{"id":"https://openalex.org/W4285490420","doi":"https://doi.org/10.1145/3533767.3534218","title":"WASAI: uncovering vulnerabilities in Wasm smart contracts","display_name":"WASAI: uncovering vulnerabilities in Wasm smart contracts","publication_year":2022,"publication_date":"2022-07-15","ids":{"openalex":"https://openalex.org/W4285490420","doi":"https://doi.org/10.1145/3533767.3534218"},"language":"en","primary_location":{"id":"doi:10.1145/3533767.3534218","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3533767.3534218","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3533767.3534218","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3533767.3534218","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5020453892","display_name":"Weimin Chen","orcid":"https://orcid.org/0000-0002-6405-9509"},"institutions":[{"id":"https://openalex.org/I14243506","display_name":"Hong Kong Polytechnic University","ror":"https://ror.org/0030zas98","country_code":"HK","type":"education","lineage":["https://openalex.org/I14243506"]}],"countries":["HK"],"is_corresponding":true,"raw_author_name":"Weimin Chen","raw_affiliation_strings":["Hong Kong Polytechnic University, China"],"affiliations":[{"raw_affiliation_string":"Hong Kong Polytechnic University, China","institution_ids":["https://openalex.org/I14243506"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5111257333","display_name":"Zihan Sun","orcid":"https://orcid.org/0009-0001-2110-3856"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zihan Sun","raw_affiliation_strings":["Beijing University of Posts and Telecommunications, China"],"affiliations":[{"raw_affiliation_string":"Beijing University of Posts and Telecommunications, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5115695530","display_name":"Haoyu Wang","orcid":"https://orcid.org/0000-0003-1100-8633"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haoyu Wang","raw_affiliation_strings":["Huazhong University of Science and Technology, China"],"affiliations":[{"raw_affiliation_string":"Huazhong University of Science and Technology, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100400376","display_name":"Xiapu Luo","orcid":"https://orcid.org/0000-0002-9082-3208"},"institutions":[{"id":"https://openalex.org/I14243506","display_name":"Hong Kong Polytechnic University","ror":"https://ror.org/0030zas98","country_code":"HK","type":"education","lineage":["https://openalex.org/I14243506"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Xiapu Luo","raw_affiliation_strings":["Hong Kong Polytechnic University, China"],"affiliations":[{"raw_affiliation_string":"Hong Kong Polytechnic University, China","institution_ids":["https://openalex.org/I14243506"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5076081056","display_name":"Haipeng Cai","orcid":"https://orcid.org/0000-0002-5224-9970"},"institutions":[{"id":"https://openalex.org/I72951846","display_name":"Washington State University","ror":"https://ror.org/05dk0ce17","country_code":"US","type":"education","lineage":["https://openalex.org/I72951846"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Haipeng Cai","raw_affiliation_strings":["Washington State University, USA"],"affiliations":[{"raw_affiliation_string":"Washington State University, USA","institution_ids":["https://openalex.org/I72951846"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5065178474","display_name":"Lei Wu","orcid":"https://orcid.org/0000-0003-1675-5283"},"institutions":[{"id":"https://openalex.org/I76130692","display_name":"Zhejiang University","ror":"https://ror.org/00a2xv884","country_code":"CN","type":"education","lineage":["https://openalex.org/I76130692"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lei Wu","raw_affiliation_strings":["Zhejiang University, China"],"affiliations":[{"raw_affiliation_string":"Zhejiang University, China","institution_ids":["https://openalex.org/I76130692"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5020453892"],"corresponding_institution_ids":["https://openalex.org/I14243506"],"apc_list":null,"apc_paid":null,"fwci":13.0705,"has_fulltext":true,"cited_by_count":42,"citation_normalized_percentile":{"value":0.9876239,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"703","last_page":"715"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9902999997138977,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9896000027656555,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7839080095291138},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7505369186401367},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6999626755714417},{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.5382241010665894},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5359722971916199},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5265312790870667},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5225550532341003},{"id":"https://openalex.org/keywords/smart-contract","display_name":"Smart contract","score":0.5035087466239929},{"id":"https://openalex.org/keywords/obfuscation","display_name":"Obfuscation","score":0.46945422887802124},{"id":"https://openalex.org/keywords/identifier","display_name":"Identifier","score":0.4650880694389343},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.1389470398426056},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.1364126205444336},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.08547651767730713}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7839080095291138},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7505369186401367},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6999626755714417},{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.5382241010665894},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5359722971916199},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5265312790870667},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5225550532341003},{"id":"https://openalex.org/C2779950589","wikidata":"https://www.wikidata.org/wiki/Q7544035","display_name":"Smart contract","level":3,"score":0.5035087466239929},{"id":"https://openalex.org/C40305131","wikidata":"https://www.wikidata.org/wiki/Q2616305","display_name":"Obfuscation","level":2,"score":0.46945422887802124},{"id":"https://openalex.org/C154504017","wikidata":"https://www.wikidata.org/wiki/Q853614","display_name":"Identifier","level":2,"score":0.4650880694389343},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.1389470398426056},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.1364126205444336},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.08547651767730713},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C2779687700","wikidata":"https://www.wikidata.org/wiki/Q20514253","display_name":"Blockchain","level":2,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3533767.3534218","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3533767.3534218","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3533767.3534218","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis","raw_type":"proceedings-article"},{"id":"pmh:oai:zenodo.org:6517515","is_oa":true,"landing_page_url":"https://zenodo.org/record/6517515","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"info:eu-repo/semantics/other"},{"id":"doi:10.5281/zenodo.6517515","is_oa":true,"landing_page_url":"https://doi.org/10.5281/zenodo.6517515","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.1145/3533767.3534218","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3533767.3534218","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3533767.3534218","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1121271761","display_name":null,"funder_award_id":"Program","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2323946575","display_name":null,"funder_award_id":"U21A2046","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2511910633","display_name":null,"funder_award_id":"62172360","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G3317480652","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G4154949110","display_name":null,"funder_award_id":"U21A20467","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5570204100","display_name":null,"funder_award_id":"U21A204","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5760752404","display_name":null,"funder_award_id":"Projects","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5994120800","display_name":null,"funder_award_id":"Natural","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6058138561","display_name":null,"funder_award_id":", No.","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7659621868","display_name":null,"funder_award_id":"62072046","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G8863666567","display_name":null,"funder_award_id":"and No.","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320322598","display_name":"Hong Kong Polytechnic University","ror":"https://ror.org/0030zas98"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4285490420.pdf","grobid_xml":"https://content.openalex.org/works/W4285490420.grobid-xml"},"referenced_works_count":6,"referenced_works":["https://openalex.org/W2888928288","https://openalex.org/W3007045600","https://openalex.org/W3083471387","https://openalex.org/W3107814273","https://openalex.org/W4226411519","https://openalex.org/W6600459194"],"related_works":["https://openalex.org/W2511770387","https://openalex.org/W3120811337","https://openalex.org/W2766647240","https://openalex.org/W4385301282","https://openalex.org/W2990186179","https://openalex.org/W3203597304","https://openalex.org/W4248424560","https://openalex.org/W4210660460","https://openalex.org/W2352737138","https://openalex.org/W2888540593"],"abstract_inverted_index":{"WebAssembly":[0],"(Wasm)":[1],"smart":[2,16,19,39,62,106,169,180],"contracts":[3,20,40,156,158,170,181,193],"have":[4,55,65,194],"shown":[5],"growing":[6],"popularity":[7],"across":[8],"blockchains":[9],"(e.g.,":[10,157],"EOSIO)":[11],"recently.":[12],"Similar":[13],"to":[14,58,80,117,166,211],"Ethereum":[15],"contracts,":[17,63],"Wasm":[18,38,61,105],"suffer":[21],"from":[22],"various":[23],"attacks":[24],"exploiting":[25],"their":[26,37],"vulnerabilities.":[27],"Even":[28],"worse,":[29],"few":[30,53],"developers":[31],"released":[32],"the":[33,45,87,121,127,138,172,185,203,212],"source":[34],"code":[35,71,135],"of":[36,77,149,179,187],"for":[41,47,101],"security":[42],"review,":[43],"raising":[44],"bar":[46],"uncovering":[48,102],"vulnerable":[49,60,192],"contracts.":[50],"Although":[51],"a":[52,97,218],"approaches":[54],"been":[56,196],"proposed":[57],"detect":[59],"they":[64],"several":[66,110],"major":[67],"limitations,":[68],"e.g.,":[69],"low":[70,73],"coverage,":[72],"accuracy":[74],"and":[75,94,120,140,161,198],"lack":[76],"scalability,":[78],"unable":[79],"produce":[81],"exploit":[82],"payloads,":[83],"etc.":[84],"To":[85],"fill":[86],"gap,":[88],"in":[89,104,143,171],"this":[90,188],"paper,":[91],"we":[92,174],"design":[93],"develop":[95],"WASAI,":[96,119],"new":[98],"concolic":[99],"fuzzer":[100],"vulnerabilities":[103],"contract":[107],"after":[108],"tackling":[109],"challenging":[111],"issues.":[112],"We":[113],"conduct":[114],"extensive":[115],"experiments":[116],"evaluate":[118],"results":[122],"show":[123],"that":[124,176],"it":[125,132],"outperforms":[126],"state-of-the-art":[128],"methods.":[129],"For":[130],"example,":[131],"achieves":[133],"2x":[134],"coverage":[136],"than":[137],"baselines":[139],"surpasses":[141],"them":[142],"detection":[144],"accuracy,":[145],"with":[146,159],"an":[147],"F1-measure":[148],"99.2%.":[150],"Moreover,":[151],"WASAI":[152,165],"can":[153],"handle":[154],"complicated":[155],"obfuscation":[160],"sophisticated":[162],"verification).":[163],"Applying":[164],"991":[167],"deployed":[168],"wild,":[173],"find":[175],"over":[177,190],"70%":[178],"are":[182,199],"vulnerable.":[183],"By":[184],"time":[186],"study,":[189],"300":[191],"not":[195],"patched":[197],"still":[200],"operating":[201],"on":[202],"EOSIO":[204,213],"Mainnet.":[205],"One":[206],"fake":[207],"EOS":[208],"vulnerability":[209],"reported":[210],"ecosystem":[214],"was":[215],"recently":[216],"assigned":[217],"CVE":[219],"identifier":[220],"(CVE-2022-27134).":[221]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":14},{"year":2024,"cited_by_count":19},{"year":2023,"cited_by_count":7},{"year":2022,"cited_by_count":1}],"updated_date":"2026-04-16T08:26:57.006410","created_date":"2025-10-10T00:00:00"}