Jianbo Gao scite author profile

Jianbo Gao

5Publications

74Citation Statements Received

36Citation Statements Given

How they've been cited

123

How they cite others

Affiliations

Peking University

Publications

Order By: Most citations

EASYFLOW: Keep Ethereum Away from Overflow

Gao

Liu

et al. 2019

View full text Add to dashboard Cite

While Ethereum smart contracts enabled a wide range of blockchain applications, they are extremely vulnerable to different forms of security attacks. Due to the fact that transactions to smart contracts commonly involve cryptocurrency transfer, any successful attacks can lead to money loss or even financial disorder. In this paper, we focus on the overflow attacks in Ethereum , mainly because they widely rooted in many smart contracts and comparatively easy to exploit. We have developed EASYFLOW , an overflow detector at Ethereum Virtual Machine level. The key insight behind EASYFLOW is a taint analysis based tracking technique to analyze the propagation of involved taints. Specifically, EASYFLOW can not only divide smart contracts into safe contracts, manifested overflows, well-protected overflows and potential overflows, but also automatically generate transactions to trigger potential overflows. In our preliminary evaluation, EASYFLOW managed to find potentially vulnerable Ethereum contracts with little runtime overhead. A demo video of EASYFLOW is at https://youtu.be/QbUJkQI0L6o.

show abstract

Towards Automated Testing of Blockchain-Based Decentralized Applications

Gao

Liu

et al. 2019

View full text Add to dashboard Cite

Kaya: A Testing Framework for Blockchain-based Decentralized Applications

Zhang

Gao

et al. 2020

View full text Add to dashboard Cite

In recent years, many decentralized applications based on blockchain (DApp) have been developed. However, due to inadequate testing, DApps are easily exposed to serious vulnerabilities. We find three main challenges for DApp testing, i.e. the inherent complexity of DApp, inconvenient pre-state setting, and not-so-readable logs. In this paper, we propose a testing framework named Kaya to bridge these gaps. Kaya has three main functions. Firstly, Kaya proposes DApp behavior description language (DBDL) to make writing test cases easier. Test cases written in DBDL can also be automatically executed by Kaya. Secondly, Kaya supports a flexible and convenient way for test engineers to set the blockchain pre-states easily. Thirdly, Kaya transforms incomprehensible addresses into readable variables for easy comprehension. With these functions, Kaya can help test engineers test DApps more easily. Besides, to fit the various application environments, we provide two ways for test engineers to use Kaya, i.e., UI and command-line. Our experimental case demonstrates the potential of Kaya in helping test engineers to test DApps more easily 1 .

show abstract

TrustCross: Enabling Confidential Interoperability across Blockchains Using Trusted Hardware

Lan

Gao

et al. 2021

View full text Add to dashboard Cite

With the rapid development of blockchain technology, different types of blockchains are adopted and interoperability across blockchains has received widespread attention. There have been many cross-chain solutions proposed in recent years, including notary scheme, sidechain, and relay chain. However, most of the existing platforms do not take confidentiality into account, although privacy has become an important concern for blockchain. In this paper, we present TrustCross, a privacypreserving cross-chain platform to enable confidential interoperability across blockchains. The key insight behind TrustCross is to encrypt cross-chain communication data on the relay chain with the assistance of trusted execution environment and employ finegrained access control to protect user privacy. Our experimental results show that TrustCross achieves reasonable latency and high scalability on the contract calls across heterogeneous blockchains.

show abstract

Understanding Out of Gas Exceptions on Ethereum

Liu

Gao

et al. 2019

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Jianbo Gao

EASYFLOW: Keep Ethereum Away from Overflow

Towards Automated Testing of Blockchain-Based Decentralized Applications

Kaya: A Testing Framework for Blockchain-based Decentralized Applications

TrustCross: Enabling Confidential Interoperability across Blockchains Using Trusted Hardware

Understanding Out of Gas Exceptions on Ethereum

Contact Info

Product

Resources

About