调研区块链虚拟机安全

BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects

Yi X, Fang Y, Wu D, et al. BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects[C].Network and Distributed System Security (NDSS) Symposium 2023 27 February - 3 March 2023, San Diego, CA, USA.

Uncovering Smart Contract VM Bugs Via Differential Fuzzing

Maier D, Fäßler F, Seifert J P. Uncovering Smart Contract VM Bugs Via Differential Fuzzing[C]//Reversing and Offensive-oriented Trends Symposium. 2021: 11-22.

写写作业，记记笔记（maybe

学习南京大学的静态程序分析技术课程

课程主页：Static Program Analysis | Tai-e (pascal-lab.net)

共计32小时

GearBox: Optimal-size Shard Committees by Leveraging the Safety-Liveness Dichotomy

David B, Magri B, Matt C, et al. GearBox: Optimal-size Shard Committees by Leveraging the Safety-Liveness Dichotomy[C]//Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. 2022: 683-696.

记录进行区块链安全相关实践的内容

Building blocks of sharding blockchain systems: Concepts, approaches,and open problems

继Sharding_Blockchain_Consensus 之后阅读刘老师的综述文章

分片技术是打破区块链去中心化、安全性和可扩展性不可能三角的最流行的方式，分片技术可以广义的理解为将区块链中的节点动态划分为彼此之间没有细粒度同步并且执行存储、计算和通信任务的子集，子集称为分片

现有的分片区块链设计仍有很多可探索的空间，本文从此出发，对现有的分片区块链进行了系统的分析，并将它们的架构概念分解为功能组件，并推导出它们所基于的系统模型和攻击者的假设。推导出的功能组件包括：

• 节点选择、轮随机数、节点分配、片内共识、跨片交易处理、分片重配置、激励机制

对于每个功能组件，本文描述了接口、功能和性质，给出了组件如何组合成一个分片区块链系统并讨论了每个组件的后续研究方向；同样关注了潜在的安全攻击和性能问题，例如系统吞吐量和延迟

Chu H, Zhang P, Dong H, et al. A survey on smart contract vulnerabilities: Data sources, detection and repair[J]. Information and Software Technology, 2023: 107221.

发表于IST23 CCFB，介绍智能合约发展的综述文章

ConFuzzius: A Data Dependency-Aware Hybrid Fuzzer for Smart Contracts

这篇工作发表于EuroS&P21

Torres C F, Iannillo A K, Gervais A, et al. Confuzzius: A data dependency-aware hybrid fuzzer for smart contracts[C]//2021 IEEE European Symposium on Security and Privacy (EuroS&P). IEEE, 2021: 103-119.