{"id":"https://openalex.org/W4411450271","doi":"https://doi.org/10.1145/3715714","title":"SmartShot: Hunt Hidden Vulnerabilities in Smart Contracts using Mutable Snapshots","display_name":"SmartShot: Hunt Hidden Vulnerabilities in Smart Contracts using Mutable Snapshots","publication_year":2025,"publication_date":"2025-06-19","ids":{"openalex":"https://openalex.org/W4411450271","doi":"https://doi.org/10.1145/3715714"},"language":"en","primary_location":{"id":"doi:10.1145/3715714","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3715714","pdf_url":null,"source":{"id":"https://openalex.org/S4404663975","display_name":"Proceedings of the ACM on software engineering.","issn_l":"2994-970X","issn":["2994-970X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Software Engineering","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://doi.org/10.1145/3715714","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5103272632","display_name":"Ruichao Liang","orcid":"https://orcid.org/0009-0003-0709-6420"},"institutions":[{"id":"https://openalex.org/I37461747","display_name":"Wuhan University","ror":"https://ror.org/033vjfk17","country_code":"CN","type":"education","lineage":["https://openalex.org/I37461747"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Ruichao Liang","raw_affiliation_strings":["Wuhan University, Wuhan, China"],"raw_orcid":"https://orcid.org/0009-0003-0709-6420","affiliations":[{"raw_affiliation_string":"Wuhan University, Wuhan, China","institution_ids":["https://openalex.org/I37461747"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100394917","display_name":"Jing Chen","orcid":"https://orcid.org/0000-0002-7212-5297"},"institutions":[{"id":"https://openalex.org/I37461747","display_name":"Wuhan University","ror":"https://ror.org/033vjfk17","country_code":"CN","type":"education","lineage":["https://openalex.org/I37461747"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jing Chen","raw_affiliation_strings":["Wuhan University, Wuhan, China"],"raw_orcid":"https://orcid.org/0000-0002-7212-5297","affiliations":[{"raw_affiliation_string":"Wuhan University, Wuhan, China","institution_ids":["https://openalex.org/I37461747"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5107179549","display_name":"Ruochen Cao","orcid":null},"institutions":[{"id":"https://openalex.org/I37461747","display_name":"Wuhan University","ror":"https://ror.org/033vjfk17","country_code":"CN","type":"education","lineage":["https://openalex.org/I37461747"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ruochen Cao","raw_affiliation_strings":["Wuhan University, Wuhan, China"],"raw_orcid":"https://orcid.org/0009-0009-2129-0282","affiliations":[{"raw_affiliation_string":"Wuhan University, Wuhan, China","institution_ids":["https://openalex.org/I37461747"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5004999865","display_name":"Kun He","orcid":"https://orcid.org/0000-0003-3472-419X"},"institutions":[{"id":"https://openalex.org/I37461747","display_name":"Wuhan University","ror":"https://ror.org/033vjfk17","country_code":"CN","type":"education","lineage":["https://openalex.org/I37461747"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Kun He","raw_affiliation_strings":["Wuhan University, Wuhan, China"],"raw_orcid":"https://orcid.org/0000-0003-3472-419X","affiliations":[{"raw_affiliation_string":"Wuhan University, Wuhan, China","institution_ids":["https://openalex.org/I37461747"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100529319","display_name":"Ruiying Du","orcid":"https://orcid.org/0000-0002-3634-3385"},"institutions":[{"id":"https://openalex.org/I37461747","display_name":"Wuhan University","ror":"https://ror.org/033vjfk17","country_code":"CN","type":"education","lineage":["https://openalex.org/I37461747"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ruiying Du","raw_affiliation_strings":["Wuhan University, Wuhan, China"],"raw_orcid":"https://orcid.org/0000-0002-3634-3385","affiliations":[{"raw_affiliation_string":"Wuhan University, Wuhan, China","institution_ids":["https://openalex.org/I37461747"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060877539","display_name":"S. Q. Li","orcid":null},"institutions":[{"id":"https://openalex.org/I37461747","display_name":"Wuhan University","ror":"https://ror.org/033vjfk17","country_code":"CN","type":"education","lineage":["https://openalex.org/I37461747"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shuhua Li","raw_affiliation_strings":["Wuhan University, Wuhan, China"],"raw_orcid":"https://orcid.org/0009-0007-6865-0332","affiliations":[{"raw_affiliation_string":"Wuhan University, Wuhan, China","institution_ids":["https://openalex.org/I37461747"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089094818","display_name":"Zheng Lin","orcid":"https://orcid.org/0000-0002-4463-5652"},"institutions":[{"id":"https://openalex.org/I889458895","display_name":"University of Hong Kong","ror":"https://ror.org/02zhqgq86","country_code":"HK","type":"education","lineage":["https://openalex.org/I889458895"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Zheng Lin","raw_affiliation_strings":["University of Hong Kong, HongKong, Hong Kong"],"raw_orcid":"https://orcid.org/0000-0002-4463-5652","affiliations":[{"raw_affiliation_string":"University of Hong Kong, HongKong, Hong Kong","institution_ids":["https://openalex.org/I889458895"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101623391","display_name":"Cong Wu","orcid":"https://orcid.org/0000-0002-0930-0283"},"institutions":[{"id":"https://openalex.org/I37461747","display_name":"Wuhan University","ror":"https://ror.org/033vjfk17","country_code":"CN","type":"education","lineage":["https://openalex.org/I37461747"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Cong Wu","raw_affiliation_strings":["Wuhan University, Wuhan, China"],"raw_orcid":"https://orcid.org/0000-0002-0930-0283","affiliations":[{"raw_affiliation_string":"Wuhan University, Wuhan, China","institution_ids":["https://openalex.org/I37461747"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5103272632"],"corresponding_institution_ids":["https://openalex.org/I37461747"],"apc_list":null,"apc_paid":null,"fwci":3.8114,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.93273407,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":99},"biblio":{"volume":"2","issue":"FSE","first_page":"65","last_page":"85"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9440920352935791},{"id":"https://openalex.org/keywords/stateful-firewall","display_name":"Stateful firewall","score":0.8504971265792847},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8429080843925476},{"id":"https://openalex.org/keywords/smart-contract","display_name":"Smart contract","score":0.7412924766540527},{"id":"https://openalex.org/keywords/database-transaction","display_name":"Database transaction","score":0.5989063382148743},{"id":"https://openalex.org/keywords/snapshot","display_name":"Snapshot (computer storage)","score":0.5804799795150757},{"id":"https://openalex.org/keywords/blockchain","display_name":"Blockchain","score":0.5641748905181885},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.49817895889282227},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.43617355823516846},{"id":"https://openalex.org/keywords/firewall","display_name":"Firewall (physics)","score":0.42384809255599976},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.303217351436615},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.14249658584594727},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.1316036581993103}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9440920352935791},{"id":"https://openalex.org/C22927095","wikidata":"https://www.wikidata.org/wiki/Q1784206","display_name":"Stateful firewall","level":3,"score":0.8504971265792847},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8429080843925476},{"id":"https://openalex.org/C2779950589","wikidata":"https://www.wikidata.org/wiki/Q7544035","display_name":"Smart contract","level":3,"score":0.7412924766540527},{"id":"https://openalex.org/C75949130","wikidata":"https://www.wikidata.org/wiki/Q848010","display_name":"Database transaction","level":2,"score":0.5989063382148743},{"id":"https://openalex.org/C55282118","wikidata":"https://www.wikidata.org/wiki/Q252683","display_name":"Snapshot (computer storage)","level":2,"score":0.5804799795150757},{"id":"https://openalex.org/C2779687700","wikidata":"https://www.wikidata.org/wiki/Q20514253","display_name":"Blockchain","level":2,"score":0.5641748905181885},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.49817895889282227},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.43617355823516846},{"id":"https://openalex.org/C77714075","wikidata":"https://www.wikidata.org/wiki/Q5452017","display_name":"Firewall (physics)","level":5,"score":0.42384809255599976},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.303217351436615},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.14249658584594727},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.1316036581993103},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C124017977","wikidata":"https://www.wikidata.org/wiki/Q11412","display_name":"Gravitation","level":2,"score":0.0},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.0},{"id":"https://openalex.org/C183915046","wikidata":"https://www.wikidata.org/wiki/Q1316152","display_name":"Charged black hole","level":4,"score":0.0},{"id":"https://openalex.org/C115304011","wikidata":"https://www.wikidata.org/wiki/Q72755","display_name":"Schwarzschild radius","level":3,"score":0.0},{"id":"https://openalex.org/C74650414","wikidata":"https://www.wikidata.org/wiki/Q11397","display_name":"Classical mechanics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3715714","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3715714","pdf_url":null,"source":{"id":"https://openalex.org/S4404663975","display_name":"Proceedings of the ACM on software engineering.","issn_l":"2994-970X","issn":["2994-970X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Software Engineering","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3715714","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3715714","pdf_url":null,"source":{"id":"https://openalex.org/S4404663975","display_name":"Proceedings of the ACM on software engineering.","issn_l":"2994-970X","issn":["2994-970X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Software Engineering","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":34,"referenced_works":["https://openalex.org/W2539190473","https://openalex.org/W2751862727","https://openalex.org/W2805052744","https://openalex.org/W2806746626","https://openalex.org/W2846896781","https://openalex.org/W2958408931","https://openalex.org/W2964097210","https://openalex.org/W2982275082","https://openalex.org/W2985495886","https://openalex.org/W3015325345","https://openalex.org/W3016155638","https://openalex.org/W3043576244","https://openalex.org/W3089408602","https://openalex.org/W3091518781","https://openalex.org/W3091620507","https://openalex.org/W3105187050","https://openalex.org/W3128660473","https://openalex.org/W3214421193","https://openalex.org/W4220830491","https://openalex.org/W4221162498","https://openalex.org/W4288057718","https://openalex.org/W4311165842","https://openalex.org/W4313563646","https://openalex.org/W4316661173","https://openalex.org/W4384154650","https://openalex.org/W4384155618","https://openalex.org/W4384304916","https://openalex.org/W4388037513","https://openalex.org/W4394746135","https://openalex.org/W4394746363","https://openalex.org/W4402263599","https://openalex.org/W4402264453","https://openalex.org/W4402264471","https://openalex.org/W4402288736"],"related_works":["https://openalex.org/W2129975948","https://openalex.org/W2591875911","https://openalex.org/W2365857366","https://openalex.org/W8359669","https://openalex.org/W2736754676","https://openalex.org/W4287833485","https://openalex.org/W40377838","https://openalex.org/W4401906987","https://openalex.org/W4401907763","https://openalex.org/W4404407863"],"abstract_inverted_index":{"Smart":[0],"contracts,":[1],"as":[2,133],"Turing-complete":[3],"programs":[4],"managing":[5],"billions":[6],"of":[7,41,249],"assets":[8],"in":[9,25,85,100,281],"decentralized":[10],"finance,":[11],"are":[12,76,272],"prime":[13],"targets":[14],"for":[15,22],"attackers.":[16],"While":[17],"fuzz":[18,199],"testing":[19],"seems":[20],"effective":[21,220],"detecting":[23,269],"vulnerabilities":[24,121,224,270,280],"these":[26,42,146],"programs,":[27],"we":[28,111],"identify":[29],"several":[30],"significant":[31],"challenges":[32,89],"when":[33],"targeting":[34],"smart":[35,123],"contracts:":[36],"(i)":[37],"the":[38,59,68,163,226,282],"stateful":[39,45],"nature":[40],"contracts":[43,84,203,247,252],"requires":[44],"exploration,":[46],"but":[47],"current":[48,74,91],"fuzzers":[49,75,92],"rely":[50],"on":[51],"transaction":[52],"sequences":[53],"to":[54,78,82,118,141,160,185,197,221,238,256],"manipulate":[55],"contract":[56,63,102,128,200],"states,":[57,174,201],"making":[58],"process":[60],"inefficient;":[61],"(ii)":[62],"execution":[64,177],"is":[65,219,236,254],"influenced":[66],"by":[67,268],"continuously":[69],"changing":[70],"blockchain":[71,106,131,168,208],"environment,":[72],"yet":[73],"limited":[77],"local":[79],"deployments,":[80],"failing":[81],"test":[83,202],"real-world":[86,176,251,266],"scenarios.":[87],"These":[88,193],"hinder":[90],"from":[93],"uncovering":[94,277],"hidden":[95,120,223],"vulnerabilities,":[96],"i.e.,":[97],"those":[98],"concealed":[99],"deep":[101],"states":[103,129],"and":[104,130,137,144,206,210,230,276],"specific":[105],"environments.":[107],"In":[108],"this":[109],"paper,":[110],"present":[112],"SmartShot,":[113],"a":[114,150,181],"mutable":[115,139,187],"snapshot-based":[116],"fuzzer":[117],"hunt":[119],"within":[122],"contracts.":[124,286],"We":[125,179],"innovatively":[126],"formulate":[127],"environments":[132,169],"directly":[134],"fuzzable":[135],"elements":[136],"design":[138],"snapshots":[140,188],"quickly":[142],"restore":[143],"mutate":[145],"elements.":[147],"SmartShot":[148,166,196,218,235,262],"features":[149],"symbolic":[151],"taint":[152],"analysis-based":[153],"mutation":[154],"strategy":[155],"along":[156],"with":[157,225],"double":[158],"validation":[159],"soundly":[161],"guide":[162],"state":[164],"mutation.":[165],"mutates":[167],"using":[170],"contract\u2019s":[171],"historical":[172],"on-chain":[173,212,275],"providing":[175],"contexts.":[178],"propose":[180],"snapshot":[182],"checkpoint":[183],"mechanism":[184],"integrate":[186],"into":[189],"SmartShot\u2019s":[190],"fuzzing":[191],"loops.":[192],"innovations":[194],"enable":[195],"effectively":[198],"across":[204],"varied":[205],"realistic":[207],"environments,":[209],"support":[211],"fuzzing.":[213],"Experimental":[214],"results":[215],"show":[216],"that":[217,271],"detect":[222],"highest":[227],"code":[228],"coverage":[229],"lowest":[231],"false":[232],"positive":[233],"rate.":[234],"4.8\u00d7":[237],"20.2\u00d7":[239],"faster":[240],"than":[241,259],"state-of-the-art":[242],"tools,":[243],"identifying":[244],"2,150":[245],"vulnerable":[246],"out":[248],"42,738":[250],"which":[253],"2.1\u00d7":[255],"13.7\u00d7":[257],"more":[258],"other":[260],"tools.":[261],"has":[263],"demonstrated":[264],"its":[265],"impact":[267],"only":[273],"discoverable":[274],"24":[278],"0-day":[279],"latest":[283],"10,000":[284],"deployed":[285]},"counts_by_year":[{"year":2026,"cited_by_count":2}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}