{"id":"https://openalex.org/W4396723409","doi":"https://doi.org/10.1145/3589334.3645640","title":"Characterizing Ethereum Upgradable Smart Contracts and Their Security Implications","display_name":"Characterizing Ethereum Upgradable Smart Contracts and Their Security Implications","publication_year":2024,"publication_date":"2024-05-08","ids":{"openalex":"https://openalex.org/W4396723409","doi":"https://doi.org/10.1145/3589334.3645640"},"language":"en","primary_location":{"id":"doi:10.1145/3589334.3645640","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3589334.3645640","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Web Conference 2024","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5088868666","display_name":"Xiaofan Li","orcid":"https://orcid.org/0009-0003-5951-1948"},"institutions":[{"id":"https://openalex.org/I86501945","display_name":"University of Delaware","ror":"https://ror.org/01sbq1a82","country_code":"US","type":"education","lineage":["https://openalex.org/I86501945"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Xiaofan Li","raw_affiliation_strings":["University of Delaware, Newark, Delaware, USA"],"affiliations":[{"raw_affiliation_string":"University of Delaware, Newark, Delaware, USA","institution_ids":["https://openalex.org/I86501945"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102950674","display_name":"Jin Yang","orcid":"https://orcid.org/0009-0009-1706-1444"},"institutions":[{"id":"https://openalex.org/I70983195","display_name":"Syracuse University","ror":"https://ror.org/025r5qe02","country_code":"US","type":"education","lineage":["https://openalex.org/I70983195"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jin Yang","raw_affiliation_strings":["Syracuse University, Syracuse, New York, USA"],"affiliations":[{"raw_affiliation_string":"Syracuse University, Syracuse, New York, USA","institution_ids":["https://openalex.org/I70983195"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100434198","display_name":"Jiaqi Chen","orcid":"https://orcid.org/0000-0002-6368-6164"},"institutions":[{"id":"https://openalex.org/I70983195","display_name":"Syracuse University","ror":"https://ror.org/025r5qe02","country_code":"US","type":"education","lineage":["https://openalex.org/I70983195"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jiaqi Chen","raw_affiliation_strings":["Syracuse University, Syracuse, New York, USA"],"affiliations":[{"raw_affiliation_string":"Syracuse University, Syracuse, New York, USA","institution_ids":["https://openalex.org/I70983195"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000216561","display_name":"Yuzhe Tang","orcid":"https://orcid.org/0000-0002-8911-106X"},"institutions":[{"id":"https://openalex.org/I70983195","display_name":"Syracuse University","ror":"https://ror.org/025r5qe02","country_code":"US","type":"education","lineage":["https://openalex.org/I70983195"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yuzhe Tang","raw_affiliation_strings":["Syracuse University, Syracuse, New York, USA"],"affiliations":[{"raw_affiliation_string":"Syracuse University, Syracuse, New York, USA","institution_ids":["https://openalex.org/I70983195"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5003274478","display_name":"Xing Gao","orcid":"https://orcid.org/0009-0000-2574-029X"},"institutions":[{"id":"https://openalex.org/I86501945","display_name":"University of Delaware","ror":"https://ror.org/01sbq1a82","country_code":"US","type":"education","lineage":["https://openalex.org/I86501945"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xing Gao","raw_affiliation_strings":["University of Delaware, Newark, Delaware, USA"],"affiliations":[{"raw_affiliation_string":"University of Delaware, Newark, Delaware, USA","institution_ids":["https://openalex.org/I86501945"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5088868666"],"corresponding_institution_ids":["https://openalex.org/I86501945"],"apc_list":null,"apc_paid":null,"fwci":12.2469,"has_fulltext":false,"cited_by_count":16,"citation_normalized_percentile":{"value":0.98488184,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1847","last_page":"1858"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11995","display_name":"FinTech, Crowdfunding, Digital Finance","score":0.9366000294685364,"subfield":{"id":"https://openalex.org/subfields/1404","display_name":"Management Information Systems"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.559998631477356},{"id":"https://openalex.org/keywords/blockchain","display_name":"Blockchain","score":0.5199876427650452},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5187416672706604},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.33189666271209717}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.559998631477356},{"id":"https://openalex.org/C2779687700","wikidata":"https://www.wikidata.org/wiki/Q20514253","display_name":"Blockchain","level":2,"score":0.5199876427650452},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5187416672706604},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.33189666271209717}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3589334.3645640","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3589334.3645640","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Web Conference 2024","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3928187492","display_name":null,"funder_award_id":"CNS-2054657,CNS-2317830,CNS-2139801,CNS-1815814,DGE2104532","funder_id":"https://openalex.org/F4320323817","funder_display_name":"Universitas Brawijaya"}],"funders":[{"id":"https://openalex.org/F4320323817","display_name":"Universitas Brawijaya","ror":"https://ror.org/01wk3d929"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W2539190473","https://openalex.org/W2752929869","https://openalex.org/W2805827286","https://openalex.org/W2808815243","https://openalex.org/W2846896781","https://openalex.org/W2898569715","https://openalex.org/W2908007588","https://openalex.org/W2963610883","https://openalex.org/W2979467439","https://openalex.org/W3083471387","https://openalex.org/W3091620507","https://openalex.org/W3120405143","https://openalex.org/W3122543528","https://openalex.org/W3123166548","https://openalex.org/W3176636969","https://openalex.org/W3213446005","https://openalex.org/W4225881017","https://openalex.org/W4253646952","https://openalex.org/W4280498870","https://openalex.org/W4285060547","https://openalex.org/W4306406277","https://openalex.org/W4308411114"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W4210406818","https://openalex.org/W4306779889","https://openalex.org/W3048554917","https://openalex.org/W3211706803","https://openalex.org/W4382775358","https://openalex.org/W4246942721","https://openalex.org/W3209862047"],"abstract_inverted_index":{"Upgradeable":[0],"smart":[1,12,102,140],"contracts":[2,103],"(USCs)":[3],"have":[4],"been":[5],"widely":[6],"adopted":[7],"to":[8,19,31,46,68,86,128],"enable":[9],"modifying":[10],"deployed":[11],"contracts.":[13,141],"While":[14],"USCs":[15,33,48,70,91,151],"bring":[16],"great":[17],"flexibility":[18],"developers,":[20],"improper":[21],"usage":[22],"might":[23],"introduce":[24],"new":[25],"security":[26,51,154],"issues,":[27],"potentially":[28,94],"allowing":[29],"attackers":[30],"hijack":[32],"and":[34,49,63,83,92,111,147],"their":[35,50],"users.":[36],"In":[37],"this":[38],"paper,":[39],"we":[40],"conduct":[41,129],"a":[42,65,120,130,136],"large-scale":[43,131],"measurement":[44],"study":[45,132],"characterize":[47],"implications":[52],"in":[53],"the":[54],"wild.":[55],"We":[56,97,124],"summarize":[57],"six":[58],"commonly":[59],"used":[60],"USC":[61],"patterns":[62],"develop":[64],"tool,":[66],"USCDetector,":[67],"identify":[69],"without":[71],"needing":[72],"source":[73,106],"code.":[74],"Particularly,":[75],"USCDetector":[76,99,114,127],"collects":[77],"various":[78],"information":[79,85],"such":[80],"as":[81,108],"bytecode":[82],"transaction":[84],"construct":[87],"upgrade":[88,145],"chains":[89,146],"for":[90],"disclose":[93],"vulnerable":[95],"ones.":[96],"evaluate":[98],"using":[100],"verified":[101],"(i.e.,":[104],"with":[105,119,152],"code)":[107],"ground":[109],"truth":[110],"show":[112],"that":[113],"can":[115],"achieve":[116],"high":[117],"accuracy":[118],"precision":[121],"of":[122,138],"96.26%.":[123],"then":[125],"use":[126],"on":[133],"Ethereum,":[134],"covering":[135],"total":[137],"60,251,064":[139],"USCDetecor":[142],"constructs":[143],"10,218":[144],"discloses":[148],"multiple":[149],"real-world":[150],"potential":[153],"issues.":[155]},"counts_by_year":[{"year":2026,"cited_by_count":4},{"year":2025,"cited_by_count":11},{"year":2024,"cited_by_count":1}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}