The paper analyzes Ethereum builder transactions to show that builder centralization is an emergent property of the Proposer-Builder Separation (PBS) architecture, driven by specific order flow and ME…

This paper analyzes the x402 payment protocol, revealing systemic vulnerabilities in state synchronization and signature design that allow attackers to exploit payment systems for resource leakage in…

This paper analyzes the x402 payment protocol, revealing critical synchronization and security flaws that allow attackers to exploit payment systems and force merchants to subsidize compute costs.

The paper introduces Deniable Covert Asset Transfer (DCAT), a method that stages asset transfers to appear as ordinary, loss-producing DeFi activities, achieving empirical unobservability on major blo…

The paper introduces Sentinel, a novel proxy-based system that achieves comprehensive, type-agnostic reentrancy protection for smart contracts by intercepting all external calls.

The paper proves that standard account-based ledgers cannot non-custodially enforce asset disposition, and introduces a novel commitment-based ledger structure, the 'envelope,' that achieves this capa…

The paper introduces MEV non-interference, a formal security notion, to ensure that composing new smart contracts in DeFi does not increase the maximal extractable value, thereby providing a formal fo…

GoAT-X introduces a novel framework that structures cross-chain smart contract auditing as a Graph of Auditing Thoughts, significantly improving the detection of complex, semantic vulnerabilities in m…

The paper proposes a trustless framework using dual-layer cryptographic commitments to solve the operator-gating problem in blockchain provenance trees, ensuring verifiable user attribution even when…

The paper introduces 'causality laundering,' a novel security vulnerability in tool-calling LLM agents where adversaries exfiltrate information by probing denied actions, and proposes the Agentic Refe…

QCIVET introduces a novel contract-based framework to ensure the integrity of hybrid quantum-classical pipelines by verifying both the structure (syntactic) and the behavior (semantic) of quantum stag…

The paper proposes replacing individual agent autonomy with a structured 'social contract' and institutional Separation of Power (SoP) to mitigate systemic failures and deceptive behavior in multi-age…

GenDetect introduces a novel framework to rapidly generalize detection rules from single observed DeFi exploits, significantly improving resilience against subsequent, similar 'Imitative Attack Cascad…

The paper introduces KindHML, an automated formal verification approach that uses Hennessy-Milner Logic and the Kind 2 model checker to verify complex temporal properties of smart contracts, detecting…

The paper introduces SCDBench, a comprehensive benchmark dataset and methodology that rigorously evaluates LLM-based smart contract decompilers, finding that while frontier models can produce compilab…

The paper introduces SCDBench, a comprehensive benchmark dataset and methodology that rigorously evaluates LLM-based smart contract decompilers, finding that while frontier LLMs can generate compilabl…

The paper provides the first machine-checked, tridirectional correctness proof of the OpenZeppelin reentrancy-guard pattern against complex, production-deployed Solidity smart contract source.

The paper analyzes and documents various double-dip reward abuse attacks that exploit flaws in how cashback and reward engines handle transaction refunds, proposing formal invariants and defensive alg…

The paper introduces LOCARD, an agentic framework that models blockchain forensics as a sequential decision-making process, demonstrating its effectiveness in complex cross-chain transaction tracing.

The paper proposes using Differentially Private (DP) synthetic data, specifically through tabular synthesis and DP-Seeded Agent-Based Modeling (ABM), to resolve the conflict between data utility and p…