Decentralized finance (DeFi) is a rapidly evolving blockchain technology that offers a new perspective on financial services through Web3 applications. DeFi offers developers the flexibility to create financial services using smart contracts, leading to a lack of standardized protocols and challenges in applying traditional finance models for risk assessment, especially in the early stages of adoption. The Maker protocol is a prominent DeFi platform known for its diverse functionalities, including loan services. This study focuses on analyzing the risk associated with Maker's loan portfolio by developing a risk model based on multiple Brownian motions and passage levels, with Brownian motions representing different collateral types and passage levels representing users' collateralization ratios. Through numerical experiments using artificial and real data, we evaluate the model's effectiveness in assessing risk within the loan portfolio. While our findings demonstrate the model's potential for assessing risk within a single DeFi project, it is important to acknowledge that the model's assumptions may not be fully applicable to real-world data. This research underscores the importance of developing project-specific risk assessment models for individual DeFi projects and encourages further exploration of other DeFi protocols.
{"title":"DeFi risk assessment: MakerDAO loan portfolio case","authors":"Ignat Melnikov , Irina Lebedeva , Artem Petrov , Yury Yanovich","doi":"10.1016/j.bcra.2024.100259","DOIUrl":"10.1016/j.bcra.2024.100259","url":null,"abstract":"<div><div>Decentralized finance (DeFi) is a rapidly evolving blockchain technology that offers a new perspective on financial services through Web3 applications. DeFi offers developers the flexibility to create financial services using smart contracts, leading to a lack of standardized protocols and challenges in applying traditional finance models for risk assessment, especially in the early stages of adoption. The Maker protocol is a prominent DeFi platform known for its diverse functionalities, including loan services. This study focuses on analyzing the risk associated with Maker's loan portfolio by developing a risk model based on multiple Brownian motions and passage levels, with Brownian motions representing different collateral types and passage levels representing users' collateralization ratios. Through numerical experiments using artificial and real data, we evaluate the model's effectiveness in assessing risk within the loan portfolio. While our findings demonstrate the model's potential for assessing risk within a single DeFi project, it is important to acknowledge that the model's assumptions may not be fully applicable to real-world data. This research underscores the importance of developing project-specific risk assessment models for individual DeFi projects and encourages further exploration of other DeFi protocols.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 2","pages":"Article 100259"},"PeriodicalIF":6.9,"publicationDate":"2025-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144190436","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-06-01DOI: 10.1016/j.bcra.2024.100262
Mengyan Li, Maoning Wang, Meijiao Duan
Blockchain-based digital assets have increasingly emerged in recent years, necessitating cross-chain swaps. Hash Time-Lock Contract (HTLC) is a widely used protocol for such swaps; however, simple hash time locks can allow attackers to analyze transaction paths, thereby causing privacy breaches and financial loss to users in some sensitive scenarios. To prevent payment path leakage, a privacy-preserving cyclic cross-chain protocol is proposed herein. This protocol primarily uses the Chameleon Hash (CH) protocol to obscure the correlation between users in the path, ensuring the privacy of cross-chain swaps. The protocol is divided into pre-swap, commit, and decommit phases. The pre-swap phase is firstly executed to determine the swap order. Then, users ensure atomicity via serial asset locking in the commit phase, and each receiver obtains swap assets from the corresponding sender via CH collision in the decommit phase. The security proof under the Universally Composable (UC) system demonstrates the correctness and usability of the protocol. In summary, the entire protocol ensures the atomicity and privacy of cross-chain swaps, providing a new principle and method to solve the privacy leakage problem caused by transaction path analysis.
{"title":"Atomic and privacy-preserving cyclic cross-chain protocol based on chameleon hash function","authors":"Mengyan Li, Maoning Wang, Meijiao Duan","doi":"10.1016/j.bcra.2024.100262","DOIUrl":"10.1016/j.bcra.2024.100262","url":null,"abstract":"<div><div>Blockchain-based digital assets have increasingly emerged in recent years, necessitating cross-chain swaps. Hash Time-Lock Contract (HTLC) is a widely used protocol for such swaps; however, simple hash time locks can allow attackers to analyze transaction paths, thereby causing privacy breaches and financial loss to users in some sensitive scenarios. To prevent payment path leakage, a privacy-preserving cyclic cross-chain protocol is proposed herein. This protocol primarily uses the Chameleon Hash (CH) protocol to obscure the correlation between users in the path, ensuring the privacy of cross-chain swaps. The protocol is divided into pre-swap, commit, and decommit phases. The pre-swap phase is firstly executed to determine the swap order. Then, users ensure atomicity via serial asset locking in the commit phase, and each receiver obtains swap assets from the corresponding sender via CH collision in the decommit phase. The security proof under the Universally Composable (UC) system demonstrates the correctness and usability of the protocol. In summary, the entire protocol ensures the atomicity and privacy of cross-chain swaps, providing a new principle and method to solve the privacy leakage problem caused by transaction path analysis.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 2","pages":"Article 100262"},"PeriodicalIF":6.9,"publicationDate":"2025-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144307954","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-06-01DOI: 10.1016/j.bcra.2024.100261
Yue Pei , Mengxiao Zhu , Chen Zhu , Weihu Song , Yi Sun , Lei Li , Haogang Zhu
The evolution of blockchain technology across various areas has highlighted the importance of optimizing blockchain systems' performance, especially in fluctuating network bandwidth conditions. We observe that the performance of blockchain systems exhibits variations, and the optimal parameter configuration shifts accordingly when changes in network bandwidth occur. Current methods in blockchain optimization require establishing fixed mappings between various environments and their optimal parameters. However, this process exhibits poor sample efficiency and lacks the ability for fast adaptation to novel bandwidth environments. In this paper, we propose MetaTune, a meta-Reinforcement-Learning (meta-RL)-based dynamic tuning method for blockchain systems. MetaTune can quickly adapt to unknown bandwidth changes and automatically configure optimized parameters. Through empirical evaluations of a real-world blockchain system, ChainMaker, we demonstrate that MetaTune significantly reduces the training samples needed for generalization across different bandwidth environments compared to non-adaptive methods. Our findings suggest that MetaTune offers a promising approach for efficiently optimizing blockchain systems in dynamic network environments.
{"title":"Meta reinforcement learning based dynamic tuning for blockchain systems in diverse network environments","authors":"Yue Pei , Mengxiao Zhu , Chen Zhu , Weihu Song , Yi Sun , Lei Li , Haogang Zhu","doi":"10.1016/j.bcra.2024.100261","DOIUrl":"10.1016/j.bcra.2024.100261","url":null,"abstract":"<div><div>The evolution of blockchain technology across various areas has highlighted the importance of optimizing blockchain systems' performance, especially in fluctuating network bandwidth conditions. We observe that the performance of blockchain systems exhibits variations, and the optimal parameter configuration shifts accordingly when changes in network bandwidth occur. Current methods in blockchain optimization require establishing fixed mappings between various environments and their optimal parameters. However, this process exhibits poor sample efficiency and lacks the ability for fast adaptation to novel bandwidth environments. In this paper, we propose MetaTune, a meta-Reinforcement-Learning (meta-RL)-based dynamic tuning method for blockchain systems. MetaTune can quickly adapt to unknown bandwidth changes and automatically configure optimized parameters. Through empirical evaluations of a real-world blockchain system, ChainMaker, we demonstrate that MetaTune significantly reduces the training samples needed for generalization across different bandwidth environments compared to non-adaptive methods. Our findings suggest that MetaTune offers a promising approach for efficiently optimizing blockchain systems in dynamic network environments.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 2","pages":"Article 100261"},"PeriodicalIF":6.9,"publicationDate":"2025-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144338980","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-06-01DOI: 10.1016/j.bcra.2024.100268
Kai Ma , Jintao Huang , Ningyu He , Zhuo Wang , Haoyu Wang
Non-Fungible Tokens (NFTs) drive the prosperity of the Web3 ecosystem. By May 2024, the total market value of NFT projects reached approximately $69 billion. Accompanying the success of NFTs are various security issues, i.e., attacks and scams are prevalent in the ecosystem. While NFTs have attracted significant attention from both industry and academia, there is a lack of understanding of the kinds of NFT security issues. The discovery, in-depth analysis, and systematic categorization of these security issues are of significant importance for the prosperous development of the NFT ecosystem. To fill this gap, we perform a systematic literature review related to NFT security and identify 176 incidents from 248 security reports and 35 academic papers until May 1st, 2024. Through manual analysis of the compiled security incidents, we classify them into 12 major categories. Then, we explore potential solutions and mitigation strategies. Drawing from these analyses, we establish the first NFT security reference frame. In addition, we extract the characteristics of NFT security issues, i.e., the prevalence, severity, and intractability. We highlight the gap between industry and academia for NFT security and provide further research directions for the community. This paper, as the first Systematization of Knowledge (SoK) of NFT security, systematically explores security issues within the NFT ecosystem, shedding light on their root causes, real-world attacks, and potential ways to address them. Our findings will contribute to future research on NFT security.
{"title":"SoK: On the security of non-fungible tokens","authors":"Kai Ma , Jintao Huang , Ningyu He , Zhuo Wang , Haoyu Wang","doi":"10.1016/j.bcra.2024.100268","DOIUrl":"10.1016/j.bcra.2024.100268","url":null,"abstract":"<div><div>Non-Fungible Tokens (NFTs) drive the prosperity of the Web3 ecosystem. By May 2024, the total market value of NFT projects reached approximately $69 billion. Accompanying the success of NFTs are various security issues, i.e., attacks and scams are prevalent in the ecosystem. While NFTs have attracted significant attention from both industry and academia, there is a lack of understanding of the kinds of NFT security issues. The discovery, in-depth analysis, and systematic categorization of these security issues are of significant importance for the prosperous development of the NFT ecosystem. To fill this gap, we perform a systematic literature review related to NFT security and identify 176 incidents from 248 security reports and 35 academic papers until May 1st, 2024. Through manual analysis of the compiled security incidents, we classify them into 12 major categories. Then, we explore potential solutions and mitigation strategies. Drawing from these analyses, we establish the first NFT security reference frame. In addition, we extract the characteristics of NFT security issues, i.e., the prevalence, severity, and intractability. We highlight the gap between industry and academia for NFT security and provide further research directions for the community. This paper, as the first Systematization of Knowledge (SoK) of NFT security, systematically explores security issues within the NFT ecosystem, shedding light on their root causes, real-world attacks, and potential ways to address them. Our findings will contribute to future research on NFT security.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 2","pages":"Article 100268"},"PeriodicalIF":6.9,"publicationDate":"2025-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144470084","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-06-01DOI: 10.1016/j.bcra.2024.100265
Zening Zhao , Jinsong Wang , Jiajia Wei
Public blockchain has outstanding performance in transaction privacy protection because of its anonymity. The data openness brings feasibility to transaction behavior analysis. At present, the transaction data of the public chain are huge, including complex trading objects and relationships. It is difficult to extract attributes and predict transaction behavior by traditional methods. To solve these problems, we extract transaction features to construct an Ethereum transaction heterogeneous information network (HIN) and propose a graph neural network (GNN)-based transaction prediction method for public blockchains in HINs, which can divide the network into subgraphs according to connectivity and increase the accuracy of the prediction results of transaction behavior. Experiments show that the execution time consumption of the proposed transaction subgraph division method is reduced by 70.61% on average compared with that of the search method. The accuracy of the proposed behavior prediction method also improves compared with that of the traditional random walk method, with an average accuracy of 83.82%.
{"title":"Graph neural network-based transaction link prediction method for public blockchain in heterogeneous information networks","authors":"Zening Zhao , Jinsong Wang , Jiajia Wei","doi":"10.1016/j.bcra.2024.100265","DOIUrl":"10.1016/j.bcra.2024.100265","url":null,"abstract":"<div><div>Public blockchain has outstanding performance in transaction privacy protection because of its anonymity. The data openness brings feasibility to transaction behavior analysis. At present, the transaction data of the public chain are huge, including complex trading objects and relationships. It is difficult to extract attributes and predict transaction behavior by traditional methods. To solve these problems, we extract transaction features to construct an Ethereum transaction heterogeneous information network (HIN) and propose a graph neural network (GNN)-based transaction prediction method for public blockchains in HINs, which can divide the network into subgraphs according to connectivity and increase the accuracy of the prediction results of transaction behavior. Experiments show that the execution time consumption of the proposed transaction subgraph division method is reduced by 70.61% on average compared with that of the search method. The accuracy of the proposed behavior prediction method also improves compared with that of the traditional random walk method, with an average accuracy of 83.82%.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 2","pages":"Article 100265"},"PeriodicalIF":6.9,"publicationDate":"2025-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144307967","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-05-21DOI: 10.1016/j.bcra.2025.100311
Tianqi Zhou , Kai Zhao , Wenying Zheng
Blockchain, as a rapidly developing technology nowadays, involves multi-party collaboration scenarios. However, as the number of users grows, security issues in blockchain systems also increase, driving the need for features such as collusion resistance and traceability. To meet the needs of multi-party collaboration on the blockchain, we propose a blockchain-based collusion-resistant and a traceable broadcast encryption scheme. On the one hand, the traitor tracing scheme is adopted to effectively enable accountability for malicious users. On the other hand, the SM2 public key encryption algorithm is deployed to satisfy high security requirements with relatively low computational costs. Security analysis demonstrates that the proposed scheme has the same level of security as the SM2 algorithm. Performance evaluation shows that the proposed scheme is superior to the relevant schemes and maintains functionalities such as collusion-resistant and traitor tracing.
{"title":"A blockchain-based collusion-resistant and traceable broadcast encryption scheme","authors":"Tianqi Zhou , Kai Zhao , Wenying Zheng","doi":"10.1016/j.bcra.2025.100311","DOIUrl":"10.1016/j.bcra.2025.100311","url":null,"abstract":"<div><div>Blockchain, as a rapidly developing technology nowadays, involves multi-party collaboration scenarios. However, as the number of users grows, security issues in blockchain systems also increase, driving the need for features such as collusion resistance and traceability. To meet the needs of multi-party collaboration on the blockchain, we propose a blockchain-based collusion-resistant and a traceable broadcast encryption scheme. On the one hand, the traitor tracing scheme is adopted to effectively enable accountability for malicious users. On the other hand, the SM2 public key encryption algorithm is deployed to satisfy high security requirements with relatively low computational costs. Security analysis demonstrates that the proposed scheme has the same level of security as the SM2 algorithm. Performance evaluation shows that the proposed scheme is superior to the relevant schemes and maintains functionalities such as collusion-resistant and traitor tracing.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"7 1","pages":"Article 100311"},"PeriodicalIF":5.6,"publicationDate":"2025-05-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145947937","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-05-19DOI: 10.1016/j.bcra.2025.100299
Samuel Akwasi Frimpong , Mu Han , Emmanuel Kwame Effah , Joseph Kwame Adjei , Isaac Hanson , Percy Brown
{"title":"Erratum to “A deep decentralized privacy-preservation framework for online social networks”","authors":"Samuel Akwasi Frimpong , Mu Han , Emmanuel Kwame Effah , Joseph Kwame Adjei , Isaac Hanson , Percy Brown","doi":"10.1016/j.bcra.2025.100299","DOIUrl":"10.1016/j.bcra.2025.100299","url":null,"abstract":"","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 2","pages":"Article 100299"},"PeriodicalIF":6.9,"publicationDate":"2025-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144084293","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-04-30DOI: 10.1016/j.bcra.2025.100300
Hua Wang , Jinjing Liu , Jian Zhao
Financial derivatives are widely recognized for their effectiveness in managing interest rate risk, demonstrating the principle of comparative advantage in finance. However, traditional financial derivative transactions are often complex and can expose participants to market and credit risks. To mitigate these risks, reduce transaction costs, and enhance liquidity, this paper proposes a blockchain-based matching mechanism for financial derivatives that uses smart contracts for decentralized counterparty matching and settlement. Smart contracts facilitate secure data sharing among participants, ensuring the integrity and immutability of transaction data. We design a transaction pool mechanism-based smart contracts for counterparty matching and automatic settlement of financial derivatives involving real fiat currencies and introduce an efficient peer-to-peer counterparty matching method, where the entire trading process is conducted on a decentralized blockchain, ensuring greater security and transparency. A prototype implementation based on Ethereum smart contracts validates the effectiveness of our proposed model, demonstrating its potential to streamline and secure financial derivative transactions.
{"title":"Blockchain smart contracts for decentralized matching of counterparties and automatic settlement of financial derivatives","authors":"Hua Wang , Jinjing Liu , Jian Zhao","doi":"10.1016/j.bcra.2025.100300","DOIUrl":"10.1016/j.bcra.2025.100300","url":null,"abstract":"<div><div>Financial derivatives are widely recognized for their effectiveness in managing interest rate risk, demonstrating the principle of comparative advantage in finance. However, traditional financial derivative transactions are often complex and can expose participants to market and credit risks. To mitigate these risks, reduce transaction costs, and enhance liquidity, this paper proposes a blockchain-based matching mechanism for financial derivatives that uses smart contracts for decentralized counterparty matching and settlement. Smart contracts facilitate secure data sharing among participants, ensuring the integrity and immutability of transaction data. We design a transaction pool mechanism-based smart contracts for counterparty matching and automatic settlement of financial derivatives involving real fiat currencies and introduce an efficient peer-to-peer counterparty matching method, where the entire trading process is conducted on a decentralized blockchain, ensuring greater security and transparency. A prototype implementation based on Ethereum smart contracts validates the effectiveness of our proposed model, demonstrating its potential to streamline and secure financial derivative transactions.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 4","pages":"Article 100300"},"PeriodicalIF":5.6,"publicationDate":"2025-04-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145468052","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-04-24DOI: 10.1016/j.bcra.2025.100294
Qingyuan Liu , Meng Wu , Jiachi Chen , Ting Chen , Xi Chen , Renkai Jiang , Yuqiao Yang , Zhangyan Lin , Yuanyao Cheng
With the rapid expansion of blockchain applications, smart contracts are becoming increasingly complex, making the automated detection of contract vulnerabilities more critical than ever. Large language models, due to their advanced code comprehensive ability, are considered to have the potential to undertake the task of automated software vulnerability discovery. Although there have been empirical studies on ChatGPT's automated discovery of contract vulnerabilities, the current empirical research has not addressed how well ChatGPT can detect logical vulnerabilities in smart contracts or whether ChatGPT's detection performance for logical vulnerabilities can be improved. To fill this gap, this study collected and organized seven types of logical vulnerability source codes from 6165 real smart contract audit reports and three datasets, such as Web3Bugs, and used this database to validate ChatGPT's detection capability for logical vulnerabilities. To improve ChatGPT's accuracy in detecting logical vulnerabilities, we fine-tuned ChatGPT with a dataset marked with a specific method, achieving an average accuracy rate of 95% for single vulnerability detection per training session. We improved the original marking method to increase further the number of vulnerabilities that a single model can detect. We used a specific completion marking format, ultimately enabling ChatGPT to detect various logical vulnerabilities. In terms of enhancing model scalability, we found a special training set marking method that allows for the addition of detectable vulnerability types through secondary training.
{"title":"Exploring the potential of ChatGPT in detecting logical vulnerabilities in smart contracts","authors":"Qingyuan Liu , Meng Wu , Jiachi Chen , Ting Chen , Xi Chen , Renkai Jiang , Yuqiao Yang , Zhangyan Lin , Yuanyao Cheng","doi":"10.1016/j.bcra.2025.100294","DOIUrl":"10.1016/j.bcra.2025.100294","url":null,"abstract":"<div><div>With the rapid expansion of blockchain applications, smart contracts are becoming increasingly complex, making the automated detection of contract vulnerabilities more critical than ever. Large language models, due to their advanced code comprehensive ability, are considered to have the potential to undertake the task of automated software vulnerability discovery. Although there have been empirical studies on ChatGPT's automated discovery of contract vulnerabilities, the current empirical research has not addressed how well ChatGPT can detect logical vulnerabilities in smart contracts or whether ChatGPT's detection performance for logical vulnerabilities can be improved. To fill this gap, this study collected and organized seven types of logical vulnerability source codes from 6165 real smart contract audit reports and three datasets, such as Web3Bugs, and used this database to validate ChatGPT's detection capability for logical vulnerabilities. To improve ChatGPT's accuracy in detecting logical vulnerabilities, we fine-tuned ChatGPT with a dataset marked with a specific method, achieving an average accuracy rate of 95% for single vulnerability detection per training session. We improved the original marking method to increase further the number of vulnerabilities that a single model can detect. We used a specific completion marking format, ultimately enabling ChatGPT to detect various logical vulnerabilities. In terms of enhancing model scalability, we found a special training set marking method that allows for the addition of detectable vulnerability types through secondary training.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 4","pages":"Article 100294"},"PeriodicalIF":5.6,"publicationDate":"2025-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145371140","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-04-11DOI: 10.1016/j.bcra.2025.100290
Muhammad Hasnain , Imran Ghani , David Smith , Ali Daud , Seung Ryul Jeong
Blockchain is a disruptive technology that has attracted considerable attention from scholars. The blockchain underlies cryptocurrencies and has rapidly expanded to other areas, including financial transactions and social media networks. However, concerns regarding the information security of social media users still exist regarding blockchain technology. The literature on blockchain online social media (BOSM) networks is growing rapidly because of their critical role in securing users’ information privacy and security. Cybersecurity remains a challenge faced by users on social media networks. Since the publication of BOSM, blockchain has become a widely discussed method for users’ information security. This comprehensive review identifies peer-reviewed articles on BOSM that underpin smart contracts, social media challenges, and research gaps. In this work, Kitchenham’s review guidelines are followed to conduct an in-depth review of the use of blockchain technology in the social media network literature published between January 2016 and March 2024, which reveals a significant increase in publications over the last eight years. A search of major academic databases, including Springer, ScienceDirect, ACM, IEEE Xplore, World Scientific, Taylor & Francis, and Wiley Online, yielded a final pool of 158 articles. The findings of the review indicate key insights concerning the techniques and applications of blockchain technology and challenges for the public via social media networks such as Twitter, Facebook, and Google+. This paper identifies important challenges such as deploying smart contracts, user information privacy, a lack of platform support, users’ reactions to blockchain technology, privacy protection and compensation, security system validation, online disinformation, scalability, and miscellaneous challenges to blockchain technology. Additionally, this review suggests several future research directions to improve the role of blockchain technology in overcoming the challenges of privacy, security, reliability, scalability, and trust in the area of social media networks.
b区块链是一项颠覆性技术,引起了学者们的广泛关注。bbb100是加密货币的基础,并迅速扩展到其他领域,包括金融交易和社交媒体网络。然而,关于区块链技术的社交媒体用户的信息安全问题仍然存在。关于b区块链在线社交媒体(BOSM)网络的文献正在迅速增长,因为它们在保护用户信息隐私和安全方面发挥着关键作用。网络安全仍然是社交媒体网络用户面临的一个挑战。自BOSM发布以来,区块链已成为一种被广泛讨论的用户信息安全方法。这项全面的审查确定了关于BOSM的同行评议文章,这些文章支撑了智能合约、社交媒体挑战和研究空白。在这项工作中,遵循Kitchenham的审查指南,对2016年1月至2024年3月期间发表的社交媒体网络文献中区块链技术的使用进行了深入审查,结果显示,在过去八年中,出版物显著增加。搜索主要学术数据库,包括b施普林格,ScienceDirect, ACM, IEEE explore, World Scientific, Taylor &;弗朗西斯和威利在线最终得出了158篇文章。审查的结果表明了有关区块链技术和应用的关键见解,以及通过Twitter、Facebook和谷歌+等社交媒体网络为公众带来的挑战。本文确定了重要的挑战,如部署智能合约、用户信息隐私、缺乏平台支持、用户对区块链技术的反应、隐私保护和补偿、安全系统验证、在线虚假信息、可扩展性和区块链技术的各种挑战。此外,本文提出了几个未来的研究方向,以提高区块链技术在克服社交媒体网络领域的隐私、安全、可靠性、可扩展性和信任方面的挑战。
{"title":"Cybersecurity challenges in blockchain-based social media networks: A comprehensive review","authors":"Muhammad Hasnain , Imran Ghani , David Smith , Ali Daud , Seung Ryul Jeong","doi":"10.1016/j.bcra.2025.100290","DOIUrl":"10.1016/j.bcra.2025.100290","url":null,"abstract":"<div><div>Blockchain is a disruptive technology that has attracted considerable attention from scholars. The blockchain underlies cryptocurrencies and has rapidly expanded to other areas, including financial transactions and social media networks. However, concerns regarding the information security of social media users still exist regarding blockchain technology. The literature on blockchain online social media (BOSM) networks is growing rapidly because of their critical role in securing users’ information privacy and security. Cybersecurity remains a challenge faced by users on social media networks. Since the publication of BOSM, blockchain has become a widely discussed method for users’ information security. This comprehensive review identifies peer-reviewed articles on BOSM that underpin smart contracts, social media challenges, and research gaps. In this work, Kitchenham’s review guidelines are followed to conduct an in-depth review of the use of blockchain technology in the social media network literature published between January 2016 and March 2024, which reveals a significant increase in publications over the last eight years. A search of major academic databases, including Springer, ScienceDirect, ACM, IEEE Xplore, World Scientific, Taylor & Francis, and Wiley Online, yielded a final pool of 158 articles. The findings of the review indicate key insights concerning the techniques and applications of blockchain technology and challenges for the public via social media networks such as Twitter, Facebook, and Google+. This paper identifies important challenges such as deploying smart contracts, user information privacy, a lack of platform support, users’ reactions to blockchain technology, privacy protection and compensation, security system validation, online disinformation, scalability, and miscellaneous challenges to blockchain technology. Additionally, this review suggests several future research directions to improve the role of blockchain technology in overcoming the challenges of privacy, security, reliability, scalability, and trust in the area of social media networks.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 3","pages":"Article 100290"},"PeriodicalIF":5.6,"publicationDate":"2025-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144723096","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号