News

Together with our collaborators at NTU (Taiwan) and ETH Zurich (Switzerland), we just published
a paper on finding function and storage collisions in proxy smart contracts at IEEE ICDCS 2025!

We present Proxion, an automated cross-contract analyzer that identifies all proxy smart contracts in Ethereum, including the hidden ones that lack both source code and past transactions. This allows us to identify millions more proxy contracts and thousands of unreported collisions, compared to previous works.

The full version differs slightly from the current preprint and will be soon available. See you soon too, Glasgow!

We are thrilled to share that we just secured a funding from WASP Academic Doctoral Student Projects! Thanks to this, we will have another opening position for PhD student. This position will start in late 2025, and will focus on combining network security and AI training. Stay tuned for the advertisement (by 01 June 2025)!

As part of our blog, we just published an open letter to those considering joining our lab as PhD students.
This letter, in the form of a marriage proposal, describes our lab culture, our expectations, and the next steps. (Committing to a PhD is surprisingly similar to committing to a marriage!)

We welcome Adrià Torralba-Agell as the first student in the lab.
Adrià is a final-year Ph.D. student from UOC under the supervision of Cristina Pérez-Solà.
Adrià joins us on a three-month research exchange, focusing on network security issues of ZK-Rollups. Welcome!

We’re excited to announce that Secura Lab now has a blog!
Our first article explores mental health in academia, featuring insights from a year of self-tracking.
Check it out and stay tuned for more updates and reflections from our lab!

We are looking for enthusiastic candidates to join our newly launched lab as PhD students! These positions tentatively focus on network security problems in blockchains and AI/ML systems. That said, the research topics are quite flexible and so is the starting date. Note that the application deadline is 31 March, 2025.

All necessary information can be found in this link. We recommend a thorough read.

Please reach out to Muoi Tran if you have any further questions.

A new paper on fuzzing Proof-of-Work and Proof-of-Stake blockchain implementations has been accepted at IEEE/ACM ICSE 2025! This is a joint work with our collaborators from KAIST (Korea) and NUS (Singapore).

Blockchain systems run on top of P2P networks of nodes who collectively adhere to consensus algorithms. What may go wrong if nodes use different clients (or different versions of the same client)? Unsafe consensus! Tailored to detect discrepancies in how blockchain clients handle the complex fork resolutions, our fuzzing tool Forky found several unreported bugs in the most two popular blockchains, namely Bitcoin and Ethereum.

Muoi Tran has been acknowledged as one of the top reviewers at ACM CCS ‘24. Thanks the program chairs! This honor is a testament to our lasting commitment to contributing high-quality reviews to the community.

Muoi will again serve on the technical program committee, and also, on the organizing committee as a Poster/Demo chair at ACM CCS ‘25’ in Taipei (Taiwan).

Along with Muoi Tran accepting the offer to join Chalmers University of Technology, we have a new lab.
Secura means secure in Latin. It is what we do – securing (networked) systems from lower layers and up!

Credit: Many thanks to NSG@ETH for letting us borrow their web design.

Our paper on routing attacks against cryptocurrency mining pools has been accepted at IEEE S&P 2024.

We propose the Erosion attacks, in which network adversaries disrupt Proof-of-Work mining pools at scale. Check our paper to see how 96% of Bitcoin mining power can be disrupted by tampering with a few packets!