Mojtaba Eshghie

Master's/Bachelor Students

We have bachelor's/master's degree project topics available. Do not hesitate to get in touch with me for an update on that if you are interested.

My Background

I am a PhD Candidate at the Theoretical Computer Science division of KTH Royal Institute of Technology. My current research is focused on Temporal Monitoring Smart Contracts using state-of-the-art. I am working under the supervision of Cyrille Artho.

In 2019, I was awarded a master's degree in Information Technology Engineering from the University of Tehran after successfully performing research in two fields ofInternet of Things and Network Monitoring. The latter project was conducted in Telecom Paristech LINCS laboratory.

Publications

SoliDiffy: AST Differencing for Solidity Smart Contracts

SoliDiffy, a dedicated AST differencing tool for Solidity, provides precise edit scripts to enhance tasks like vulnerability detection, code repair, and reviews, outperforming existing tools in complex contract analysis.

ASE 2024:

Oracle-Guided Vulnerability Diversity and Exploit Synthesis of Smart Contracts Using LLMs

XploGen leverages model-based oracle specifications and LLMs to generate effective smart contract exploits, addressing data limitations in existing vulnerability analysis tools.

HighGuard: Cross-Chain Business Logic Monitoring of Smart Contracts

HighGuard detects cross-chain business logic violations in smart contracts using DCR graph models, ensuring accurate monitoring without code changes or extra gas costs, with zero false positives as shown in tests on 54 exploits.

DISL: Fueling Research with A Large Dataset of Solidity Smart Contracts

DISL is a comprehensive dataset of 514,506 unique Solidity contracts from Ethereum mainnet, supporting machine learning and benchmarking tools with unmatched size and recency up to January 2024.

IWBOSE 2024 (SANER 2024):
From Creation to Exploitation: The Oracle Lifecycle

We analyze the lifecycle of blockchain oracles in DeFi, identifying vulnerabilities and evaluating defenses, with a model tested against $187M in recent exploits, highlighting bond systems as partial mitigation.

NWPT 2023 :
Exposing Flaws by Modeling Vulnerable-by-Design Smart Contracts
The result of our analysis offers valuable insights and underscores the potential of DCR graphs in preventing the vulnerabilities causing the breaches.

SEFM 2023:
Capturing Smart Contract Design with DCR Graphs
DCR graphs offer a formal tool for modeling smart contracts, capturing roles, dependencies, and timing visually, enabling analysis of business processes for secure smart contract development.

CircleChain: Tokenizing products with a role-based scheme for a circular economy

We propose a role-based token management scheme on the Algorand blockchain for tracking second-life components in a circular economy, enabling authentication, synthesis, and trading while supporting scalable and trustless management of supply chain processes.

EASE 2021:
Dynamic Vulnerability Detection on Smart Contracts Using Machine Learning

Dynamit is a framework for detecting reentrancy vulnerabilities in Ethereum smart contracts using only transaction metadata and balance data, achieving over 90\% accuracy without code instrumentation.

 

Conferences/Events I Helped With

4th International Workshop on Formal Methods for Blockchains, supporting reviewer

The 24th International Conference on Formal Engineering Methods, subreviewer

17th IEEE International Conference on Software Testing, Verification and Validation (ICST) 2024, subreviewer

7th Workshop on Validation, Analysis and Evolution of Software Tests, subreviewer