{"id":"https://openalex.org/W4406485105","doi":"https://doi.org/10.1145/3715720","title":"Smart Contract Fuzzing Towards Profitable Vulnerabilities","display_name":"Smart Contract Fuzzing Towards Profitable Vulnerabilities","publication_year":2025,"publication_date":"2025-06-19","ids":{"openalex":"https://openalex.org/W4406485105","doi":"https://doi.org/10.1145/3715720"},"language":"en","primary_location":{"id":"doi:10.1145/3715720","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3715720","pdf_url":null,"source":{"id":"https://openalex.org/S4404663975","display_name":"Proceedings of the ACM on software engineering.","issn_l":"2994-970X","issn":["2994-970X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Software Engineering","raw_type":"journal-article"},"type":"preprint","indexed_in":["arxiv","crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://doi.org/10.1145/3715720","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5005112254","display_name":"Ziqiao Kong","orcid":"https://orcid.org/0009-0009-4926-4932"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Ziqiao Kong","raw_affiliation_strings":["Nanyang Technological University, Singapore, Singapore"],"raw_orcid":"https://orcid.org/0009-0009-4926-4932","affiliations":[{"raw_affiliation_string":"Nanyang Technological University, Singapore, Singapore","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Cen Zhang","orcid":"https://orcid.org/0000-0001-5603-1322"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Cen Zhang","raw_affiliation_strings":["Nanyang Technological University, Singapore, Singapore"],"raw_orcid":"https://orcid.org/0000-0001-5603-1322","affiliations":[{"raw_affiliation_string":"Nanyang Technological University, Singapore, Singapore","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024245752","display_name":"Maoyi Xie","orcid":"https://orcid.org/0009-0001-4496-5037"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Maoyi Xie","raw_affiliation_strings":["Nanyang Technological University, Singapore, Singapore"],"raw_orcid":"https://orcid.org/0009-0001-4496-5037","affiliations":[{"raw_affiliation_string":"Nanyang Technological University, Singapore, Singapore","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Ming Hu","orcid":"https://orcid.org/0000-0002-5058-4660"},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Ming Hu","raw_affiliation_strings":["Singapore Management University, Singapore, Singapore"],"raw_orcid":"https://orcid.org/0000-0002-5058-4660","affiliations":[{"raw_affiliation_string":"Singapore Management University, Singapore, Singapore","institution_ids":["https://openalex.org/I79891267"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5082360292","display_name":"Yue Xue","orcid":"https://orcid.org/0009-0004-2141-2044"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yue Xue","raw_affiliation_strings":["MetaTrust Labs, Singapore, Singapore"],"raw_orcid":"https://orcid.org/0009-0004-2141-2044","affiliations":[{"raw_affiliation_string":"MetaTrust Labs, Singapore, Singapore","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100346528","display_name":"Ye Liu","orcid":"https://orcid.org/0000-0001-6709-3721"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]},{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Ye Liu","raw_affiliation_strings":["Nanyang Technological University, Singapore, Singapore","Singapore Management University, Singapore, Singapore"],"raw_orcid":"https://orcid.org/0000-0001-6709-3721","affiliations":[{"raw_affiliation_string":"Nanyang Technological University, Singapore, Singapore","institution_ids":["https://openalex.org/I172675005"]},{"raw_affiliation_string":"Singapore Management University, Singapore, Singapore","institution_ids":["https://openalex.org/I79891267"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100419375","display_name":"Haijun Wang","orcid":"https://orcid.org/0009-0001-3509-3919"},"institutions":[{"id":"https://openalex.org/I87445476","display_name":"Xi'an Jiaotong University","ror":"https://ror.org/017zhmm22","country_code":"CN","type":"education","lineage":["https://openalex.org/I87445476"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haijun Wang","raw_affiliation_strings":["Xi'an Jiaotong University, Xi'an, China"],"raw_orcid":"https://orcid.org/0009-0001-3509-3919","affiliations":[{"raw_affiliation_string":"Xi'an Jiaotong University, Xi'an, China","institution_ids":["https://openalex.org/I87445476"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100355692","display_name":"Yang Liu","orcid":"https://orcid.org/0000-0001-7300-9215"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]},{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Yang Liu","raw_affiliation_strings":["Nanyang Technological University, Singapore, Singapore","Singapore Management University, Singapore, Singapore"],"raw_orcid":"https://orcid.org/0000-0001-7300-9215","affiliations":[{"raw_affiliation_string":"Nanyang Technological University, Singapore, Singapore","institution_ids":["https://openalex.org/I172675005"]},{"raw_affiliation_string":"Singapore Management University, Singapore, Singapore","institution_ids":["https://openalex.org/I79891267"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":8,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":2.3589,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.85579451,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":98},"biblio":{"volume":"2","issue":"FSE","first_page":"153","last_page":"175"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9591000080108643,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9591000080108643,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9294866919517517},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.524655818939209},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.5149543881416321},{"id":"https://openalex.org/keywords/smart-contract","display_name":"Smart contract","score":0.48590508103370667},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.39261242747306824},{"id":"https://openalex.org/keywords/law-and-economics","display_name":"Law and economics","score":0.3793671727180481},{"id":"https://openalex.org/keywords/economics","display_name":"Economics","score":0.1841064989566803},{"id":"https://openalex.org/keywords/blockchain","display_name":"Blockchain","score":0.14188668131828308},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.13314750790596008},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.05944696068763733}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9294866919517517},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.524655818939209},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.5149543881416321},{"id":"https://openalex.org/C2779950589","wikidata":"https://www.wikidata.org/wiki/Q7544035","display_name":"Smart contract","level":3,"score":0.48590508103370667},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.39261242747306824},{"id":"https://openalex.org/C190253527","wikidata":"https://www.wikidata.org/wiki/Q295354","display_name":"Law and economics","level":1,"score":0.3793671727180481},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.1841064989566803},{"id":"https://openalex.org/C2779687700","wikidata":"https://www.wikidata.org/wiki/Q20514253","display_name":"Blockchain","level":2,"score":0.14188668131828308},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.13314750790596008},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.05944696068763733}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1145/3715720","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3715720","pdf_url":null,"source":{"id":"https://openalex.org/S4404663975","display_name":"Proceedings of the ACM on software engineering.","issn_l":"2994-970X","issn":["2994-970X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Software Engineering","raw_type":"journal-article"},{"id":"pmh:oai:dr.ntu.edu.sg:10356/201465","is_oa":false,"landing_page_url":"https://hdl.handle.net/10356/201465","pdf_url":null,"source":{"id":"https://openalex.org/S4306402609","display_name":"DR-NTU (Nanyang Technological University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I172675005","host_organization_name":"Nanyang Technological University","host_organization_lineage":["https://openalex.org/I172675005"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":null,"raw_type":"Journal Article"},{"id":"pmh:oai:arXiv.org:2501.08834","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2501.08834","pdf_url":"https://arxiv.org/pdf/2501.08834","source":{"id":"https://openalex.org/S4393918464","display_name":"ArXiv.org","issn_l":"2331-8422","issn":["2331-8422"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"doi:10.48550/arxiv.2501.08834","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2501.08834","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article-journal"}],"best_oa_location":{"id":"doi:10.1145/3715720","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3715720","pdf_url":null,"source":{"id":"https://openalex.org/S4404663975","display_name":"Proceedings of the ACM on software engineering.","issn_l":"2994-970X","issn":["2994-970X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Software Engineering","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G6036235291","display_name":null,"funder_award_id":"NCRP25-P04-TAICeN","funder_id":"https://openalex.org/F4320320709","funder_display_name":"National Research Foundation Singapore"},{"id":"https://openalex.org/G6077080905","display_name":null,"funder_award_id":"2022YFB2703503","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"},{"id":"https://openalex.org/G8982717833","display_name":null,"funder_award_id":"AISG2-GC-2023-008","funder_id":"https://openalex.org/F4320320709","funder_display_name":"National Research Foundation Singapore"}],"funders":[{"id":"https://openalex.org/F4320320671","display_name":"National Research Foundation","ror":"https://ror.org/05s0g1g46"},{"id":"https://openalex.org/F4320320709","display_name":"National Research Foundation Singapore","ror":"https://ror.org/03cpyc314"},{"id":"https://openalex.org/F4320335777","display_name":"National Key Research and Development Program of China","ror":null}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":31,"referenced_works":["https://openalex.org/W2034996255","https://openalex.org/W2535617737","https://openalex.org/W2964097210","https://openalex.org/W3015365135","https://openalex.org/W4205689130","https://openalex.org/W4308632293","https://openalex.org/W3043576244","https://openalex.org/W2985495886","https://openalex.org/W2964241064","https://openalex.org/W6949171121","https://openalex.org/W2967191362","https://openalex.org/W4388857350","https://openalex.org/W2002934700","https://openalex.org/W3091620507","https://openalex.org/W2980275936","https://openalex.org/W4362509534","https://openalex.org/W3120405143","https://openalex.org/W3211314335","https://openalex.org/W4385412537","https://openalex.org/W4384155618","https://openalex.org/W4313563646","https://openalex.org/W4388483249","https://openalex.org/W3214421193","https://openalex.org/W2805052744","https://openalex.org/W4394745749","https://openalex.org/W4390204305","https://openalex.org/W4285060547","https://openalex.org/W3014684725","https://openalex.org/W4384304916","https://openalex.org/W3152829963","https://openalex.org/W3134196592"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2511770387","https://openalex.org/W3120811337","https://openalex.org/W2766647240","https://openalex.org/W4385301282","https://openalex.org/W2990186179","https://openalex.org/W4210660460","https://openalex.org/W3203597304","https://openalex.org/W4206573979","https://openalex.org/W3004205122"],"abstract_inverted_index":{"Billions":[0],"of":[1,48,62,112,160,169],"dollars":[2,173,187],"are":[3,244],"transacted":[4],"through":[5],"smart":[6,81],"contracts,":[7],"making":[8],"vulnerabilities":[9,24,92,243],"a":[10,31,46,79,138,157],"major":[11],"financial":[12],"risk.":[13],"One":[14],"focus":[15],"in":[16,58,188,198,212,234],"the":[17,60,66,96,110,127],"security":[18],"arms":[19],"race":[20],"is":[21,30,149,191,229],"on":[22,156,209],"profitable":[23,91,120],"that":[25,85,178],"attackers":[26],"can":[27,180],"exploit.":[28],"Fuzzing":[29],"key":[32,102],"method":[33],"for":[34,51,108,144],"identifying":[35],"these":[36,73,145],"vulnerabilities.":[37],"However,":[38],"current":[39],"solutions":[40],"face":[41],"two":[42],"main":[43],"limitations:":[44],"1.":[45,104],"lack":[47],"profit-centric":[49,80],"techniques":[50],"expediting":[52],"detection":[53,200],"and,":[54],"2.":[55,118],"insufficient":[56],"automation":[57],"maximizing":[59],"profitability":[61],"discovered":[63],"vulnerabilities,":[64],"leaving":[65],"analysis":[67],"to":[68,224],"human":[69],"experts.":[70],"To":[71],"address":[72],"gaps,":[74],"we":[75],"have":[76],"developed":[77,151],"VERITE,":[78],"contract":[82,235],"fuzzing":[83],"framework":[84],"not":[86],"only":[87],"effectively":[88],"detects":[89],"those":[90],"but":[93],"also":[94,230],"maximizes":[95],"exploited":[97,162],"profits.":[98],"VERITE":[99,148,179,228],"has":[100,129],"three":[101],"features:":[103],"DeFi":[105,164],"action-based":[106],"mutators":[107],"boosting":[109],"exploration":[111],"transactions":[113],"with":[114,166,246],"different":[115],"fund":[116,132],"flows;":[117],"potentially":[119],"candidates":[121],"identification":[122],"criteria,":[123],"which":[124],"checks":[125],"whether":[126],"input":[128],"caused":[130],"abnormal":[131],"flow":[133],"properties":[134],"during":[135],"testing;":[136],"3.":[137],"gradient":[139],"descent-based":[140],"profit":[141],"maximization":[142],"strategy":[143],"identified":[146],"candidates.":[147],"fully":[150],"from":[152],"scratch":[153],"and":[154,190,202],"evaluated":[155],"dataset":[158],"consisting":[159],"61":[161],"real-world":[163,220],"projects":[165],"an":[167],"average":[168],"over":[170,247],"1.1":[171],"million":[172,186],"loss.":[174],"The":[175],"results":[176],"show":[177],"automatically":[181],"extract":[182],"more":[183,206,217],"than":[184,194,219],"18":[185],"total":[189],"significantly":[192],"better":[193],"state-of-the-art":[195],"fuzzer":[196],"ItyFuzz":[197],"both":[199],"(29/10)":[201],"exploitation":[203],"(134":[204],"times":[205,226],"profits":[207,218],"gained":[208],"average).":[210],"Remarkably,":[211],"12":[213],"targets,":[214],"it":[215],"gains":[216],"attacking":[221],"exploits":[222],"(1.01":[223],"11.45":[225],"more).":[227],"applied":[231],"by":[232],"auditors":[233],"auditing,":[236],"where":[237],"6":[238],"(5":[239],"high":[240],"severity)":[241],"zero-day":[242],"found":[245],"$2,500":[248],"bounty":[249],"rewards.":[250]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-01-17T00:00:00"}