SSR: Safeguarding Staking Rewards by Defining and Detecting Logical Defects in DeFi Staking
This program is tentative and subject to change.
Decentralized Finance (DeFi) staking is one of the most prominent applications within the DeFi ecosystem, where DeFi projects enable users to stake tokens on the platform and reward participants with additional tokens. However, logical defects in DeFi staking could enable attackers to claim unwarranted rewards by manipulating reward amounts, repeatedly claiming rewards, or engaging in other malicious actions. To mitigate these threats, we conducted the first study focused on defining and detecting logical defects in DeFi staking. Through the analysis of 54 security incidents and 144 audit reports, we identified six distinct types of logical defects, each accompanied by detailed descriptions and code examples. Building on this empirical research, we developed SSR (Safeguarding Staking Reward), a static analysis tool designed to detect logical defects in DeFi staking contracts. SSR utilizes a large language model (LLM) to extract fundamental information about staking logic and constructs a DeFi staking model. It then identifies logical defects by analyzing the model and the associated semantic features. We constructed a ground truth dataset based on known security incidents and audit reports to evaluate the effectiveness of SSR. The results indicate that SSR achieves an overall precision of 90.91%, a recall of 86.03%, and an F1-score of 86.66%. Additionally, to assess the prevalence of logical defects in real-world smart contracts, we compiled a large-scale dataset of 15,992 DeFi staking contracts. SSR detected that 3,557 (22.24%) of these contracts contained at least one logical defect.
This program is tentative and subject to change.
Mon 17 NovDisplayed time zone: Seoul change
11:00 - 12:30 | |||
11:00 10mTalk | The Fault in our Stats Research Papers | ||
11:10 10mTalk | Agents in the Sandbox: End-to-End Crash Bug Reproduction for Minecraft Research Papers Eray Yapağcı Bilkent University, Yavuz Alp Sencer Öztürk Bilkent University, Eray Tüzün Bilkent University | ||
11:20 10mTalk | Finding Bugs in MLIR Compiler Infrastructure via Lowering Space Exploration Research Papers Jingjing Liang East China Normal University, Shan Huang East China Normal University, Ting Su East China Normal University | ||
11:30 10mTalk | Why Do Machine Learning Notebooks Crash? An Empirical Study on Public Python Jupyter Notebooks Journal-First Track Yiran Wang Linköping University, Willem Meijer Linköping University, José Antonio Hernández López Universidad de Murcia, Ulf Nilsson Linköping University, Daniel Varro Linköping University / McGill University | ||
11:40 10mTalk | When AllClose Fails: Round-Off Error Estimation for Deep Learning Programs Research Papers Qi Zhan Zhejiang University, Xing Hu Zhejiang University, Yuanyi Lin Huawei Technologies, Tongtong Xu Huawei, Xin Xia Zhejiang University, Shanping Li Zhejiang University | ||
11:50 10mTalk | LLM-Powered Multi-Agent Collaboration for Intelligent Industrial On-Call Automation Research Papers Ruowei Fu Nankai University, Yang Zhang ByteDance Inc., Zeyu Che Nankai University, Xin Wu ByteDance Inc., Zhenyu Zhong Nankai University, Zhiqiang Ren ByteDance Inc., Shenglin Zhang Nankai University, Feng Wang ByteDance Inc., Yongqian Sun Nankai University, Xiaozhou Liu ByteDance Inc., Kexin Liu Nankai University, Yu Zhang ByteDance Inc. | ||
12:00 10mTalk | SSR: Safeguarding Staking Rewards by Defining and Detecting Logical Defects in DeFi Staking Research Papers Zewei Lin Sun Yat-sen University, Jiachi Chen Sun Yat-sen University, Jingwen Zhang School of Software Engineering, Sun Yat sen University, Zexu Wang Sun Yat-sen University, Yuming Feng Peng Cheng Laboratory, Weizhe Zhang Harbin Institute of Technology, Zibin Zheng Sun Yat-sen University | ||
12:10 10mTalk | Finding Bugs in WebAssembly Interface Type Binding Generators Research Papers | ||
12:20 10mTalk | LineBreaker: Finding Token-Inconsistency Bugs using Large Language Models Research Papers Hongbo Chen Indiana University Bloomington, Yifan Zhang San Diego State University, Xing Han The Hong Kong University of Science and Technology, Tianhao Mao Indiana University, Huanyao Rong Indiana University Bloomington, Yuheng Zhang Tsinghua University, Hang Zhang Indiana University, XiaoFeng Wang ACM member, Luyi Xing Indiana University Bloomington/University of Illinois Urbana-Champaign, Xun Chen Samsung Research America | ||