The advent of Industry 4.0 has compelled businesses to adopt digital approaches that combine software toenhance production efficiency. In this rapidly evolving market, software development is an ongoing process thatmu...The advent of Industry 4.0 has compelled businesses to adopt digital approaches that combine software toenhance production efficiency. In this rapidly evolving market, software development is an ongoing process thatmust be tailored to meet the dynamic needs of enterprises. However, internal research and development can beprohibitively expensive, driving many enterprises to outsource software development and upgrades to externalservice providers. This paper presents a software upgrade outsourcing model for enterprises and service providersthat accounts for the impact of market fluctuations on software adaptability. To mitigate the risk of adverseselection due to asymmetric information about the service provider’s cost and asymmetric information aboutthe enterprise’s revenues, we propose pay-per-time and revenue-sharing contracts in two distinct informationasymmetry scenarios. These two contracts specify the time and transfer payments for software upgrades. Througha comparative analysis of the optimal solutions under the two contracts and centralized decision-making withfull-information, we examine the characteristics of the solutions under two information asymmetry scenarios andanalyze the incentive effects of the two contracts on the various stakeholders. Overall, our study offers valuableinsights for firms seeking to optimize their outsourcing strategies and maximize their returns on investment insoftware upgrades.展开更多
Smart contracts on the Ethereum blockchain continue to revolutionize decentralized applications (dApps) by allowing for self-executing agreements. However, bad actors have continuously found ways to exploit smart cont...Smart contracts on the Ethereum blockchain continue to revolutionize decentralized applications (dApps) by allowing for self-executing agreements. However, bad actors have continuously found ways to exploit smart contracts for personal financial gain, which undermines the integrity of the Ethereum blockchain. This paper proposes a computer program called SADA (Static and Dynamic Analyzer), a novel approach to smart contract vulnerability detection using multiple Large Language Model (LLM) agents to analyze and flag suspicious Solidity code for Ethereum smart contracts. SADA not only improves upon existing vulnerability detection methods but also paves the way for more secure smart contract development practices in the rapidly evolving blockchain ecosystem.展开更多
Attribute-Based Signature(ABS)is a powerful cryptographic primitive that enables fine-grained access control in distributed systems.However,its high computational cost makes it unsuitable for resource-constrained envi...Attribute-Based Signature(ABS)is a powerful cryptographic primitive that enables fine-grained access control in distributed systems.However,its high computational cost makes it unsuitable for resource-constrained environments,and traditional monotonic access structures are inadequate for handling increasingly complex access policies.In this paper,we propose a novel smart contract-assisted ABS(SC-ABS)algorithm that supports nonmonotonic access structures,aiming to reduce client computing overhead while providingmore expressive and flexible access control.The SC-ABS scheme extends the monotonic access structure by introducing the concept of negative attributes,allowing for more complex and dynamic access policies.By utilizing smart contracts,the algorithmsupports distributed trusted assisted computation,and the computation code is transparent and auditable.Importantly,this design allows information about user attributes to be deployed on smart contracts for computation,both reducing the risk of privacy abuse by semi-honest servers and preventing malicious users from attribute concealment to forge signatures.We prove that SC-ABS satisfies unforgeability and anonymity under a random oracle model,and test the scheme’s cost.Comparedwith existing schemes,this scheme has higher efficiency in client signature and authentication.This scheme reduces the computing burden of users,and the design of smart contracts improves the security of aided computing further,solves the problem of attribute concealment,and expresses a more flexible access structure.The solution enables permission control applications in resource-constrained distributed scenarios,such as the Internet of Things(IoT)and distributed version control systems,where data security and flexible access control are critical.展开更多
This article explores the characteristics of data resources from the perspective of production factors,analyzes the demand for trustworthy circulation technology,designs a fusion architecture and related solutions,inc...This article explores the characteristics of data resources from the perspective of production factors,analyzes the demand for trustworthy circulation technology,designs a fusion architecture and related solutions,including multi-party data intersection calculation,distributed machine learning,etc.It also compares performance differences,conducts formal verification,points out the value and limitations of architecture innovation,and looks forward to future opportunities.展开更多
Smart contracts are self-executing programs on blockchains that manage complex business logic with transparency and integrity.However,their immutability after deployment makes programming errors particularly critical,...Smart contracts are self-executing programs on blockchains that manage complex business logic with transparency and integrity.However,their immutability after deployment makes programming errors particularly critical,as such errors can be exploited to compromise blockchain security.Existing vulnerability detection methods often rely on fixed rules or target specific vulnerabilities,limiting their scalability and adaptability to diverse smart contract scenarios.Furthermore,natural language processing approaches for source code analysis frequently fail to capture program flow,which is essential for identifying structural vulnerabilities.To address these limitations,we propose a novel model that integrates textual and structural information for smart contract vulnerability detection.Our approach employs the CodeBERT NLP model for textual analysis,augmented with structural insights derived from control flow graphs created using the abstract syntax tree and opcode of smart contracts.Each graph node is embedded using Sent2Vec,and centrality analysis is applied to highlight critical paths and nodes within the code.The extracted features are normalized and combined into a prompt for a large language model to detect vulnerabilities effectivel.Experimental results demonstrate the superiority of our model,achieving an accuracy of 86.70%,a recall of 84.87%,a precision of 85.24%,and an F1-score of 84.46%.These outcomes surpass existing methods,including CodeBERT alone(accuracy:81.26%,F1-score:79.84%)and CodeBERT combined with abstract syntax tree analysis(accuracy:83.48%,F1-score:79.65%).The findings underscore the effectiveness of incorporating graph structural information alongside text-based analysis,offering improved scalability and performance in detecting diverse vulnerabilities.展开更多
Smart contracts are widely used on the blockchain to implement complex transactions,such as decentralized applications on Ethereum.Effective vulnerability detection of large-scale smart contracts is critical,as attack...Smart contracts are widely used on the blockchain to implement complex transactions,such as decentralized applications on Ethereum.Effective vulnerability detection of large-scale smart contracts is critical,as attacks on smart contracts often cause huge economic losses.Since it is difficult to repair and update smart contracts,it is necessary to find the vulnerabilities before they are deployed.However,code analysis,which requires traversal paths,and learning methods,which require many features to be trained,are too time-consuming to detect large-scale on-chain contracts.Learning-based methods will obtain detection models from a feature space compared to code analysis methods such as symbol execution.But the existing features lack the interpretability of the detection results and training model,even worse,the large-scale feature space also affects the efficiency of detection.This paper focuses on improving the detection efficiency by reducing the dimension of the features,combined with expert knowledge.In this paper,a feature extraction model Block-gram is proposed to form low-dimensional knowledge-based features from bytecode.First,the metadata is separated and the runtime code is converted into a sequence of opcodes,which are divided into segments based on some instructions(jumps,etc.).Then,scalable Block-gram features,including 4-dimensional block features and 8-dimensional attribute features,are mined for the learning-based model training.Finally,feature contributions are calculated from SHAP values to measure the relationship between our features and the results of the detection model.In addition,six types of vulnerability labels are made on a dataset containing 33,885 contracts,and these knowledge-based features are evaluated using seven state-of-the-art learning algorithms,which show that the average detection latency speeds up 25×to 650×,compared with the features extracted by N-gram,and also can enhance the interpretability of the detection model.展开更多
The wide application of smart contracts allows industry companies to implement some complex distributed collaborative businesses,which involve the calculation of complex functions,such as matrix operations.However,com...The wide application of smart contracts allows industry companies to implement some complex distributed collaborative businesses,which involve the calculation of complex functions,such as matrix operations.However,complex functions such as matrix operations are difficult to implement on Ethereum Virtual Machine(EVM)-based smart contract platforms due to their distributed security environment limitations.Existing off-chain methods often result in a significant reduction in contract execution efficiency,thus a platform software development kit interface implementation method has become a feasible way to reduce overheads,but this method cannot verify operation correctness and may leak sensitive user data.To solve the above problems,we propose a verifiable EVM-based smart contract cross-language implementation scheme for complex operations,especially matrix operations,which can guarantee operation correctness and user privacy while ensuring computational efficiency.In this scheme,a verifiable interaction process is designed to verify the computation process and results,and a matrix blinding technology is introduced to protect sensitive user data in the calculation process.The security analysis and performance tests show that the proposed scheme can satisfy the correctness and privacy of the cross-language implementation of smart contracts at a small additional efficiency cost.展开更多
With the rapid proliferation of Internet ofThings(IoT)devices,ensuring their communication security has become increasingly important.Blockchain and smart contract technologies,with their decentralized nature,provide ...With the rapid proliferation of Internet ofThings(IoT)devices,ensuring their communication security has become increasingly important.Blockchain and smart contract technologies,with their decentralized nature,provide strong security guarantees for IoT.However,at the same time,smart contracts themselves face numerous security challenges,among which reentrancy vulnerabilities are particularly prominent.Existing detection tools for reentrancy vulnerabilities often suffer from high false positive and false negative rates due to their reliance on identifying patterns related to specific transfer functions.To address these limitations,this paper proposes a novel detection method that combines pattern matching with deep learning.Specifically,we carefully identify and define three common patterns of reentrancy vulnerabilities in smart contracts.Then,we extract key vulnerability features based on these patterns.Furthermore,we employ a Graph Attention Neural Network to extract graph embedding features from the contract graph,capturing the complex relationships between different components of the contract.Finally,we use an attention mechanism to fuse these two sets of feature information,enhancing the weights of effective information and suppressing irrelevant information,thereby significantly improving the accuracy and robustness of vulnerability detection.Experimental results demonstrate that our proposed method outperforms existing state-ofthe-art techniques,achieving a 3.88%improvement in accuracy compared to the latest vulnerability detection model AME(Attentive Multi-Encoder Network).This indicates that our method effectively reduces false positives and false negatives,significantly enhancing the security and reliability of smart contracts in the evolving IoT ecosystem.展开更多
With the widespread use of blockchain technology for smart contracts and decentralized applications on the Ethereum platform, the blockchain has become a cornerstone of trust in the modern financial system. However, i...With the widespread use of blockchain technology for smart contracts and decentralized applications on the Ethereum platform, the blockchain has become a cornerstone of trust in the modern financial system. However, its anonymity has provided new ways for Ponzi schemes to commit fraud, posing significant risks to investors. Current research still has some limitations, for example, Ponzi schemes are difficult to detect in the early stages of smart contract deployment, and data imbalance is not considered. In addition, there is room for improving the detection accuracy. To address the above issues, this paper proposes LT-SPSD (LSTM-Transformer smart Ponzi schemes detection), which is a Ponzi scheme detection method that combines Long Short-Term Memory (LSTM) and Transformer considering the time-series transaction information of smart contracts as well as the global information. Based on the verified smart contract addresses, account features, and code features are extracted to construct a feature dataset, and the SMOTE-Tomek algorithm is used to deal with the imbalanced data classification problem. By comparing our method with the other four typical detection methods in the experiment, the LT-SPSD method shows significant performance improvement in precision, recall, and F1-score. The results of the experiment confirm the efficacy of the model, which has some application value in Ethereum Ponzi scheme smart contract detection.展开更多
In 2021,Cempaka,a tiny tropical cyclone,made landfall in China.As the TC intensified prior to landfall,the tropical cyclone size measured with precipitation decreased significantly.A numerical simulation was conducted...In 2021,Cempaka,a tiny tropical cyclone,made landfall in China.As the TC intensified prior to landfall,the tropical cyclone size measured with precipitation decreased significantly.A numerical simulation was conducted to examine the possible processes modulating the storm size.Azimuthally mean potential vorticity(PV)was found to decrease mainly in the middle to upper troposphere between 50-and 80-km radii.The PV budget results indicate that the advection and generation of mean PV associated with asymmetric processes,rather than the symmetric processes,primarily contributed to the decrease in mean PV.These asymmetric processes leading to a negative PV tendency were likely associated with inactive outer rainbands.In contrast,the tangential winds simultaneously expanded radially outward,possibly related to inner-core diabatic heating.The findings here emphasize the importance of outer rainband activity in tropical cyclone size change.展开更多
In this study,we explore some of the best proximity point results for generalized proximal contractions in the setting of double-controlled metric-type spaces.A non-trivial example is given to elucidate our analysis,a...In this study,we explore some of the best proximity point results for generalized proximal contractions in the setting of double-controlled metric-type spaces.A non-trivial example is given to elucidate our analysis,and some novel results are derived.The discovered results generalize previously known results in the context of a double controlled metric type space environment.This article’s proximity point results are the first of their kind in the realm of controlled metric spaces.To build on the results achieved in this article,we present an application demonstrating the usability of the given results.展开更多
AIM:To evaluate the efficacy and safety of combining posterior scleral contraction(PSC)with intravitreal perfluoropropane(C_(3)F_(8))injection in high myopia with macular hole retinal detachment(MHRD).METHODS:A total ...AIM:To evaluate the efficacy and safety of combining posterior scleral contraction(PSC)with intravitreal perfluoropropane(C_(3)F_(8))injection in high myopia with macular hole retinal detachment(MHRD).METHODS:A total of 22 participants(22 eyes)with high myopia[axial length(AL)≥26.5 mm]and MHRD who underwent PSC combined with intravitreal C_(3)F_(8)injection,with at least 6mo of follow-up were retrospectively recruited.Outcome measures included best-corrected visual acuity(BCVA),AL,optical coherence tomography(OCT)findings,and adverse events.Retinal recovery was categorized as type Ⅰ(macular hole bridging with retinal reattachment)or type Ⅱ(reattachment without hole bridging).RESULTS:The mean age of participants was 62.1±8.8y and mean follow-up duration was 9.18±4.21mo.Complete retinal reattachment was observed in 11 eyes(50%)at postoperative day 1,19 eyes(86.3%)at week 1,and all 22 eyes at month 1.Ten eyes(45.5%)achieved type Ⅰ recovery and 12 eyes(54.5%)achieved type Ⅱ.Mean BCVA improved from 1.68±0.84 logMAR before surgery to 1.21±0.65 logMAR after surgery(P<0.001),and AL was significantly reduced compared to baseline(29.07±2.05 vs 30.8±2.2 mm;P<0.001).No serious complications were reported.CONCLUSION:PSC combined with intravitreal C_(3)F_(8)injection is a safe and effective treatment for MHRD in highly myopic eyes,especially for retinal detachment limited within the vascular arcade.展开更多
In this manuscript,the notion of a hesitant fuzzy soft fixed point is introduced.Using this notion and the concept of Suzuki-type(μ,ν)-weak contraction for hesitant fuzzy soft set valued-mapping,some fixed point res...In this manuscript,the notion of a hesitant fuzzy soft fixed point is introduced.Using this notion and the concept of Suzuki-type(μ,ν)-weak contraction for hesitant fuzzy soft set valued-mapping,some fixed point results are established in the framework of metric spaces.Based on the presented work,some examples reflecting decision-making problems related to real life are also solved.The suggested method’s flexibility and efficacy compared to conventional techniques are demonstrated in decision-making situations involving uncertainty,such as choosing the best options in multi-criteria settings.We noted that the presented work combines and generalizes two major concepts,the idea of soft sets and hesitant fuzzy set-valued mapping from the existing literature.展开更多
In this paper, the asymmetric laminar flow in a porous channel with expanding or contracting walls is investigated. The governing equations are reduced to ordinary ones by using suitable similar transformations. Homot...In this paper, the asymmetric laminar flow in a porous channel with expanding or contracting walls is investigated. The governing equations are reduced to ordinary ones by using suitable similar transformations. Homotopy analysis method (HAM) is employed to obtain the expres- sions for velocity fields. Graphs are sketched for values of parameters and associated dynamic characteristics, especially the expansion ratio, are analyzed in detail.展开更多
Energy Performance Contracting was introduced into China in the mid 1990s. Since western energy service companies came to China, their management pattern has undergone major changes. Why did such changes occur? Mainly...Energy Performance Contracting was introduced into China in the mid 1990s. Since western energy service companies came to China, their management pattern has undergone major changes. Why did such changes occur? Mainly because these companies encountered two difficulties in China: tax and financing.展开更多
Objective Patients with repaired tetralogy of Fallot(rTOF)account for the majority of cases with late onset right ventricle(RV)failure.The current surgical approach,including pulmonary valve replacement/insertion(PVR)...Objective Patients with repaired tetralogy of Fallot(rTOF)account for the majority of cases with late onset right ventricle(RV)failure.The current surgical approach,including pulmonary valve replacement/insertion(PVR),has yielded mixed results with some patients recover RV function and some do not.An innovative surgical approach was proposed to help ventricle to contract and improve RV function qualified by ejection fraction with one or more active contracting bands.Computational biomechanical modelling is a widely used method in cardiovascular study for investigation of mechanisms governing disease development,quantitative diagnostic and treatment strategies and improving surgical designs for better outcome.Muscle active contraction caused by zero-load sarcomere shortening leads to change of zero-load configurations.In lieu of experimenting using real surgery on animal or human,computational simulations(virtual surgery)were performed to test different band combination and insertion options to identify optimal surgery design and band insertion plan.Methods Cardiac magnetic resonance(CMR)data were obtained from one rTOF patient(sex:male,age:22.5 y)before pulmonary valve replacement surgery.The patient was suffering from RV dilation and dysfunction with RV end-systole volume 254.49ml and end-diastole volume 406.91 mL.A total of 15 computational RV/LV/Patch/Band combination models based on(CMR)imaging were constructed to investigate the influence of different band insertion surgery plans.These models included 5 different band insertion models combined and 3 different band contraction ratio(10%,15%and 20%band zero-stress length reduction).These models included 5 different band insertion models:Model 1 with one band at anterior to the middle of papillary muscle;Model 2 with one band at posterior to the middle of papillary muscle;Model 3 with 2 bands which are the ones from Models 1&2 combined;Model 4 with a band at the base of the papillary muscle;Model 5 with 3 bands which is a combination of Models 3&4.A pre-shrink process was performed on in-vivo begin-filling and end-systole MRI data to obtain diastole and systole zero4oad ventricle geometries.An extra 5%-8%shrinkage was applied to obtain corresponding systole zero-load geometry reflecting myocardium sarcomere shortening.The zero-load band length in systole was 10%,15%and 20%shorter than that in diastole according to their corresponding contraction ratio.The nonlinear Mooney-Rivlin model was used to describe the ventricle material properties with their material parameter values adjusted to match measured data with CMR.The band material properties were in the same scale with healthy right ventricle.The RV/LV/Band model construction and solution procedures were the same as described.Results Model 5 with band contraction ratio of 20%has the ability to improve RV ejection fraction to 41.07%,which represented a 3.61%absolute improvement,or 9.6%relative improvement using pre-PVR ejection fraction as the baseline number.The ejection fractions for Models 1-4 with band contraction ratio of 20%were 39.28%,39.47%,38.87%and 40.34%respectively.Compared to models with band contraction ratio15%and 20%,models with band contraction ratio 10%has the least ability on RV ejection fraction improvement with ejection fraction 38.28%,38.00%,38.81%,38.50%and 39.36%corresponding to Models 1-5.Conclusions This pilot work demonstrated that the band insertion surgery may have great potential to improve post-PVR RV cardiac function for patients with repaired TOF.More band contraction ratio and inserted band number may lead to better post-surgery outcome.Further investigations using in-vitro animal experiments and final patient studies are warranted.展开更多
In recent years,the number of smart contracts deployed on blockchain has exploded.However,the issue of vulnerability has caused incalculable losses.Due to the irreversible and immutability of smart contracts,vulnerabi...In recent years,the number of smart contracts deployed on blockchain has exploded.However,the issue of vulnerability has caused incalculable losses.Due to the irreversible and immutability of smart contracts,vulnerability detection has become particularly important.With the popular use of neural network model,there has been a growing utilization of deep learning-based methods and tools for the identification of vulnerabilities within smart contracts.This paper commences by providing a succinct overview of prevalent categories of vulnerabilities found in smart contracts.Subsequently,it categorizes and presents an overview of contemporary deep learning-based tools developed for smart contract detection.These tools are categorized based on their open-source status,the data format and the type of feature extraction they employ.Then we conduct a comprehensive comparative analysis of these tools,selecting representative tools for experimental validation and comparing them with traditional tools in terms of detection coverage and accuracy.Finally,Based on the insights gained from the experimental results and the current state of research in the field of smart contract vulnerability detection tools,we suppose to provide a reference standard for developers of contract vulnerability detection tools.Meanwhile,forward-looking research directions are also proposed for deep learning-based smart contract vulnerability detection.展开更多
An incompressible flow in a porous channel with expanding or contacting walls in the presence of a transverse magnetic field is considered. Using similarity transformations, the governing equations are reduced to the ...An incompressible flow in a porous channel with expanding or contacting walls in the presence of a transverse magnetic field is considered. Using similarity transformations, the governing equations are reduced to the nonlinear ordinary differential equations. The exact similar solutions for the different cases of the expansion ratio and the Hartmann number are obtained with a singular perturbation method, and the associated behavior is discussed in detail.展开更多
The flow of a micropolar fluid in a semi-porous channel with an expanding or contracting wall is investigated. The governing equations are reduced to ordinary ones by using similar transformations. To get the analytic...The flow of a micropolar fluid in a semi-porous channel with an expanding or contracting wall is investigated. The governing equations are reduced to ordinary ones by using similar transformations. To get the analytic solution to the problem, the homotopy analysis method (HAM) is employed to obtain the expressions for velocity fields. Graphs are sketched and discussed for various parameters, especially the effect of the expansion ratio on velocity and micro-rotation fields.展开更多
文摘The advent of Industry 4.0 has compelled businesses to adopt digital approaches that combine software toenhance production efficiency. In this rapidly evolving market, software development is an ongoing process thatmust be tailored to meet the dynamic needs of enterprises. However, internal research and development can beprohibitively expensive, driving many enterprises to outsource software development and upgrades to externalservice providers. This paper presents a software upgrade outsourcing model for enterprises and service providersthat accounts for the impact of market fluctuations on software adaptability. To mitigate the risk of adverseselection due to asymmetric information about the service provider’s cost and asymmetric information aboutthe enterprise’s revenues, we propose pay-per-time and revenue-sharing contracts in two distinct informationasymmetry scenarios. These two contracts specify the time and transfer payments for software upgrades. Througha comparative analysis of the optimal solutions under the two contracts and centralized decision-making withfull-information, we examine the characteristics of the solutions under two information asymmetry scenarios andanalyze the incentive effects of the two contracts on the various stakeholders. Overall, our study offers valuableinsights for firms seeking to optimize their outsourcing strategies and maximize their returns on investment insoftware upgrades.
文摘Smart contracts on the Ethereum blockchain continue to revolutionize decentralized applications (dApps) by allowing for self-executing agreements. However, bad actors have continuously found ways to exploit smart contracts for personal financial gain, which undermines the integrity of the Ethereum blockchain. This paper proposes a computer program called SADA (Static and Dynamic Analyzer), a novel approach to smart contract vulnerability detection using multiple Large Language Model (LLM) agents to analyze and flag suspicious Solidity code for Ethereum smart contracts. SADA not only improves upon existing vulnerability detection methods but also paves the way for more secure smart contract development practices in the rapidly evolving blockchain ecosystem.
基金supported by National Natural Science Foundation of China.
文摘Attribute-Based Signature(ABS)is a powerful cryptographic primitive that enables fine-grained access control in distributed systems.However,its high computational cost makes it unsuitable for resource-constrained environments,and traditional monotonic access structures are inadequate for handling increasingly complex access policies.In this paper,we propose a novel smart contract-assisted ABS(SC-ABS)algorithm that supports nonmonotonic access structures,aiming to reduce client computing overhead while providingmore expressive and flexible access control.The SC-ABS scheme extends the monotonic access structure by introducing the concept of negative attributes,allowing for more complex and dynamic access policies.By utilizing smart contracts,the algorithmsupports distributed trusted assisted computation,and the computation code is transparent and auditable.Importantly,this design allows information about user attributes to be deployed on smart contracts for computation,both reducing the risk of privacy abuse by semi-honest servers and preventing malicious users from attribute concealment to forge signatures.We prove that SC-ABS satisfies unforgeability and anonymity under a random oracle model,and test the scheme’s cost.Comparedwith existing schemes,this scheme has higher efficiency in client signature and authentication.This scheme reduces the computing burden of users,and the design of smart contracts improves the security of aided computing further,solves the problem of attribute concealment,and expresses a more flexible access structure.The solution enables permission control applications in resource-constrained distributed scenarios,such as the Internet of Things(IoT)and distributed version control systems,where data security and flexible access control are critical.
文摘This article explores the characteristics of data resources from the perspective of production factors,analyzes the demand for trustworthy circulation technology,designs a fusion architecture and related solutions,including multi-party data intersection calculation,distributed machine learning,etc.It also compares performance differences,conducts formal verification,points out the value and limitations of architecture innovation,and looks forward to future opportunities.
基金supported by the Seoul Business Agency(SBA),funded by the Seoul Metropolitan Government,through the Seoul R&BD Program(FB240022)by the Korea Institute for Advancement of Technology(KIAT),funded by the Korea Government(MOTIE)(RS-2024-00406796)+1 种基金through the HRD Program for Industrial Innovationby the Excellent Researcher Support Project of Kwangwoon University in 2024.
文摘Smart contracts are self-executing programs on blockchains that manage complex business logic with transparency and integrity.However,their immutability after deployment makes programming errors particularly critical,as such errors can be exploited to compromise blockchain security.Existing vulnerability detection methods often rely on fixed rules or target specific vulnerabilities,limiting their scalability and adaptability to diverse smart contract scenarios.Furthermore,natural language processing approaches for source code analysis frequently fail to capture program flow,which is essential for identifying structural vulnerabilities.To address these limitations,we propose a novel model that integrates textual and structural information for smart contract vulnerability detection.Our approach employs the CodeBERT NLP model for textual analysis,augmented with structural insights derived from control flow graphs created using the abstract syntax tree and opcode of smart contracts.Each graph node is embedded using Sent2Vec,and centrality analysis is applied to highlight critical paths and nodes within the code.The extracted features are normalized and combined into a prompt for a large language model to detect vulnerabilities effectivel.Experimental results demonstrate the superiority of our model,achieving an accuracy of 86.70%,a recall of 84.87%,a precision of 85.24%,and an F1-score of 84.46%.These outcomes surpass existing methods,including CodeBERT alone(accuracy:81.26%,F1-score:79.84%)and CodeBERT combined with abstract syntax tree analysis(accuracy:83.48%,F1-score:79.65%).The findings underscore the effectiveness of incorporating graph structural information alongside text-based analysis,offering improved scalability and performance in detecting diverse vulnerabilities.
基金partially supported by the National Natural Science Foundation (62272248)the Open Project Fund of State Key Laboratory of Computer Architecture,Institute of Computing Technology,Chinese Academy of Sciences (CARCHA202108,CARCH201905)+1 种基金the Natural Science Foundation of Tianjin (20JCZDJC00610)Sponsored by Zhejiang Lab (2021KF0AB04)。
文摘Smart contracts are widely used on the blockchain to implement complex transactions,such as decentralized applications on Ethereum.Effective vulnerability detection of large-scale smart contracts is critical,as attacks on smart contracts often cause huge economic losses.Since it is difficult to repair and update smart contracts,it is necessary to find the vulnerabilities before they are deployed.However,code analysis,which requires traversal paths,and learning methods,which require many features to be trained,are too time-consuming to detect large-scale on-chain contracts.Learning-based methods will obtain detection models from a feature space compared to code analysis methods such as symbol execution.But the existing features lack the interpretability of the detection results and training model,even worse,the large-scale feature space also affects the efficiency of detection.This paper focuses on improving the detection efficiency by reducing the dimension of the features,combined with expert knowledge.In this paper,a feature extraction model Block-gram is proposed to form low-dimensional knowledge-based features from bytecode.First,the metadata is separated and the runtime code is converted into a sequence of opcodes,which are divided into segments based on some instructions(jumps,etc.).Then,scalable Block-gram features,including 4-dimensional block features and 8-dimensional attribute features,are mined for the learning-based model training.Finally,feature contributions are calculated from SHAP values to measure the relationship between our features and the results of the detection model.In addition,six types of vulnerability labels are made on a dataset containing 33,885 contracts,and these knowledge-based features are evaluated using seven state-of-the-art learning algorithms,which show that the average detection latency speeds up 25×to 650×,compared with the features extracted by N-gram,and also can enhance the interpretability of the detection model.
基金supported in part by the National Natural Science Foundation of China under Grant 62272007,U23B2002in part by the Excellent Young Talents Project of the Beijing Municipal University Teacher Team Construction Support Plan under Grant BPHR202203031+1 种基金in part by the Yunnan Key Laboratory of Blockchain Application Technology under Grant 2021105AG070005(YNB202102)in part by the Open Topics of Key Laboratory of Blockchain Technology and Data Security,The Ministry of Industry and Information Technology of the People’s Republic of China under Grant 20243222。
文摘The wide application of smart contracts allows industry companies to implement some complex distributed collaborative businesses,which involve the calculation of complex functions,such as matrix operations.However,complex functions such as matrix operations are difficult to implement on Ethereum Virtual Machine(EVM)-based smart contract platforms due to their distributed security environment limitations.Existing off-chain methods often result in a significant reduction in contract execution efficiency,thus a platform software development kit interface implementation method has become a feasible way to reduce overheads,but this method cannot verify operation correctness and may leak sensitive user data.To solve the above problems,we propose a verifiable EVM-based smart contract cross-language implementation scheme for complex operations,especially matrix operations,which can guarantee operation correctness and user privacy while ensuring computational efficiency.In this scheme,a verifiable interaction process is designed to verify the computation process and results,and a matrix blinding technology is introduced to protect sensitive user data in the calculation process.The security analysis and performance tests show that the proposed scheme can satisfy the correctness and privacy of the cross-language implementation of smart contracts at a small additional efficiency cost.
基金supported by theHigher Education Research Project of Jilin Province:JGJX24C118the National Defense Basic Scientific Research Program of China(No.JCKY2023602C026).
文摘With the rapid proliferation of Internet ofThings(IoT)devices,ensuring their communication security has become increasingly important.Blockchain and smart contract technologies,with their decentralized nature,provide strong security guarantees for IoT.However,at the same time,smart contracts themselves face numerous security challenges,among which reentrancy vulnerabilities are particularly prominent.Existing detection tools for reentrancy vulnerabilities often suffer from high false positive and false negative rates due to their reliance on identifying patterns related to specific transfer functions.To address these limitations,this paper proposes a novel detection method that combines pattern matching with deep learning.Specifically,we carefully identify and define three common patterns of reentrancy vulnerabilities in smart contracts.Then,we extract key vulnerability features based on these patterns.Furthermore,we employ a Graph Attention Neural Network to extract graph embedding features from the contract graph,capturing the complex relationships between different components of the contract.Finally,we use an attention mechanism to fuse these two sets of feature information,enhancing the weights of effective information and suppressing irrelevant information,thereby significantly improving the accuracy and robustness of vulnerability detection.Experimental results demonstrate that our proposed method outperforms existing state-ofthe-art techniques,achieving a 3.88%improvement in accuracy compared to the latest vulnerability detection model AME(Attentive Multi-Encoder Network).This indicates that our method effectively reduces false positives and false negatives,significantly enhancing the security and reliability of smart contracts in the evolving IoT ecosystem.
基金This work was granted by Qin Xin Talents Cultivation Program(No.QXTCP C202115)Beijing Information Science and Technology University+1 种基金the Beijing Advanced Innovation Center for Future Blockchain and Privacy Computing Fund(No.GJJ-23)National Social Science Foundation,China(No.21BTQ079).
文摘With the widespread use of blockchain technology for smart contracts and decentralized applications on the Ethereum platform, the blockchain has become a cornerstone of trust in the modern financial system. However, its anonymity has provided new ways for Ponzi schemes to commit fraud, posing significant risks to investors. Current research still has some limitations, for example, Ponzi schemes are difficult to detect in the early stages of smart contract deployment, and data imbalance is not considered. In addition, there is room for improving the detection accuracy. To address the above issues, this paper proposes LT-SPSD (LSTM-Transformer smart Ponzi schemes detection), which is a Ponzi scheme detection method that combines Long Short-Term Memory (LSTM) and Transformer considering the time-series transaction information of smart contracts as well as the global information. Based on the verified smart contract addresses, account features, and code features are extracted to construct a feature dataset, and the SMOTE-Tomek algorithm is used to deal with the imbalanced data classification problem. By comparing our method with the other four typical detection methods in the experiment, the LT-SPSD method shows significant performance improvement in precision, recall, and F1-score. The results of the experiment confirm the efficacy of the model, which has some application value in Ethereum Ponzi scheme smart contract detection.
基金jointly supported by the National Natural Science Foundation of China[grant numbers U2342202 and 42175005]the Qing Lan Project[grant number R2023Q06]。
文摘In 2021,Cempaka,a tiny tropical cyclone,made landfall in China.As the TC intensified prior to landfall,the tropical cyclone size measured with precipitation decreased significantly.A numerical simulation was conducted to examine the possible processes modulating the storm size.Azimuthally mean potential vorticity(PV)was found to decrease mainly in the middle to upper troposphere between 50-and 80-km radii.The PV budget results indicate that the advection and generation of mean PV associated with asymmetric processes,rather than the symmetric processes,primarily contributed to the decrease in mean PV.These asymmetric processes leading to a negative PV tendency were likely associated with inactive outer rainbands.In contrast,the tangential winds simultaneously expanded radially outward,possibly related to inner-core diabatic heating.The findings here emphasize the importance of outer rainband activity in tropical cyclone size change.
文摘In this study,we explore some of the best proximity point results for generalized proximal contractions in the setting of double-controlled metric-type spaces.A non-trivial example is given to elucidate our analysis,and some novel results are derived.The discovered results generalize previously known results in the context of a double controlled metric type space environment.This article’s proximity point results are the first of their kind in the realm of controlled metric spaces.To build on the results achieved in this article,we present an application demonstrating the usability of the given results.
文摘AIM:To evaluate the efficacy and safety of combining posterior scleral contraction(PSC)with intravitreal perfluoropropane(C_(3)F_(8))injection in high myopia with macular hole retinal detachment(MHRD).METHODS:A total of 22 participants(22 eyes)with high myopia[axial length(AL)≥26.5 mm]and MHRD who underwent PSC combined with intravitreal C_(3)F_(8)injection,with at least 6mo of follow-up were retrospectively recruited.Outcome measures included best-corrected visual acuity(BCVA),AL,optical coherence tomography(OCT)findings,and adverse events.Retinal recovery was categorized as type Ⅰ(macular hole bridging with retinal reattachment)or type Ⅱ(reattachment without hole bridging).RESULTS:The mean age of participants was 62.1±8.8y and mean follow-up duration was 9.18±4.21mo.Complete retinal reattachment was observed in 11 eyes(50%)at postoperative day 1,19 eyes(86.3%)at week 1,and all 22 eyes at month 1.Ten eyes(45.5%)achieved type Ⅰ recovery and 12 eyes(54.5%)achieved type Ⅱ.Mean BCVA improved from 1.68±0.84 logMAR before surgery to 1.21±0.65 logMAR after surgery(P<0.001),and AL was significantly reduced compared to baseline(29.07±2.05 vs 30.8±2.2 mm;P<0.001).No serious complications were reported.CONCLUSION:PSC combined with intravitreal C_(3)F_(8)injection is a safe and effective treatment for MHRD in highly myopic eyes,especially for retinal detachment limited within the vascular arcade.
基金funded by National Science,Research and Innovation Fund(NSRF)King Mongkut's University of Technology North Bangkok with Contract No.KMUTNB-FF-68-B-46.
文摘In this manuscript,the notion of a hesitant fuzzy soft fixed point is introduced.Using this notion and the concept of Suzuki-type(μ,ν)-weak contraction for hesitant fuzzy soft set valued-mapping,some fixed point results are established in the framework of metric spaces.Based on the presented work,some examples reflecting decision-making problems related to real life are also solved.The suggested method’s flexibility and efficacy compared to conventional techniques are demonstrated in decision-making situations involving uncertainty,such as choosing the best options in multi-criteria settings.We noted that the presented work combines and generalizes two major concepts,the idea of soft sets and hesitant fuzzy set-valued mapping from the existing literature.
基金supported by the National Natural Science Foundations of China (50936003, 50905013)The Open Project of State Key Lab. for Adv. Matals and Materials (2009Z-02)Research Foundation of Engineering Research Institute of USTB
文摘In this paper, the asymmetric laminar flow in a porous channel with expanding or contracting walls is investigated. The governing equations are reduced to ordinary ones by using suitable similar transformations. Homotopy analysis method (HAM) is employed to obtain the expres- sions for velocity fields. Graphs are sketched for values of parameters and associated dynamic characteristics, especially the expansion ratio, are analyzed in detail.
文摘Energy Performance Contracting was introduced into China in the mid 1990s. Since western energy service companies came to China, their management pattern has undergone major changes. Why did such changes occur? Mainly because these companies encountered two difficulties in China: tax and financing.
基金supported in part by National Sciences Foundation of China grants ( 11672001, 81571691,81771844)
文摘Objective Patients with repaired tetralogy of Fallot(rTOF)account for the majority of cases with late onset right ventricle(RV)failure.The current surgical approach,including pulmonary valve replacement/insertion(PVR),has yielded mixed results with some patients recover RV function and some do not.An innovative surgical approach was proposed to help ventricle to contract and improve RV function qualified by ejection fraction with one or more active contracting bands.Computational biomechanical modelling is a widely used method in cardiovascular study for investigation of mechanisms governing disease development,quantitative diagnostic and treatment strategies and improving surgical designs for better outcome.Muscle active contraction caused by zero-load sarcomere shortening leads to change of zero-load configurations.In lieu of experimenting using real surgery on animal or human,computational simulations(virtual surgery)were performed to test different band combination and insertion options to identify optimal surgery design and band insertion plan.Methods Cardiac magnetic resonance(CMR)data were obtained from one rTOF patient(sex:male,age:22.5 y)before pulmonary valve replacement surgery.The patient was suffering from RV dilation and dysfunction with RV end-systole volume 254.49ml and end-diastole volume 406.91 mL.A total of 15 computational RV/LV/Patch/Band combination models based on(CMR)imaging were constructed to investigate the influence of different band insertion surgery plans.These models included 5 different band insertion models combined and 3 different band contraction ratio(10%,15%and 20%band zero-stress length reduction).These models included 5 different band insertion models:Model 1 with one band at anterior to the middle of papillary muscle;Model 2 with one band at posterior to the middle of papillary muscle;Model 3 with 2 bands which are the ones from Models 1&2 combined;Model 4 with a band at the base of the papillary muscle;Model 5 with 3 bands which is a combination of Models 3&4.A pre-shrink process was performed on in-vivo begin-filling and end-systole MRI data to obtain diastole and systole zero4oad ventricle geometries.An extra 5%-8%shrinkage was applied to obtain corresponding systole zero-load geometry reflecting myocardium sarcomere shortening.The zero-load band length in systole was 10%,15%and 20%shorter than that in diastole according to their corresponding contraction ratio.The nonlinear Mooney-Rivlin model was used to describe the ventricle material properties with their material parameter values adjusted to match measured data with CMR.The band material properties were in the same scale with healthy right ventricle.The RV/LV/Band model construction and solution procedures were the same as described.Results Model 5 with band contraction ratio of 20%has the ability to improve RV ejection fraction to 41.07%,which represented a 3.61%absolute improvement,or 9.6%relative improvement using pre-PVR ejection fraction as the baseline number.The ejection fractions for Models 1-4 with band contraction ratio of 20%were 39.28%,39.47%,38.87%and 40.34%respectively.Compared to models with band contraction ratio15%and 20%,models with band contraction ratio 10%has the least ability on RV ejection fraction improvement with ejection fraction 38.28%,38.00%,38.81%,38.50%and 39.36%corresponding to Models 1-5.Conclusions This pilot work demonstrated that the band insertion surgery may have great potential to improve post-PVR RV cardiac function for patients with repaired TOF.More band contraction ratio and inserted band number may lead to better post-surgery outcome.Further investigations using in-vitro animal experiments and final patient studies are warranted.
基金funded by the Major PublicWelfare Special Fund of Henan Province(No.201300210200)the Major Science and Technology Research Special Fund of Henan Province(No.221100210400).
文摘In recent years,the number of smart contracts deployed on blockchain has exploded.However,the issue of vulnerability has caused incalculable losses.Due to the irreversible and immutability of smart contracts,vulnerability detection has become particularly important.With the popular use of neural network model,there has been a growing utilization of deep learning-based methods and tools for the identification of vulnerabilities within smart contracts.This paper commences by providing a succinct overview of prevalent categories of vulnerabilities found in smart contracts.Subsequently,it categorizes and presents an overview of contemporary deep learning-based tools developed for smart contract detection.These tools are categorized based on their open-source status,the data format and the type of feature extraction they employ.Then we conduct a comprehensive comparative analysis of these tools,selecting representative tools for experimental validation and comparing them with traditional tools in terms of detection coverage and accuracy.Finally,Based on the insights gained from the experimental results and the current state of research in the field of smart contract vulnerability detection tools,we suppose to provide a reference standard for developers of contract vulnerability detection tools.Meanwhile,forward-looking research directions are also proposed for deep learning-based smart contract vulnerability detection.
文摘An incompressible flow in a porous channel with expanding or contacting walls in the presence of a transverse magnetic field is considered. Using similarity transformations, the governing equations are reduced to the nonlinear ordinary differential equations. The exact similar solutions for the different cases of the expansion ratio and the Hartmann number are obtained with a singular perturbation method, and the associated behavior is discussed in detail.
基金Project supported by the National Natural Science Foundation of China(Nos.50936003 and 50905013)the Open Project of State Key Laboratory for Advanced Metals and Materials (No.2009Z-02)
文摘The flow of a micropolar fluid in a semi-porous channel with an expanding or contracting wall is investigated. The governing equations are reduced to ordinary ones by using similar transformations. To get the analytic solution to the problem, the homotopy analysis method (HAM) is employed to obtain the expressions for velocity fields. Graphs are sketched and discussed for various parameters, especially the effect of the expansion ratio on velocity and micro-rotation fields.
