{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,21]],"date-time":"2026-03-21T06:31:05Z","timestamp":1774074665106,"version":"3.50.1"},"reference-count":51,"publisher":"Association for Computing Machinery (ACM)","issue":"FSE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Proc. ACM Softw. Eng."],"published-print":{"date-parts":[[2025,6,19]]},"abstract":"<jats:p>Billions of dollars are transacted through smart contracts, making vulnerabilities a major financial risk. One focus in the security arms race is on profitable vulnerabilities that attackers can exploit. Fuzzing is a key method for identifying these vulnerabilities. However, current solutions face two main limitations: 1. a lack of profit-centric techniques for expediting detection and, 2. insufficient automation in maximizing the profitability of discovered vulnerabilities, leaving the analysis to human experts.  To address these gaps, we have developed VERITE, a profit-centric smart contract fuzzing framework that not only effectively detects those profitable vulnerabilities but also maximizes the exploited profits. VERITE has three key features: 1. DeFi action-based mutators for boosting the exploration of transactions with different fund flows; 2. potentially profitable candidates identification criteria, which checks whether the input has caused abnormal fund flow properties during testing; 3. a gradient descent-based profit maximization strategy for these identified candidates.  VERITE is fully developed from scratch and evaluated on a dataset consisting of 61 exploited real-world DeFi projects with an average of over 1.1 million dollars loss. The results show that VERITE can automatically extract more than 18 million dollars in total and is significantly better than state-of-the-art fuzzer ItyFuzz in both detection (29\/10) and exploitation (134 times more profits gained on average). Remarkably, in 12 targets, it gains more profits than real-world attacking exploits (1.01 to 11.45 times more). VERITE is also applied by auditors in contract auditing, where 6 (5 high severity) zero-day vulnerabilities are found with over $2,500 bounty rewards.<\/jats:p>","DOI":"10.1145\/3715720","type":"journal-article","created":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T15:16:02Z","timestamp":1750346162000},"page":"153-175","source":"Crossref","is-referenced-by-count":2,"title":["Smart Contract Fuzzing Towards Profitable Vulnerabilities"],"prefix":"10.1145","volume":"2","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-4926-4932","authenticated-orcid":false,"given":"Ziqiao","family":"Kong","sequence":"first","affiliation":[{"name":"Nanyang Technological University, Singapore, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5603-1322","authenticated-orcid":false,"given":"Cen","family":"Zhang","sequence":"additional","affiliation":[{"name":"Nanyang Technological University, Singapore, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-4496-5037","authenticated-orcid":false,"given":"Maoyi","family":"Xie","sequence":"additional","affiliation":[{"name":"Nanyang Technological University, Singapore, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5058-4660","authenticated-orcid":false,"given":"Ming","family":"Hu","sequence":"additional","affiliation":[{"name":"Singapore Management University, Singapore, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-2141-2044","authenticated-orcid":false,"given":"Yue","family":"Xue","sequence":"additional","affiliation":[{"name":"MetaTrust Labs, Singapore, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6709-3721","authenticated-orcid":false,"given":"Ye","family":"Liu","sequence":"additional","affiliation":[{"name":"Singapore Management University, Singapore, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-3509-3919","authenticated-orcid":false,"given":"Haijun","family":"Wang","sequence":"additional","affiliation":[{"name":"Xi'an Jiaotong University, Xi'an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7300-9215","authenticated-orcid":false,"given":"Yang","family":"Liu","sequence":"additional","affiliation":[{"name":"Nanyang Technological University, Singapore, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2025,6,19]]},"reference":[{"key":"e_1_2_1_1_1","unstructured":"2015. ERC-20: Token Standard. https:\/\/eips.ethereum.org\/EIPS\/eip-20"},{"key":"e_1_2_1_2_1","unstructured":"2021. Sorbet Finance Vulnerability Post Mortem. https:\/\/web.archive.org\/web\/20221117150417\/https:\/\/medium.com\/gelato-network\/sorbet-finance-vulnerability-post-mortem-6f8fba78f109"},{"key":"e_1_2_1_3_1","unstructured":"2024. DeFi Hacks Repository. https:\/\/github.com\/SunWeb3Sec\/DeFiHackLabs"},{"key":"e_1_2_1_4_1","unstructured":"2024. DeFiLlama. https:\/\/github.com\/SunWeb3Sec\/DeFiHackLabs"},{"key":"e_1_2_1_5_1","unstructured":"2024. DODO Dex. https:\/\/dodoex.io\/"},{"key":"e_1_2_1_6_1","unstructured":"2024. revm. https:\/\/github.com\/bluealloy\/revm"},{"key":"e_1_2_1_7_1","unstructured":"2024. Secure3. https:\/\/secure3.io\/"},{"key":"e_1_2_1_8_1","unstructured":"2024. Uniswap Examples. https:\/\/github.com\/Uniswap\/examples"},{"key":"e_1_2_1_9_1","unstructured":"2025. The website of our fuzzer. https:\/\/github.com\/wtdcode\/verite"},{"key":"e_1_2_1_10_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Aafer Yousra","year":"2021","unstructured":"Yousra Aafer, Wei You, Yi Sun, Yu Shi, Xiangyu Zhang, and Heng Yin. 2021. Android $SmartTVs$ Vulnerability Discovery via $Log-Guided$ Fuzzing. In 30th USENIX Security Symposium (USENIX Security 21). 2759\u20132776."},{"key":"e_1_2_1_11_1","unstructured":"Hayden Adams Noah Zinsmeister and Dan Robinson. 2020. Uniswap v2 Core. https:\/\/uniswap.org\/whitepaper.pdf"},{"key":"e_1_2_1_12_1","unstructured":"Hayden Adams Noah Zinsmeister Moody Salem River Keefer and Dan Robinson. 2021. Uniswap v3 core. https:\/\/uniswap.org\/whitepaper-v3.pdf"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1016\/0925-2312(93)90006-O"},{"key":"e_1_2_1_14_1","volume-title":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. 1032\u20131043","author":"B\u00f6hme Marcel","year":"2016","unstructured":"Marcel B\u00f6hme, Van-Thuan Pham, and Abhik Roychoudhury. 2016. Coverage-based greybox fuzzing as markov chain. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. 1032\u20131043. https:\/\/doi.org\/10.1145\/2976749.2978428 10.1145\/2976749.2978428"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.5555\/3489212.3489343"},{"key":"e_1_2_1_16_1","volume-title":"2018 IEEE Symposium on Security and Privacy (SP). 711\u2013725","author":"Chen Peng","year":"2018","unstructured":"Peng Chen and Hao Chen. 2018. Angora: Efficient fuzzing by principled search. In 2018 IEEE Symposium on Security and Privacy (SP). 711\u2013725. https:\/\/doi.org\/10.1109\/SP.2018.00046 10.1109\/SP.2018.00046"},{"key":"e_1_2_1_17_1","volume-title":"2020 IEEE Symposium on Security and Privacy (SP). 1580\u20131596","author":"Chen Yaohui","year":"2020","unstructured":"Yaohui Chen, Peng Li, Jun Xu, Shengjian Guo, Rundong Zhou, Yulong Zhang, Tao Wei, and Long Lu. 2020. Savior: Towards bug-driven hybrid testing. In 2020 IEEE Symposium on Security and Privacy (SP). 1580\u20131596. https:\/\/doi.org\/10.1109\/SP40000.2020.00002 10.1109\/SP40000.2020.00002"},{"key":"e_1_2_1_18_1","volume-title":"2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE). 227\u2013239","author":"Choi Jaeseung","year":"2021","unstructured":"Jaeseung Choi, Doyeon Kim, Soomin Kim, Gustavo Grieco, Alex Groce, and Sang Kil Cha. 2021. Smartian: Enhancing smart contract fuzzing with static and dynamic data-flow analyses. In 2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE). 227\u2013239. https:\/\/doi.org\/10.1109\/ASE51524.2021.9678888 10.1109\/ASE51524.2021.9678888"},{"key":"e_1_2_1_19_1","unstructured":"Concensys. 2025. Mythril."},{"key":"e_1_2_1_20_1","unstructured":"Josselin Feist Gustavo Grieco and Alex Groce. 2023. Slither Analyzer."},{"key":"e_1_2_1_21_1","volume-title":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. ACM, 1051\u20131065","author":"Fioraldi Andrea","year":"2022","unstructured":"Andrea Fioraldi, Dominik Christian Maier, Dongjia Zhang, and Davide Balzarotti. 2022. LibAFL: A Framework to Build Modular and Reusable Fuzzers. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. ACM, 1051\u20131065. isbn:978-1-4503-9450-5 https:\/\/doi.org\/10.1145\/3548606.3560602 10.1145\/3548606.3560602"},{"key":"e_1_2_1_22_1","volume-title":"Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis. 557\u2013560","author":"Grieco Gustavo","year":"2020","unstructured":"Gustavo Grieco, Will Song, Artur Cygan, Josselin Feist, and Alex Groce. 2020. Echidna: effective, usable, and fast fuzzing for smart contracts. In Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis. 557\u2013560. https:\/\/doi.org\/10.1145\/3395363.3404366 10.1145\/3395363.3404366"},{"key":"e_1_2_1_23_1","volume-title":"Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 531\u2013548","author":"He Jingxuan","year":"2019","unstructured":"Jingxuan He, Mislav Balunovi\u0107, Nodar Ambroladze, Petar Tsankov, and Martin Vechev. 2019. Learning to fuzz from symbolic execution with application to smart contracts. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 531\u2013548. https:\/\/doi.org\/10.1145\/3319535.3363230 10.1145\/3319535.3363230"},{"key":"e_1_2_1_24_1","volume-title":"Proceedings of the 2018 ACM SIGSAC conference on computer and communications security. 2123\u20132138","author":"Klees George","year":"2018","unstructured":"George Klees, Andrew Ruef, Benji Cooper, Shiyi Wei, and Michael Hicks. 2018. Evaluating fuzz testing. In Proceedings of the 2018 ACM SIGSAC conference on computer and communications security. 2123\u20132138. https:\/\/doi.org\/10.1145\/3243734.3243804 10.1145\/3243734.3243804"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","unstructured":"Ziqiao Kong Cen Zhang Maoyi Xie Ming Hu Yue Xue YE LIU Haijun Wang and Yang Liu. 2025. Materials of \"Smart Contract Fuzzing Towards Profitable Vulnerabilities\". https:\/\/doi.org\/10.5281\/zenodo.14855589 10.5281\/zenodo.14855589","DOI":"10.5281\/zenodo.14855589"},{"key":"e_1_2_1_26_1","volume-title":"Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 533\u2013544","author":"Li Yuekang","year":"2019","unstructured":"Yuekang Li, Yinxing Xue, Hongxu Chen, Xiuheng Wu, Cen Zhang, Xiaofei Xie, Haijun Wang, and Yang Liu. 2019. Cerebro: context-aware adaptive fuzzing for effective vulnerability detection. In Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 533\u2013544. https:\/\/doi.org\/10.1145\/3338906.3338975 10.1145\/3338906.3338975"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","unstructured":"Zihao Li Jianfeng Li Zheyuan He Xiapu Luo Ting Wang Xiaoze Ni Wenwu Yang Xi Chen and Ting Chen. 2023. Demystifying DeFi MEV Activities in Flashbots Bundle. Cryptology ePrint Archive Paper 2023\/1855. https:\/\/doi.org\/10.1145\/3576915.3616590 10.1145\/3576915.3616590","DOI":"10.1145\/3576915.3616590"},{"key":"e_1_2_1_28_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Lyu Chenyang","year":"2019","unstructured":"Chenyang Lyu, Shouling Ji, Chao Zhang, Yuwei Li, Wei-Han Lee, Yu Song, and Raheem Beyah. 2019. $MOPT$: Optimized mutation scheduling for fuzzers. In 28th USENIX Security Symposium (USENIX Security 19). 1949\u20131966. https:\/\/doi.org\/10.5555\/3361338.3361473"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/96267.96279"},{"key":"e_1_2_1_30_1","volume-title":"Proceedings of the ACM\/IEEE 42nd International Conference on Software Engineering. 778\u2013788","author":"Nguyen Tai D","year":"2020","unstructured":"Tai D Nguyen, Long H Pham, Jun Sun, Yun Lin, and Quang Tran Minh. 2020. sfuzz: An efficient adaptive fuzzer for solidity smart contracts. In Proceedings of the ACM\/IEEE 42nd International Conference on Software Engineering. 778\u2013788. https:\/\/doi.org\/10.1145\/3377811.3380334 10.1145\/3377811.3380334"},{"key":"e_1_2_1_31_1","volume-title":"Proceedings of the ACM on Programming Languages, 3, OOPSLA","author":"Padhye Rohan","year":"2019","unstructured":"Rohan Padhye, Caroline Lemieux, Koushik Sen, Laurent Simon, and Hayawardh Vijayakumar. 2019. Fuzzfactory: domain-specific fuzzing with waypoints. Proceedings of the ACM on Programming Languages, 3, OOPSLA (2019), 1\u201329. https:\/\/doi.org\/10.1145\/3360600 10.1145\/3360600"},{"key":"e_1_2_1_32_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Perez Daniel","year":"2021","unstructured":"Daniel Perez and Benjamin Livshits. 2021. Smart contract vulnerabilities: Vulnerable does not imply exploited. In 30th USENIX Security Symposium (USENIX Security 21). 1325\u20131341."},{"key":"e_1_2_1_33_1","volume-title":"32nd USENIX Security Symposium (USENIX Security 23)","author":"Qin Kaihua","year":"2023","unstructured":"Kaihua Qin, Stefanos Chaliasos, Liyi Zhou, Benjamin Livshits, Dawn Song, and Arthur Gervais. 2023. The blockchain imitation game. In 32nd USENIX Security Symposium (USENIX Security 23). 3961\u20133978. https:\/\/doi.org\/10.5555\/3620237.3620459"},{"key":"e_1_2_1_34_1","volume-title":"2022 IEEE Symposium on Security and Privacy (SP). 198\u2013214","author":"Qin Kaihua","year":"2022","unstructured":"Kaihua Qin, Liyi Zhou, and Arthur Gervais. 2022. Quantifying blockchain extractable value: How dark is the forest? In 2022 IEEE Symposium on Security and Privacy (SP). 198\u2013214. https:\/\/doi.org\/10.1109\/SP46214.2022.9833734 10.1109\/SP46214.2022.9833734"},{"key":"e_1_2_1_35_1","volume-title":"International conference on financial cryptography and data security. 3\u201332","author":"Qin Kaihua","year":"2021","unstructured":"Kaihua Qin, Liyi Zhou, Benjamin Livshits, and Arthur Gervais. 2021. Attacking the defi ecosystem with flash loans for fun and profit. In International conference on financial cryptography and data security. 3\u201332. https:\/\/doi.org\/10.1007\/978-3-662-64322-8_1 10.1007\/978-3-662-64322-8_1"},{"key":"e_1_2_1_36_1","volume-title":"EF\/CF: High Performance Smart Contract Fuzzing for Exploit Generation. In 2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P). 449\u2013471","author":"Rodler Michael","year":"2023","unstructured":"Michael Rodler, David Paa\u00dfen, Wenting Li, Lukas Bernhard, Thorsten Holz, Ghassan Karame, and Lucas Davi. 2023. EF\/CF: High Performance Smart Contract Fuzzing for Exploit Generation. In 2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P). 449\u2013471. https:\/\/doi.org\/10.1109\/EuroSP57164.2023.00034 10.1109\/EuroSP57164.2023.00034"},{"key":"e_1_2_1_37_1","volume-title":"Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis. 322\u2013333","author":"Shou Chaofan","year":"2023","unstructured":"Chaofan Shou, Shangyin Tan, and Koushik Sen. 2023. Ityfuzz: Snapshot-based fuzzer for smart contract. In Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis. 322\u2013333. https:\/\/doi.org\/10.1145\/3597926.3598059 10.1145\/3597926.3598059"},{"key":"e_1_2_1_38_1","volume-title":"Proceedings of the 37th IEEE\/ACM International Conference on Automated Software Engineering. 1\u201312","author":"Su Jianzhong","year":"2022","unstructured":"Jianzhong Su, Hong-Ning Dai, Lingjun Zhao, Zibin Zheng, and Xiapu Luo. 2022. Effectively generating vulnerable transaction sequences in smart contracts with reinforcement learning-guided fuzzing. In Proceedings of the 37th IEEE\/ACM International Conference on Automated Software Engineering. 1\u201312. https:\/\/doi.org\/10.1145\/3551349.3560429 10.1145\/3551349.3560429"},{"key":"e_1_2_1_39_1","volume-title":"2023 38th IEEE\/ACM International Conference on Automated Software Engineering (ASE). 1664\u20131675","author":"Su Jianzhong","year":"2023","unstructured":"Jianzhong Su, Xingwei Lin, Zhiyuan Fang, Zhirong Zhu, Jiachi Chen, Zibin Zheng, Wei Lv, and Jiashui Wang. 2023. DeFiWarder: Protecting DeFi Apps from Token Leaking Vulnerabilities. In 2023 38th IEEE\/ACM International Conference on Automated Software Engineering (ASE). 1664\u20131675. https:\/\/doi.org\/10.1109\/ASE56229.2023.00110 10.1109\/ASE56229.2023.00110"},{"key":"e_1_2_1_40_1","volume-title":"2021 IEEE European Symposium on Security and Privacy (EuroS&P). 103\u2013119","author":"Torres Christof Ferreira","year":"2021","unstructured":"Christof Ferreira Torres, Antonio Ken Iannillo, Arthur Gervais, and Radu State. 2021. Confuzzius: A data dependency-aware hybrid fuzzer for smart contracts. In 2021 IEEE European Symposium on Security and Privacy (EuroS&P). 103\u2013119. https:\/\/doi.org\/10.1109\/EuroSP51992.2021.00018 10.1109\/EuroSP51992.2021.00018"},{"key":"e_1_2_1_41_1","volume-title":"Proceedings of the 2018 ACM SIGSAC conference on computer and communications security. 67\u201382","author":"Tsankov Petar","year":"2018","unstructured":"Petar Tsankov, Andrei Dan, Dana Drachsler-Cohen, Arthur Gervais, Florian Buenzli, and Martin Vechev. 2018. Securify: Practical security analysis of smart contracts. In Proceedings of the 2018 ACM SIGSAC conference on computer and communications security. 67\u201382. https:\/\/doi.org\/10.1145\/3243734.3243780 10.1145\/3243734.3243780"},{"key":"e_1_2_1_42_1","volume-title":"ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER SHANGHAI VERSION. https:\/\/ethereum.github.io\/yellowpaper\/paper.pdf","author":"Wood Dr Gavin","year":"2024","unstructured":"Dr Gavin Wood. 2024. ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER SHANGHAI VERSION. https:\/\/ethereum.github.io\/yellowpaper\/paper.pdf"},{"key":"e_1_2_1_43_1","volume-title":"Proceedings of the 46th International Conference on Software Engineering (ICSE\u201924)","author":"Wu Shuohan","year":"2024","unstructured":"Shuohan Wu, Zihao Li, Luyi Yan, Weimin Chen, Muhui Jiang, Chenxu Wang, Xiapu Luo, and Hao Zhou. 2024. Are We There Yet? Unraveling the State-of-the-Art Smart Contract Fuzzers. In Proceedings of the 46th International Conference on Software Engineering (ICSE\u201924). https:\/\/doi.org\/10.1145\/3597503.3639152 10.1145\/3597503.3639152"},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2023.3346888"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2022.3182373"},{"key":"e_1_2_1_46_1","unstructured":"Aviv Yaish Maya Dotan Kaihua Qin Aviv Zohar and Arthur Gervais. 2023. Suboptimality in defi. Cryptology ePrint Archive."},{"key":"e_1_2_1_47_1","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Yue Tai","year":"2020","unstructured":"Tai Yue, Pengfei Wang, Yong Tang, Enze Wang, Bo Yu, Kai Lu, and Xu Zhou. 2020. $EcoFuzz$: Adaptive $Energy-Saving$ greybox fuzzing as a variant of the adversarial $Multi-Armed$ bandit. In 29th USENIX Security Symposium (USENIX Security 20). 2307\u20132324. https:\/\/doi.org\/10.5555\/3489212.3489342"},{"key":"e_1_2_1_48_1","volume-title":"2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER). 116\u2013126","author":"Zhang Qingzhao","year":"2020","unstructured":"Qingzhao Zhang, Yizhuo Wang, Juanru Li, and Siqi Ma. 2020. Ethploit: From fuzzing to efficient exploit generation against smart contracts. In 2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER). 116\u2013126. https:\/\/doi.org\/10.1109\/SANER48275.2020.9054822 10.1109\/SANER48275.2020.9054822"},{"key":"e_1_2_1_49_1","volume-title":"2023 IEEE\/ACM 45th International Conference on Software Engineering (ICSE). 615\u2013627","author":"Zhang Zhuo","year":"2023","unstructured":"Zhuo Zhang, Brian Zhang, Wen Xu, and Zhiqiang Lin. 2023. Demystifying exploitable bugs in smart contracts. In 2023 IEEE\/ACM 45th International Conference on Software Engineering (ICSE). 615\u2013627. https:\/\/doi.org\/10.1109\/ICSE48619.2023.00061 10.1109\/ICSE48619.2023.00061"},{"key":"e_1_2_1_50_1","volume-title":"2021 IEEE Symposium on Security and Privacy (SP). 919\u2013936","author":"Zhou Liyi","year":"2021","unstructured":"Liyi Zhou, Kaihua Qin, Antoine Cully, Benjamin Livshits, and Arthur Gervais. 2021. On the just-in-time discovery of profit-generating transactions in defi protocols. In 2021 IEEE Symposium on Security and Privacy (SP). 919\u2013936. https:\/\/doi.org\/10.1109\/SP40001.2021.00113 10.1109\/SP40001.2021.00113"},{"key":"e_1_2_1_51_1","volume-title":"2023 IEEE Symposium on Security and Privacy (SP). 2444\u20132461","author":"Zhou Liyi","year":"2023","unstructured":"Liyi Zhou, Xihan Xiong, Jens Ernstberger, Stefanos Chaliasos, Zhipeng Wang, Ye Wang, Kaihua Qin, Roger Wattenhofer, Dawn Song, and Arthur Gervais. 2023. Sok: Decentralized finance (defi) attacks. In 2023 IEEE Symposium on Security and Privacy (SP). 2444\u20132461. https:\/\/doi.org\/10.1145\/3558535.3559780 10.1145\/3558535.3559780"}],"container-title":["Proceedings of the ACM on Software Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3715720","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T15:22:39Z","timestamp":1750346559000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3715720"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,19]]},"references-count":51,"journal-issue":{"issue":"FSE","published-print":{"date-parts":[[2025,6,19]]}},"alternative-id":["10.1145\/3715720"],"URL":"https:\/\/doi.org\/10.1145\/3715720","relation":{},"ISSN":["2994-970X"],"issn-type":[{"value":"2994-970X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,6,19]]}}}