{"id":"https://openalex.org/W4391558446","doi":"https://doi.org/10.1145/3597503.3623335","title":"Revealing Hidden Threats: An Empirical Study of Library Misuse in Smart Contracts","display_name":"Revealing Hidden Threats: An Empirical Study of Library Misuse in Smart Contracts","publication_year":2024,"publication_date":"2024-02-06","ids":{"openalex":"https://openalex.org/W4391558446","doi":"https://doi.org/10.1145/3597503.3623335"},"language":"en","primary_location":{"id":"doi:10.1145/3597503.3623335","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3597503.3623335","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the IEEE/ACM 46th International Conference on Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5074917212","display_name":"Mingyuan Huang","orcid":"https://orcid.org/0009-0002-0546-7083"},"institutions":[{"id":"https://openalex.org/I157773358","display_name":"Sun Yat-sen University","ror":"https://ror.org/0064kty71","country_code":"CN","type":"education","lineage":["https://openalex.org/I157773358"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Mingyuan Huang","raw_affiliation_strings":["School of software engineering, Sun Yat-Sen University, Zhuhai, Guangdong, China"],"raw_orcid":"https://orcid.org/0009-0002-0546-7083","affiliations":[{"raw_affiliation_string":"School of software engineering, Sun Yat-Sen University, Zhuhai, Guangdong, China","institution_ids":["https://openalex.org/I157773358"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086118824","display_name":"Jiachi Chen","orcid":"https://orcid.org/0000-0002-0192-9992"},"institutions":[{"id":"https://openalex.org/I157773358","display_name":"Sun Yat-sen University","ror":"https://ror.org/0064kty71","country_code":"CN","type":"education","lineage":["https://openalex.org/I157773358"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiachi Chen","raw_affiliation_strings":["School of software engineering, Sun Yat-sen University, Zhuhai, Guangdong, China"],"raw_orcid":"https://orcid.org/0000-0002-0192-9992","affiliations":[{"raw_affiliation_string":"School of software engineering, Sun Yat-sen University, Zhuhai, Guangdong, China","institution_ids":["https://openalex.org/I157773358"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054645292","display_name":"Zigui Jiang","orcid":"https://orcid.org/0000-0002-3349-5383"},"institutions":[{"id":"https://openalex.org/I157773358","display_name":"Sun Yat-sen University","ror":"https://ror.org/0064kty71","country_code":"CN","type":"education","lineage":["https://openalex.org/I157773358"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zigui Jiang","raw_affiliation_strings":["School of software engineering, Sun Yat-sen University, Zhuhai, Guangdong, China"],"raw_orcid":"https://orcid.org/0000-0002-3349-5383","affiliations":[{"raw_affiliation_string":"School of software engineering, Sun Yat-sen University, Zhuhai, Guangdong, China","institution_ids":["https://openalex.org/I157773358"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5000582109","display_name":"Zibin Zheng","orcid":"https://orcid.org/0000-0002-7878-4330"},"institutions":[{"id":"https://openalex.org/I157773358","display_name":"Sun Yat-sen University","ror":"https://ror.org/0064kty71","country_code":"CN","type":"education","lineage":["https://openalex.org/I157773358"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zibin Zheng","raw_affiliation_strings":["School of software engineering, Sun Yat-sen University, Zhuhai, Guangdong, China"],"raw_orcid":"https://orcid.org/0000-0002-7878-4330","affiliations":[{"raw_affiliation_string":"School of software engineering, Sun Yat-sen University, Zhuhai, Guangdong, China","institution_ids":["https://openalex.org/I157773358"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":6.8953,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.96651393,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"12"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9516000151634216,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9397000074386597,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6479306817054749},{"id":"https://openalex.org/keywords/solidity","display_name":"Solidity","score":0.5601269602775574},{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.5475233793258667},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.4751600921154022},{"id":"https://openalex.org/keywords/smart-contract","display_name":"Smart contract","score":0.4406963288784027},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.435047447681427},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.4024132192134857},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.2211150825023651},{"id":"https://openalex.org/keywords/blockchain","display_name":"Blockchain","score":0.18294459581375122}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6479306817054749},{"id":"https://openalex.org/C2778362873","wikidata":"https://www.wikidata.org/wiki/Q24909565","display_name":"Solidity","level":2,"score":0.5601269602775574},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.5475233793258667},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.4751600921154022},{"id":"https://openalex.org/C2779950589","wikidata":"https://www.wikidata.org/wiki/Q7544035","display_name":"Smart contract","level":3,"score":0.4406963288784027},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.435047447681427},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.4024132192134857},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.2211150825023651},{"id":"https://openalex.org/C2779687700","wikidata":"https://www.wikidata.org/wiki/Q20514253","display_name":"Blockchain","level":2,"score":0.18294459581375122},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3597503.3623335","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3597503.3623335","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the IEEE/ACM 46th International Conference on Software Engineering","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Quality Education","score":0.5699999928474426,"id":"https://metadata.un.org/sdg/4"}],"awards":[{"id":"https://openalex.org/G1378608539","display_name":null,"funder_award_id":"62032025","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2566658430","display_name":null,"funder_award_id":"62032025","funder_id":"https://openalex.org/F4320337111","funder_display_name":"Basic and Applied Basic Research Foundation of Guangdong Province"},{"id":"https://openalex.org/G3702485466","display_name":null,"funder_award_id":"2023A1515011336","funder_id":"https://openalex.org/F4320337111","funder_display_name":"Basic and Applied Basic Research Foundation of Guangdong Province"},{"id":"https://openalex.org/G8983852050","display_name":null,"funder_award_id":"62002393","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320337111","display_name":"Basic and Applied Basic Research Foundation of Guangdong Province","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W1644882639","https://openalex.org/W2103260577","https://openalex.org/W2157532207","https://openalex.org/W2539190473","https://openalex.org/W2805052744","https://openalex.org/W2846896781","https://openalex.org/W2897450989","https://openalex.org/W2908007588","https://openalex.org/W2911851157","https://openalex.org/W2955447707","https://openalex.org/W2963610883","https://openalex.org/W2970809537","https://openalex.org/W2982275082","https://openalex.org/W2985495886","https://openalex.org/W3007045600","https://openalex.org/W3022662270","https://openalex.org/W3091620507","https://openalex.org/W3098149161","https://openalex.org/W3105187050","https://openalex.org/W3133932565","https://openalex.org/W3162251560","https://openalex.org/W4299301436"],"related_works":["https://openalex.org/W4386953084","https://openalex.org/W3114658934","https://openalex.org/W4287995944","https://openalex.org/W2996623661","https://openalex.org/W2900489213","https://openalex.org/W3043760424","https://openalex.org/W2768947429","https://openalex.org/W4312481262","https://openalex.org/W3112215678","https://openalex.org/W2980898496"],"abstract_inverted_index":{"Smart":[0],"contracts":[1,119,169],"are":[2,194],"Turing-complete":[3],"programs":[4],"that":[5,82,183,216],"execute":[6],"on":[7,20,93,219],"the":[8,23,49,108,152,158,245],"blockchain.":[9],"Developers":[10],"can":[11,235],"implement":[12],"complex":[13],"contracts,":[14,181,200],"such":[15,60],"as":[16,61],"auctions":[17],"and":[18,41,115,126,145,170,243],"lending,":[19],"Ethereum":[21,220],"using":[22],"Solidity":[24,31],"programming":[25],"language.":[26],"As":[27],"an":[28,69],"object-oriented":[29],"language,":[30],"provides":[32],"libraries":[33,218],"within":[34],"its":[35],"syntax":[36],"to":[37,48,79,122,203,222],"facilitate":[38],"code":[39],"reusability":[40],"reduce":[42],"development":[43,66,144],"complexity.":[44],"Library":[45,75],"misuse":[46,76,177,185,193,242],"refers":[47],"incorrect":[50],"writing":[51],"or":[52,67,208,231],"usage":[53],"of":[54,91,111,139,160,192,248],"libraries,":[55],"resulting":[56],"in":[57,196,239],"unexpected":[58],"results,":[59],"introducing":[62],"vulnerabilities":[63],"during":[64,72,142,147],"library":[65,71,94,124,127,136,143,148,154,184,241],"incorporating":[68],"unsafe":[70],"contract":[73,80,237],"development.":[74],"could":[77],"lead":[78],"defects":[81],"cause":[83],"financial":[84],"losses.":[85],"Currently,":[86],"there":[87],"is":[88,186],"a":[89,187],"lack":[90],"research":[92,214],"misuse.":[95,128],"To":[96,156],"fill":[97],"this":[98],"gap,":[99],"we":[100,130,163],"collected":[101],"more":[102,197],"than":[103,198],"500":[104],"audit":[105,113],"reports":[106],"from":[107,120],"official":[109],"websites":[110],"five":[112,146],"companies":[114],"223,336":[116],"real-world":[117,167],"smart":[118,168],"Etherscan":[121],"measure":[123],"popularity":[125],"Then,":[129],"defined":[131],"eight":[132],"general":[133],"patterns":[134,191],"for":[135],"misuse;":[137],"three":[138],"them":[140],"occurring":[141],"utilization,":[149],"which":[150],"covers":[151],"entire":[153],"lifecycle.":[155],"validate":[157],"practicality":[159],"these":[161],"patterns,":[162],"manually":[164],"analyzed":[165],"1,018":[166],"publicized":[171],"our":[172,213],"dataset.":[173],"We":[174],"identified":[175],"905":[176],"cases":[178],"across":[179],"456":[180],"indicating":[182],"widespread":[188],"issue.":[189],"Three":[190],"found":[195],"50":[199],"primarily":[201],"due":[202],"developers":[204,238],"lacking":[205],"security":[206],"awareness":[207],"underestimating":[209],"negative":[210],"impacts.":[211],"Additionally,":[212],"revealed":[215],"vulnerable":[217],"continue":[221],"be":[223],"employed":[224],"even":[225],"after":[226],"they":[227],"have":[228],"been":[229],"deprecated":[230],"patched.":[232],"Our":[233],"findings":[234],"assist":[236],"preventing":[240],"ensuring":[244],"safe":[246],"use":[247],"libraries.":[249]},"counts_by_year":[{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":3}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}