{"id":"https://openalex.org/W4394746135","doi":"https://doi.org/10.1145/3597503.3639140","title":"PrettySmart: Detecting Permission Re-delegation Vulnerability for Token Behaviors in Smart Contracts","display_name":"PrettySmart: Detecting Permission Re-delegation Vulnerability for Token Behaviors in Smart Contracts","publication_year":2024,"publication_date":"2024-04-12","ids":{"openalex":"https://openalex.org/W4394746135","doi":"https://doi.org/10.1145/3597503.3639140"},"language":"en","primary_location":{"id":"doi:10.1145/3597503.3639140","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3597503.3639140","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the IEEE/ACM 46th International Conference on Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5049085639","display_name":"Zhijie Zhong","orcid":"https://orcid.org/0000-0002-2427-0641"},"institutions":[{"id":"https://openalex.org/I157773358","display_name":"Sun Yat-sen University","ror":"https://ror.org/0064kty71","country_code":"CN","type":"education","lineage":["https://openalex.org/I157773358"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Zhijie Zhong","raw_affiliation_strings":["Sun Yat-sen University, Guangzhou, China"],"affiliations":[{"raw_affiliation_string":"Sun Yat-sen University, Guangzhou, China","institution_ids":["https://openalex.org/I157773358"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000582109","display_name":"Zibin Zheng","orcid":"https://orcid.org/0000-0002-7878-4330"},"institutions":[{"id":"https://openalex.org/I157773358","display_name":"Sun Yat-sen University","ror":"https://ror.org/0064kty71","country_code":"CN","type":"education","lineage":["https://openalex.org/I157773358"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zibin Zheng","raw_affiliation_strings":["Sun Yat-sen University, Zhuhai, China"],"affiliations":[{"raw_affiliation_string":"Sun Yat-sen University, Zhuhai, China","institution_ids":["https://openalex.org/I157773358"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072659343","display_name":"Hong\u2010Ning Dai","orcid":"https://orcid.org/0000-0001-6165-4196"},"institutions":[{"id":"https://openalex.org/I141568987","display_name":"Hong Kong Baptist University","ror":"https://ror.org/0145fw131","country_code":"HK","type":"education","lineage":["https://openalex.org/I141568987"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Hong-Ning Dai","raw_affiliation_strings":["Hong Kong Baptist University, Hong Kong, China"],"affiliations":[{"raw_affiliation_string":"Hong Kong Baptist University, Hong Kong, China","institution_ids":["https://openalex.org/I141568987"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5095377100","display_name":"Qing Xue","orcid":"https://orcid.org/0009-0002-5625-0036"},"institutions":[{"id":"https://openalex.org/I157773358","display_name":"Sun Yat-sen University","ror":"https://ror.org/0064kty71","country_code":"CN","type":"education","lineage":["https://openalex.org/I157773358"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Qing Xue","raw_affiliation_strings":["Sun Yat-sen University, Guangzhou, China"],"affiliations":[{"raw_affiliation_string":"Sun Yat-sen University, Guangzhou, China","institution_ids":["https://openalex.org/I157773358"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101941670","display_name":"Junjia Chen","orcid":"https://orcid.org/0009-0001-4953-2388"},"institutions":[{"id":"https://openalex.org/I157773358","display_name":"Sun Yat-sen University","ror":"https://ror.org/0064kty71","country_code":"CN","type":"education","lineage":["https://openalex.org/I157773358"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Junjia Chen","raw_affiliation_strings":["Sun Yat-sen University, Guangzhou, China"],"affiliations":[{"raw_affiliation_string":"Sun Yat-sen University, Guangzhou, China","institution_ids":["https://openalex.org/I157773358"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5065097911","display_name":"Yuhong Nan","orcid":"https://orcid.org/0000-0001-9597-9888"},"institutions":[{"id":"https://openalex.org/I157773358","display_name":"Sun Yat-sen University","ror":"https://ror.org/0064kty71","country_code":"CN","type":"education","lineage":["https://openalex.org/I157773358"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuhong Nan","raw_affiliation_strings":["Sun Yat-sen University, Guangzhou, China"],"affiliations":[{"raw_affiliation_string":"Sun Yat-sen University, Guangzhou, China","institution_ids":["https://openalex.org/I157773358"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5049085639"],"corresponding_institution_ids":["https://openalex.org/I157773358"],"apc_list":null,"apc_paid":null,"fwci":9.1438,"has_fulltext":false,"cited_by_count":12,"citation_normalized_percentile":{"value":0.97715909,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"12"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9919000267982483,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9879000186920166,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/permission","display_name":"Permission","score":0.9769986867904663},{"id":"https://openalex.org/keywords/security-token","display_name":"Security token","score":0.8014271259307861},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7929973602294922},{"id":"https://openalex.org/keywords/delegation","display_name":"Delegation","score":0.7462459206581116},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6453523635864258},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5146864056587219},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3445091247558594},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.09990900754928589}],"concepts":[{"id":"https://openalex.org/C2779089604","wikidata":"https://www.wikidata.org/wiki/Q7169333","display_name":"Permission","level":2,"score":0.9769986867904663},{"id":"https://openalex.org/C48145219","wikidata":"https://www.wikidata.org/wiki/Q1335365","display_name":"Security token","level":2,"score":0.8014271259307861},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7929973602294922},{"id":"https://openalex.org/C86532276","wikidata":"https://www.wikidata.org/wiki/Q1184065","display_name":"Delegation","level":2,"score":0.7462459206581116},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6453523635864258},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5146864056587219},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3445091247558594},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.09990900754928589},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3597503.3639140","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3597503.3639140","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the IEEE/ACM 46th International Conference on Software Engineering","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1378608539","display_name":null,"funder_award_id":"62032025","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":28,"referenced_works":["https://openalex.org/W2010395842","https://openalex.org/W2053154970","https://openalex.org/W2539190473","https://openalex.org/W2805052744","https://openalex.org/W2890471546","https://openalex.org/W2955447707","https://openalex.org/W2963610883","https://openalex.org/W2970809537","https://openalex.org/W2982275082","https://openalex.org/W2985495886","https://openalex.org/W2987160260","https://openalex.org/W3007045600","https://openalex.org/W3034136313","https://openalex.org/W3091620507","https://openalex.org/W3098149161","https://openalex.org/W3105187050","https://openalex.org/W3107814273","https://openalex.org/W3122543528","https://openalex.org/W3207487452","https://openalex.org/W4205689130","https://openalex.org/W4225143755","https://openalex.org/W4285490412","https://openalex.org/W4285490421","https://openalex.org/W4285586691","https://openalex.org/W4288057718","https://openalex.org/W4293452506","https://openalex.org/W4313563646","https://openalex.org/W4384302865"],"related_works":["https://openalex.org/W2374086689","https://openalex.org/W3176279093","https://openalex.org/W2373945265","https://openalex.org/W2370203001","https://openalex.org/W1912565424","https://openalex.org/W4246410201","https://openalex.org/W2362476748","https://openalex.org/W1817057985","https://openalex.org/W2547851582","https://openalex.org/W4283655718"],"abstract_inverted_index":{"As":[0],"an":[1,103,139],"essential":[2],"component":[3],"in":[4],"Ethereum":[5],"and":[6,193],"other":[7],"blockchains,":[8],"token":[9,27,168],"assets":[10,28],"have":[11,37],"been":[12],"interacted":[13],"with":[14,102],"by":[15,32,66,78,148],"diverse":[16],"smart":[17,23,61,110,172],"contracts.":[18,98,125,173],"Effective":[19],"permission":[20,80,118,134,156],"policies":[21],"of":[22,41,60,116,122,155,171,183],"contracts":[24,62],"must":[25],"prevent":[26],"from":[29],"being":[30],"manipulated":[31,65],"unauthorized":[33,48,149],"adversaries.":[34,150],"Recent":[35],"efforts":[36],"studied":[38,124],"the":[39,79,123,153,166,181,184,189],"accessibility":[40],"privileged":[42,167],"functions":[43,59],"or":[44],"state":[45],"variables":[46],"to":[47,55,68,131,141,160],"users.":[49],"However,":[50],"little":[51],"attention":[52],"is":[53,75],"paid":[54],"how":[56],"publicly":[57],"accessible":[58],"can":[63,145],"be":[64,146],"adversaries":[67,163],"steal":[69],"users'":[70],"digital":[71],"assets.":[72],"This":[73],"attack":[74],"mainly":[76],"caused":[77],"re-delegation":[81,93],"(PRD)":[82],"vulnerability.":[83],"In":[84],"this":[85],"work,":[86],"we":[87,127,158],"propose":[88,128,159],"PrettySmart,":[89,186],"a":[90,129],"bytecode-level":[91],"Permission":[92],"vulnerability":[94],"detector":[95],"for":[96],"Smart":[97],"Our":[99],"study":[100,105],"begins":[101],"empirical":[104],"on":[106,152,177],"0.43":[107],"million":[108],"open-source":[109],"contracts,":[111],"revealing":[112],"that":[113,144],"five":[114],"types":[115],"widely-used":[117],"constraints":[119,143],"dominate":[120],"98%":[121],"Accordingly,":[126],"mechanism":[130],"infer":[132],"these":[133],"constraints,":[135,157],"as":[136,138],"well":[137],"algorithm":[140],"identify":[142],"bypassed":[147],"Based":[151],"identification":[154],"detect":[161],"whether":[162],"could":[164],"manipulate":[165],"management":[169],"functionalities":[170],"The":[174],"experimental":[175],"results":[176],"real-world":[178],"datasets":[179],"demonstrate":[180],"effectiveness":[182],"proposed":[185],"which":[187],"achieves":[188],"highest":[190],"precision":[191],"score":[192],"detects":[194],"118":[195],"new":[196],"PRD":[197],"vulnerabilities.":[198]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":9}],"updated_date":"2026-04-11T08:14:18.477133","created_date":"2025-10-10T00:00:00"}