Mojtaba Eshghie
Doctoral student
Details
Researcher
About me
Master's/Bachelor Students
Name | Project Subject | Degree | Year | Company |
---|---|---|---|---|
Gustav Andersson Kasche | Smart Contracts Invariant Mining | Master's | 2024 | - |
Gabriele Morello | Smart Contracts Invariant Synthesis | Master's | 2024 | - |
Glacier Ali | Improving Unit Tests Using Generative AI | Master's | 2024 | Securitas |
Hans Stammler | Cross-Platform Monitoring of High-level Properties in Smart Contracts | Master's | 2024 | - |
Viktor Åryd | Solidity AST Differencing | Master's | 2024 | - |
Erik Cruz | An Initial Investigation of Automatic Program Repair for Solidity Smart Contracts with Large Language Models | Master's | 2023 | - |
Siwei Zhang | Trace Visualization of Distributed and Centralized Applications | Master's | 2023 |
Ericsson |
Fredrik Svanholm | Implementation and Evaluation of a Decentralized Fund Protocol | Master's | 2023 | Centiglobe |
Mikael Jafari | Fundamental Attacks on Ethereum Oracles and How to Prevent Them | Master's | 2023 | Handelsbanken |
Filip Jacobson, Gustav Andersson Kasche |
Tracing of Second-Life Computer Components using Smart Contracts on the Algorand Blockchain | Bachelor's | 2022 | - |
We have bachelor's/master's degree project topics available. Do not hesitate to get in touch with me for an update on that if you are interested.
My Background
I am a PhD Candidate at the Theoretical Computer Science division of KTH Royal Institute of Technology. My current research is focused on Temporal Monitoring Smart Contracts using state-of-the-art. I am working under the supervision of Cyrille Artho.
In 2019, I was awarded a master's degree in Information Technology Engineering from the University of Tehran after successfully performing research in two fields ofInternet of Things and Network Monitoring. The latter project was conducted in Telecom Paristech LINCS laboratory.
Publications
SoliDiffy: AST Differencing for Solidity Smart Contracts
SoliDiffy, a dedicated AST differencing tool for Solidity, provides precise edit scripts to enhance tasks like vulnerability detection, code repair, and reviews, outperforming existing tools in complex contract analysis.
ASE 2024:
Oracle-Guided Vulnerability Diversity and Exploit Synthesis of Smart Contracts Using LLMs
XploGen leverages model-based oracle specifications and LLMs to generate effective smart contract exploits, addressing data limitations in existing vulnerability analysis tools.
HighGuard: Cross-Chain Business Logic Monitoring of Smart Contracts
HighGuard detects cross-chain business logic violations in smart contracts using DCR graph models, ensuring accurate monitoring without code changes or extra gas costs, with zero false positives as shown in tests on 54 exploits.
DISL: Fueling Research with A Large Dataset of Solidity Smart Contracts
DISL is a comprehensive dataset of 514,506 unique Solidity contracts from Ethereum mainnet, supporting machine learning and benchmarking tools with unmatched size and recency up to January 2024.
IWBOSE 2024 (SANER 2024):
From Creation to Exploitation: The Oracle Lifecycle
We analyze the lifecycle of blockchain oracles in DeFi, identifying vulnerabilities and evaluating defenses, with a model tested against $187M in recent exploits, highlighting bond systems as partial mitigation.
NWPT 2023 :
Exposing Flaws by Modeling Vulnerable-by-Design Smart Contracts
The result of our analysis offers valuable insights and underscores the potential of DCR graphs in preventing the vulnerabilities causing the breaches.
SEFM 2023:
Capturing Smart Contract Design with DCR Graphs
DCR graphs offer a formal tool for modeling smart contracts, capturing roles, dependencies, and timing visually, enabling analysis of business processes for secure smart contract development.
CircleChain: Tokenizing products with a role-based scheme for a circular economy
We propose a role-based token management scheme on the Algorand blockchain for tracking second-life components in a circular economy, enabling authentication, synthesis, and trading while supporting scalable and trustless management of supply chain processes.
EASE 2021:
Dynamic Vulnerability Detection on Smart Contracts Using Machine Learning
Dynamit is a framework for detecting reentrancy vulnerabilities in Ethereum smart contracts using only transaction metadata and balance data, achieving over 90\% accuracy without code instrumentation.
Conferences/Events I Helped With
4th International Workshop on Formal Methods for Blockchains, supporting reviewer
The 24th International Conference on Formal Engineering Methods, subreviewer
17th IEEE International Conference on Software Testing, Verification and Validation (ICST) 2024, subreviewer
7th Workshop on Validation, Analysis and Evolution of Software Tests, subreviewer
31st International Conference on Tools and Algorithms for the Construction and Analysis of Systems, subreviewer
Courses
Computer Security (DD2395), assistant | Course web
Internet Programming (DD1386), assistant | Course web
Software Engineering Fundamentals (DD2480), assistant | Course web
Software Safety and Security (DD2460), assistant | Course web