering","first-page":"945","article-title":"Achecker: statically detecting smart contract access control vulnerabilities","author":"Ghaleb","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0099","unstructured":"Giesen, J.-R., Andreina, S., Rodler, M., Karame, G. O., Davi, L., 2022. Practical mitigation of smart contract bugs. arXiv: 2203.00364."},{"key":"10.1016\/j.jss.2026.112788_bib0100","series-title":"2024 IEEE Conference on Software Testing, Verification and Validation (ICST)","first-page":"434","article-title":"Poster: verisol-MCE: verification-based condition coverage analysis of smart contracts using model checker engines","author":"Godboley","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0101","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3276486","article-title":"Madmax: surviving out-of-gas conditions in ethereum smart contracts","volume":"2","author":"Grech","year":"2018","journal-title":"Proc. ACM Program. Lang."},{"key":"10.1016\/j.jss.2026.112788_bib0102","series-title":"Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"658","article-title":"echidna-parade: a tool for diverse multicore smart contract fuzzing","author":"Groce","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0103","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3158136","article-title":"Online detection of effectively callback free objects with applications to smart contracts","volume":"2","author":"Grossman","year":"2017","journal-title":"Proc. ACM Program. Lang."},{"issue":"4","key":"10.1016\/j.jss.2026.112788_bib0104","first-page":"1","article-title":"Smart contract code repair recommendation based on reinforcement learning and multi-metric optimization","volume":"33","author":"Guo","year":"2024","journal-title":"ACM Trans. Software Eng. Method."},{"issue":"3","key":"10.1016\/j.jss.2026.112788_bib0105","doi-asserted-by":"crossref","first-page":"489","DOI":"10.3390\/electronics13030489","article-title":"Smart contract vulnerability detection based on multi-scale encoders","volume":"13","author":"Guo","year":"2024","journal-title":"Electronics"},{"key":"10.1016\/j.jss.2026.112788_bib0106","series-title":"2024 IEEE International Conference on Cognitive Computing and Complex Data (ICCD)","first-page":"260","article-title":"SERNet-T: a smart contract multi-label vulnerability detection model based on se attention and one-dimensional residual network","author":"Guo","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0107","unstructured":"Gupta, S., 2025. 10 real world use cases for ethereum. https:\/\/medium.com\/blockchain-vidhya\/11-real-world-use-cases-for-ethereum-352ad4509fa1. Accessed: 18-Nov-2025."},{"key":"10.1016\/j.jss.2026.112788_bib0108","article-title":"Unveiling smart contracts vulnerabilities: toward profiling smart contracts vulnerabilities using enhanced genetic algorithm and generating benchmark dataset","author":"HajiHosseinKhani","year":"2024","journal-title":"Blockchain: Res. Appl."},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0109","article-title":"Unveiling vulnerable smart contracts: toward profiling vulnerable smart contracts using genetic algorithm and generating benchmark dataset","volume":"5","author":"HajiHosseinKhani","year":"2024","journal-title":"Blockchain: Res. Appl."},{"issue":"10","key":"10.1016\/j.jss.2026.112788_bib0110","doi-asserted-by":"crossref","first-page":"13949","DOI":"10.1007\/s11227-024-05954-9","article-title":"Ethchecker: a context-guided fuzzing for smart contracts","volume":"80","author":"Han","year":"2024","journal-title":"J. Supercomput."},{"key":"10.1016\/j.jss.2026.112788_bib0111","series-title":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","first-page":"1598","article-title":"SCScan: a SVM-based scanning system for vulnerabilities in blockchain smart contracts","author":"Hao","year":"2020"},{"issue":"3","key":"10.1016\/j.jss.2026.112788_bib0112","doi-asserted-by":"crossref","first-page":"4430","DOI":"10.1109\/JIOT.2023.3299492","article-title":"Unknown threats detection methods of smart contracts","volume":"11","author":"He","year":"2023","journal-title":"IEEE Internet Things J."},{"issue":"3","key":"10.1016\/j.jss.2026.112788_bib0113","doi-asserted-by":"crossref","first-page":"4430","DOI":"10.1109\/JIOT.2023.3299492","article-title":"Unknown threats detection methods of smart contracts","volume":"11","author":"He","year":"2024","journal-title":"IEEE Internet Things J."},{"issue":"14","key":"10.1016\/j.jss.2026.112788_bib0114","doi-asserted-by":"crossref","first-page":"12178","DOI":"10.1109\/JIOT.2023.3241544","article-title":"Detection of vulnerabilities of blockchain smart contracts","volume":"10","author":"He","year":"2023","journal-title":"IEEE Internet Things J."},{"key":"10.1016\/j.jss.2026.112788_bib0115","doi-asserted-by":"crossref","first-page":"66116","DOI":"10.1109\/ACCESS.2020.2985577","article-title":"Joint operation mechanism of distributed photovoltaic power generation market and carbon market based on cross-chain trading technology","volume":"8","author":"He","year":"2020","journal-title":"IEEE Access"},{"key":"10.1016\/j.jss.2026.112788_bib0116","series-title":"Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security","first-page":"531","article-title":"Learning to fuzz from symbolic execution with application to smart contracts","author":"He","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0117","series-title":"Proceedings of the 2024 IEEE\/ACM 46th International Conference on Software Engineering: Companion Proceedings","first-page":"272","article-title":"Parse: efficient detection of smart contract vulnerabilities via parallel and simplified symbolic execution","author":"He","year":"2024"},{"issue":"2","key":"10.1016\/j.jss.2026.112788_bib0118","doi-asserted-by":"crossref","first-page":"2708","DOI":"10.1109\/TR.2024.3488814","article-title":"ReenSAT: reentrancy vulnerability detection in smart contracts using semantic-enhanced SAT evaluation","volume":"74","author":"He","year":"2024","journal-title":"IEEE Trans. Reliab."},{"key":"10.1016\/j.jss.2026.112788_bib0119","first-page":"1020","article-title":"GraphSA: Smart Contract Vulnerability Detection Combining Graph Neural Networks and Static Analysis","volume":"Vol. 372","author":"He","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0120","doi-asserted-by":"crossref","DOI":"10.1016\/j.jnca.2025.104142","article-title":"A comprehensive survey of smart contracts vulnerability detection tools: techniques and methodologies","author":"Hejazi","year":"2025","journal-title":"J. Netw. Comput. Appl."},{"key":"10.1016\/j.jss.2026.112788_bib0121","series-title":"International Conference on Financial Cryptography and Data Security","first-page":"520","article-title":"Defining the ethereum virtual machine for interactive theorem provers","author":"Hirai","year":"2017"},{"key":"10.1016\/j.jss.2026.112788_bib0122","series-title":"Data Privacy Management, Cryptocurrencies and Blockchain Technology","first-page":"289","article-title":"Practical mutation testing for smart contracts","author":"Honig","year":"2019"},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0123","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/TR.2023.3233999","article-title":"Detect defects of solidity smart contract based on the knowledge graph","volume":"73","author":"Hu","year":"2024","journal-title":"IEEE Trans. Reliab."},{"key":"10.1016\/j.jss.2026.112788_bib0124","article-title":"Solitester: detecting exploitable external-risky vulnerability in smart contracts using contract account triggering method","author":"Hu","year":"2024","journal-title":"J. Software: Evol. Process."},{"key":"10.1016\/j.jss.2026.112788_bib0125","doi-asserted-by":"crossref","first-page":"2144","DOI":"10.1109\/TIFS.2021.3050051","article-title":"Hunting vulnerable smart contracts via graph embedding based bytecode matching","volume":"16","author":"Huang","year":"2021","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"10.1016\/j.jss.2026.112788_bib0126","doi-asserted-by":"crossref","DOI":"10.1109\/TIFS.2021.3050051","article-title":"Hunting vulnerable smart contracts via graph embedding based bytecode matching","author":"Huang","year":"2021","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"issue":"5","key":"10.1016\/j.jss.2026.112788_bib0127","doi-asserted-by":"crossref","first-page":"1829","DOI":"10.3390\/s22051829","article-title":"Smart contract vulnerability detection model based on multi-task learning","volume":"22","author":"Huang","year":"2022","journal-title":"Sensors"},{"key":"10.1016\/j.jss.2026.112788_bib0128","series-title":"Proceedings of the IEEE\/ACM 46th International Conference on Software Engineering","article-title":"Revealing hidden threats: an empirical study of library misuse in smart contracts","author":"Huang","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0129","series-title":"Proceedings of the 32nd IEEE\/ACM International Conference on Program Comprehension","first-page":"333","article-title":"The sword of damocles: upgradeable smart contract in ethereum","author":"Huang","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0130","doi-asserted-by":"crossref","first-page":"32595","DOI":"10.1109\/ACCESS.2022.3162065","article-title":"CodeNet: code-targeted convolutional neural network architecture for smart contract vulnerability detection","volume":"10","author":"Hwang","year":"2022","journal-title":"IEEE Access"},{"key":"10.1016\/j.jss.2026.112788_bib0131","doi-asserted-by":"crossref","first-page":"28382","DOI":"10.1109\/ACCESS.2024.3366069","article-title":"MindtheDApp: a toolchain for complex network-driven structural analysis of ethereum-based decentralized applications","volume":"12","author":"Ibba","year":"2024","journal-title":"IEEE Access"},{"key":"10.1016\/j.jss.2026.112788_bib0132","doi-asserted-by":"crossref","unstructured":"Iuliano, G., Allocca, L., Cicalese, M., Di Nucci, D., 2025a. Automated vulnerability injection in solidity smart contracts: a mutation-based approach for benchmark development. arXiv: 2504.15948.","DOI":"10.1145\/3756681.3756943"},{"key":"10.1016\/j.jss.2026.112788_bib0133","unstructured":"Iuliano, G., Corradini, D., Pasqua, M., Ceccato, M., Nucci, D. D., 2025b. How do solidity versions affect vulnerability detection tools? An empirical study. arXiv: 2504.05515."},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0134","doi-asserted-by":"crossref","first-page":"557","DOI":"10.1007\/s10207-023-00752-5","article-title":"An integrated deep learning model for ethereum smart contract vulnerability detection","volume":"23","author":"Jain","year":"2024","journal-title":"Int. J. Inf. Secur."},{"key":"10.1016\/j.jss.2026.112788_bib0135","article-title":"Design and evaluation of highly accurate smart contract code vulnerability detection framework","author":"Jeon","year":"2023","journal-title":"Data Min. Knowl. Discov."},{"key":"10.1016\/j.jss.2026.112788_bib0136","series-title":"2020 25th International Conference on Engineering of Complex Computer Systems (ICECCS)","first-page":"125","article-title":"DEPOSafe: demystifying the fake deposit vulnerability in ethereum smart contracts","author":"Ji","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0137","series-title":"2021 IEEE 21st International Conference on Software Quality, Reliability and Security (QRS)","first-page":"243","article-title":"Increasing fuzz testing coverage for smart contracts with dynamic taint analysis","author":"Ji","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0138","series-title":"2021 IEEE 21st International Conference on Software Quality, Reliability and Security (QRS)","first-page":"243","article-title":"Increasing fuzz testing coverage for smart contracts with dynamic taint analysis","author":"Ji","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0139","doi-asserted-by":"crossref","DOI":"10.1016\/j.infsof.2023.107213","article-title":"Effuzz: efficient fuzzing by directed search for smart contracts","volume":"159","author":"Ji","year":"2023","journal-title":"Inf. Software Technol."},{"key":"10.1016\/j.jss.2026.112788_bib0140","series-title":"2021 IEEE 21st International Conference on Software Quality, Reliability and Security (QRS)","first-page":"926","article-title":"WANA: symbolic execution of wasm bytecode for extensible smart contract vulnerability detection","author":"Jiang","year":"2021"},{"issue":"9","key":"10.1016\/j.jss.2026.112788_bib0141","doi-asserted-by":"crossref","first-page":"2046","DOI":"10.3390\/electronics12092046","article-title":"Enhancing smart-contract security through machine learning: a survey of approaches and techniques","volume":"12","author":"Jiang","year":"2023","journal-title":"Electronics"},{"issue":"4","key":"10.1016\/j.jss.2026.112788_bib0142","doi-asserted-by":"crossref","first-page":"879","DOI":"10.1109\/TSE.2024.3491578","article-title":"Unearthing gas-wasting code smells in smart contracts with large language models","volume":"51","author":"Jiang","year":"2025","journal-title":"IEEE Trans. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0143","series-title":"FASE","first-page":"75","article-title":"A generalized formal semantic framework for smart contracts","author":"Jiao","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0144","doi-asserted-by":"crossref","DOI":"10.1016\/j.ins.2023.03.132","article-title":"A novel extended multimodal AI framework towards vulnerability detection in smart contracts","volume":"636","author":"Jie","year":"2023","journal-title":"Inf. Sci."},{"key":"10.1016\/j.jss.2026.112788_bib0145","series-title":"2021 IEEE International Conference on Blockchain (Blockchain)","first-page":"95","article-title":"Full-stack hierarchical fusion of static features for smart contracts vulnerability detection","author":"Jie","year":"2021"},{"issue":"11","key":"10.1016\/j.jss.2026.112788_bib0146","doi-asserted-by":"crossref","first-page":"4611","DOI":"10.1109\/TSE.2021.3123170","article-title":"Aroc: an automatic repair framework for on-chain smart contracts","volume":"48","author":"Jin","year":"2022","journal-title":"IEEE Trans. Software Eng."},{"issue":"6","key":"10.1016\/j.jss.2026.112788_bib0147","first-page":"3389","article-title":"Enhancing oyente: four new vulnerability detections for improved smart contract security analysis","volume":"16","author":"JJ","year":"2024","journal-title":"Int. J. Inf. Technol."},{"key":"10.1016\/j.jss.2026.112788_bib0148","series-title":"2020 2nd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS)","first-page":"107","article-title":"Vyper: a security comparison with solidity based on common vulnerabilities","author":"Kaleem","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0149","series-title":"Handbook of Research on Blockchain Technology","first-page":"373","article-title":"Scalability in blockchain: challenges and solutions","author":"Kaur","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0150","series-title":"2021 9th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions)(ICRITO)","first-page":"1","article-title":"Immutable smart contracts on blockchain technology: its benefits and barriers","author":"Kaushal","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0151","doi-asserted-by":"crossref","first-page":"62459","DOI":"10.1109\/ACCESS.2024.3351736","article-title":"Involuntary transfer: a vulnerability pattern in smart contracts","volume":"12","author":"Khan","year":"2024","journal-title":"IEEE Access"},{"key":"10.1016\/j.jss.2026.112788_bib0152","series-title":"2024 IEEE International Conference on Software Analysis, Evolution and Reengineering-Companion (SANER-C)","first-page":"35","article-title":"SolOSphere: a framework for gas optimization in solidity smart contracts","author":"Khanzadeh","year":"2024"},{"issue":"12","key":"10.1016\/j.jss.2026.112788_bib0153","doi-asserted-by":"crossref","first-page":"2295","DOI":"10.3390\/electronics13122295","article-title":"Ethereum smart contract vulnerability detection and machine learning-driven solutions: a systematic literature review","volume":"13","author":"Kiani","year":"2024","journal-title":"Electronics"},{"key":"10.1016\/j.jss.2026.112788_bib0154","unstructured":"Kitchenham, B., Charters, S., 2007. Guidelines for performing systematic literature reviews in software engineering 2."},{"key":"10.1016\/j.jss.2026.112788_bib0155","doi-asserted-by":"crossref","first-page":"57037","DOI":"10.1109\/ACCESS.2022.3169902","article-title":"Ethereum smart contract analysis tools: a systematic review","volume":"10","author":"Kushwaha","year":"2022","journal-title":"IEEE Access"},{"key":"10.1016\/j.jss.2026.112788_bib0156","doi-asserted-by":"crossref","first-page":"6605","DOI":"10.1109\/ACCESS.2021.3140091","article-title":"Systematic review of security vulnerabilities in ethereum blockchain smart contract","volume":"10","author":"Kushwaha","year":"2022","journal-title":"IEEE Access"},{"key":"10.1016\/j.jss.2026.112788_bib0157","series-title":"Proceedings of the International Conference on Advanced Information Networking and Applications","first-page":"1303","article-title":"An event-b based approach for formal modelling and verification of smart contracts","author":"Lahbib","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0158","series-title":"Proceedings of the 2020 4th International Conference on Cryptography, Security and Privacy","first-page":"110","article-title":"Static analysis of integer overflow of smart contracts in ethereum","author":"Lai","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0159","series-title":"2024 IEEE 21st Consumer Communications & Networking Conference (CCNC)","first-page":"188","article-title":"Detecting reentrancy vulnerability in smart contracts using graph convolution networks","author":"Lakadawala","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0160","series-title":"2021 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)","first-page":"689","article-title":"Lightweight extension of an execution environment for safer function calls in solidity\/ethereum virtual machine smart contracts","author":"Lee","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0161","series-title":"2023 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)","first-page":"1","article-title":"SoK: not quite water under the bridge: review of cross-chain bridge hacks","author":"Lee","year":"2023"},{"issue":"6","key":"10.1016\/j.jss.2026.112788_bib0162","doi-asserted-by":"crossref","first-page":"5790","DOI":"10.1109\/TNSE.2024.3447025","article-title":"EvoFuzzer: an evolutionary fuzzer for detecting reentrancy vulnerability in smart contracts","volume":"11","author":"Li","year":"2024","journal-title":"IEEE Trans. Netw. Sci. Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0163","series-title":"2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE)","first-page":"1082","article-title":"Gas estimation and optimization for smart contracts on ethereum","author":"Li","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0164","series-title":"2024 IEEE 30th International Conference on Parallel and Distributed Systems (ICPADS)","first-page":"641","article-title":"FEMD: feature enhancement-aided multimodal feature fusion approach for smart contract vulnerability detection","author":"Li","year":"2024"},{"issue":"FSE","key":"10.1016\/j.jss.2026.112788_bib0165","doi-asserted-by":"crossref","first-page":"1447","DOI":"10.1145\/3660772","article-title":"Static application security testing (SAST) tools for smart contracts: how far are we?","volume":"1","author":"Li","year":"2024","journal-title":"Proc. ACM Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0166","series-title":"Proceedings of the 39th IEEE\/ACM International Conference on Automated Software Engineering","first-page":"1358","article-title":"Cobra: interaction-aware bytecode-level vulnerability detector for smart contracts","author":"Li","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0167","series-title":"Proceedings of the 2020 International Conference on Cyberspace Innovation of Advanced Technologies","first-page":"484","article-title":"Research on blockchain smart contracts vulnerability and a code audit tool based on matching rules","author":"Li","year":"2021"},{"issue":"11","key":"10.1016\/j.jss.2026.112788_bib0168","doi-asserted-by":"crossref","first-page":"4886","DOI":"10.1109\/TSE.2023.3317209","article-title":"VulHunter: hunting vulnerable smart contracts at EVM bytecode-level via multiple instance learning","volume":"49","author":"Li","year":"2023","journal-title":"IEEE Trans. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0169","series-title":"Proceedings of the 2019 34th IEEE\/ACM International Conference on Automated Software Engineering (ASE)","first-page":"1198","article-title":"MuSC: a tool for mutation testing of ethereum smart contract","author":"Li","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0170","series-title":"2023 8th International Conference on Signal and Image Processing (ICSIP)","first-page":"831","article-title":"SCGRU: a model for ethereum smart contract vulnerability detection combining CNN and bigru-attention","author":"Liang","year":"2023"},{"issue":"4","key":"10.1016\/j.jss.2026.112788_bib0171","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3707458","article-title":"Towards effective detection of ponzi schemes on ethereum with contract runtime behavior graph","volume":"34","author":"Liang","year":"2024","journal-title":"ACM Trans. Software Eng. Method."},{"key":"10.1016\/j.jss.2026.112788_bib0172","series-title":"2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS)","first-page":"458","article-title":"SoliAudit: smart contract vulnerability assessment based on machine learning and fuzz testing","author":"Liao","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0173","series-title":"Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"980","article-title":"SmartState: detecting state-reverting vulnerabilities in smart contracts via fine-grained state-dependency analysis","author":"Liao","year":"2023"},{"issue":"FSE","key":"10.1016\/j.jss.2026.112788_bib0174","doi-asserted-by":"crossref","first-page":"249","DOI":"10.1145\/3643738","article-title":"SmartAxe: detecting cross-chain vulnerabilities in bridge smart contracts via fine-grained static analysis","volume":"1","author":"Liao","year":"2024","journal-title":"Proc. ACM Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0175","series-title":"Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"752","article-title":"SmartDagger: a bytecode-based static analysis approach for detecting cross-contract vulnerability","author":"Liao","year":"2022"},{"key":"10.1016\/j.jss.2026.112788_bib0176","series-title":"2021 IEEE International Conference on Blockchain (Blockchain)","first-page":"1","article-title":"EtherProv: provenance-aware detection, analysis, and mitigation of ethereum smart contract security issues","author":"Linoy","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0177","series-title":"2021 International Conference on Electronic Information Engineering and Computer Science (EIECS)","first-page":"556","article-title":"Merkle tree: a fundamental component of blockchains","author":"Liu","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0178","series-title":"Proceedings of the 37th IEEE\/ACM International Conference on Automated Software Engineering","first-page":"1","article-title":"InvCon: a dynamic invariant detector for ethereum smart contracts","author":"Liu","year":"2022"},{"key":"10.1016\/j.jss.2026.112788_bib0179","series-title":"Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"716","article-title":"Finding permission bugs in smart contracts with role mining","author":"Liu","year":"2022"},{"key":"10.1016\/j.jss.2026.112788_bib0180","series-title":"Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"1876","article-title":"FunRedisp: a function redispatch tool to reduce invocation gas fees in solidity smart contracts","author":"Liu","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0181","series-title":"Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"516","article-title":"FunRedisp: reordering function dispatch in smart contract to reduce invocation gas fees","author":"Liu","year":"2024"},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0182","doi-asserted-by":"crossref","first-page":"24","DOI":"10.1007\/s10515-024-00418-z","article-title":"Dl4sc: a novel deep learning-based vulnerability detection framework for smart contracts","volume":"31","author":"Liu","year":"2024","journal-title":"Autom. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0183","unstructured":"Liu, Y., Zhang, C., et al., 2024b. Automated invariant generation for solidity smart contracts. arXiv: 2401.00650."},{"key":"10.1016\/j.jss.2026.112788_bib0184","series-title":"2024 IEEE International Symposium on Parallel and Distributed Processing with Applications (ISPA)","first-page":"751","article-title":"FFGDetector: vulnerability detection in cross-contract feature flow graph using GCN","author":"Liu","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0185","series-title":"Proceedings of the Thirtieth International Joint Conference on Artificial Intelligence, IJCAI-21","first-page":"2751","article-title":"Smart contract vulnerability detection: from pure neural network to interpretable graph feature and expert pattern fusion","author":"Liu","year":"2021"},{"issue":"2","key":"10.1016\/j.jss.2026.112788_bib0186","first-page":"1296","article-title":"Combining graph neural networks with expert knowledge for smart contract vulnerability detection","volume":"35","author":"Liu","year":"2023","journal-title":"IEEE Trans. Knowl. Data Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0187","doi-asserted-by":"crossref","first-page":"1237","DOI":"10.1109\/TIFS.2023.3237370","article-title":"Rethinking smart contract fuzzing: fuzzing with invocation ordering and important branch revisiting","volume":"18","author":"Liu","year":"2023","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"10.1016\/j.jss.2026.112788_bib0188","unstructured":"Losi, P.-A., 2024. Pakala: a toolkit for analyzing ethereum smart contracts. Accessed: 2024-10-08. https:\/\/www.palkeo.com\/en\/projets\/ethereum\/pakala.html."},{"key":"10.1016\/j.jss.2026.112788_bib0189","series-title":"Proceedings of the IEEE\/ACM 46th International Conference on Software Engineering","first-page":"1","article-title":"SCVHUNTER: smart contract vulnerability detection based on heterogeneous graph attention network","author":"Luo","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0190","series-title":"2024 IEEE International Conference on Blockchain (Blockchain)","first-page":"89","article-title":"FELLMVP: an ensemble llm framework for classifying smart contract vulnerabilities","author":"Luo","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0191","unstructured":"Lutz, O., Chen, H., Fereidooni, H., Sendner, C., Dmitrienko, A., Sadeghi, A. R., Koushanfar, F., 2021. Escort: Ethereum smart contracts vulnerability detection using deep neural network and transfer learning. arXiv: 2103.12607."},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0192","doi-asserted-by":"crossref","DOI":"10.1177\/15501477211059945","article-title":"Attack and protection schemes on fabric isomorphic crosschain systems","volume":"18","author":"Lv","year":"2022","journal-title":"Int. J. Distrib. Sens. Netw."},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0193","doi-asserted-by":"crossref","first-page":"93-13","DOI":"10.1186\/s13677-023-00459-x","article-title":"Hgat: smart contract vulnerability detection method based on hierarchical graph attention network","volume":"12","author":"Ma","year":"2023","journal-title":"J. Cloud Comput. Adv. Syst. Appl."},{"key":"10.1016\/j.jss.2026.112788_bib0194","series-title":"Proceedings of the 2019 IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER)","first-page":"554","article-title":"EVM*: from offline detection to online reinforcement for ethereum virtual machine","author":"Ma","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0195","series-title":"Trusted Computing and Information Security - 13th Chinese Conference, CTCIS 2019, Revised Selected Papers","first-page":"58","article-title":"Rejection: a AST-based reentrancy vulnerability detection method","author":"Ma","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0196","article-title":"Anonymous multi-hop locks for blockchain scalability and interoperability","author":"Malavolta","year":"2018","journal-title":"Cryptol. ePrint Arch."},{"key":"10.1016\/j.jss.2026.112788_bib0197","series-title":"2020 IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE)","first-page":"9","article-title":"Design patterns for gas optimization in ethereum","author":"Marchesi","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0198","series-title":"Financial Cryptography and Data Security. FC 2021 International Workshops","first-page":"364","article-title":"EthVer: formal verification of randomized ethereum smart contracts","author":"Mazurek","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0199","series-title":"Proceedings of the 29th Annual International Conference on Computer Science and Software Engineering","first-page":"264","article-title":"SolUnit: a framework for reducing execution time of smart contract unit tests","author":"Medeiros","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0200","doi-asserted-by":"crossref","DOI":"10.1016\/j.jss.2020.110607","article-title":"When to update systematic literature reviews in software engineering","volume":"167","author":"Mendes","year":"2020","journal-title":"Journal of Systems and Software"},{"key":"10.1016\/j.jss.2026.112788_bib0201","series-title":"2021 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)","first-page":"1","article-title":"VSCL: automating vulnerability detection in smart contracts with deep learning","author":"Mi","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0202","series-title":"2024 1st International Conference on Cognitive, Green and Ubiquitous Computing (IC-CGU)","first-page":"1","article-title":"Smart contract: tools and challenges","author":"Mishra","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0203","series-title":"2019 17th International Conference on Privacy, Security and Trust (PST)","first-page":"1","article-title":"Machine learning model for smart contracts security analysis","author":"Momeni","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0204","series-title":"Proceedings of the 2019 17th International Conference on Privacy, Security and Trust (PST)","first-page":"1","article-title":"Machine learning model for smart contracts security analysis","author":"Momeni","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0205","series-title":"Proceedings of the 2019 34th IEEE\/ACM International Conference on Automated Software Engineering (ASE)","first-page":"1186","article-title":"Manticore: a user-friendly symbolic execution framework for binaries and smart contracts","author":"Mossberg","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0206","series-title":"2024 IEEE International Conference on Blockchain (Blockchain)","first-page":"434","article-title":"LLMSmartSec: smart contract security auditing with llm and annotated control flow graph","author":"Mothukuri","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0207","unstructured":"Munir, S., Taha, W., 2023. Pre-deployment analysis of smart contracts \u2013 a survey. arXiv: 2301.06079."},{"issue":"2","key":"10.1016\/j.jss.2026.112788_bib0208","first-page":"15","article-title":"Bitcoin: a peer-to-peer electronic cash system","volume":"4","author":"Nakamoto","year":"2008","journal-title":"Bitcoin"},{"key":"10.1016\/j.jss.2026.112788_bib0209","first-page":"653","article-title":"Automation and smart materials in detecting smart contracts vulnerabilities in blockchain using deep learning","volume":"81","author":"Narayana","year":"2023","journal-title":"Mater. Today: Proc."},{"key":"10.1016\/j.jss.2026.112788_bib0210","series-title":"Mathematical Research for Blockchain Economy","first-page":"143","article-title":"Gas gauge: a security analysis tool for smart contract out-of-gas vulnerabilities","author":"Nassirzadeh","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0211","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1016\/j.infsof.2019.01.005","article-title":"On the need to update systematic literature reviews","volume":"109","author":"Nepomuceno","year":"2019","journal-title":"Inf. Software Technol."},{"key":"10.1016\/j.jss.2026.112788_bib0212","series-title":"Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering","first-page":"1736","article-title":"Mando-guru: vulnerability detection for smart contract source code by heterogeneous graph embeddings","author":"Nguyen","year":"2022"},{"key":"10.1016\/j.jss.2026.112788_bib0213","series-title":"2023 IEEE\/ACM 20th International Conference on Mining Software Repositories (MSR)","first-page":"334","article-title":"MANDO-HGT: heterogeneous graph transformers for smart contract vulnerability detection","author":"Nguyen","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0214","series-title":"Proceedings of the International Conference on Future Data and Security Engineering","first-page":"485","article-title":"Detect abnormal behaviours in ethereum smart contracts using attack vectors","author":"Nguyen","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0215","series-title":"2021 IEEE Symposium on Security and Privacy (SP)","first-page":"1215","article-title":"sGuard: towards fixing vulnerable smart contracts automatically","author":"Nguyen","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0216","series-title":"Proceedings of the ACM\/IEEE 42nd International Conference on Software Engineering","first-page":"778","article-title":"sFuzz: an efficient adaptive fuzzer for solidity smart contracts","author":"Nguyen","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0217","series-title":"Finding the greedy, prodigal, and suicidal contracts at scale","first-page":"653","author":"Nikolic","year":"2018"},{"key":"10.1016\/j.jss.2026.112788_bib0218","series-title":"2024 11th International Conference on Electrical, Electronic and Computing Engineering (IcETRAN)","first-page":"1","article-title":"Blockchain programming languages vulnerabilities and error mitigation strategies","author":"Obradovi\u0107","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0219","series-title":"Proceedings of the ACM\/IEEE 44th International Conference on Software Engineering: Companion Proceedings","first-page":"202","article-title":"Syntest-solidity: automated test case generation and fuzzing for smart contracts","author":"Olsthoorn","year":"2022"},{"issue":"2","key":"10.1016\/j.jss.2026.112788_bib0220","doi-asserted-by":"crossref","DOI":"10.1145\/3564699","article-title":"A solicitous approach to smart contract verification","volume":"26","author":"Otoni","year":"2023","journal-title":"ACM Trans. Priv. Secur."},{"key":"10.1016\/j.jss.2026.112788_bib0221","doi-asserted-by":"crossref","first-page":"8","DOI":"10.1016\/j.procs.2023.12.151","article-title":"ContractArmor: attack surface generator for smart contracts","volume":"231","author":"\u00d6zdemir S\u00f6nmez","year":"2024","journal-title":"Procedia Comput. Sci."},{"key":"10.1016\/j.jss.2026.112788_bib0222","series-title":"2021 IEEE 21st International Conference on Software Quality, Reliability and Security (QRS)","first-page":"915","article-title":"ReDefender: a tool for detecting reentrancy vulnerabilities in smart contracts effectively","author":"Pan","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0223","series-title":"Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering","first-page":"912","article-title":"A formal verification tool for ethereum VM bytecode","author":"Park","year":"2018"},{"key":"10.1016\/j.jss.2026.112788_bib0224","doi-asserted-by":"crossref","DOI":"10.1016\/j.jss.2023.111653","article-title":"Enhancing ethereum smart-contracts static analysis by computing a precise control-flow graph of ethereum bytecode","volume":"200","author":"Pasqua","year":"2023","journal-title":"J. Syst. Software"},{"key":"10.1016\/j.jss.2026.112788_bib0225","series-title":"Proceedings of the 2019 26th Asia-Pacific Software Engineering Conference (APSEC)","first-page":"466","article-title":"SIF: A framework for solidity contract instrumentation and analysis","author":"Peng","year":"2019"},{"issue":"2","key":"10.1016\/j.jss.2026.112788_bib0226","doi-asserted-by":"crossref","first-page":"1439","DOI":"10.32604\/cmc.2023.038878","article-title":"GRATDet: smart contract vulnerability detector based on graph representation and transformer","volume":"76","author":"Peng","year":"2023","journal-title":"Comput. Mater. Continua"},{"key":"10.1016\/j.jss.2026.112788_bib0227","article-title":"Detecting functional and security-related issues in smart contracts: a systematic literature review","volume":"53","author":"Piantadosi","year":"2022","journal-title":"Software: Pract. Exper."},{"issue":"4","key":"10.1016\/j.jss.2026.112788_bib0228","doi-asserted-by":"crossref","first-page":"1972","DOI":"10.1109\/TETC.2019.2949510","article-title":"Blockchain mutability: challenges and proposed solutions","volume":"9","author":"Politou","year":"2019","journal-title":"IEEE Trans. Emerging Top. Comput."},{"key":"10.1016\/j.jss.2026.112788_bib0229","doi-asserted-by":"crossref","first-page":"150","DOI":"10.1016\/j.ins.2021.08.007","article-title":"Solguard: preventing external call issues in smart contract-based multi-agent robotic systems","volume":"579","author":"Praitheeshan","year":"2021","journal-title":"Inf Sci (Ny)"},{"key":"10.1016\/j.jss.2026.112788_bib0230","series-title":"2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","first-page":"1","article-title":"Evaluating spread of \u2018gasless send\u2019 in ethereum smart contracts","author":"Prechtel","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0231","unstructured":"Qian, P., Cao, R., Liu, Z., Li, W., Li, M., Zhang, L., Xu, Y., Chen, J., He, Q., 2023a. Empirical review of smart contract and DeFi security: vulnerability detection and a\u2018utomated repair. arXiv: 2309.02391."},{"issue":"7","key":"10.1016\/j.jss.2026.112788_bib0232","doi-asserted-by":"crossref","first-page":"3793","DOI":"10.1109\/TSE.2023.3271417","article-title":"Demystifying random number in ethereum smart contract: taxonomy, vulnerability identification, and attack detection","volume":"49","author":"Qian","year":"2023","journal-title":"IEEE Trans. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0233","doi-asserted-by":"crossref","first-page":"19685","DOI":"10.1109\/ACCESS.2020.2969429","article-title":"Towards automated reentrancy detection for smart contracts based on sequential models","volume":"8","author":"Qian","year":"2020","journal-title":"IEEE Access"},{"key":"10.1016\/j.jss.2026.112788_bib0234","series-title":"Proceedings of the ACM Web Conference 2023","first-page":"2220","article-title":"Cross-modality mutual learning for enhancing smart contract vulnerability detection on bytecode","author":"Qian","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0235","series-title":"2024 IEEE 40th International Conference on Data Engineering (ICDE)","first-page":"1972","article-title":"MuFuzz: sequence-aware mutation and seed mask guidance for blockchain smart contract fuzzing","author":"Qian","year":"2024"},{"issue":"7","key":"10.1016\/j.jss.2026.112788_bib0236","doi-asserted-by":"crossref","first-page":"712","DOI":"10.1109\/TSE.2018.2796554","article-title":"Toward methodological guidelines for process theories and taxonomies in software engineering","volume":"45","author":"Ralph","year":"2019","journal-title":"IEEE Trans. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0237","series-title":"Systematic review of ethereum smart contract security vulnerabilities, analysis methods and tools","author":"Rameder","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0238","doi-asserted-by":"crossref","DOI":"10.3389\/fbloc.2022.814977","article-title":"Review of automated vulnerability analysis of smart contracts on ethereum","volume":"5","author":"Rameder","year":"2022","journal-title":"Front. Blockchain"},{"key":"10.1016\/j.jss.2026.112788_bib0239","unstructured":"Rekt, 2025. Rekt. https:\/\/rekt.news\/. Accessed: 2025-04-12."},{"key":"10.1016\/j.jss.2026.112788_bib0240","series-title":"Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"666","article-title":"SCStudio: a secure and efficient integrated development environment for smart contracts","author":"Ren","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0241","series-title":"Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"566","article-title":"Empirical evaluation of smart contract testing: what is the best choice?","author":"Ren","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0242","unstructured":"Rezaei, H., Eshghie, M., Anderesson, K., Palmieri, F., 2025. SoK: root cause of $1 billion loss in smart contract real-world attacks via a systematic literature review of vulnerabilities. arXiv: 2507.20175."},{"key":"10.1016\/j.jss.2026.112788_bib0243","doi-asserted-by":"crossref","DOI":"10.1016\/j.iot.2020.100162","article-title":"Identifying the attack surface for iot network","volume":"9","author":"Rizvi","year":"2020","journal-title":"Internet Things"},{"key":"10.1016\/j.jss.2026.112788_bib0244","series-title":"USENIX Security Symposium","article-title":"EVMPatch: timely and automated patching of ethereum smart contracts","author":"Rodler","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0245","series-title":"2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P)","first-page":"449","article-title":"EFCF: high performance smart contract fuzzing for exploit generation","author":"Rodler","year":"2023"},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0246","doi-asserted-by":"crossref","first-page":"1","DOI":"10.4018\/IJITWE.304048","article-title":"Smart contracts security threats and solutions","volume":"17","author":"Rosaire","year":"2022","journal-title":"Int. J. Inf. Technol. Web Eng. (IJITWE)"},{"issue":"2","key":"10.1016\/j.jss.2026.112788_bib0247","article-title":"The coding manual for qualitative researchers","volume":"12","author":"Salda\u00f1a","year":"2021","journal-title":"Qualitative research in organizations and management: an international journal"},{"key":"10.1016\/j.jss.2026.112788_bib0248","series-title":"2020 IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE)","first-page":"22","article-title":"Reentrancy vulnerability identification in ethereum smart contracts","author":"Samreen","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0249","series-title":"2021 IEEE\/ACM 4th International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB)","first-page":"17","article-title":"Smartscan: an approach to detect denial of service vulnerability in ethereum smart contracts","author":"Samreen","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0250","series-title":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","first-page":"621","article-title":"eThor: practical and provably sound static analysis of ethereum smart contracts","author":"Schneidewind","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0251","first-page":"117","article-title":"Collusion by blockchain and smart contracts","volume":"33","author":"Schrepel","year":"2019","journal-title":"Harv. JL & Tech."},{"key":"10.1016\/j.jss.2026.112788_bib0252","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3360611","article-title":"Safer smart contract programming with scilla","volume":"3","author":"Sergey","year":"2019","journal-title":"Proc. ACM Program. Lang."},{"key":"10.1016\/j.jss.2026.112788_bib0253","doi-asserted-by":"crossref","first-page":"590","DOI":"10.1134\/S0361768819080164","article-title":"Debugging smart contract\u2019s business logic using symbolic model checking","volume":"45(8)","author":"Shishkin","year":"2019","journal-title":"Program. Comput. Software"},{"key":"10.1016\/j.jss.2026.112788_bib0254","series-title":"Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"322","article-title":"ItyFuzz: snapshot-based fuzzer for smart contract","author":"Shou","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0255","unstructured":"Sigma Prime, 2023. Solidity security: comprehensive guide to smart contract security. https:\/\/blog.sigmaprime.io\/solidity-security.html. Accessed: [Date of access]."},{"key":"10.1016\/j.jss.2026.112788_bib0256","unstructured":"SlowMist, 2025. Slowmist. https:\/\/hacked.slowmist.io\/. Accessed: 2025-04-12."},{"key":"10.1016\/j.jss.2026.112788_bib0257","series-title":"30th USENIX Security Symposium (USENIX Security 21)","first-page":"1361","article-title":"SmarTest: effectively hunting vulnerable transaction sequences in smart contracts through language model-guided symbolic execution","author":"So","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0258","series-title":"International Conference on Network and System Security","first-page":"433","article-title":"An efficient vulnerability detection model for ethereum smart contracts","author":"Song","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0259","series-title":"Proceedings of the ACM\/IEEE 44th International Conference on Software Engineering: Companion Proceedings","first-page":"65","article-title":"Esbmc-solidity: an SMT-based model checker for solidity smart contracts","author":"Song","year":"2022"},{"key":"10.1016\/j.jss.2026.112788_bib0260","series-title":"Neural Information Processing","first-page":"3","article-title":"Multi-model smart contract vulnerability detection based on biGRU","author":"Song","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0261","series-title":"2020 IEEE European Symposium on Security and Privacy (EuroS&P)","first-page":"294","article-title":"Replay attacks and defenses against cross-shard consensus in sharded distributed ledgers","author":"Sonnino","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0262","series-title":"2023 49th Euromicro Conference on Software Engineering and Advanced Applications (SEAA)","first-page":"410","article-title":"AutoMESC: automatic framework for mining and classifying ethereum smart contract vulnerabilities and their fixes","author":"Soud","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0263","series-title":"Towards the Assessment and the Improvement of Smart Contract Security","author":"Staderini","year":"2022"},{"key":"10.1016\/j.jss.2026.112788_bib0264","series-title":"Solitor: Runtime Verification of Smart Contracts on the Ethereum Network","author":"Stegeman","year":"2018"},{"key":"10.1016\/j.jss.2026.112788_bib0265","unstructured":"Stegeman, L., 2018. Solitor: runtime verification of smart contracts on the ethereum network. http:\/\/essay.utwente.nl\/76902\/."},{"key":"10.1016\/j.jss.2026.112788_bib0266","article-title":"Data quality in context","volume":"40","author":"Strong","year":"2002","journal-title":"Commun. ACM"},{"key":"10.1016\/j.jss.2026.112788_bib0267","series-title":"Proceedings of the 37th IEEE\/ACM International Conference on Automated Software Engineering","article-title":"Effectively generating vulnerable transaction sequences in smart contracts with reinforcement learning-guided fuzzing","author":"Su","year":"2023"},{"issue":"11s","key":"10.1016\/j.jss.2026.112788_bib0268","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3517189","article-title":"Blockchain-based digital twins: research trends, issues, and future challenges","volume":"54","author":"Suhail","year":"2022","journal-title":"ACM Comput. Surv. (CSUR)"},{"issue":"11","key":"10.1016\/j.jss.2026.112788_bib0269","first-page":"1","article-title":"Porosity: a decompiler for blockchain-based smart contracts bytecode","volume":"25","author":"Suiche","year":"2017","journal-title":"DEF Con."},{"issue":"21","key":"10.1016\/j.jss.2026.112788_bib0270","first-page":"6931","article-title":"Automated mutation analysis for smart contract using ama tool with enhanced ga and machine learning approach","volume":"101","author":"Sujeetha","year":"2023","journal-title":"J. Theor. Appl. Inf. Technol."},{"key":"10.1016\/j.jss.2026.112788_bib0271","series-title":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","first-page":"73","article-title":"A detection method for scarcity defect of blockchain digital asset based on invariant analysis","author":"Sun","year":"2022"},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0272","doi-asserted-by":"crossref","first-page":"27","DOI":"10.26599\/TST.2020.9010036","article-title":"Mutation testing for integer overflow in ethereum smart contracts","volume":"27","author":"Sun","year":"2022","journal-title":"Tsinghua Sci. Technol."},{"issue":"6","key":"10.1016\/j.jss.2026.112788_bib0273","doi-asserted-by":"crossref","first-page":"82","DOI":"10.1109\/MWC.001.2000134","article-title":"Collaborative blockchain for space-air-ground integrated networks","volume":"27","author":"Sun","year":"2020","journal-title":"IEEE Wireless Commun."},{"key":"10.1016\/j.jss.2026.112788_bib0274","article-title":"ASSBert: active and semi-supervised bert for smart contract vulnerability detection","volume":"73","author":"Sun","year":"2023","journal-title":"J. Inf. Secur. Appl."},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0275","doi-asserted-by":"crossref","DOI":"10.1088\/1742-6596\/1820\/1\/012004","article-title":"Attention-based machine learning model for smart contract vulnerability detection","volume":"1820","author":"Sun","year":"2021","journal-title":"J. Phys. Conf. Ser."},{"key":"10.1016\/j.jss.2026.112788_bib0276","series-title":"Proceedings of the IEEE\/ACM 46th International Conference on Software Engineering","first-page":"1","article-title":"GPTScan: detecting logic vulnerabilities in smart contracts by combining gpt with program analysis","author":"Sun","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0277","series-title":"Proceedings of the 42nd International Conference on Software Engineering","article-title":"Gap between theory and practice : an empirical study of security patches in solidity","author":"Sungjae Hwang","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0278","unstructured":"Szabo, N., 1994. Smart contractshttps:\/\/LOTwinterschool2006\/szabo.best.vwh.net\/smart.contracts.html."},{"key":"10.1016\/j.jss.2026.112788_bib0279","doi-asserted-by":"crossref","unstructured":"Szabo, N., 1997. Formalizing and securing relationships on public networks. First Monday.","DOI":"10.5210\/fm.v2i9.548"},{"key":"10.1016\/j.jss.2026.112788_bib0280","series-title":"2021 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC\/PiCom\/CBDCom\/CyberSciTech)","first-page":"68","article-title":"Rethinking of reentrancy on the ethereum","author":"Tang","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0281","unstructured":"Tann, W. J., Han, X. J., Gupta, S. S., Ong, Y., 2018. Towards safer smart contracts: A sequence learning approach to detecting vulnerabilities. arXiv: 1811.06632."},{"key":"10.1016\/j.jss.2026.112788_bib0282","doi-asserted-by":"crossref","first-page":"3928","DOI":"10.1109\/TIFS.2021.3096124","article-title":"Enabling cross-chain transactions: a decentralized cryptocurrency exchange protocol","volume":"16","author":"Tian","year":"2021","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"10.1016\/j.jss.2026.112788_bib0283","series-title":"2019 3rd International Conference on Circuits, System and Simulation (ICCSS)","first-page":"127","article-title":"Smart contract defect detection based on parallel symbolic execution","author":"Tian","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0284","series-title":"Proceedings of the 2019 3rd International Conference on Circuits, System and Simulation (ICCSS)","first-page":"127","article-title":"Smart contract defect detection based on parallel symbolic execution","author":"Tian","year":"2019"},{"key":"10.1016\/j.jss.2026.112788_bib0285","series-title":"Proceedings of the 1st International Workshop on Emerging Trends in Software Engineering for Blockchain","first-page":"9","article-title":"Smartcheck: static analysis of ethereum smart contracts","author":"Tikhomirov","year":"2018"},{"key":"10.1016\/j.jss.2026.112788_bib0286","series-title":"Proceedings of the 37th IEEE\/ACM International Conference on Automated Software Engineering","article-title":"Property-based automated repair of DeFi protocols","author":"Tolmach","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0287","series-title":"2021 IEEE European Symposium on Security and Privacy","first-page":"103","article-title":"ConFuzzius: a data dependency-aware hybrid fuzzer for smart contracts","author":"Torres","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0288","series-title":"Proceedings of the 34th Annual Computer Security Applications Conference","first-page":"664","article-title":"Osiris: hunting for integer bugs in ethereum smart contracts","author":"Torres","year":"2018"},{"key":"10.1016\/j.jss.2026.112788_bib0289","series-title":"Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security","first-page":"67","article-title":"Securify: practical security analysis of smart contracts","author":"Tsankov","year":"2018"},{"key":"10.1016\/j.jss.2026.112788_bib0290","doi-asserted-by":"crossref","DOI":"10.1016\/j.jss.2020.110891","article-title":"A systematic literature review of blockchain and smart contract development: techniques, tools, and open challenges","volume":"174","author":"Vacca","year":"2021","journal-title":"J. Syst. Software"},{"issue":"4","key":"10.1016\/j.jss.2026.112788_bib0291","doi-asserted-by":"crossref","first-page":"101","DOI":"10.1007\/s10664-024-10446-8","article-title":"Openscv: an open hierarchical taxonomy for smart contract vulnerabilities","volume":"29","author":"Vidal","year":"2024","journal-title":"Empir. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0292","doi-asserted-by":"crossref","DOI":"10.1016\/j.jss.2024.112160","article-title":"Vulnerability detection techniques for smart contracts: a systematic literature review","volume":"217","author":"Vidal","year":"2024","journal-title":"J. Syst. Software"},{"key":"10.1016\/j.jss.2026.112788_bib0293","doi-asserted-by":"crossref","first-page":"119","DOI":"10.1016\/j.comcom.2021.03.008","article-title":"A security framework for ethereum smart contracts","volume":"172","author":"Vivar","year":"2021","journal-title":"Comput. Commun."},{"key":"10.1016\/j.jss.2026.112788_bib0294","series-title":"2020 7th International Conference on Dependable Systems and Their Applications (DSA)","first-page":"173","article-title":"Artemis: an improved smart contract verification tool for vulnerability detection","author":"Wang","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0295","series-title":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","first-page":"564","article-title":"Smart contract vulnerability detection using code representation fusion","author":"Wang","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0296","doi-asserted-by":"crossref","unstructured":"Wang, B., Chu, H., Zhang, P., Dong, H., 2021b. Smart contract vulnerability detection using code representation fusion. 2021 28th Asia-Pacific Software Engineering Conference (APSEC), 564\u2013565https:\/\/api.semanticscholar.org\/CorpusID:246945372.","DOI":"10.1109\/APSEC53868.2021.00069"},{"key":"10.1016\/j.jss.2026.112788_bib0297","series-title":"Proceedings of the 39th IEEE\/ACM International Conference on Automated Software Engineering","first-page":"2350","article-title":"Contracttinker: LLM-empowered vulnerability repair for real-world smart contracts","author":"Wang","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0298","series-title":"2024 IEEE International Conference on Software Analysis, Evolution and Reengineering-Companion (SANER-C)","first-page":"207","article-title":"SCVD-SA: a smart contract vulnerability detection method based on hybrid deep learning model and self-attention mechanism","author":"Wang","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0299","series-title":"Proceedings of the 39th IEEE\/ACM International Conference on Automated Software Engineering","first-page":"1570","article-title":"Skyeye: detecting imminent attacks via analyzing adversarial smart contracts","author":"Wang","year":"2024"},{"issue":"4","key":"10.1016\/j.jss.2026.112788_bib0300","article-title":"sFuzz2.0: storage-access pattern guided smart contract fuzzing","volume":"36","author":"Wang","year":"2023","journal-title":"J. Software : Evol. Process."},{"key":"10.1016\/j.jss.2026.112788_bib0301","unstructured":"Wang, Q., Li, R., Wang, Q., Chen, S., 2021c. Non-fungible token (NFT): overview, evaluation, opportunities and challenges. arXiv: 2105.07447."},{"issue":"OOPSLA","key":"10.1016\/j.jss.2026.112788_bib0302","doi-asserted-by":"crossref","DOI":"10.1145\/3360615","article-title":"Detecting nondeterministic payment bugs in ethereum smart contracts","volume":"3","author":"Wang","year":"2019","journal-title":"Proc. ACM Program. Lang."},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0303","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s10515-024-00471-8","article-title":"Contractsentry: a static analysis tool for smart contract vulnerability detection","volume":"32","author":"Wang","year":"2025","journal-title":"Autom. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0304","series-title":"2024 IEEE Symposium on Security and Privacy (SP)","first-page":"2217","article-title":"SmartInv: multimodal learning for smart contract invariant inference","author":"Wang","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0305","first-page":"1","article-title":"EtherFuzz: mutation fuzzing smart contracts for TOD vulnerability detection","volume":"2022","author":"Wang","year":"2022","journal-title":"Wireless Commun. Mobile Comput."},{"issue":"7","key":"10.1016\/j.jss.2026.112788_bib0306","doi-asserted-by":"crossref","first-page":"1789","DOI":"10.1109\/TSE.2024.3400294","article-title":"ContractCheck: checking ethereum smart contracts in fine-grained level","volume":"50","author":"Wang","year":"2024","journal-title":"IEEE Trans. Software Eng."},{"issue":"6","key":"10.1016\/j.jss.2026.112788_bib0307","doi-asserted-by":"crossref","first-page":"6382","DOI":"10.1109\/TNSE.2024.3470788","article-title":"ContractGNN: ethereum smart contract vulnerability detection based on vulnerability sub-graphs and graph neural networks","volume":"11","author":"Wang","year":"2024","journal-title":"IEEE Trans. Netw. Sci. Eng."},{"issue":"FSE","key":"10.1016\/j.jss.2026.112788_bib0308","doi-asserted-by":"crossref","first-page":"161","DOI":"10.1145\/3643734","article-title":"Efficiently detecting reentrancy vulnerabilities in complex smart contracts","volume":"1","author":"Wang","year":"2024","journal-title":"Proc. ACM Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0309","doi-asserted-by":"crossref","DOI":"10.1016\/j.jnca.2020.102530","article-title":"FSFC: An input filter-based secure framework for smart contract","volume":"154","author":"Wang","year":"2020","journal-title":"J. Netw. Comput. Appl."},{"key":"10.1016\/j.jss.2026.112788_bib0310","doi-asserted-by":"crossref","DOI":"10.1016\/j.jnca.2024.103984","article-title":"DFier: a directed vulnerability verifier for ethereum smart contracts","volume":"231","author":"Wang","year":"2024","journal-title":"J. Netw. Comput. Appl."},{"key":"10.1016\/j.jss.2026.112788_bib0311","series-title":"Blockchain and Trustworthy Systems","first-page":"418","article-title":"M-a-r: a dynamic symbol execution detection method for smart contract reentry vulnerability","author":"Wang","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0312","unstructured":"Web3 Security Community, 2025. DeFi hacks analysis - root cause. https:\/\/wooded-meter-1d8.notion.site\/0e85e02c5ed34df3855ea9f3ca40f53b?v=22e5e2c506ef4caeb40b4f78e23517ee. Accessed: 2025-04-12."},{"key":"10.1016\/j.jss.2026.112788_bib0313","unstructured":"Wei, Z., Sun, J., Zhang, Z., Zhang, X., Yang, X., Zhu, L., 2023. Survey on quality assurance of smart contracts. arXiv: 2311.00270."},{"key":"10.1016\/j.jss.2026.112788_bib0314","doi-asserted-by":"crossref","DOI":"10.1016\/j.jnca.2024.103882","article-title":"A comprehensive survey of smart contract security: state of the art and research directions","author":"Wu","year":"2024","journal-title":"J. Netw. Comput. Appl."},{"key":"10.1016\/j.jss.2026.112788_bib0315","series-title":"Peculiar: smart contract vulnerability detection based on crucial data flow graph and pre-training techniques","author":"Wu","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0316","series-title":"Proceedings of the IEEE\/ACM 46th International Conference on Software Engineering","first-page":"1","article-title":"Are we there yet? Unraveling the state-of-the-art smart contract fuzzers","author":"Wu","year":"2024"},{"issue":"4","key":"10.1016\/j.jss.2026.112788_bib0317","doi-asserted-by":"crossref","first-page":"4147","DOI":"10.1109\/TDSC.2023.3346888","article-title":"DeFiRanger: detecting deFI price manipulation attacks","volume":"21","author":"Wu","year":"2023","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"10.1016\/j.jss.2026.112788_bib0318","series-title":"Proceedings of the 39th IEEE\/ACM International Conference on Automated Software Engineering","first-page":"1019","article-title":"AdvSCanner: generating adversarial smart contracts to exploit reentrancy vulnerabilities using LLM and static analysis","author":"Wu","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0319","series-title":"2020 IEEE International Conference on Software Maintenance and Evolution (ICSME)","first-page":"826","article-title":"Kaya: a testing framework for blockchain-based decentralized applications","author":"Wu","year":"2020"},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0320","first-page":"1","article-title":"Block-gram: mining knowledgeable features for efficiently smart contract vulnerability detection","volume":"11","author":"Xie","year":"2023","journal-title":"Digit. Commun. Netw."},{"key":"10.1016\/j.jss.2026.112788_bib0321","series-title":"Enabling the Internet of Value: How Blockchain Connects Global Businesses","first-page":"53","article-title":"From banks to DeFi: the evolution of the lending market","author":"Xu","year":"2022"},{"key":"10.1016\/j.jss.2026.112788_bib0322","article-title":"Detecting code vulnerabilities by learning from large-scale open source repositories","volume":"69","author":"Xu","year":"2022","journal-title":"J. Inf. Secur. Appl."},{"key":"10.1016\/j.jss.2026.112788_bib0323","first-page":"1","article-title":"A novel machine learning-based analysis model for smart contract vulnerability","volume":"2021","author":"Xu","year":"2021","journal-title":"Secur. Commun. Netw."},{"key":"10.1016\/j.jss.2026.112788_bib0324","series-title":"Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing","first-page":"155","article-title":"Hedging against sore loser attacks in cross-chain transactions","author":"Xue","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0325","series-title":"Proceedings of the 35th IEEE\/ACM International Conference on Automated Software Engineering","first-page":"1029","article-title":"Cross-contract static analysis for detecting practical reentrancy vulnerabilities in smart contracts","author":"Xue","year":"2021"},{"issue":"2","key":"10.1016\/j.jss.2026.112788_bib0326","doi-asserted-by":"crossref","first-page":"515","DOI":"10.1109\/TDSC.2022.3182373","article-title":"xFuzz: machine learning guided cross-contract fuzzing","volume":"21","author":"Xue","year":"2024","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"10.1016\/j.jss.2026.112788_bib0327","doi-asserted-by":"crossref","DOI":"10.1016\/j.scico.2023.103076","article-title":"CrossFuzz: cross-contract fuzzing for smart contract vulnerability detection","volume":"234","author":"Yang","year":"2024","journal-title":"Sci. Comput. Program."},{"issue":"3","key":"10.1016\/j.jss.2026.112788_bib0328","doi-asserted-by":"crossref","first-page":"62","DOI":"10.1007\/s10664-025-10623-3","article-title":"CSAFuzzer: fuzzing smart contracts combining with static analysis","volume":"30","author":"Yang","year":"2025","journal-title":"Empir. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0329","series-title":"Proceedings of the IEEE\/ACM 46th International Conference on Software Engineering","first-page":"1","article-title":"Uncover the premeditated attacks: detecting exploitable reentrancy vulnerabilities by identifying attacker contracts","author":"Yang","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0330","series-title":"2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC)","first-page":"892","article-title":"Smart contracts vulnerability auditing with multi-semantics","author":"Yang","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0331","doi-asserted-by":"crossref","first-page":"78207","DOI":"10.1109\/ACCESS.2023.3298672","article-title":"Improvement and optimization of vulnerability detection methods for ethernet smart contracts","volume":"11","author":"Yang","year":"2023","journal-title":"IEEE Access"},{"key":"10.1016\/j.jss.2026.112788_bib0332","doi-asserted-by":"crossref","DOI":"10.1016\/j.jss.2022.111410","article-title":"Vulpedia: detecting vulnerable ethereum smart contracts via abstracted vulnerability signatures","volume":"192","author":"Ye","year":"2022","journal-title":"J. Syst. Software"},{"key":"10.1016\/j.jss.2026.112788_bib0333","series-title":"Integrating Research and Practice in Software Engineering","first-page":"69","article-title":"A software analysis based vulnerability detection system for smart contracts","author":"Ye","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0334","series-title":"Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"794","article-title":"Midas: mining profitable exploits in on-chain smart contracts via feedback-driven fuzzing and differential analysis","author":"Ye","year":"2024"},{"issue":"7","key":"10.1016\/j.jss.2026.112788_bib0335","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3674725","article-title":"FunFuzz: a function-oriented fuzzer for smart contract vulnerability detection with high effectiveness and efficiency","volume":"33","author":"Ye","year":"2024","journal-title":"ACM Trans. Software Eng. Method"},{"key":"10.1016\/j.jss.2026.112788_bib0336","first-page":"1","article-title":"The challenge and prospect of distributed data management techniques in blockchain systems","volume":"42","author":"Yu","year":"2019","journal-title":"Chin. J. Comput."},{"key":"10.1016\/j.jss.2026.112788_bib0337","series-title":"2023 IEEE 34th International Symposium on Software Reliability Engineering (ISSRE)","first-page":"556","article-title":"PSCVFinder: a prompt-tuning based framework for smart contract vulnerability detection","author":"Yu","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0338","series-title":"2021 17th International Conference on Mobility, Sensing and Networking (MSN)","first-page":"412","article-title":"ReDetect: reentrancy vulnerability detection in smart contracts with high accuracy","author":"Yu","year":"2021"},{"issue":"7","key":"10.1016\/j.jss.2026.112788_bib0339","doi-asserted-by":"crossref","first-page":"1345","DOI":"10.3390\/sym15071345","article-title":"TxMirror: when the dynamic EVM stack meets transactions for smart contract vulnerability detection","volume":"15","author":"Yu","year":"2023","journal-title":"Symmetry"},{"key":"10.1016\/j.jss.2026.112788_bib0340","series-title":"2021 International Joint Conference on Neural Networks (IJCNN)","first-page":"1","article-title":"DeeSCVHunter: a deep learning-based framework for smart contract vulnerability detection","author":"Yu","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0341","series-title":"2023 International Conference on Information Management and Technology (ICIMTech)","first-page":"1","article-title":"Security risks and best practices for blockchain and smart contracts: a systematic literature review","author":"Yulianto","year":"2023"},{"issue":"6","key":"10.1016\/j.jss.2026.112788_bib0342","first-page":"55","article-title":"Unveiling the landscape of smart contract vulnerabilities: a detailed examination and codification of vulnerabilities in prominent blockchains","volume":"15","author":"Zaazaa","year":"2023","journal-title":"Int. J. Comput. Netw. Commun."},{"issue":"1","key":"10.1016\/j.jss.2026.112788_bib0343","article-title":"A systematic literature review of undiscovered vulnerabilities and tools in smart contract technology","volume":"32","author":"Zaazaa","year":"2023","journal-title":"J. Intell. Syst."},{"key":"10.1016\/j.jss.2026.112788_bib0344","series-title":"2022 IEEE 46th Annual Computers, Software, and Applications Conference (COMPSAC)","first-page":"1742","article-title":"EtherGIS: a vulnerability detection framework for ethereum smart contracts based on graph learning features","author":"Zeng","year":"2022"},{"key":"10.1016\/j.jss.2026.112788_bib0345","series-title":"International Conference on Algorithms and Architectures for Parallel Processing","first-page":"42","article-title":"SolGPT: a gpt-based static vulnerability detection model for enhancing smart contract security","author":"Zeng","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0346","series-title":"Proceedings of the IEEE\/ACM 46th International Conference on Software Engineering","first-page":"1","article-title":"Towards finding accounting errors in smart contracts","author":"Zhang","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0347","article-title":"SVScanner: detecting smart contract vulnerabilities via deep semantic extraction","volume":"75","author":"Zhang","year":"2023","journal-title":"J. Inf. Secur. Appl."},{"key":"10.1016\/j.jss.2026.112788_bib0348","series-title":"Proceedings of the 37th IEEE\/ACM International Conference on Automated Software Engineering","first-page":"1","article-title":"Xscope: hunting for cross-chain bridge attacks","author":"Zhang","year":"2022"},{"key":"10.1016\/j.jss.2026.112788_bib0349","series-title":"Proceedings of the 45th International Conference on Software Engineering: Companion Proceedings","first-page":"31","article-title":"Siguard: detecting signature-related vulnerabilities in smart contracts","author":"Zhang","year":"2023"},{"issue":"9","key":"10.1016\/j.jss.2026.112788_bib0350","doi-asserted-by":"crossref","first-page":"3577","DOI":"10.3390\/s22093577","article-title":"CBGRU: a detection method of smart contract vulnerability based on a hybrid model","volume":"22","author":"Zhang","year":"2022","journal-title":"Sensors"},{"issue":"12","key":"10.1016\/j.jss.2026.112788_bib0351","doi-asserted-by":"crossref","first-page":"4621","DOI":"10.3390\/s22124621","article-title":"SPCBIG-EC: a robust serial hybrid model for smart contract vulnerability detection","volume":"22","author":"Zhang","year":"2022","journal-title":"Sensors"},{"key":"10.1016\/j.jss.2026.112788_bib0352","doi-asserted-by":"crossref","DOI":"10.1016\/j.comnet.2022.109289","article-title":"Smart contract vulnerability detection combined with multi-objective detection","volume":"217","author":"Zhang","year":"2022","journal-title":"Comput. Netw."},{"issue":"9","key":"10.1016\/j.jss.2026.112788_bib0353","doi-asserted-by":"crossref","first-page":"3581","DOI":"10.3390\/s22093581","article-title":"A novel smart contract vulnerability detection method based on information graph and ensemble learning","volume":"22","author":"Zhang","year":"2022","journal-title":"Sensors"},{"key":"10.1016\/j.jss.2026.112788_bib0354","series-title":"29th USENIX Security Symposium (USENIX Security 20)","first-page":"2775","article-title":"{TXSPECTOR}: uncovering attacks in ethereum from transactions","author":"Zhang","year":"2020"},{"issue":"11","key":"10.1016\/j.jss.2026.112788_bib0355","doi-asserted-by":"crossref","first-page":"2983","DOI":"10.1109\/TSE.2024.3464539","article-title":"SCAnoGenerator: automatic anomaly injection for ethereum smart contracts","volume":"50","author":"Zhang","year":"2024","journal-title":"IEEE Trans. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0356","series-title":"Proceedings of the 2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER)","first-page":"116","article-title":"EthPloit: from fuzzing to efficient exploit generation against smart contracts","author":"Zhang","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0357","doi-asserted-by":"crossref","first-page":"2517","DOI":"10.1109\/TIFS.2024.3349852","article-title":"EVM-Shield: in-contract state access control for fast vulnerability detection and prevention","volume":"19","author":"Zhang","year":"2024","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"issue":"11","key":"10.1016\/j.jss.2026.112788_bib0358","doi-asserted-by":"crossref","first-page":"326","DOI":"10.3390\/fi14110326","article-title":"Toward vulnerability detection for ethereum smart contracts using graph-matching network","volume":"14","author":"Zhang","year":"2022","journal-title":"Future Internet"},{"key":"10.1016\/j.jss.2026.112788_bib0359","series-title":"Proceedings of the 2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER)","first-page":"23","article-title":"SMARTSHIELD: automatic smart contract protection made easy","author":"Zhang","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0360","series-title":"Proceedings of the 37th IEEE\/ACM International Conference on Automated Software Engineering","first-page":"1","article-title":"Reentrancy vulnerability detection and localization: a deep learning based two-phase approach","author":"Zhang","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0361","series-title":"Proceedings of the 45th International Conference on Software Engineering","first-page":"615","article-title":"Demystifying exploitable bugs in smart contracts","author":"Zhang","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0362","article-title":"SmartFast: an accurate and robust formal analysis tool for ethereum smart contracts","volume":"27","author":"Zhaoxuan","year":"2022","journal-title":"Empir. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0363","series-title":"Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"566","article-title":"Lent-sse: leveraging executed and near transactions for speculative symbolic execution of smart contracts","author":"Zheng","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0364","series-title":"Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis","first-page":"740","article-title":"Park: accelerating smart contract vulnerability detection via parallel-fork symbolic execution","author":"Zheng","year":"2022"},{"issue":"6","key":"10.1016\/j.jss.2026.112788_bib0365","doi-asserted-by":"crossref","first-page":"1360","DOI":"10.1109\/TSE.2024.3383422","article-title":"DAppSCAN: building large-scale datasets for smart contract weaknesses in dapp projects","volume":"50","author":"Zheng","year":"2024","journal-title":"IEEE Trans. Software Eng."},{"key":"10.1016\/j.jss.2026.112788_bib0366","series-title":"2023 IEEE\/ACM 45th International Conference on Software Engineering (ICSE)","first-page":"295","article-title":"Turn the rudder: a beacon of reentrancy detection for smart contracts on ethereum","author":"Zheng","year":"2023"},{"key":"10.1016\/j.jss.2026.112788_bib0367","series-title":"Proceedings of the IEEE\/ACM 46th International Conference on Software Engineering","first-page":"1","article-title":"PrettySmart: detecting permission re-delegation vulnerability for token behaviors in smart contracts","author":"Zhong","year":"2024"},{"key":"10.1016\/j.jss.2026.112788_bib0368","series-title":"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","first-page":"1","article-title":"Security assurance for smart contract","author":"Zhou","year":"2018"},{"issue":"2","key":"10.1016\/j.jss.2026.112788_bib0369","doi-asserted-by":"crossref","first-page":"358","DOI":"10.3390\/jcp2020019","article-title":"The state of ethereum smart contracts security: vulnerabilities, countermeasures, and tool support","volume":"2","author":"Zhou","year":"2022","journal-title":"J. Cybersecur. Privacy"},{"key":"10.1016\/j.jss.2026.112788_bib0370","series-title":"Data Mining and Big Data","first-page":"138","article-title":"SC-VDM: a lightweight smart contract vulnerability detection model","author":"Zhou","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0371","series-title":"29th USENIX Security Symposium (USENIX Security 20)","first-page":"2793","article-title":"An ever-evolving game: evaluation of real-world attacks and defenses in ethereum ecosystem","author":"Zhou","year":"2020"},{"key":"10.1016\/j.jss.2026.112788_bib0372","series-title":"2021 IEEE International Conference on Software Maintenance and Evolution (ICSME)","first-page":"23","article-title":"SMARTGIFT: learning to generate practical inputs for testing smart contracts","author":"Zhou","year":"2021"},{"key":"10.1016\/j.jss.2026.112788_bib0373","series-title":"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)","first-page":"153","article-title":"A map of threats to validity of systematic literature reviews in software engineering","author":"Zhou","year":"2016"},{"key":"10.1016\/j.jss.2026.112788_bib0374","series-title":"2023 IEEE 34th International Symposium on Software Reliability Engineering (ISSRE)","first-page":"568","article-title":"GraBit: a sequential model-based framework for smart contract vulnerability detection","author":"Zhu","year":"2023"},{"issue":"6","key":"10.1016\/j.jss.2026.112788_bib0375","doi-asserted-by":"crossref","first-page":"4522","DOI":"10.1109\/TSC.2024.3463394","article-title":"A survey on security analysis methods of smart contracts","volume":"17","author":"Zhu","year":"2024","journal-title":"IEEE Trans. Serv. Comput."},{"key":"10.1016\/j.jss.2026.112788_bib0376","series-title":"Computational Science and Its Applications \u2013 ICCSA 2023 Workshops","first-page":"584","article-title":"SmartGraph: static analysis tool for solidity smart contracts","author":"Zhukov","year":"2023"},{"issue":"10","key":"10.1016\/j.jss.2026.112788_bib0377","doi-asserted-by":"crossref","first-page":"2084","DOI":"10.1109\/TSE.2019.2942301","article-title":"Smart contract development: challenges and opportunities","volume":"47","author":"Zou","year":"2019","journal-title":"IEEE Trans. Software Eng."}],"container-title":["Journal of Systems and Software"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0164121226000221?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0164121226000221?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2026,3,16]],"date-time":"2026-03-16T09:17:06Z","timestamp":1773652626000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0164121226000221"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,6]]},"references-count":377,"alternative-id":["S0164121226000221"],"URL":"https:\/\/doi.org\/10.1016\/j.jss.2026.112788","relation":{},"ISSN":["0164-1212"],"issn-type":[{"value":"0164-1212","type":"print"}],"subject":[],"published":{"date-parts":[[2026,6]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Smart contract vulnerabilities, tools, and benchmarks: An updated systematic literature review","name":"articletitle","label":"Article Title"},{"value":"Journal of Systems and Software","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.jss.2026.112788","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2026 The Author(s). Published by Elsevier Inc.","name":"copyright","label":"Copyright"}],"article-number":"112788"}}