FSE 2025
Mon 23 - Fri 27 June 2025 Trondheim, Norway
co-located with ISSTA 2025
Tue 24 Jun 2025 11:00 - 11:20 at Vega - Blockchain and Smart Contract Chair(s): Cuiyun Gao

Smart contracts, as Turing-complete programs managing billions of assets in decentralized finance, are prime targets for attackers. While fuzz testing seems effective for detecting vulnerabilities in these programs, we identify several significant challenges when targeting smart contracts: (i) the stateful nature of these contracts requires stateful exploration, but current fuzzers rely on transaction sequences to manipulate contract states, making the process inefficient; (ii) contract execution is influenced by the continuously changing blockchain environment, yet current fuzzers are limited to local deployments, failing to test contracts in real-world scenarios. These challenges hinder current fuzzers from uncovering hidden vulnerabilities, i.e., those concealed in deep contract states and specific blockchain environments.

In this paper, we present SmartShot, a mutable snapshot-based fuzzer to hunt hidden vulnerabilities within smart contracts. We innovatively formulate contract states and blockchain environments as directly fuzzable elements and design mutable snapshots to quickly restore and mutate these elements. SmartShot features a symbolic taint analysis-based mutation strategy along with double validation to soundly guide the state mutation. SmartShot mutates blockchain environments using contract’s historical on-chain states, providing real-world execution contexts. We propose a snapshot checkpoint mechanism to integrate mutable snapshots into SmartShot’s fuzzing loops. These innovations enable SmartShot to effectively fuzz contract states, test contracts across varied and realistic blockchain environments, and support on-chain fuzzing. Experimental results show that SmartShot is effective to detect hidden vulnerabilities with the highest code coverage and lowest false positive rate. SmartShot is 4.8x to 20.2x faster than state-of-the-art tools, identifying 2,150 vulnerable contracts out of 42,738 real-world contracts which is 2.1x to 13.7x more than other tools. SmartShot has demonstrated its real-world impact by detecting vulnerabilities that are only discoverable on-chain and uncovering 24 0-day vulnerabilities in the latest 10,000 deployed contracts.

Tue 24 Jun

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

10:30 - 12:20
Blockchain and Smart ContractIdeas, Visions and Reflections / Research Papers at Vega
Chair(s): Cuiyun Gao Harbin Institute of Technology, Shenzhen
10:30
10m
Talk
SmartShift: A Secure and Efficient Approach to Smart Contract Migration
Ideas, Visions and Reflections
Tahrim Hossain Syracuse University, Faisal Haque Bappy Syracuse University, Tarannum Shaila Zaman University of Maryland Baltimore County, Raiful Hasan Kent State University, Tariqul Islam Syracuse University
10:40
20m
Talk
LookAhead: Preventing DeFi Attacks via Unveiling Adversarial Contracts
Research Papers
Shoupeng Ren Zhejiang University, Lipeng He University of Waterloo, Tianyu Tu Zhejiang University, Di Wu Zhejiang University, Jian Liu Zhejiang University, Kui Ren Zhejiang University, Chun Chen Zhejiang University
DOI Pre-print
11:00
20m
Talk
SmartShot: Hunt Hidden Vulnerabilities in Smart Contracts using Mutable Snapshots
Research Papers
Ruichao Liang Wuhan University, Jing Chen Wuhan University, Ruochen Cao Wuhan University, Kun He Wuhan University, Ruiying Du Wuhan University, Shuhua Li Wuhan University, Zheng Lin University of Hong Kong, Cong Wu Wuhan University
DOI
11:20
20m
Talk
Automated and Accurate Token Transfer Identification and Its Applications in Cryptocurrency Security
Research Papers
Shuwei Song University of Electronic Science and Technology of China, Ting Chen University of Electronic Science and Technology of China, Ao Qiao University of Electronic Science and Technology of China, Xiapu Luo Hong Kong Polytechnic University, Leqing Wang University of Electronic Science and Technology of China, Zheyuan He University of Electronic Science and Technology of China, Ting Wang Penn State University, Xiaodong Lin University of Guelph, Peng He University of Electronic Science and Technology of China, Wensheng Zhang University of Electronic Science and Technology of China, Xiaosong Zhang University of Electronic Science and Technology of China
DOI
11:40
20m
Talk
Detecting Smart Contract State-Inconsistency Bugs via Flow Divergence and Multiplex Symbolic Execution
Research Papers
Yinxi Liu Rochester Institute of Technology, Wei Meng Chinese University of Hong Kong, Yinqian Zhang Southern University of Science and Technology
DOI
12:00
20m
Talk
Smart Contract Fuzzing Towards Profitable Vulnerabilities
Research Papers
Ziqiao Kong Nanyang Technological University, Cen Zhang Nanyang Technological University, Maoyi Xie Nanyang Technological University, Ming Hu Singapore Management University, Yue Xue MetaTrust Labs, Ye Liu Singapore Management University, Haijun Wang Xi'an Jiaotong University, Yang Liu Nanyang Technological University
DOI Pre-print File Attached

Information for Participants
Tue 24 Jun 2025 10:30 - 12:20 at Vega - Blockchain and Smart Contract Chair(s): Cuiyun Gao
Info for room Vega:

Vega is close to the registration desk.

Facing the registration desk, its entrance is on the left, close to the hotel side entrance.

:
:
:
: