Research
Standards & Guidelines
Resources that empower the blockchain community to build secure processes and give guidance on best practices.
Project Name | Author(s) | Venue | Type | Date |
---|---|---|---|---|
Token Interaction Checklist | Shayan Eskandari | Diligence Blog | Guideline | 2020 |
Ethereum Smart Contract Security Best Practices | Diligence Team | Diligence Blog | Guideline | 2020 |
EIP-1963 - Mandatory 'Security Considerations' for EIPs | Martin Ortner | EIP | Standard | 2019 |
Academic Publications
Our members actively participate in academic discourse pushing forward to progress blockchain research.
Project Name | Author(s) | Venue | Type | Date |
---|---|---|---|---|
Inductive Predicate Synthesis Modulo Programs | Scott Wesley, Maria Christakis, Jorge A. Navas, Richard Trefler, Valentin Wüstholz, Arie Gurfinkel | ECOOP 2024 | Paper | 2024 |
Automatically Testing Functional Properties of Code Translation Models | Hasan Ferit Eniser, Valentin Wüstholz, Maria Christakis | AAAI 2024 | Paper | 2024 |
Specifying and Testing k-Safety Properties for Machine-Learning Models | Maria Christakis, Hasan Ferit Eniser, Jörg Hoffmann, Adish Singla, Valentin Wüstholz | IJCAI 2023 | Paper | 2023 |
Green Fuzzer Benchmarking | Jiradet Ounjai, Valentin Wüstholz, Maria Christakis | ISSTA 2023 | Paper | 2023 |
Dependency-Aware Metamorphic Testing of Datalog Engines | Muhammad Numair Mansur, Valentin Wüstholz, Maria Christakis | ISSTA 2023 | Paper | 2023 |
Metamorphic Relations via Relaxations: An Approach to Obtain Oracles for Action-Policy Testing | Hasan Ferit Eniser, Timo P. Gros, Valentin Wüstholz, Jörg Hoffmann, Maria Christakis | ISSTA 2022 | Paper | 2022 |
Debugging a Policy: Automatic Action-Policy Testing in AI Planning | Marcel Steinmetz, Daniel Fiser, Hasan Ferit Eniser, Patrick Ferber, Timo P. Gros, Philippe Heim, Daniel Höller, Xandra Schuler, Valentin Wüstholz, Maria Christakis, Jörg Hoffmann | ICAPS 2022 | Paper | 2022 |
Verifying Solidity Smart Contracts Via Communication Abstraction in SmartACE | Scott Wesley, Maria Christakis, Jorge A. Navas, Richard Trefler, Valentin Wüstholz, Arie Gurfinkel | VMCAI 2022 | Paper | 2022 |
Compositional Verification of Smart Contracts Through Communication Abstraction | Scott Wesley, Maria Christakis, Jorge A. Navas, Richard Trefler, Valentin Wüstholz, Arie Gurfinkel | SAS 2021 | Paper | 2021 |
SoK: Oracles from the Ground Truth to Market Manipulation | Shayan Eskandari et al. | ACM AFT'21 | Paper | 2021 |
Metamorphic Testing of Datalog Engines | Muhammad Numair Mansur, Maria Christakis and Valentin Wüstholz | ESEC/FSE 2021 | Paper | 2021 |
Estimating Residual Risk in Greybox Fuzzing | Marcel Böhme, Danushka Liyanage, and Valentin Wüstholz | ESEC/FSE 2021 | Paper | 2021 |
Automatically Tailoring Abstract Interpretation to Custom Usage Scenarios | Muhammad Numair Mansur, Benjamin Mariano, Maria Christakis, Jorge A. Navas and Valentin Wüstholz | CAV 2021 | Paper | 2021 |
Automated Safety Verification of Programs Invoking Neural Networks | Maria Christakis, Hasan Ferit Eniser, Holger Hermanns, Jörg Hoffmann, Yugesh Kothari, Jianlin Li, Jorge A. Navas and Valentin Wüstholz | CAV 2021 | Paper | 2021 |
Perfectly parallel fairness certification of neural networks | Caterina Urban, Maria Christakis, Valentin Wüstholz, Fuyuan Zhang | OOPSLA 2020 | Paper | 2020 |
Detecting critical bugs in SMT solvers using blackbox mutational fuzzing | Muhammad Numair Mansur, Maria Christakis, Valentin Wüstholz, Fuyuan Zhang | ESEC/FSE 2020 | Paper | 2020 |
Harvey: a greybox fuzzer for smart contracts | Valentin Wüstholz, Maria Christakis | ESEC/FSE 2020 | Paper | 2020 |
Targeted greybox fuzzing with static lookahead analysis | Valentin Wüstholz, Maria Christakis | ICSE 2020 | Paper | 2020 |
Practical Mutation Testing for Smart Contracts | Joran Honig et al. | CBT'19 | Paper | 2019 |
Differentially testing soundness and precision of program analyzers | Christian Klinger, Maria Christakis, Valentin Wüstholz | ISSTA 2019 | Paper | 2019 |
HARVEY: A Greybox Fuzzer for Smart Contracts | Valentin Wüstholz, Maria Christakis | Paper | 2019 | |
Semantic Fault Localization and Suspiciousness Ranking | Maria Christakis, Matthias Heizmann, Muhammad Numair Mansur, Christian Schilling, Valentin Wüstholz | TACAS 2019 | Paper | 2019 |
SoK: Transparent Dishonesty: front-running attacks on Blockchain | Shayan Eskandari et al. | Workshop on Trusted Smart Contracts @ Financial Cryptography 19 | Paper | 2019 |
Smashing Ethereum Smart Contracts for Fun and Real Profit | Bernhard Mueller | HITB Security Conference | Paper | 2018 |
A first look at browser-based Cryptojacking | Shayan Eskandari et al. | Security & Privacy on the Blockchain (affiliated with Euro S&P) | Paper | 2018 |
On the feasibility of decentralized derivatives markets | Shayan Eskandari et al. | FC 2017: Financial Cryptography and Data Security | Paper | 2017 |
Real-world Deployability and Usability of Bitcoin | Shayan Eskandari | Concordia University - MASc Thesis | Paper | 2016 |
A first look at the usability of bitcoin key management | Shayan Eskandari et al. | USEC 15 NDSS Workshop on Usable Security (USEC) | Paper | 2015 |
Talks & Workshops
We educate 🎓, publish research, and join public discussion to spearhead blockchain security awareness.
Vulnerability Disclosure
Responsible disclosure of 0-day vulnerabilities is one way we show our gratitude to all the beautiful ❤️ open-source projects.