{"id":"https://openalex.org/W7138910768","doi":"https://doi.org/10.48550/arxiv.2603.16349","title":"SseRex: Practical Symbolic Execution of Solana Smart Contracts","display_name":"SseRex: Practical Symbolic Execution of Solana Smart Contracts","publication_year":2026,"publication_date":"2026-03-17","ids":{"openalex":"https://openalex.org/W7138910768","doi":"https://doi.org/10.48550/arxiv.2603.16349"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2603.16349","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.16349","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2603.16349","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5014851696","display_name":"Tobias Cloosters","orcid":"https://orcid.org/0009-0008-3682-0197"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Cloosters, Tobias","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081189339","display_name":"Pascal Winkler","orcid":"https://orcid.org/0009-0002-8324-4993"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Winkler, Pascal","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5013395070","display_name":"Jens-Rene Giesen","orcid":"https://orcid.org/0009-0004-0685-6237"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Giesen, Jens-Rene","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5059087800","display_name":"Ghassan Karame","orcid":"https://orcid.org/0000-0002-2828-4071"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Karame, Ghassan","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5089242868","display_name":"Lucas Davi","orcid":"https://orcid.org/0000-0002-7322-2777"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Davi, Lucas","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5014851696"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.49219998717308044,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.49219998717308044,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.13950000703334808,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.09619999676942825,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5047000050544739},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4632999897003174},{"id":"https://openalex.org/keywords/symbolic-execution","display_name":"Symbolic execution","score":0.40540000796318054},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.33070001006126404},{"id":"https://openalex.org/keywords/development","display_name":"Development (topology)","score":0.26179999113082886}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5794000029563904},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5047000050544739},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4632999897003174},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.43070000410079956},{"id":"https://openalex.org/C2779639559","wikidata":"https://www.wikidata.org/wiki/Q7661178","display_name":"Symbolic execution","level":3,"score":0.40540000796318054},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.33070001006126404},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.30250000953674316},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.2809000015258789},{"id":"https://openalex.org/C2776542497","wikidata":"https://www.wikidata.org/wiki/Q5266672","display_name":"Development (topology)","level":2,"score":0.26179999113082886},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.24289999902248383}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2603.16349","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.16349","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2603.16349","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.16349","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"score":0.41924425959587097,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Solana":[0,34,112],"is":[1],"rapidly":[2],"gaining":[3],"traction":[4],"among":[5],"smart":[6,35],"contract":[7],"developers":[8],"and":[9,45,76,99,114],"users.":[10],"However,":[11],"its":[12],"growing":[13],"adoption":[14],"has":[15],"been":[16],"accompanied":[17],"by":[18],"a":[19],"series":[20],"of":[21,49,88,121,137],"major":[22],"security":[23],"incidents,":[24],"which":[25],"have":[26],"spurred":[27],"research":[28],"into":[29],"automated":[30],"analysis":[31,146],"techniques":[32],"for":[33,64,144],"contracts.":[36,106],"Unfortunately,":[37],"existing":[38,97],"approaches":[39,98],"do":[40],"not":[41],"address":[42],"the":[43,57,134,142],"unique":[44],"complex":[46],"account":[47],"model":[48],"Solana.":[50],"In":[51],"this":[52],"paper,":[53],"we":[54,108],"propose":[55],"SseRex,":[56],"first":[58],"symbolic":[59],"execution":[60],"vulnerability":[61],"detection":[62],"approach":[63,95],"finding":[65],"Solana-specific":[66],"bugs":[67,102],"such":[68],"as":[69,80,82,133],"missing":[70,73,77],"owner":[71],"checks,":[72,75,79],"signer":[74],"key":[78],"well":[81],"arbitrary":[83],"cross-program":[84],"invocations.":[85],"Our":[86,123],"evaluation":[87],"8,714":[89],"bytecode-only":[90],"contracts":[91],"shows":[92],"that":[93,126],"our":[94],"outperforms":[96],"identifies":[100],"potential":[101],"in":[103],"467":[104],"different":[105],"Additionally,":[107],"analyzed":[109],"120":[110],"open-source":[111],"projects":[113],"conducted":[115],"in-depth":[116],"case":[117],"studies":[118],"on":[119],"four":[120],"them.":[122],"findings":[124],"reveal":[125],"subtle,":[127],"easily":[128],"overlooked":[129],"issues":[130],"often":[131],"serve":[132],"root":[135],"cause":[136],"severe":[138],"exploits,":[139],"further":[140],"highlighting":[141],"need":[143],"specialized":[145],"tools":[147],"like":[148],"SseRex.":[149]},"counts_by_year":[],"updated_date":"2026-05-04T08:30:34.212998","created_date":"2026-03-20T00:00:00"}