- The victim contract is defined in
rbvictim/rbvictim.cpp - The attacker contract is defined in
rbattacker/rbattacker.cpp
EVulHunter 2019
- Fake EOS Transfer
- Fake EOS Notice
EOSFuzzer 2020 & WANA 2020 & EOSIOAnalyzer 2022
- Fake EOS Transfer
- Forged Transfer Notification
- Block Information Dependency
EOSafe 2021
- Fake EOS
- Fake Receipt
- Rollback
- Missing Permission Check
WASAI 2022
- Fake EOS
- Fake Notification
- Missing Authorization Verification
- Blockinfo Dependency
- Rollback
Sort by Latest
EOSIOAnalyzer: An Effective Static Analysis Vulnerability Detection Framework for EOSIO Smart Contracts
-
Authors: Wenyuan Li; Jiahao He; Gansen Zhao; Jinji Yang; Shuangyin Li; Ruilin Lai; Ping Li; Hua Tang; Haoyu Luo; Ziheng Zhou (South China Normal University; Key Lab on Cloud Security and Assessment technology of Guangzhou; WeBank Co., Ltd; VeChain Foundation)
-
Year: 2022 Jul.
-
Source: 2022 IEEE 46th Annual Computers, Software, and Applications Conference (COMPSAC)
- Authors:
- Weimin Chen, The Hong Kong Polytechnic University;
- Zihan Sun, Beijing University of Posts and Telecommunications;
- Haoyu Wang, Huazhong University of Science and Technology;
- Xiapu Luo, The Hong Kong Polytechnic University;
- Haipeng Cai, Washington State University;
- Lei Wu, Zhejiang University.
- Year: 2022 Jul.
- Source: ISSTA 2022
- Link: https://dl.acm.org/doi/abs/10.1145/3533767.3534218
- Authors:
- Ningyu He, Key Lab on HCST (MOE), Peking University;
- Ruiyi Zhang, PeckShield, Inc.;
- Haoyu Wang, Beijing University of Posts and Telecommunications;
- Lei Wu, Zhejiang University;
- Xiapu Luo, The Hong Kong Polytechnic University;
- Yao Guo, Key Lab on HCST (MOE), Peking University;
- Ting Yu, Qatar Computing Research Institute;
- Xuxian Jiang, PeckShield, Inc.
- Year: 2021 Aug.
- Source: USENIX Security Symposium
- Link: https://www.usenix.org/conference/usenixsecurity21/presentation/he-ningyu
- Authors:
- Yuhe Huang, Beihang University;
- Bo Jiang, Beihang University;
- W. K. Chan, City University of Hong Kong.
- Year: 2020 Nov.
- Source: Internetware '20: Proceedings of the 12th Asia-Pacific Symposium on Internetware
- Link: https://dl.acm.org/doi/10.1145/3457913.3457920
- Authors:
- Dong Wang, Beihang University;
- Bo Jiang, Beihang University;
- W.K. Chan, City University of Hong Kong.
- Year: 2020 Aug.
- Source: arXiv
- Link: https://arxiv.org/abs/2007.15510
EVulHunter: Detecting Fake Transfer Vulnerabilities for EOSIO's Smart Contracts at Webassembly-level
-
Authors:
- Lijin Quan, Beijing University of Posts and Telecommunications;
- Lei Wu, PeckShield, Inc.;
- Haoyu Wang, Beijing University of Posts and Telecommunications.
-
Year: 2019 Jun.
-
Source: arXiv
Sort by Latest
-
Authors:
- Ningyu He, Peking University;
- Haoyu Wang, Huazhong University of Science and Technology;
- Lei Wu, Zhejiang University;
- Xiapu Luo, The Hong Kong Polytechnic University;
- Yao Guo, Peking University;
- Xiangqun Chen, Peking University.
-
Year: 2022 Jul.
-
Source: arXiv
-
Authors:
- Yuheng Huang, Beijing University of Posts and Telecommunications;
- Haoyu Wang, Beijing University of Posts and Telecommunications;
- Lei Wu, Zhejiang University;
- Gareth Tyson, Queen Mary University of London;
- Xiapu Luo, The Hong Kong Polytechnic University;
- Run Zhang, Beijing University of Posts and Telecommunications;
- Xuanzhe Liu, Peking University;
- Gang Huang, Peking University;
- Xuxian Jiang, PeckShield, Inc.
-
Year: 2020 Jun.
-
Source: Proceedings of the ACM on Measurement and Analysis of Computing Systems, Volume 4, Issue 2
- Authors: Sangsup Lee, Daejun Kim, Dongkwan Kim, Sooel Son, and Yongdae Kim, Korea Advanced Institute of Science and Technology (KAIST)
- Year: 2019 Aug.
- Source: WOOT'19: Proceedings of the 13th USENIX Conference on Offensive Technologies
- Link: https://www.usenix.org/conference/woot19/presentation/lee