{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,17]],"date-time":"2026-05-17T06:34:21Z","timestamp":1778999661173,"version":"3.51.4"},"reference-count":190,"publisher":"Association for Computing Machinery (ACM)","issue":"14s","license":[{"start":{"date-parts":[[2023,7,17]],"date-time":"2023-07-17T00:00:00Z","timestamp":1689552000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Comput. Surv."],"published-print":{"date-parts":[[2023,12,31]]},"abstract":"\n The blockchain technology, initially created for cryptocurrency, has been re-purposed for recording state transitions of smart contracts\u2014decentralized applications that can be invoked through external transactions. Smart contracts gained popularity and accrued hundreds of billions of dollars in market capitalization in recent years. Unfortunately, like all other computer programs, smart contracts are prone to security vulnerabilities that have incurred multibillion-dollar damages over the past decade. As a result, many automated threat mitigation solutions have been proposed to counter the security issues of smart contracts. These threat mitigation solutions include various tools and methods that are challenging to compare. This survey develops a comprehensive classification taxonomy of smart contract threat mitigation solutions within five orthogonal dimensions: defense modality, core method, targeted contracts, input-output data mapping, and threat model. We classify 133 existing threat mitigation solutions using our taxonomy and confirm that the proposed five dimensions allow us to concisely and accurately describe any smart contract threat mitigation solution. In addition to learning\n what<\/jats:italic>\n the threat mitigation solutions do, we also show\n how<\/jats:italic>\n these solutions work by synthesizing their actual designs into a set of uniform workflows corresponding to the eight existing defense core methods. We further create an integrated coverage map for the known smart contract vulnerabilities by the existing threat mitigation solutions. Finally, we perform the evidence-based evolutionary analysis, in which we identify trends and future perspectives of threat mitigation in smart contracts and pinpoint major weaknesses of the existing methodologies. For the convenience of smart contract security developers, auditors, users, and researchers, we deploy and maintain a regularly updated comprehensive open-source online registry of threat mitigation solutions, called Security Threat Mitigation (STM) Registry at\n https:\/\/seit.egr.msu.edu\/research\/stmregistry\/<\/jats:ext-link>\n .\n <\/jats:p>","DOI":"10.1145\/3593293","type":"journal-article","created":{"date-parts":[[2023,4,19]],"date-time":"2023-04-19T12:08:36Z","timestamp":1681906116000},"page":"1-37","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":67,"title":["Security Threat Mitigation for Smart Contracts: A Comprehensive Survey"],"prefix":"10.1145","volume":"55","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2325-2847","authenticated-orcid":false,"given":"Nikolay","family":"Ivanov","sequence":"first","affiliation":[{"name":"Michigan State University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6279-7911","authenticated-orcid":false,"given":"Chenning","family":"Li","sequence":"additional","affiliation":[{"name":"Michigan State University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6272-7668","authenticated-orcid":false,"given":"Qiben","family":"Yan","sequence":"additional","affiliation":[{"name":"Michigan State University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4324-5580","authenticated-orcid":false,"given":"Zhiyuan","family":"Sun","sequence":"additional","affiliation":[{"name":"The Hong Kong Polytechnic University, Hong Kong"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8159-9072","authenticated-orcid":false,"given":"Zhichao","family":"Cao","sequence":"additional","affiliation":[{"name":"Michigan State University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9082-3208","authenticated-orcid":false,"given":"Xiapu","family":"Luo","sequence":"additional","affiliation":[{"name":"The Hong Kong Polytechnic University, Hong Kong"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,7,17]]},"reference":[{"key":"e_1_3_2_2_2","unstructured":"Sathish Ramani. 2020. Exploring the Methods of Looking into Ethereum\u2019s Transaction Pool (Mempool). Chainstack. Retrieved from https:\/\/chainstack.com\/exploring-the-methods-of-looking-into-ethereums-transaction-pool\/."},{"key":"e_1_3_2_3_2","unstructured":"IBM. 2022. Artificial Intelligence (AI) for Cybersecurity. IBM. Retrieved from https:\/\/www.ibm.com\/security\/artificial-intelligence."},{"key":"e_1_3_2_4_2","unstructured":"Dedaub. 2022. Dedadub Contract Library. Dedaub Ltd. Retrieved from https:\/\/dedaub.com\/contract-library."},{"key":"e_1_3_2_5_2","unstructured":"block.one. 2022. EOS.IO Technical White Paper v2. GitHub. Retrieved from https:\/\/github.com\/EOSIO\/Documentation\/blob\/master\/TechnicalWhitePaper.md."},{"key":"e_1_3_2_6_2","unstructured":"Etherscan. 2022. Etherscan Token Tracker. Etherscan. Retrieved from https:\/\/etherscan.io\/tokens."},{"key":"e_1_3_2_7_2","unstructured":"Flashbots. 2022. Go Implementation of MEV-Auction for Ethereum. GitHub. Retrieved from https:\/\/github.com\/flashbots\/mev-geth."},{"key":"e_1_3_2_8_2","unstructured":"Ethereum. 2022. Miner Extractable Value (MEV). Ethereum. Retrieved from https:\/\/ethereum.org\/en\/developers\/docs\/mev\/."},{"key":"e_1_3_2_9_2","unstructured":"Consensys. 2022. MythX. Consensys. Retrieved from https:\/\/mythx.io\/."},{"key":"e_1_3_2_10_2","unstructured":"The Neo Project. 2022. Neo White Paper. Neo Team. Retrieved from https:\/\/docs.neo.org\/v2\/docs\/en-us\/basic\/whitepaper.html."},{"key":"e_1_3_2_11_2","unstructured":"OpenZeppelin. 2022. OpenZeppelin Contracts. OpenZeppelin. Retrieved from https:\/\/openzeppelin.com\/contracts\/."},{"key":"e_1_3_2_12_2","unstructured":"Polygon Labs. 2022. Polygon. Polygon Labs UI (Cayman) Ltd. Retrieved from https:\/\/polygon.technology\/."},{"key":"e_1_3_2_13_2","unstructured":"Sergio Demian Lerner. 2022. RSK Whitepaper. IOVLabs. Retrieved from https:\/\/www.rsk.co\/Whitepapers\/RSK_White_Paper-ORIGINAL.pdf."},{"key":"e_1_3_2_14_2","unstructured":"SmartContractSecurity. 2022. SWC-100: Function Default Visibility. SmartContractSecurity. Retrieved from https:\/\/swcregistry.io\/docs\/SWC-100."},{"key":"e_1_3_2_15_2","unstructured":"SmartContractSecurity. 2022. SWC-107: Reentrancy. SmartContractSecurity. Retrieved from https:\/\/swcregistry.io\/docs\/SWC-107."},{"key":"e_1_3_2_16_2","unstructured":"SmartContractSecurity. 2022. SWC-108: State Variable Default Visibility. SmartContractSecurity. Retrieved from https:\/\/swcregistry.io\/docs\/SWC-108."},{"key":"e_1_3_2_17_2","unstructured":"SmartContractSecurity. 2022. SWC-119: Shadowing State Variables. SmartContractSecurity. Retrieved from https:\/\/swcregistry.io\/docs\/SWC-119."},{"key":"e_1_3_2_18_2","unstructured":"SmartContractSecurity. 2022. SWC-123: Requirement Violation. SmartContractSecurity. Retrieved from https:\/\/swcregistry.io\/docs\/SWC-123."},{"key":"e_1_3_2_19_2","unstructured":"SmartContractSecurity. 2022. SWC-130: Right-To-Left-Override Control Character (U+202E). SmartContractSecurity. Retrieved from https:\/\/swcregistry.io\/docs\/SWC-130."},{"key":"e_1_3_2_20_2","unstructured":"SmartContractSecurity. 2022. SWC Registry. SmartContractSecurity. Retrieved from https:\/\/swcregistry.io\/."},{"key":"e_1_3_2_21_2","unstructured":"Microsoft Research. 2022. Z3Prover\/z3. GitHub. Retrieved from https:\/\/github.com\/Z3Prover\/z3."},{"key":"e_1_3_2_22_2","first-page":"1","volume-title":"9th IFIP International Conference on New Technologies, Mobility and Security (NTMS\u201918)","author":"Abdellatif Tesnim","year":"2018","unstructured":"Tesnim Abdellatif and Kei-L\u00e9o Brousmiche. 2018. Formal verification of smart contracts based on users and blockchain behaviors models. In 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS\u201918). IEEE, 1\u20135."},{"key":"e_1_3_2_23_2","doi-asserted-by":"crossref","first-page":"228","DOI":"10.1007\/978-3-030-31517-7_16","volume-title":"International Conference on Fundamentals of Software Engineering","author":"Ahrendt Wolfgang","year":"2019","unstructured":"Wolfgang Ahrendt, Richard Bubel, Joshua Ellul, Gordon J. Pace, Ra\u00fal Pardo, Vincent Rebiscoul, and Gerardo Schneider. 2019. Verification of smart contract business logic. In International Conference on Fundamentals of Software Engineering. Springer, 228\u2013243."},{"key":"e_1_3_2_24_2","first-page":"482","volume-title":"26th Asia-Pacific Software Engineering Conference (APSEC\u201919)","author":"Akca Sefa","year":"2019","unstructured":"Sefa Akca, Ajitha Rajan, and Chao Peng. 2019. SolAnalyser: A framework for analysing and testing smart contracts. In 26th Asia-Pacific Software Engineering Conference (APSEC\u201919). IEEE, 482\u2013489."},{"key":"e_1_3_2_25_2","first-page":"386","volume-title":"28th ACM SIGSOFT International Symposium on Software Testing and Analysis","author":"Albert Elvira","year":"2019","unstructured":"Elvira Albert, Jes\u00fas Correas, Pablo Gordillo, Guillermo Rom\u00e1n-D\u00edez, and Albert Rubio. 2019. SAFEVM: A safety verifier for Ethereum smart contracts. In 28th ACM SIGSOFT International Symposium on Software Testing and Analysis. 386\u2013389."},{"key":"e_1_3_2_26_2","doi-asserted-by":"crossref","first-page":"63","DOI":"10.1007\/978-3-030-35092-5_5","volume-title":"International Conference on Verification and Evaluation of Computer and Communication Systems","author":"Albert Elvira","year":"2019","unstructured":"Elvira Albert, Pablo Gordillo, Albert Rubio, and Ilya Sergey. 2019. Running on fumes. In International Conference on Verification and Evaluation of Computer and Communication Systems. Springer, 63\u201378."},{"key":"e_1_3_2_27_2","volume-title":"53rd Hawaii International Conference on System Sciences","author":"Alqahtani Sarra","year":"2020","unstructured":"Sarra Alqahtani, Xinchi He, Rose Gamble, and Papa Mauricio. 2020. Formal verification of functional requirements for smart contract compositions in supply chain management systems. In 53rd Hawaii International Conference on System Sciences."},{"key":"e_1_3_2_28_2","doi-asserted-by":"crossref","first-page":"66","DOI":"10.1145\/3167084","volume-title":"7th ACM SIGPLAN International Conference on Certified Programs and Proofs","author":"Amani Sidney","year":"2018","unstructured":"Sidney Amani, Myriam B\u00e9gel, Maksym Bortin, and Mark Staples. 2018. Towards verifying Ethereum smart contract bytecode in Isabelle\/HOL. In 7th ACM SIGPLAN International Conference on Certified Programs and Proofs. 66\u201377."},{"key":"e_1_3_2_29_2","first-page":"1","volume-title":"13th EuroSys Conference","author":"Androulaki Elli","year":"2018","unstructured":"Elli Androulaki, Artem Barger, Vita Bortnikov, Christian Cachin, Konstantinos Christidis, Angelo De Caro, David Enyeart, Christopher Ferris, Gennady Laventman, Yacov Manevich, et\u00a0al. 2018. Hyperledger fabric: A distributed operating system for permissioned blockchains. In 13th EuroSys Conference. 1\u201315."},{"key":"e_1_3_2_30_2","doi-asserted-by":"crossref","first-page":"1788","DOI":"10.1145\/3412841.3442051","volume-title":"36th Annual ACM Symposium on Applied Computing","author":"Antonino Pedro","year":"2021","unstructured":"Pedro Antonino and A. W. Roscoe. 2021. Solidifier: Bounded model checking Solidity using lazy contract deployment and precise memory modelling. In 36th Annual ACM Symposium on Applied Computing. 1788\u20131797."},{"key":"e_1_3_2_31_2","volume-title":"Mastering Ethereum: Building Smart Contracts and Dapps","author":"Antonopoulos Andreas M.","year":"2018","unstructured":"Andreas M. Antonopoulos and Gavin Wood. 2018. Mastering Ethereum: Building Smart Contracts and Dapps. O\u2019Reilly Media."},{"key":"e_1_3_2_32_2","first-page":"1","volume-title":"9th Symposium on Languages, Applications and Technologies (SLATE\u201920)","author":"Arga\u00f1araz Mauro","year":"2020","unstructured":"Mauro Arga\u00f1araz, Mario Ber\u00f3n, Maria Jo\u00e3o Pereira, and Pedro Henriques. 2020. Detection of vulnerabilities in smart contracts specifications in Ethereum platforms. In 9th Symposium on Languages, Applications and Technologies (SLATE\u201920), Vol. 83. Schloss Dagstuhl\u2013Leibniz-Zentrum fuer Informatik, 1\u201316."},{"key":"e_1_3_2_33_2","doi-asserted-by":"crossref","first-page":"164","DOI":"10.1007\/978-3-662-54455-6_8","volume-title":"International Conference on Principles of Security and Trust","author":"Atzei Nicola","year":"2017","unstructured":"Nicola Atzei, Massimo Bartoletti, and Tiziana Cimoli. 2017. A survey of attacks on Ethereum smart contracts (sok). In International Conference on Principles of Security and Trust. Springer, 164\u2013186."},{"key":"e_1_3_2_34_2","first-page":"1124","volume-title":"27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering","author":"Atzei Nicola","year":"2019","unstructured":"Nicola Atzei, Massimo Bartoletti, Stefano Lande, Nobuko Yoshida, and Roberto Zunino. 2019. Developing secure Bitcoin contracts with BitML. In 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 1124\u20131128."},{"key":"e_1_3_2_35_2","first-page":"322","volume-title":"7th International Conference on Software and Computer Applications","author":"Bai Xiaomin","year":"2018","unstructured":"Xiaomin Bai, Zijing Cheng, Zhangbo Duan, and Kai Hu. 2018. Formal modeling and verification of smart contracts. In 7th International Conference on Software and Computer Applications. 322\u2013326."},{"key":"e_1_3_2_36_2","doi-asserted-by":"crossref","first-page":"171","DOI":"10.1007\/978-3-642-22110-1_14","volume-title":"23rd International Conference on Computer Aided Verification","author":"Barrett Clark W.","year":"2011","unstructured":"Clark W. Barrett, Christopher L. Conway, Morgan Deters, Liana Hadarean, Dejan Jovanovic, Tim King, Andrew Reynolds, and Cesare Tinelli. 2011. CVC4. In 23rd International Conference on Computer Aided Verification. Springer, 171\u2013177. DOI:10.1007\/978-3-642-22110-1_14"},{"key":"e_1_3_2_37_2","first-page":"222","volume-title":"8th International Conference on Principles of Security and Trust, POST 2019 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2019","volume":"11426","author":"Bartoletti Massimo","year":"2019","unstructured":"Massimo Bartoletti and Roberto Zunino. 2019. Verifying liquidity of Bitcoin contracts. In 8th International Conference on Principles of Security and Trust, POST 2019 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2019, Vol. 11426. Springer, 222\u2013247."},{"key":"e_1_3_2_38_2","first-page":"44","volume-title":"International Conference on Formal Engineering Methods","author":"Beckert Bernhard","year":"2018","unstructured":"Bernhard Beckert, Mihai Herda, Michael Kirsten, and Jonas Schiffl. 2018. Formal specification and verification of hyperledger fabric chaincode. In International Conference on Formal Engineering Methods. 44\u201348."},{"key":"e_1_3_2_39_2","first-page":"333","volume-title":"11th ACM Conference on Data and Application Security and Privacy","author":"Bertino Elisa","year":"2021","unstructured":"Elisa Bertino, Murat Kantarcioglu, Cuneyt Gurcan Akcora, Sagar Samtani, Sudip Mittal, and Maanak Gupta. 2021. AI for security and security for AI. In 11th ACM Conference on Data and Application Security and Privacy. 333\u2013334."},{"key":"e_1_3_2_40_2","first-page":"91","volume-title":"ACM Workshop on Programming Languages and Analysis for Security","author":"Bhargavan Karthikeyan","year":"2016","unstructured":"Karthikeyan Bhargavan, Antoine Delignat-Lavaud, C\u00e9dric Fournet, Anitha Gollamudi, Georges Gonthier, Nadim Kobeissi, Natalia Kulatova, Aseem Rastogi, Thomas Sibut-Pinote, Nikhil Swamy, et\u00a0al. 2016. Formal verification of smart contracts: Short paper. In ACM Workshop on Programming Languages and Analysis for Security. 91\u201396."},{"key":"e_1_3_2_41_2","doi-asserted-by":"crossref","first-page":"142","DOI":"10.1007\/978-3-319-25527-9_11","volume-title":"Programming Languages with Applications to Biology and Security","author":"Bigi Giancarlo","year":"2015","unstructured":"Giancarlo Bigi, Andrea Bracciali, Giovanni Meacci, and Emilio Tuosto. 2015. Validation of decentralised smart contracts through game theory and formal methods. In Programming Languages with Applications to Biology and Security. Springer, 142\u2013161."},{"key":"e_1_3_2_42_2","doi-asserted-by":"crossref","first-page":"453","DOI":"10.1007\/978-3-319-70278-0_28","volume-title":"International Conference on Financial Cryptography and Data Security","author":"Biryukov Alex","year":"2017","unstructured":"Alex Biryukov, Dmitry Khovratovich, and Sergei Tikhomirov. 2017. Findel: Secure derivative contracts for Ethereum. In International Conference on Financial Cryptography and Data Security. Springer, 453\u2013467."},{"key":"e_1_3_2_43_2","article-title":"SAILFISH: Vetting smart contract state-inconsistency bugs in seconds","author":"Bose Priyanka","year":"2021","unstructured":"Priyanka Bose, Dipanjan Das, Yanju Chen, Yu Feng, Christopher Kruegel, and Giovanni Vigna. 2021. SAILFISH: Vetting smart contract state-inconsistency bugs in seconds. arXiv preprint arXiv:2104.08638 (2021).","journal-title":"arXiv preprint arXiv:2104.08638"},{"key":"e_1_3_2_44_2","doi-asserted-by":"crossref","first-page":"9","DOI":"10.1109\/IWBOSE.2018.8327566","volume-title":"International Workshop on Blockchain Oriented Software Engineering (IWBOSE\u201918)","author":"Bragagnolo Santiago","year":"2018","unstructured":"Santiago Bragagnolo, Henrique Rocha, Marcus Denker, and St\u00e9phane Ducasse. 2018. SmartInspect: Solidity smart contract inspector. In International Workshop on Blockchain Oriented Software Engineering (IWBOSE\u201918). IEEE, 9\u201318."},{"key":"e_1_3_2_45_2","article-title":"An in-depth look at the parity multisig bug","author":"Breidenbach Lorenz","year":"2017","unstructured":"Lorenz Breidenbach, Phil Daian, Ari Juels, and Emin G\u00fcn Sirer. 2017. An in-depth look at the parity multisig bug. Hack., Distrib. July (2017).","journal-title":"Hack., Distrib. July"},{"key":"e_1_3_2_46_2","first-page":"1335","volume-title":"27th USENIX Security Symposium (USENIX Security\u201918)","author":"Breidenbach Lorenz","year":"2018","unstructured":"Lorenz Breidenbach, Phil Daian, Florian Tram\u00e8r, and Ari Juels. 2018. Enter the hydra: Towards principled bug bounties and exploit-resistant smart contracts. In 27th USENIX Security Symposium (USENIX Security\u201918). 1335\u20131352."},{"key":"e_1_3_2_47_2","doi-asserted-by":"crossref","first-page":"454","DOI":"10.1145\/3385412.3385990","volume-title":"41st ACM SIGPLAN Conference on Programming Language Design and Implementation","author":"Brent Lexi","year":"2020","unstructured":"Lexi Brent, Neville Grech, Sifis Lagouvardos, Bernhard Scholz, and Yannis Smaragdakis. 2020. Ethainter: A smart contract security analyzer for composite vulnerabilities. In 41st ACM SIGPLAN Conference on Programming Language Design and Implementation. 454\u2013469."},{"key":"e_1_3_2_48_2","article-title":"Vandal: A scalable security analysis framework for smart contracts","author":"Brent Lexi","year":"2018","unstructured":"Lexi Brent, Anton Jurisevic, Michael Kong, Eric Liu, Francois Gauthier, Vincent Gramoli, Ralph Holz, and Bernhard Scholz. 2018. Vandal: A scalable security analysis framework for smart contracts. arXiv preprint arXiv:1809.03981 (2018).","journal-title":"arXiv preprint arXiv:1809.03981"},{"key":"e_1_3_2_49_2","unstructured":"R. Browne. 2017. Accidental Bug May Have Frozen 280 Million Worth of Digital Coin Ether in a Cryptocurrency Wallet. Retrieved from https:\/\/www.cnbc.com\/2017\/11\/08\/accidental-bug-may-have-frozen-280-worth-of-ether-on-parity-wallet.html."},{"key":"e_1_3_2_50_2","first-page":"1","volume-title":"IEEE International Conference on Blockchain and Cryptocurrency (ICBC\u201920)","author":"Camino Ramiro","year":"2020","unstructured":"Ramiro Camino, Christof Ferreira Torres, Mathis Baden, and Radu State. 2020. A data science approach for detecting honeypots in Ethereum. In IEEE International Conference on Blockchain and Cryptocurrency (ICBC\u201920). IEEE, 1\u20139."},{"key":"e_1_3_2_51_2","doi-asserted-by":"crossref","unstructured":"Ethan Cecchetti Siqiu Yao Haobin Ni and Andrew C. Myers. 2021. Compositional security for reentrant applications. In 2021 IEEE Symposium on Security and Privacy (SP\u201921) . IEEE 1249\u20131267.","DOI":"10.1109\/SP40001.2021.00084"},{"key":"e_1_3_2_52_2","volume-title":"International Symposium on Foundations and Applications of Blockchain","author":"Cecchetti Ethan","year":"2020","unstructured":"Ethan Cecchetti, Siqiu Yao, Haobin Ni, and Andrew C. Myers. 2020. Securing smart contracts with information flow. In International Symposium on Foundations and Applications of Blockchain."},{"key":"e_1_3_2_53_2","first-page":"286","volume-title":"International Conference on Formal Engineering Methods","author":"Chang Jialiang","year":"2019","unstructured":"Jialiang Chang, Bo Gao, Hao Xiao, Jun Sun, Yan Cai, and Zijiang Yang. 2019. sCompile: Critical path identification and analysis for smart contracts. In International Conference on Formal Engineering Methods. Springer, 286\u2013304."},{"issue":"3","key":"e_1_3_2_54_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3391195","article-title":"A survey on Ethereum systems security: Vulnerabilities, attacks, and defenses","volume":"53","author":"Chen Huashan","year":"2020","unstructured":"Huashan Chen, Marcus Pendleton, Laurent Njilla, and Shouhuai Xu. 2020. A survey on Ethereum systems security: Vulnerabilities, attacks, and defenses. ACM Comput. Surv. 53, 3 (2020), 1\u201343.","journal-title":"ACM Comput. Surv."},{"key":"e_1_3_2_55_2","article-title":"Defining smart contract defects on Ethereum","author":"Chen Jiachi","year":"2020","unstructured":"Jiachi Chen, Xin Xia, David Lo, John Grundy, Xiapu Luo, and Ting Chen. 2020. Defining smart contract defects on Ethereum. IEEE Trans. Softw. Eng. 48, 1 (2020), 327\u2013345.","journal-title":"IEEE Trans. Softw. Eng."},{"key":"e_1_3_2_56_2","article-title":"DEFECTCHECKER: Automated smart contract defect detection by analyzing EVM bytecode","author":"Chen Jiachi","year":"2021","unstructured":"Jiachi Chen, Xin Xia, David Lo, John Grundy, Xiapu Luo, and Ting Chen. 2021. DEFECTCHECKER: Automated smart contract defect detection by analyzing EVM bytecode. IEEE Trans. Softw. Eng. 48, 7 (2021), 2189\u20132207.","journal-title":"IEEE Trans. Softw. Eng."},{"key":"e_1_3_2_57_2","volume-title":"27th Annual Network and Distributed Systems Security Symposium","author":"Chen Ting","year":"2020","unstructured":"Ting Chen, Rong Cao, Ting Li, Xiapu Luo, Guofei Gu, Yufei Zhang, Zhou Liao, Hang Zhu, Gang Chen, Zheyuan He et\u00a0al. 2020. SODA: A generic online detection framework for smart contracts. In 27th Annual Network and Distributed Systems Security Symposium. The Internet Society."},{"key":"e_1_3_2_58_2","first-page":"442","volume-title":"IEEE 24th International Conference on Software Analysis, Evolution and Reengineering (SANER\u201917)","author":"Chen Ting","year":"2017","unstructured":"Ting Chen, Xiaoqi Li, Xiapu Luo, and Xiaosong Zhang. 2017. Under-optimized smart contracts devour your money. In IEEE 24th International Conference on Software Analysis, Evolution and Reengineering (SANER\u201917). IEEE, 442\u2013446."},{"key":"e_1_3_2_59_2","first-page":"1503","volume-title":"ACM SIGSAC Conference on Computer and Communications Security","author":"Chen Ting","year":"2019","unstructured":"Ting Chen, Yufei Zhang, Zihao Li, Xiapu Luo, Ting Wang, Rong Cao, Xiuzhuo Xiao, and Xiaosong Zhang. 2019. TokenScope: Automatically detecting inconsistent behaviors of cryptocurrency tokens in Ethereum. In ACM SIGSAC Conference on Computer and Communications Security. 1503\u20131520."},{"key":"e_1_3_2_60_2","first-page":"1409","volume-title":"World Wide Web Conference","author":"Chen Weili","year":"2018","unstructured":"Weili Chen, Zibin Zheng, Jiahui Cui, Edith Ngai, Peilin Zheng, and Yuren Zhou. 2018. Detecting ponzi schemes on Ethereum: Towards healthier blockchain technology. In World Wide Web Conference. 1409\u20131418."},{"key":"e_1_3_2_61_2","first-page":"327","volume-title":"IEEE International Conference on Blockchain (Blockchain\u201920)","author":"Chinen Yuchiro","year":"2020","unstructured":"Yuchiro Chinen, Naoto Yanai, Jason Paul Cruz, and Shingo Okamura. 2020. RA: Hunting for re-entrancy attacks in Ethereum smart contracts via static analysis. In IEEE International Conference on Blockchain (Blockchain\u201920). IEEE, 327\u2013336."},{"key":"e_1_3_2_62_2","first-page":"910","volume-title":"IEEE Symposium on Security and Privacy (SP\u201920)","author":"Daian Philip","year":"2020","unstructured":"Philip Daian, Steven Goldfeder, Tyler Kell, Yunqi Li, Xueyuan Zhao, Iddo Bentov, Lorenz Breidenbach, and Ari Juels. 2020. Flash Boys 2.0: Frontrunning in decentralized exchanges, miner extractable value, and consensus instability. In IEEE Symposium on Security and Privacy (SP\u201920). IEEE, 910\u2013927."},{"key":"e_1_3_2_63_2","doi-asserted-by":"crossref","first-page":"69","DOI":"10.1109\/DAPPCON.2019.00018","volume-title":"IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON\u201919)","author":"Angelo Monika Di","year":"2019","unstructured":"Monika Di Angelo and Gernot Salzer. 2019. A survey of tools for analyzing Ethereum smart contracts. In IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON\u201919). IEEE, 69\u201378."},{"key":"e_1_3_2_64_2","doi-asserted-by":"crossref","first-page":"321","DOI":"10.1145\/3463274.3463351","volume-title":"Evaluation and Assessment in Software Engineering","author":"Ding Mengjie","year":"2021","unstructured":"Mengjie Ding, Peiru Li, Shanshan Li, and He Zhang. 2021. HFContractFuzzer: Fuzzing hyperledger fabric smart contracts for vulnerability detection. In Evaluation and Assessment in Software Engineering. Association for Computing Machinery, 321\u2013328."},{"issue":"3","key":"e_1_3_2_65_2","doi-asserted-by":"crossref","first-page":"19","DOI":"10.1109\/MIS.2020.2977594","article-title":"Formal analysis of smart contract based on colored petri nets","volume":"35","author":"Duo Wang","year":"2020","unstructured":"Wang Duo, Huang Xin, and Ma Xiaofeng. 2020. Formal analysis of smart contract based on colored petri nets. IEEE Intell. Syst. 35, 3 (2020), 19\u201330.","journal-title":"IEEE Intell. Syst."},{"key":"e_1_3_2_66_2","first-page":"158","volume-title":"14th European Dependable Computing Conference (EDCC\u201918)","author":"Ellul Joshua","year":"2018","unstructured":"Joshua Ellul and Gordon J. Pace. 2018. Runtime verification of Ethereum smart contracts. In 14th European Dependable Computing Conference (EDCC\u201918). IEEE, 158\u2013163."},{"key":"e_1_3_2_67_2","first-page":"8","volume-title":"IEEE\/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB\u201919)","author":"Feist Josselin","year":"2019","unstructured":"Josselin Feist, Gustavo Grieco, and Alex Groce. 2019. Slither: A static analysis framework for smart contracts. In IEEE\/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB\u201919). IEEE, 8\u201315."},{"key":"e_1_3_2_68_2","article-title":"Precise attack synthesis for smart contracts","author":"Feng Yu","year":"2019","unstructured":"Yu Feng, Emina Torlak, and Rastislav Bodik. 2019. Precise attack synthesis for smart contracts. arXiv preprint arXiv:1902.06067 (2019).","journal-title":"arXiv preprint arXiv:1902.06067"},{"key":"e_1_3_2_69_2","doi-asserted-by":"crossref","first-page":"1141","DOI":"10.1145\/3324884.3416646","volume-title":"35th IEEE\/ACM International Conference on Automated Software Engineering (ASE\u201920)","author":"Feng Yu","year":"2020","unstructured":"Yu Feng, Emina Torlak, and Rastislav Bodik. 2020. Summary-based symbolic evaluation for smart contracts. In 35th IEEE\/ACM International Conference on Automated Software Engineering (ASE\u201920). IEEE, 1141\u20131152."},{"key":"e_1_3_2_70_2","first-page":"584","volume-title":"15th ACM Asia Conference on Computer and Communications Security","author":"Torres Christof Ferreira","year":"2020","unstructured":"Christof Ferreira Torres, Mathis Baden, Robert Norvill, Beltran Borja Fiz Pontiveros, Hugo Jonker, and Sjouke Mauw. 2020. \u00c6gis: Shielding vulnerable smart contracts against attacks. In 15th ACM Asia Conference on Computer and Communications Security. 584\u2013597."},{"key":"e_1_3_2_71_2","doi-asserted-by":"crossref","unstructured":"Christof Ferreira Torres Antonio Ken Iannillo Arthur Gervais and Radu State. 2021. CONFUZZIUS: A data dependency-aware hybrid fuzzer for smart contracts. In 2021 IEEE European Symposium on Security and Privacy (EuroS&P\u201921) . 103\u2013119. DOI:10.1109\/EuroSP51992.2021.00018","DOI":"10.36227\/techrxiv.14192459"},{"key":"e_1_3_2_72_2","volume-title":"International Conference on Financial Cryptography and Data Security","author":"Torres Christof Ferreira","year":"2021","unstructured":"Christof Ferreira Torres, Antonio Ken Iannillo, Arthur Gervais et\u00a0al. 2021. The Eye of Horus: Spotting and analyzing attacks on Ethereum smart contracts. In International Conference on Financial Cryptography and Data Security."},{"key":"e_1_3_2_73_2","first-page":"2757","volume-title":"29th USENIX Security Symposium (USENIX Security\u201920)","author":"Frank Joel","year":"2020","unstructured":"Joel Frank, Cornelius Aschermann, and Thorsten Holz. 2020. ETHBMC: A bounded model checker for smart contracts. In 29th USENIX Security Symposium (USENIX Security\u201920). 2757\u20132774."},{"key":"e_1_3_2_74_2","unstructured":"Ernesto Frontera. 2022. A History of the DAO Hack. Retrieved from https:\/\/coinmarketcap.com\/alexandria\/article\/a-history-of-the-dao-hack."},{"key":"e_1_3_2_75_2","article-title":"EVMFuzz: Differential fuzz testing of Ethereum virtual machine","author":"Fu Ying","year":"2019","unstructured":"Ying Fu, Meng Ren, Fuchen Ma, Yu Jiang, Heyuan Shi, and Jiaguang Sun. 2019. EVMFuzz: Differential fuzz testing of Ethereum virtual machine. arXiv preprint arXiv:1903.08483 (2019).","journal-title":"arXiv preprint arXiv:1903.08483"},{"key":"e_1_3_2_76_2","first-page":"1110","volume-title":"27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering","author":"Fu Ying","year":"2019","unstructured":"Ying Fu, Meng Ren, Fuchen Ma, Heyuan Shi, Xin Yang, Yu Jiang, Huizhong Li, and Xiang Shi. 2019. EVMFuzzer: Detect EVM vulnerabilities via fuzz testing. In 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 1110\u20131114."},{"key":"e_1_3_2_77_2","first-page":"23","volume-title":"IEEE\/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion\u201919)","author":"Gao Jianbo","year":"2019","unstructured":"Jianbo Gao, Han Liu, Chao Liu, Qingshan Li, Zhi Guan, and Zhong Chen. 2019. Easyflow: Keep Ethereum away from overflow. In IEEE\/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion\u201919). IEEE, 23\u201326."},{"key":"e_1_3_2_78_2","unstructured":"Dan Goodin. 2021. Really Stupid \u201cSmart Contract\u201d Bug Let Hackers Steal $31 Million in Digital Coin. Retrieved from https:\/\/arstechnica.com\/information-technology\/2021\/12\/hackers-drain-31-million-from-cryptocurrency-service-monox-finance\/."},{"key":"e_1_3_2_79_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3276486","article-title":"MadMax: Surviving out-of-gas conditions in Ethereum smart contracts","volume":"2","author":"Grech Neville","year":"2018","unstructured":"Neville Grech, Michael Kong, Anton Jurisevic, Lexi Brent, Bernhard Scholz, and Yannis Smaragdakis. 2018. MadMax: Surviving out-of-gas conditions in Ethereum smart contracts. Proc. ACM Program. Lang. 2, OOPSLA (2018), 1\u201327.","journal-title":"Proc. ACM Program. Lang."},{"key":"e_1_3_2_80_2","first-page":"557","volume-title":"29th ACM SIGSOFT International Symposium on Software Testing and Analysis","author":"Grieco Gustavo","year":"2020","unstructured":"Gustavo Grieco, Will Song, Artur Cygan, Josselin Feist, and Alex Groce. 2020. Echidna: Effective, usable, and fast fuzzing for smart contracts. In 29th ACM SIGSOFT International Symposium on Software Testing and Analysis. 557\u2013560."},{"key":"e_1_3_2_81_2","article-title":"EtherTrust: Sound Static Analysis of Ethereum Bytecode","author":"Grishchenko Ilya","year":"2018","unstructured":"Ilya Grishchenko, Matteo Maffei, and Clara Schneidewind. 2018. EtherTrust: Sound Static Analysis of Ethereum Bytecode. Technical Report. Technische Universit\u00e4t Wien.","journal-title":"Technical Report. Technische Universit\u00e4t Wien."},{"key":"e_1_3_2_82_2","first-page":"243","volume-title":"International Conference on Principles of Security and Trust","author":"Grishchenko Ilya","year":"2018","unstructured":"Ilya Grishchenko, Matteo Maffei, and Clara Schneidewind. 2018. A semantic framework for the security analysis of Ethereum smart contracts. In International Conference on Principles of Security and Trust. Springer, 243\u2013269."},{"key":"e_1_3_2_83_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3158136","article-title":"Online detection of effectively callback free objects with applications to smart contracts","volume":"2","author":"Grossman Shelly","year":"2017","unstructured":"Shelly Grossman, Ittai Abraham, Guy Golan-Gueta, Yan Michalevsky, Noam Rinetzky, Mooly Sagiv, and Yoni Zohar. 2017. Online detection of effectively callback free objects with applications to smart contracts. Proc. ACM Program. Lang. 2, POPL (2017), 1\u201328.","journal-title":"Proc. ACM Program. Lang."},{"key":"e_1_3_2_84_2","article-title":"solc-verify: A modular verifier for Solidity smart contracts","author":"Hajdu \u00c1kos","year":"2019","unstructured":"\u00c1kos Hajdu and Dejan Jovanovi\u0107. 2019. solc-verify: A modular verifier for Solidity smart contracts. arXiv preprint arXiv:1907.04262 (2019).","journal-title":"arXiv preprint arXiv:1907.04262"},{"key":"e_1_3_2_85_2","volume-title":"2nd Workshop on Formal Methods for Blockchains (FMBC\u201920)","author":"Hajdu \u00c1kos","year":"2020","unstructured":"\u00c1kos Hajdu, Dejan Jovanovi\u0107, and Gabriela Ciocarlie. 2020. Formal specification and verification of solidity contracts with events (short paper). In 2nd Workshop on Formal Methods for Blockchains (FMBC\u201920). Schloss Dagstuhl-Leibniz-Zentrum f\u00fcr Informatik."},{"key":"e_1_3_2_86_2","article-title":"Towards safer smart contracts: A survey of languages and verification methods","author":"Harz Dominik","year":"2018","unstructured":"Dominik Harz and William Knottenbelt. 2018. Towards safer smart contracts: A survey of languages and verification methods. arXiv preprint arXiv:1809.09805 (2018).","journal-title":"arXiv preprint arXiv:1809.09805"},{"key":"e_1_3_2_87_2","first-page":"531","volume-title":"ACM SIGSAC Conference on Computer and Communications Security","author":"He Jingxuan","year":"2019","unstructured":"Jingxuan He, Mislav Balunovi\u0107, Nodar Ambroladze, Petar Tsankov, and Martin Vechev. 2019. Learning to fuzz from symbolic execution with application to smart contracts. In ACM SIGSAC Conference on Computer and Communications Security. 531\u2013548."},{"key":"e_1_3_2_88_2","first-page":"1271","volume-title":"30th USENIX Security Symposium (USENIX Security\u201921)","author":"He Ningyu","year":"2021","unstructured":"Ningyu He, Ruiyi Zhang, Haoyu Wang, Lei Wu, Xiapu Luo, Yao Guo, Ting Yu, and Xuxian Jiang. 2021. EOSAFE: Security analysis of EOSIO smart contracts. In 30th USENIX Security Symposium (USENIX Security\u201921). 1271\u20131288."},{"key":"e_1_3_2_89_2","first-page":"204","volume-title":"IEEE 31st Computer Security Foundations Symposium (CSF\u201918)","author":"Hildenbrandt Everett","year":"2018","unstructured":"Everett Hildenbrandt, Manasvi Saxena, Nishant Rodrigues, Xiaoran Zhu, Philip Daian, Dwight Guth, Brandon Moore, Daejun Park, Yi Zhang, Andrei Stefanescu et\u00a0al. 2018. KEVM: A complete formal semantics of the Ethereum virtual machine. In IEEE 31st Computer Security Foundations Symposium (CSF\u201918). IEEE, 204\u2013217."},{"issue":"2","key":"e_1_3_2_90_2","doi-asserted-by":"crossref","first-page":"100179","DOI":"10.1016\/j.patter.2020.100179","article-title":"A comprehensive survey on smart contract construction and execution: Paradigms, tools, and systems","volume":"2","author":"Hu Bin","year":"2021","unstructured":"Bin Hu, Zongyang Zhang, Jianwei Liu, Yizhong Liu, Jiayuan Yin, Rongxing Lu, and Xiaodong Lin. 2021. A comprehensive survey on smart contract construction and execution: Paradigms, tools, and systems. Patterns 2, 2 (2021), 100179.","journal-title":"Patterns"},{"issue":"2","key":"e_1_3_2_91_2","doi-asserted-by":"crossref","first-page":"102462","DOI":"10.1016\/j.ipm.2020.102462","article-title":"Transaction-based classification and detection approach for Ethereum smart contract","volume":"58","author":"Hu Teng","year":"2021","unstructured":"Teng Hu, Xiaolei Liu, Ting Chen, Xiaosong Zhang, Xiaoming Huang, Weina Niu, Jiazhong Lu, Kun Zhou, and Yuan Liu. 2021. Transaction-based classification and detection approach for Ethereum smart contract. Inf. Process. Manag. 58, 2 (2021), 102462.","journal-title":"Inf. Process. Manag."},{"key":"e_1_3_2_92_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102343"},{"key":"e_1_3_2_93_2","doi-asserted-by":"crossref","first-page":"2144","DOI":"10.1109\/TIFS.2021.3050051","article-title":"Hunting vulnerable smart contracts via graph embedding based bytecode matching","volume":"16","author":"Huang Jianjun","year":"2021","unstructured":"Jianjun Huang, Songming Han, Wei You, Wenchang Shi, Bin Liang, Jingzheng Wu, and Yanjun Wu. 2021. Hunting vulnerable smart contracts via graph embedding based bytecode matching. IEEE Trans. Inf. Forens. Secur. 16 (2021), 2144\u20132156.","journal-title":"IEEE Trans. Inf. Forens. Secur."},{"key":"e_1_3_2_94_2","doi-asserted-by":"crossref","first-page":"22","DOI":"10.1007\/978-3-030-86890-1_2","volume-title":"International Conference on Information and Communications Security","author":"Ivanov Nikolay","year":"2021","unstructured":"Nikolay Ivanov, Hanqing Guo, and Qiben Yan. 2021. Rectifying administrated ERC20 tokens. In International Conference on Information and Communications Security. Springer, 22\u201337."},{"key":"e_1_3_2_95_2","first-page":"787","volume-title":"ACM Asia Conference on Computer and Communications Security","author":"Ivanov Nikolay","year":"2021","unstructured":"Nikolay Ivanov, Jianzhi Lou, Ting Chen, Jin Li, and Qiben Yan. 2021. Targeting the weakest link: Social engineering attacks in Ethereum smart contracts. In ACM Asia Conference on Computer and Communications Security. 787\u2013801."},{"key":"e_1_3_2_96_2","first-page":"191","volume-title":"IEEE Conference on Communications and Network Security (CNS\u201921)","author":"Ivanov Nikolay","year":"2021","unstructured":"Nikolay Ivanov and Qiben Yan. 2021. EthClipper: A clipboard meddling attack on hardware wallets with address verification evasion. In IEEE Conference on Communications and Network Security (CNS\u201921). IEEE, 191\u2013199."},{"key":"e_1_3_2_97_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2023.3234895"},{"key":"e_1_3_2_98_2","first-page":"259","volume-title":"33rd IEEE\/ACM International Conference on Automated Software Engineering (ASE\u201918)","author":"Jiang Bo","year":"2018","unstructured":"Bo Jiang, Ye Liu, and W. K. Chan. 2018. ContractFuzzer: Fuzzing smart contracts for vulnerability detection. In 33rd IEEE\/ACM International Conference on Automated Software Engineering (ASE\u201918). IEEE, 259\u2013269."},{"key":"e_1_3_2_99_2","first-page":"1695","volume-title":"IEEE Symposium on Security and Privacy (SP\u201920)","author":"Jiao Jiao","year":"2020","unstructured":"Jiao Jiao, Shuanglong Kan, Shang-Wei Lin, David Sanan, Yang Liu, and Jun Sun. 2020. Semantic understanding of smart contracts: Executable operational semantics of Solidity. In IEEE Symposium on Security and Privacy (SP\u201920). IEEE, 1695\u20131712."},{"key":"e_1_3_2_100_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2022.3141396"},{"key":"e_1_3_2_101_2","first-page":"1","volume-title":"Network and Distributed Security Symposium","author":"Kalra Sukrit","year":"2018","unstructured":"Sukrit Kalra, Seep Goel, Mohan Dhawan, and Subodh Sharma. 2018. ZEUS: Analyzing safety of smart contracts. In Network and Distributed Security Symposium. 1\u201312."},{"issue":"7","key":"e_1_3_2_102_2","doi-asserted-by":"crossref","first-page":"385","DOI":"10.1145\/360248.360252","article-title":"Symbolic execution and program testing","volume":"19","author":"King James C.","year":"1976","unstructured":"James C. King. 1976. Symbolic execution and program testing. Commun. ACM 19, 7 (1976), 385\u2013394.","journal-title":"Commun. ACM"},{"key":"e_1_3_2_103_2","first-page":"363","volume-title":"28th ACM SIGSOFT International Symposium on Software Testing and Analysis","author":"Kolluri Aashish","year":"2019","unstructured":"Aashish Kolluri, Ivica Nikolic, Ilya Sergey, Aquinas Hobor, and Prateek Saxena. 2019. Exploiting the laws of order in smart contracts. In 28th ACM SIGSOFT International Symposium on Software Testing and Analysis. 363\u2013373."},{"key":"e_1_3_2_104_2","first-page":"69","volume-title":"34th IEEE\/ACM International Conference on Automated Software Engineering Workshop (ASEW\u201919)","author":"Kongmanee Jaturong","year":"2019","unstructured":"Jaturong Kongmanee, Phongphun Kijsanayothin, and Rattikorn Hewett. 2019. Securing smart contracts in blockchain. In 34th IEEE\/ACM International Conference on Automated Software Engineering Workshop (ASEW\u201919). IEEE, 69\u201376."},{"key":"e_1_3_2_105_2","first-page":"1317","volume-title":"27th USENIX Security Symposium (USENIX Security\u201918)","author":"Krupp Johannes","year":"2018","unstructured":"Johannes Krupp and Christian Rossow. 2018. teEther: Gnawing at Ethereum to automatically exploit smart contracts. In 27th USENIX Security Symposium (USENIX Security\u201918). 1317\u20131333."},{"key":"e_1_3_2_106_2","first-page":"57","volume-title":"2nd ACM Workshop on Blockchains, Cryptocurrencies, and Contracts","author":"Le Ton Chanh","year":"2018","unstructured":"Ton Chanh Le, Lei Xu, Lin Chen, and Weidong Shi. 2018. Proving conditional termination for smart contracts. In 2nd ACM Workshop on Blockchains, Cryptocurrencies, and Contracts. 57\u201359."},{"key":"e_1_3_2_107_2","doi-asserted-by":"crossref","first-page":"438","DOI":"10.1145\/3385412.3385982","volume-title":"41st ACM SIGPLAN Conference on Programming Language Design and Implementation","author":"Li Ao","year":"2020","unstructured":"Ao Li, Jemin Andrew Choi, and Fan Long. 2020. Securing smart contract with runtime validation. In 41st ACM SIGPLAN Conference on Programming Language Design and Implementation. 438\u2013453."},{"key":"e_1_3_2_108_2","doi-asserted-by":"crossref","first-page":"841","DOI":"10.1016\/j.future.2017.08.020","article-title":"A survey on the security of blockchain systems","volume":"107","author":"Li Xiaoqi","year":"2020","unstructured":"Xiaoqi Li, Peng Jiang, Ting Chen, Xiapu Luo, and Qiaoyan Wen. 2020. A survey on the security of blockchain systems. Fut. Gen. Comput. Syst. 107 (2020), 841\u2013853.","journal-title":"Fut. Gen. Comput. Syst."},{"key":"e_1_3_2_109_2","first-page":"74","volume-title":"5th International Conference on Big Data Computing and Communications (BIGCOM\u201919)","author":"Li Xiaoyu","year":"2019","unstructured":"Xiaoyu Li, Cheng Su, Yan Xiong, Wenchao Huang, and Wansen Wang. 2019. Formal verification of BNB smart contract. In 5th International Conference on Big Data Computing and Communications (BIGCOM\u201919). IEEE, 74\u201378."},{"key":"e_1_3_2_110_2","first-page":"144","volume-title":"IEEE\/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion\u201919)","author":"Li Yue","year":"2019","unstructured":"Yue Li. 2019. Finding concurrency exploits on smart contracts. In IEEE\/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion\u201919). IEEE, 144\u2013146."},{"key":"e_1_3_2_111_2","first-page":"1219","volume-title":"IEEE 40th International Conference on Distributed Computing Systems (ICDCS\u201920)","author":"Li Yue","year":"2020","unstructured":"Yue Li, Han Liu, Zhiqiang Yang, Qian Ren, Lei Wang, and Bangdao Chen. 2020. SafePay on Ethereum: A framework for detecting unfair payments in smart contracts. In IEEE 40th International Conference on Distributed Computing Systems (ICDCS\u201920). IEEE, 1219\u20131222."},{"key":"e_1_3_2_112_2","first-page":"458","volume-title":"6th International Conference on Internet of Things: Systems, Management and Security (IOTSMS\u201919)","author":"Liao Jian-Wei","year":"2019","unstructured":"Jian-Wei Liao, Tsung-Ta Tsai, Chia-Kang He, and Chin-Wei Tien. 2019. SoliAudit: Smart contract vulnerability assessment based on machine learning and fuzz testing. In 6th International Conference on Internet of Things: Systems, Management and Security (IOTSMS\u201919). IEEE, 458\u2013465."},{"key":"e_1_3_2_113_2","doi-asserted-by":"crossref","unstructured":"Shlomi Linoy Suprio Ray and Natalia Stakhanova. 2021. EtherProv: Provenance-aware detection analysis and mitigation of Ethereum smart contract security issues. In 2021 IEEE International Conference on Blockchain (Blockchain) . 1\u201310. DOI:10.1109\/Blockchain53845.2021.00014","DOI":"10.1109\/Blockchain53845.2021.00014"},{"key":"e_1_3_2_114_2","first-page":"65","volume-title":"IEEE\/ACM 40th International Conference on Software Engineering: Companion (ICSE-Companion\u201918)","author":"Liu Chao","year":"2018","unstructured":"Chao Liu, Han Liu, Zhao Cao, Zhong Chen, Bangdao Chen, and Bill Roscoe. 2018. ReGuard: Finding reentrancy bugs in smart contracts. In IEEE\/ACM 40th International Conference on Software Engineering: Companion (ICSE-Companion\u201918). IEEE, 65\u201368."},{"key":"e_1_3_2_115_2","first-page":"814","volume-title":"33rd IEEE\/ACM International Conference on Automated Software Engineering (ASE\u201918)","author":"Liu Han","year":"2018","unstructured":"Han Liu, Chao Liu, Wenqi Zhao, Yu Jiang, and Jiaguang Sun. 2018. S-gram: Towards semantic-aware security auditing for Ethereum smart contracts. In 33rd IEEE\/ACM International Conference on Automated Software Engineering (ASE\u201918). IEEE, 814\u2013819."},{"key":"e_1_3_2_116_2","first-page":"1601","volume-title":"28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering","author":"Liu Ye","year":"2020","unstructured":"Ye Liu, Yi Li, Shang-Wei Lin, and Qiang Yan. 2020. ModCon: A model-based testing platform for smart contracts. In 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 1601\u20131605."},{"key":"e_1_3_2_117_2","article-title":"Smart contract vulnerability detection: From pure neural network to interpretable graph feature and expert pattern fusion","author":"Liu Zhenguang","year":"2021","unstructured":"Zhenguang Liu, Peng Qian, Xiang Wang, Lei Zhu, Qinming He, and Shouling Ji. 2021. Smart contract vulnerability detection: From pure neural network to interpretable graph feature and expert pattern fusion. arXiv preprint arXiv:2106.09282 (2021).","journal-title":"arXiv preprint arXiv:2106.09282"},{"key":"e_1_3_2_118_2","article-title":"NeuCheck: A more practical Ethereum smart contract security analysis tool","author":"Lu Ning","year":"2019","unstructured":"Ning Lu, Bin Wang, Yongxin Zhang, Wenbo Shi, and Christian Esposito. 2019. NeuCheck: A more practical Ethereum smart contract security analysis tool. Softw.: Pract. Exper. (2019).","journal-title":"Softw.: Pract. Exper."},{"key":"e_1_3_2_119_2","article-title":"ESCORT: Ethereum smart COntRacTs vulnerability detection using deep neural network and transfer learning","author":"Lutz Oliver","year":"2021","unstructured":"Oliver Lutz, Huili Chen, Hossein Fereidooni, Christoph Sendner, Alexandra Dmitrienko, Ahmad Reza Sadeghi, and Farinaz Koushanfar. 2021. ESCORT: Ethereum smart COntRacTs vulnerability detection using deep neural network and transfer learning. arXiv preprint arXiv:2103.12607 (2021).","journal-title":"arXiv preprint arXiv:2103.12607"},{"key":"e_1_3_2_120_2","first-page":"254","volume-title":"ACM SIGSAC Conference on Computer and Communications Security","author":"Luu Loi","year":"2016","unstructured":"Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, and Aquinas Hobor. 2016. Making smart contracts smarter. In ACM SIGSAC Conference on Computer and Communications Security. 254\u2013269."},{"key":"e_1_3_2_121_2","article-title":"GasFuzz: Generating high gas consumption inputs to avoid out-of-gas vulnerability","author":"Ma Fuchen","year":"2019","unstructured":"Fuchen Ma, Ying Fu, Meng Ren, Wanting Sun, Zhe Liu, Yu Jiang, Jun Sun, and Jiaguang Sun. 2019. GasFuzz: Generating high gas consumption inputs to avoid out-of-gas vulnerability. arXiv preprint arXiv:1910.02945 (2019).","journal-title":"arXiv preprint arXiv:1910.02945"},{"key":"e_1_3_2_122_2","first-page":"554","volume-title":"IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER\u201919)","author":"Ma Fuchen","year":"2019","unstructured":"Fuchen Ma, Ying Fu, Meng Ren, Mingzhe Wang, Yu Jiang, Kaixiang Zhang, Huizhong Li, and Xiang Shi. 2019. EVM*: From offline detection to online reinforcement for Ethereum virtual machine. In IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER\u201919). IEEE, 554\u2013558."},{"key":"e_1_3_2_123_2","first-page":"178","volume-title":"International Symposium on Leveraging Applications of Formal Methods","author":"Marescotti Matteo","year":"2020","unstructured":"Matteo Marescotti, Rodrigo Otoni, Leonardo Alt, Patrick Eugster, Antti E. J. Hyv\u00e4rinen, and Natasha Sharygina. 2020. Accurate smart contract verification through direct modelling. In International Symposium on Leveraging Applications of Formal Methods. Springer, 178\u2013194."},{"key":"e_1_3_2_124_2","first-page":"523","volume-title":"International Conference on Financial Cryptography and Data Security","author":"Mavridou Anastasia","year":"2018","unstructured":"Anastasia Mavridou and Aron Laszka. 2018. Designing secure Ethereum smart contracts: A finite state machine based approach. In International Conference on Financial Cryptography and Data Security. Springer, 523\u2013540."},{"key":"e_1_3_2_125_2","doi-asserted-by":"crossref","first-page":"446","DOI":"10.1007\/978-3-030-32101-7_27","volume-title":"International Conference on Financial Cryptography and Data Security","author":"Mavridou Anastasia","year":"2019","unstructured":"Anastasia Mavridou, Aron Laszka, Emmanouela Stachtiari, and Abhishek Dubey. 2019. VeriSolid: Correct-by-design smart contracts for Ethereum. In International Conference on Financial Cryptography and Data Security. Springer, 446\u2013465."},{"key":"e_1_3_2_126_2","doi-asserted-by":"crossref","first-page":"696","DOI":"10.1007\/978-3-642-39799-8_48","volume-title":"International Conference on Computer Aided Verification","author":"Meier Simon","year":"2013","unstructured":"Simon Meier, Benedikt Schmidt, Cas Cremers, and David Basin. 2013. The TAMARIN prover for the symbolic analysis of security protocols. In International Conference on Computer Aided Verification. Springer, 696\u2013701."},{"key":"e_1_3_2_127_2","first-page":"1","volume-title":"17th International Conference on Privacy, Security and Trust (PST\u201919)","author":"Momeni Pouyan","year":"2019","unstructured":"Pouyan Momeni, Yu Wang, and Reza Samavi. 2019. Machine learning model for smart contracts security analysis. In 17th International Conference on Privacy, Security and Trust (PST\u201919). IEEE, 1\u20136."},{"key":"e_1_3_2_128_2","first-page":"1186","volume-title":"34th IEEE\/ACM International Conference on Automated Software Engineering (ASE\u201919)","author":"Mossberg Mark","year":"2019","unstructured":"Mark Mossberg, Felipe Manzano, Eric Hennenfent, Alex Groce, Gustavo Grieco, Josselin Feist, Trent Brunson, and Artem Dinaburg. 2019. Manticore: A user-friendly symbolic execution framework for binaries and smart contracts. In 34th IEEE\/ACM International Conference on Automated Software Engineering (ASE\u201919). IEEE, 1186\u20131189."},{"key":"e_1_3_2_129_2","volume-title":"9th Annual HITB Security Conference (HITBSecConf\u201918)","volume":"54","author":"Mueller Bernhard","year":"2018","unstructured":"Bernhard Mueller. 2018. Smashing Ethereum smart contracts for fun and real profit. In 9th Annual HITB Security Conference (HITBSecConf\u201918), Vol. 54."},{"key":"e_1_3_2_130_2","volume-title":"IEEE International Conference on Blockchain","author":"Nehai Zeinab","year":"2018","unstructured":"Zeinab Nehai, Pierre-Yves Piriou, and Fr\u00e9d\u00e9ric Daumas. 2018. Model-checking of smart contracts. In IEEE International Conference on Blockchain."},{"key":"e_1_3_2_131_2","doi-asserted-by":"crossref","unstructured":"Tai D. Nguyen Long H. Pham and Jun Sun. 2021. sGUARD: Towards fixing vulnerable smart contracts automatically. In 2021 IEEE Symposium on Security and Privacy (SP\u201921) . 1215\u20131229. DOI:10.1109\/SP40001.2021.00057","DOI":"10.1109\/SP40001.2021.00057"},{"key":"e_1_3_2_132_2","doi-asserted-by":"crossref","first-page":"778","DOI":"10.1145\/3377811.3380334","volume-title":"ACM\/IEEE 42nd International Conference on Software Engineering","author":"Nguyen Tai D.","year":"2020","unstructured":"Tai D. Nguyen, Long H. Pham, Jun Sun, Yun Lin, and Quang Tran Minh. 2020. sFuzz: An efficient adaptive fuzzer for solidity smart contracts. In ACM\/IEEE 42nd International Conference on Software Engineering. 778\u2013788."},{"issue":"3","key":"e_1_3_2_133_2","first-page":"78","article-title":"A survey of smart contract vulnerability research","volume":"5","author":"Ni Yuandong","year":"2020","unstructured":"Yuandong Ni, Chao Zhang, and Tingting Yin. 2020. A survey of smart contract vulnerability research. J. Cyber Secur. 5, 3 (2020), 78\u201399.","journal-title":"J. Cyber Secur."},{"key":"e_1_3_2_134_2","first-page":"653","volume-title":"34th Annual Computer Security Applications Conference","author":"Nikoli\u0107 Ivica","year":"2018","unstructured":"Ivica Nikoli\u0107, Aashish Kolluri, Ilya Sergey, Prateek Saxena, and Aquinas Hobor. 2018. Finding the greedy, prodigal, and suicidal contracts at scale. In 34th Annual Computer Security Applications Conference. 653\u2013663."},{"key":"e_1_3_2_135_2","first-page":"1","volume-title":"IEEE\/IFIP Network Operations and Management Symposium","author":"Norvill Robert","year":"2018","unstructured":"Robert Norvill, Beltran Borja Fiz Pontiveros, Radu State, and Andrea Cullen. 2018. Visual emulation for Ethereum\u2019s virtual machine. In IEEE\/IFIP Network Operations and Management Symposium. IEEE, 1\u20134."},{"key":"e_1_3_2_136_2","first-page":"1","article-title":"Smart contract vulnerabilities: Does anyone care?","author":"Perez Daniel","year":"2019","unstructured":"Daniel Perez and Benjamin Livshits. 2019. Smart contract vulnerabilities: Does anyone care? arXiv preprint arXiv:1902.06710 (2019), 1\u201315.","journal-title":"arXiv preprint arXiv:1902.06710"},{"key":"e_1_3_2_137_2","volume-title":"30th USENIX Security Symposium (USENIX Security\u201921)","author":"Perez Daniel","year":"2021","unstructured":"Daniel Perez and Ben Livshits. 2021. Smart contract vulnerabilities: Vulnerable does not imply exploited. In 30th USENIX Security Symposium (USENIX Security\u201921)."},{"key":"e_1_3_2_138_2","first-page":"1661","volume-title":"IEEE Symposium on Security and Privacy (SP\u201920)","author":"Permenev Anton","year":"2020","unstructured":"Anton Permenev, Dimitar Dimitrov, Petar Tsankov, Dana Drachsler-Cohen, and Martin Vechev. 2020. VerX: Safety verification of smart contracts. In IEEE Symposium on Security and Privacy (SP\u201920). IEEE, 1661\u20131677."},{"key":"e_1_3_2_139_2","article-title":"Security analysis methods on Ethereum smart contract vulnerabilities: A survey","author":"Praitheeshan Purathani","year":"2019","unstructured":"Purathani Praitheeshan, Lei Pan, Jiangshan Yu, Joseph Liu, and Robin Doss. 2019. Security analysis methods on Ethereum smart contract vulnerabilities: A survey. arXiv preprint arXiv:1908.08605 (2019).","journal-title":"arXiv preprint arXiv:1908.08605"},{"key":"e_1_3_2_140_2","first-page":"198","volume-title":"IEEE Symposium on Security and Privacy (SP\u201922)","author":"Qin Kaihua","year":"2022","unstructured":"Kaihua Qin, Liyi Zhou, and Arthur Gervais. 2022. Quantifying blockchain extractable value: How dark is the forest? In IEEE Symposium on Security and Privacy (SP\u201922). IEEE, 198\u2013214."},{"key":"e_1_3_2_141_2","article-title":"EVulHunter: Detecting fake transfer vulnerabilities for EOSIO\u2019s smart contracts at Webassembly-level","author":"Quan Lijin","year":"2019","unstructured":"Lijin Quan, Lei Wu, and Haoyu Wang. 2019. EVulHunter: Detecting fake transfer vulnerabilities for EOSIO\u2019s smart contracts at Webassembly-level. arXiv preprint arXiv:1906.10362 (2019).","journal-title":"arXiv preprint arXiv:1906.10362"},{"key":"e_1_3_2_142_2","article-title":"Sereum: Protecting existing smart contracts against re-entrancy attacks","author":"Rodler Michael","year":"2018","unstructured":"Michael Rodler, Wenting Li, Ghassan O. Karame, and Lucas Davi. 2018. Sereum: Protecting existing smart contracts against re-entrancy attacks. arXiv preprint arXiv:1812.05934 (2018).","journal-title":"arXiv preprint arXiv:1812.05934"},{"key":"e_1_3_2_143_2","volume-title":"30th USENIX Security Symposium (USENIX Security\u201921)","author":"Rodler Michael","year":"2021","unstructured":"Michael Rodler, Wenting Li, Ghassan O. Karame, and Lucas Davi. 2021. EVMPatch: Timely and automated patching of Ethereum smart contracts. In 30th USENIX Security Symposium (USENIX Security\u201921)."},{"key":"e_1_3_2_144_2","first-page":"141","volume-title":"European Intelligence and Security Informatics Conference","author":"Sahs Justin","year":"2012","unstructured":"Justin Sahs and Latifur Khan. 2012. A machine learning approach to Android malware detection. In European Intelligence and Security Informatics Conference. IEEE, 141\u2013147."},{"key":"e_1_3_2_145_2","article-title":"A survey of security vulnerabilities in Ethereum smart contracts","volume":"2105","author":"Samreen Noama Fatima","year":"2021","unstructured":"Noama Fatima Samreen and Manar H. Alalfi. 2021. A survey of security vulnerabilities in Ethereum smart contracts. CoRR abs\/2105.06974 (2021).","journal-title":"CoRR"},{"key":"e_1_3_2_146_2","first-page":"621","volume-title":"ACM SIGSAC Conference on Computer and Communications Security","author":"Schneidewind Clara","year":"2020","unstructured":"Clara Schneidewind, Ilya Grishchenko, Markus Scherer, and Matteo Maffei. 2020. eThor: Practical and provably sound static analysis of Ethereum smart contracts. In ACM SIGSAC Conference on Computer and Communications Security. 621\u2013640."},{"key":"e_1_3_2_147_2","doi-asserted-by":"crossref","first-page":"218","DOI":"10.1145\/3191697.3213790","volume-title":"2nd International Conference on Art, Science, and Engineering of Programming","author":"Schrans Franklin","year":"2018","unstructured":"Franklin Schrans, Susan Eisenbach, and Sophia Drossopoulou. 2018. Writing safe smart contracts in Flint. In 2nd International Conference on Art, Science, and Engineering of Programming. 218\u2013219."},{"key":"e_1_3_2_148_2","doi-asserted-by":"crossref","first-page":"560","DOI":"10.1007\/978-3-031-18283-9_28","volume-title":"Financial Cryptography and Data Security: 26th International Conference on Financial Cryptography and Data Security","author":"Schwarz-Schilling Caspar","year":"2022","unstructured":"Caspar Schwarz-Schilling, Joachim Neu, Barnab\u00e9 Monnot, Aditya Asgaonkar, Ertem Nusret Tas, and David Tse. 2022. Three attacks on proof-of-stake Ethereum. In Financial Cryptography and Data Security: 26th International Conference on Financial Cryptography and Data Security. Springer, 560\u2013576."},{"key":"e_1_3_2_149_2","unstructured":"MacKenzie Sigalos. 2021. Bug Puts $162 Million up for Grabs Says Founder of DeFi Platform Compound. Retrieved from https:\/\/www.cnbc.com\/2021\/10\/03\/162-million-up-for-grabs-after-bug-in-defi-protocol-compound-.html."},{"key":"e_1_3_2_150_2","doi-asserted-by":"crossref","first-page":"101654","DOI":"10.1016\/j.cose.2019.101654","article-title":"Blockchain smart contracts formalization: Approaches and challenges to address vulnerabilities","volume":"88","author":"Singh Amritraj","year":"2020","unstructured":"Amritraj Singh, Reza M. Parizi, Qi Zhang, Kim-Kwang Raymond Choo, and Ali Dehghantanha. 2020. Blockchain smart contracts formalization: Approaches and challenges to address vulnerabilities. Comput. Secur. 88 (2020), 101654.","journal-title":"Comput. Secur."},{"key":"e_1_3_2_151_2","volume-title":"30th USENIX Security Symposium (USENIX Security\u201921)","author":"So Sunbeom","year":"2021","unstructured":"Sunbeom So, Seongjoon Hong, and Hakjoo Oh. 2021. SMARTEST: Effectively hunting vulnerable transaction sequences in smart contracts through language model-guided symbolic execution. In 30th USENIX Security Symposium (USENIX Security\u201921)."},{"key":"e_1_3_2_152_2","first-page":"1678","volume-title":"IEEE Symposium on Security and Privacy (SP\u201920)","author":"So Sunbeom","year":"2020","unstructured":"Sunbeom So, Myungho Lee, Jisu Park, Heejo Lee, and Hakjoo Oh. 2020. VeriSmart: A highly precise safety verifier for Ethereum smart contracts. In IEEE Symposium on Security and Privacy (SP\u201920). IEEE, 1678\u20131694."},{"key":"e_1_3_2_153_2","volume-title":"IEEE Symposium on Security and Privacy","author":"Stephens Jon","year":"2021","unstructured":"Jon Stephens, Kostas Ferles, Benjamin Mariano, Shuvendu Lahiri, and Isil Dillig. 2021. SmartPulse: Automated checking of temporal properties in smart contracts. In IEEE Symposium on Security and Privacy."},{"key":"e_1_3_2_154_2","volume-title":"30th USENIX Security Symposium (USENIX Security\u201921)","author":"Su Liya","year":"2021","unstructured":"Liya Su, Xinyue Shen, Xiangyu Du, Xiaojing Liao, XiaoFeng Wang, Luyi Xing, and Baoxu Liu. 2021. Evil under the sun: Understanding and discovering attacks on Ethereum decentralized applications. In 30th USENIX Security Symposium (USENIX Security\u201921)."},{"key":"e_1_3_2_155_2","volume-title":"USENIX Security Symposium","author":"Sun Zhiyuan","year":"2023","unstructured":"Zhiyuan Sun, Xiapu Luo, and Yinqian Zhang. 2023. Panda: Security analysis of algorand smart contracts. In USENIX Security Symposium."},{"key":"e_1_3_2_156_2","article-title":"Smart contracts: Building blocks for digital markets","volume":"18","author":"Szabo Nick","year":"1996","unstructured":"Nick Szabo. 1996. Smart contracts: Building blocks for digital markets. EXTROPY: J. Transhum. Thought 18, 16 (1996).","journal-title":"EXTROPY: J. Transhum. Thought"},{"key":"e_1_3_2_157_2","doi-asserted-by":"crossref","first-page":"9","DOI":"10.1145\/3194113.3194115","volume-title":"1st International Workshop on Emerging Trends in Software Engineering for Blockchain","author":"Tikhomirov Sergei","year":"2018","unstructured":"Sergei Tikhomirov, Ekaterina Voskresenskaya, Ivan Ivanitskiy, Ramil Takhaviev, Evgeny Marchenko, and Yaroslav Alexandrov. 2018. SmartCheck: Static analysis of Ethereum smart contracts. In 1st International Workshop on Emerging Trends in Software Engineering for Blockchain. 9\u201316."},{"issue":"7","key":"e_1_3_2_158_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3464421","article-title":"A survey of smart contract formal specification and verification","volume":"54","author":"Tolmach Palina","year":"2021","unstructured":"Palina Tolmach, Yi Li, Shang-Wei Lin, Yang Liu, and Zengxiang Li. 2021. A survey of smart contract formal specification and verification. ACM Comput. Surv. 54, 7 (2021), 1\u201338.","journal-title":"ACM Comput. Surv."},{"key":"e_1_3_2_159_2","first-page":"664","volume-title":"34th Annual Computer Security Applications Conference","author":"Torres Christof Ferreira","year":"2018","unstructured":"Christof Ferreira Torres, Julian Sch\u00fctte, and Radu State. 2018. Osiris: Hunting for integer bugs in Ethereum smart contracts. In 34th Annual Computer Security Applications Conference. 664\u2013676."},{"key":"e_1_3_2_160_2","first-page":"1591","volume-title":"28th USENIX Security Symposium (USENIX Security\u201919)","author":"Torres Christof Ferreira","year":"2019","unstructured":"Christof Ferreira Torres, Mathis Steichen et\u00a0al. 2019. The art of the scam: Demystifying honeypots in Ethereum smart contracts. In 28th USENIX Security Symposium (USENIX Security\u201919). 1591\u20131607."},{"key":"e_1_3_2_161_2","first-page":"67","volume-title":"ACM SIGSAC Conference on Computer and Communications Security","author":"Tsankov Petar","year":"2018","unstructured":"Petar Tsankov, Andrei Dan, Dana Drachsler-Cohen, Arthur Gervais, Florian Buenzli, and Martin Vechev. 2018. Securify: Practical security analysis of smart contracts. In ACM SIGSAC Conference on Computer and Communications Security. 67\u201382."},{"key":"e_1_3_2_162_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2020.110891"},{"key":"e_1_3_2_163_2","first-page":"1410","volume-title":"IEEE\/ACM 43rd International Conference on Software Engineering (ICSE\u201921)","author":"Wan Zhiyuan","year":"2021","unstructured":"Zhiyuan Wan, Xin Xia, David Lo, Jiachi Chen, Xiapu Luo, and Xiaohu Yang. 2021. Smart contract security: A practitioners\u2019 perspective. In IEEE\/ACM 43rd International Conference on Software Engineering (ICSE\u201921). IEEE, 1410\u20131422."},{"key":"e_1_3_2_164_2","first-page":"173","volume-title":"7th International Conference on Dependable Systems and Their Applications (DSA\u201920)","author":"Wang Anqi","year":"2020","unstructured":"Anqi Wang, Hao Wang, Bo Jiang, and Wing Kwong Chan. 2020. Artemis: An improved smart contract verification tool for vulnerability detection. In 7th International Conference on Dependable Systems and Their Applications (DSA\u201920). IEEE, 173\u2013181."},{"key":"e_1_3_2_165_2","first-page":"17","volume-title":"IEEE\/ACM 43rd International Conference on Software Engineering","author":"Wang Bin","year":"2021","unstructured":"Bin Wang, Han Liu, Chao Liu, Zhiqiang Yang, Qian Ren, Huixuan Zheng, and Hong Lei. 2021. BLOCKEYE: Hunting for DeFi attacks on blockchain. In IEEE\/ACM 43rd International Conference on Software Engineering. IEEE, 17\u201320."},{"key":"e_1_3_2_166_2","article-title":"WANA: Symbolic execution of WASM bytecode for cross-platform smart contract vulnerability detection","author":"Wang Dong","year":"2020","unstructured":"Dong Wang, Bo Jiang, and W. K. Chan. 2020. WANA: Symbolic execution of WASM bytecode for cross-platform smart contract vulnerability detection. arXiv preprint arXiv:2007.15510 (2020).","journal-title":"arXiv preprint arXiv:2007.15510"},{"key":"e_1_3_2_167_2","first-page":"1","volume-title":"IEEE\/ACM 41st International Conference on Software Engineering: New Ideas and Emerging Results (ICSE-NIER\u201919)","author":"Wang Haijun","year":"2019","unstructured":"Haijun Wang, Yi Li, Shang-Wei Lin, Lei Ma, and Yang Liu. 2019. VULTRON: Catching vulnerable smart contracts once and for all. In IEEE\/ACM 41st International Conference on Software Engineering: New Ideas and Emerging Results (ICSE-NIER\u201919). IEEE, 1\u20134."},{"key":"e_1_3_2_168_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3360615","article-title":"Detecting nondeterministic payment bugs in Ethereum smart contracts","volume":"3","author":"Wang Shuai","year":"2019","unstructured":"Shuai Wang, Chengyu Zhang, and Zhendong Su. 2019. Detecting nondeterministic payment bugs in Ethereum smart contracts. Proc. ACM Program. Lang. 3, OOPSLA (2019), 1\u201329.","journal-title":"Proc. ACM Program. Lang."},{"key":"e_1_3_2_169_2","article-title":"ContractWard: Automated vulnerability detection models for Ethereum smart contracts","author":"Wang Wei","year":"2020","unstructured":"Wei Wang, Jingjing Song, Guangquan Xu, Yidong Li, Hao Wang, and Chunhua Su. 2020. ContractWard: Automated vulnerability detection models for Ethereum smart contracts. IEEE Trans. Netw. Sci. Eng. 47, 10 (2020).","journal-title":"IEEE Trans. Netw. Sci. Eng."},{"key":"e_1_3_2_170_2","doi-asserted-by":"publisher","DOI":"10.1002\/ett.4341"},{"key":"e_1_3_2_171_2","first-page":"87","volume-title":"Working Conference on Verified Software: Theories, Tools, and Experiments","author":"Wang Yuepeng","year":"2019","unstructured":"Yuepeng Wang, Shuvendu K. Lahiri, Shuo Chen, Rong Pan, Isil Dillig, Cody Born, Immad Naseer, and Kostas Ferles. 2019. Formal verification of workflow policies for smart contracts in Azure blockchain. In Working Conference on Verified Software: Theories, Tools, and Experiments. Springer, 87\u2013106."},{"issue":"2","key":"e_1_3_2_172_2","first-page":"1","article-title":"Ethereum smart contract security research: Survey and future research opportunities","volume":"15","author":"Wang Zeli","year":"2021","unstructured":"Zeli Wang, Hai Jin, Weiqi Dai, Kim-Kwang Raymond Choo, and Deqing Zou. 2021. Ethereum smart contract security research: Survey and future research opportunities. Front. Comput. Sci. 15, 2 (2021), 1\u201318.","journal-title":"Front. Comput. Sci."},{"issue":"2014","key":"e_1_3_2_173_2","first-page":"1","article-title":"Ethereum: A secure decentralised generalised transaction ledger","volume":"151","author":"Wood Gavin","year":"2014","unstructured":"Gavin Wood et\u00a0al. 2014. Ethereum: A secure decentralised generalised transaction ledger. Ether. Proj. Yellow Pap. 151, 2014 (2014), 1\u201332.","journal-title":"Ether. Proj. Yellow Pap."},{"key":"e_1_3_2_174_2","unstructured":"Lei Wu Siwei Wu Yajin Zhou Runhuai Li Zhi Wang Xiapu Luo Cong Wang and Kui Ren. 2020. Time-Travel Investigation: Towards Building A Scalable Attack Detection Framework on Ethereum. arXiv preprint arXiv:2005.08278"},{"key":"e_1_3_2_175_2","article-title":"DeFiRanger: Detecting price manipulation attacks on DeFi applications","author":"Wu Siwei","year":"2021","unstructured":"Siwei Wu, Dabao Wang, Jianting He, Yajin Zhou, Lei Wu, Xingliang Yuan, Qinming He, and Kui Ren. 2021. DeFiRanger: Detecting price manipulation attacks on DeFi applications. arXiv preprint arXiv:2104.15068 (2021).","journal-title":"arXiv preprint arXiv:2104.15068"},{"key":"e_1_3_2_176_2","first-page":"1398","volume-title":"28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering","author":"W\u00fcstholz Valentin","year":"2020","unstructured":"Valentin W\u00fcstholz and Maria Christakis. 2020. Harvey: A greybox fuzzer for smart contracts. In 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 1398\u20131409."},{"key":"e_1_3_2_177_2","first-page":"553","volume-title":"29th ACM SIGSOFT International Symposium on Software Testing and Analysis","author":"Yan Wentian","year":"2020","unstructured":"Wentian Yan, Jianbo Gao, Zhenhao Wu, Yue Li, Zhi Guan, Qingshan Li, and Zhong Chen. 2020. Eshield: Protect smart contracts against reverse engineering. In 29th ACM SIGSOFT International Symposium on Software Testing and Analysis. 553\u2013556."},{"key":"e_1_3_2_178_2","doi-asserted-by":"crossref","unstructured":"Zheng Yang and Hang Lei. 2020. Lolisa: Formal syntax and semantics for a subset of the solidity programming language in mathematical tool Coq. Mathematical Problems in Engineering 2020 (2020) 1\u201315.","DOI":"10.1155\/2020\/6191537"},{"key":"e_1_3_2_179_2","first-page":"21","volume-title":"IEEE\/ACM 42nd International Conference on Software Engineering","author":"Yang Zhiqiang","year":"2020","unstructured":"Zhiqiang Yang, Han Liu, Yue Li, Huixuan Zheng, Lei Wang, and Bangdao Chen. 2020. Seraph: Enabling cross-platform security analysis for EVM and WASM smart contracts. In IEEE\/ACM 42nd International Conference on Software Engineering. IEEE, 21\u201324."},{"key":"e_1_3_2_180_2","first-page":"274","volume-title":"IEEE\/ACM 42nd International Conference on Software Engineering","author":"Ye Jiaming","year":"2020","unstructured":"Jiaming Ye, Mingliang Ma, Yun Lin, Yulei Sui, and Yinxing Xue. 2020. Clairvoyance: Cross-contract static analysis for detecting practical reentrancy vulnerabilities in smart contracts. In IEEE\/ACM 42nd International Conference on Software Engineering. IEEE, 274\u2013275."},{"key":"e_1_3_2_181_2","volume-title":"Blockchain Foundations and Applications","author":"Yi Xun","year":"2022","unstructured":"Xun Yi, Xuechao Yang, Andrei Kelarev, Kwok Lam, and Zahir Tari. 2022. Blockchain Foundations and Applications. Springer Nature."},{"key":"e_1_3_2_182_2","first-page":"2775","volume-title":"29th USENIX Security Symposium (USENIX Security\u201920)","author":"Zhang Mengya","year":"2020","unstructured":"Mengya Zhang, Xiaokuan Zhang, Yinqian Zhang, and Zhiqiang Lin. 2020. TXSPECTOR: Uncovering attacks in Ethereum from transactions. In 29th USENIX Security Symposium (USENIX Security\u201920). 2775\u20132792."},{"key":"e_1_3_2_183_2","article-title":"SolidityCheck: Quickly detecting smart contract problems through regular expressions","author":"Zhang Pengcheng","year":"2019","unstructured":"Pengcheng Zhang, Feng Xiao, and Xiapu Luo. 2019. SolidityCheck: Quickly detecting smart contract problems through regular expressions. arXiv preprint arXiv:1911.09425 (2019).","journal-title":"arXiv preprint arXiv:1911.09425"},{"key":"e_1_3_2_184_2","first-page":"139","volume-title":"IEEE International Conference on Software Maintenance and Evolution (ICSME\u201920)","author":"Zhang Pengcheng","year":"2020","unstructured":"Pengcheng Zhang, Feng Xiao, and Xiapu Luo. 2020. A framework and dataset for bugs in Ethereum smart contracts. In IEEE International Conference on Software Maintenance and Evolution (ICSME\u201920). IEEE, 139\u2013150."},{"key":"e_1_3_2_185_2","first-page":"116","volume-title":"IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER\u201920)","author":"Zhang Qingzhao","year":"2020","unstructured":"Qingzhao Zhang, Yizhuo Wang, Juanru Li, and Siqi Ma. 2020. EthPloit: From fuzzing to efficient exploit generation against smart contracts. In IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER\u201920). IEEE, 116\u2013126."},{"key":"e_1_3_2_186_2","first-page":"456","volume-title":"IEEE 30th International Symposium on Software Reliability Engineering (ISSRE\u201919)","author":"Zhang William","year":"2019","unstructured":"William Zhang, Sebastian Banescu, Leonardo Pasos, Steven Stewart, and Vijay Ganesh. 2019. Mpro: Combining static and symbolic analysis for scalable testing of smart contract. In IEEE 30th International Symposium on Software Reliability Engineering (ISSRE\u201919). IEEE, 456\u2013462."},{"key":"e_1_3_2_187_2","first-page":"23","volume-title":"IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER\u201920)","author":"Zhang Yuyao","year":"2020","unstructured":"Yuyao Zhang, Siqi Ma, Juanru Li, Kailai Li, Surya Nepal, and Dawu Gu. 2020. SmartShield: Automatic smart contract protection made easy. In IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER\u201920). IEEE, 23\u201334."},{"key":"e_1_3_2_188_2","first-page":"1","volume-title":"9th IFIP International Conference on New Technologies, Mobility and Security (NTMS\u201918)","author":"Zhou Ence","year":"2018","unstructured":"Ence Zhou, Song Hua, Bingfeng Pi, Jun Sun, Yashihide Nomura, Kazuhiro Yamashita, and Hidetoshi Kurihara. 2018. Security assurance for smart contract. In 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS\u201918). IEEE, 1\u20135."},{"key":"e_1_3_2_189_2","first-page":"2793","volume-title":"29th USENIX Security Symposium (USENIX Security\u201920)","author":"Zhou Shunfan","year":"2020","unstructured":"Shunfan Zhou, Malte M\u00f6ser, Zhemin Yang, Ben Adida, Thorsten Holz, Jie Xiang, Steven Goldfeder, Yinzhi Cao, Martin Plattner, Xiaojun Qin et\u00a0al. 2020. An ever-evolving game: Evaluation of real-world attacks and defenses in Ethereum ecosystem. In 29th USENIX Security Symposium (USENIX Security\u201920). 2793\u20132810."},{"key":"e_1_3_2_190_2","first-page":"1371","volume-title":"27th USENIX Security Symposium (USENIX Security\u201918)","author":"Zhou Yi","year":"2018","unstructured":"Yi Zhou, Deepak Kumar, Surya Bakshi, Joshua Mason, Andrew Miller, and Michael Bailey. 2018. Erays: Reverse engineering Ethereum\u2019s opaque smart contracts. In 27th USENIX Security Symposium (USENIX Security\u201918). 1371\u20131385."},{"key":"e_1_3_2_191_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2019.2942301"}],"container-title":["ACM Computing Surveys"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3593293","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3593293","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:37:20Z","timestamp":1750178240000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3593293"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,17]]},"references-count":190,"journal-issue":{"issue":"14s","published-print":{"date-parts":[[2023,12,31]]}},"alternative-id":["10.1145\/3593293"],"URL":"https:\/\/doi.org\/10.1145\/3593293","relation":{},"ISSN":["0360-0300","1557-7341"],"issn-type":[{"value":"0360-0300","type":"print"},{"value":"1557-7341","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,7,17]]},"assertion":[{"value":"2022-04-30","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-03-23","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-07-17","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}