Closed Stamp9 closed 2 weeks ago
Stamp9
commented
1 year ago FYI, a master's thesis at Lund University: https://lup.lub.lu.se/luur/download?func=downloadFile&recordOId=9138646&fileOId=9138647#cite.mwritescodeTool_2022
They used: https://github.com/mwritescode/smart-contracts-vulnerabilities which is also available on https://huggingface.co/datasets/mwritescode/slither-audited-smart-contracts
Stamp9
commented
1 year ago ScrawlD: A Dataset of Real World Ethereum Smart Contracts Labelled with Vulnerabilities https://arxiv.org/abs/2202.11409 https://github.com/sujeetc/ScrawlD
All the useful results are in this addr: https://github.com/sujeetc/ScrawlD/tree/main/data The paper is poorly written, Goes through ~47K adrs, only ~7K worth using (Question: ever considered using verified EScan APIs? Much much fewer vulnerabilities, but probably higher profile ones if found through smartbugs => Not very relevant to our TRT paper.) I like the majority voting for the vulnerable contract idea (used in TRT too). Meaningful plot for our dataset: Fig. 1: Number of unique Contracts having each Vulnerability (log-scale) => Probably enough for a dataset paper, but it would be interesting to see the Number of unique vulnerabilities (in total) detected by each tool.
Stamp9
commented
11 months ago Stamp9
commented
11 months ago Stamp9
commented
11 months ago https://dl.acm.org/doi/abs/10.1145/3372297.3420015 Towards Using Source Code Repositories to Identify Software Supply Chain Attacks
https://github.com/ASSERT-KTH/related-work/issues/23