Hong Kong SAR, ChinaZihao Li received his B.S. and M.S. degrees from University of Electronic Science and Technology of China, advised by Prof. Ting Chen. He is currently working towards the PhD degree with the Department of Computing, The Hong Kong Polytechnic University, under the supervision of Prof. Daniel Xiapu Luo. His current research interests focus on blockchain system security, encompassing various core components such as blockchain infrastructure, EVM, smart contracts, and decentralized applications. He has received several best paper and distinguished paper awards (e.g., DeFi'24, CCS'24, INFOCOM'18, ISPEC'17) and a best paper nominee from ESEM'19.
Warning
Problem: The current name of your GitHub Pages repository ("Solution: Please consider renaming the repository to "
http://".
However, if the current repository name is intended, you can ignore this message by removing "{% include widgets/debug_repo_name.html %}" in index.html.
Action required
Problem: The current root path of this site is "baseurl ("_config.yml.
Solution: Please set the
baseurl in _config.yml to "Education
-
The Hong Kong Polytechnic UniversityDepartment of Computing
Ph.D. candidateJan. 2021 - present -
University of Electronic Science and Technology of ChinaMaster DegreeSep. 2017 - Jun. 2020 -
University of Electronic Science and Technology of ChinaBachelor DegreeSep. 2013 - Jun. 2017
Honors & Awards
-
Distinguished Paper Awards, awarded by ACM Conference on Computer and Communications Security (CCS). 2024.
-
Best DeFi Papers Awards in 2023, awarded by ACM CCS Workshop on Decentralized Finance and Security, 2024.
-
Ethereum Foundation Academic Grant, awarded by Ethereum Foundation on blockchain security research, 2023.
-
Best Paper Nominee, awarded by 13th International Symposium on Empirical Software Engineering and Measurement (ESEM), 2019.
-
Best Paper on Blockchain, awarded by China Computer Federation (CCF) Technical Committee on Block Chain, 2018.
-
Best Paper Awards, awarded by IEEE International Conference on Computer Communications (INFOCOM), 2018.
-
Best Paper Awards, awarded by 13th International Conference on Information Security Practice and Experience (ISPEC), 2017.
Selected Publications (view all )
fAmulet: Finding Finalization Failure Bugs in Polygon zkRollup
Zihao Li, Xinghao Peng, Zheyuan He, Xiapu Luo, Ting Chen
ACM Conference on Computer and Communications Security (CCS) 2024
A tool for identifying finalization failure bugs in Polygon zkRollup by leveraging behavior model guided fuzz testing.
fAmulet: Finding Finalization Failure Bugs in Polygon zkRollup
Zihao Li, Xinghao Peng, Zheyuan He, Xiapu Luo, Ting Chen
ACM Conference on Computer and Communications Security (CCS) 2024
A tool for identifying finalization failure bugs in Polygon zkRollup by leveraging behavior model guided fuzz testing.
NURGLE: Exacerbating Resource Consumption in Blockchain State Storage via MPT Manipulation
Zheyuan He, Zihao Li*, Ao Qiao, Xiapu Luo, Xiaosong Zhang, Ting Chen, Shuwei Song, Dijun Liu, Weina Niu (* equal contribution)
IEEE Symposium on Security and Privacy (S&P) 2024
We unveil a novel attack surface, i.e., the state storage, in blockchains, and design the first Denial-of-Service attack targeting the state storage by strategically proliferating intermediate nodes within the state storage of Merkle Patricia Trie structure.
NURGLE: Exacerbating Resource Consumption in Blockchain State Storage via MPT Manipulation
Zheyuan He, Zihao Li*, Ao Qiao, Xiapu Luo, Xiaosong Zhang, Ting Chen, Shuwei Song, Dijun Liu, Weina Niu (* equal contribution)
IEEE Symposium on Security and Privacy (S&P) 2024
We unveil a novel attack surface, i.e., the state storage, in blockchains, and design the first Denial-of-Service attack targeting the state storage by strategically proliferating intermediate nodes within the state storage of Merkle Patricia Trie structure.
Demystifying DeFi MEV Activities in Flashbots Bundle
Zihao Li, Jianfeng Li, Zheyuan He, Xiapu Luo, Ting Wang, Xiaoze Ni, Wenwu Yang, Xi Chen, Ting Chen
ACM Conference on Computer and Communications Security (CCS) 2023
We conduct the first systematic study on DeFi MEV activities in Flashbots bundles by proposing approaches for accurately identifying DeFi actions in transactions of each bundle, and leveraging iterative clustering to facilitate in discovering unknown DeFi MEV activities.
Demystifying DeFi MEV Activities in Flashbots Bundle
Zihao Li, Jianfeng Li, Zheyuan He, Xiapu Luo, Ting Wang, Xiaoze Ni, Wenwu Yang, Xi Chen, Ting Chen
ACM Conference on Computer and Communications Security (CCS) 2023
We conduct the first systematic study on DeFi MEV activities in Flashbots bundles by proposing approaches for accurately identifying DeFi actions in transactions of each bundle, and leveraging iterative clustering to facilitate in discovering unknown DeFi MEV activities.
SigRec: Automatic Recovery of Function Signatures in Smart Contracts
Ting Chen, Zihao Li, Xiapu Luo, Xiaofeng Wang, Ting Wang, Zheyuan He, Kezhao Fang, Yufei Zhang, Hang Zhu, Hongwei Li, Yan Cheng, Xiaosong Zhang
IEEE Transactions on Software Engineering (TSE) 2021
A novel framework that leverages how functions are handled by Ethereum virtual machine to automatically recover function signatures from contract bytecode.
SigRec: Automatic Recovery of Function Signatures in Smart Contracts
Ting Chen, Zihao Li, Xiapu Luo, Xiaofeng Wang, Ting Wang, Zheyuan He, Kezhao Fang, Yufei Zhang, Hang Zhu, Hongwei Li, Yan Cheng, Xiaosong Zhang
IEEE Transactions on Software Engineering (TSE) 2021
A novel framework that leverages how functions are handled by Ethereum virtual machine to automatically recover function signatures from contract bytecode.