I’m currently a 4th-year Ph.D. student at the School of Software Engineering, Sun Yat-sen University.

I am under the supervision of Prof. Zibin Zheng (郑子彬) and Associate Prof. Jiachi Chen (陈嘉弛) at InPlusLab since Sep. 2022.

Research interests: program analsysis, AI for software security (especially for Web3 smart contracts and blockchain clients), and AI security.

I have published 8 papers at the top (CCF-A) international Software Engineering/Security conferences/journals such as ICSE, ISSTA, Usenix Security, TOSEM, TSE, TIFS.

I am the maintainer of @Defi_Nerd_sec (X/Twitter) and the developer of DarkNavySecurity/web3-skills .

🔥 News

• 2026.01:  🎉 One paper is accepted by Usenix Security 2026. Congrats to Mingyuan!
• 2025.08:  🎉 One paper is accepted by TSE.
• 2025.07: I join DarkNavy as a research intern in Shanghai, China
• 2025.03:  🎉 One paper is accepted by TSE. Congrats to Zhenzhe!
• 2024.11:  🎉 I win the National Scholarship for Doctoral Students
• 2024.11:  🎉 One paper is accepted by SANER 2025. Congrats to Lei Xiao!

👻 Confirmed Bugs/PoCs

• ImmuneFi Web3 Bug Bounty: $22,000.
• PoCs of 10 uncovered attacks are found and confirmed by DeFiHackLabs.
• 2 GPTs prompt-leak bugs are confirmed by corresponding developers, and 1 developer accepts our prompt protection suggestion.
• 2 confirmed issues in Uniswap V4 Periphery and Stop Loss Orders with Uniswap V4 Hooks Repos.

📝 Publications

2026

• Revealing the Dark Side of Smart Accounts: An Empirical Study of EIP-7702 Incurred Risks in Blockchain Ecosystem
  Mingyuan Huang, Han Liu, Shuo Yang, Daoyuan Wu, Shuai Wang.

2025

• NumScout: Unveiling Numerical Defects in Smart Contracts using LLM-Pruning Symbolic Execution
  Jiachi Chen, Zhenzhe Shao, Shuo Yang, Yiming Shen, Yanlin Wang, Ting Chen, Zhenyu Shan, Zibin Zheng.

• Who is Pulling the Strings: Unveiling Smart Contract State Manipulation Attacks through State-Aware Dataflow Analysis
  Shuo Yang, Jiachi Chen, Lei Xiao, Jinyuan Hu, Dan Lin, Jiajing Wu, Tao Zhang, Zibin Zheng [Code]

• Hyperion: Unveiling DApp Inconsistencies using LLM and Dataflow-Guided Symbolic Execution
  Shuo Yang, Xingwei Lin, Jiachi Chen, Qingyuan Zhong, Lei Xiao, Renke Huang, Yanlin Wang, Zibin Zheng [Code]

• WakeMint: Detecting Sleepminting Vulnerabilities in NFT Smart Contracts
  Lei Xiao, Shuo Yang*, Wen Chen, Zibin Zheng.

2024

• Uncover the Premeditated Attacks: Detecting Exploitable Reentrancy Vulnerabilities by Identifying Attacker Contracts
  Shuo Yang, Jiachi Chen, Mingyuan Huang, Zibin Zheng, Yuan Huang [Code]

• FunFuzz: A Function-oriented Fuzzer for Smart Contract Vulnerability Detection with High Effectiveness and Efficiency
  Mingxi Ye, Yuhong Nan, Hong-Ning Dai, Shuo Yang, Zibin Zheng, Xiapu Luo.

• Towards Understanding Asset Flows in Crypto Money Laundering Through the Lenses of Ethereum Heist
  Jiajing Wu, Dan Lin, Qishuang Fu, Shuo Yang, Ting Chen, Zibin Zheng, Bowen Song.

2023

• Definition and Detection of Defects in NFT Smart Contracts
  Shuo Yang, Jiachi Chen, Zibin Zheng [Code]

🎖 Honors and Awards

• 2024.11 National Scholarship
• 2023.10 President Scholarship for Doctoral Students
• 2023.09 1st prize of China Service Computing Innovation Contest
• 2023.04 8th Place at Numen Cyper CTF
• 2021.06 3rd Prize of Competition of Service Outsourcing and Entrepreneurship Innovation
• 2021.05 3rd Prize of Chinese Undergraduate Internet Software Design Competition
• 2020.06 3rd Prize of Competition of Service Outsourcing and Entrepreneurship Innovation
• 2019.08 2nd Prize of Chinese Undergraduate Computer Design Contest

📖 Educations

• 2022.09 - now, Phd, Sun Yat-sen University, Zhuhai.
• 2018.09 - 2022.06, Undergraduate, Zhongnan University of Economics and Law, Wuhan.
• 2015.09 - 2018.06, Hubei Wuchang Experimental High School, Wuhan.

💬 Invited Talks

• 2025.05, ICSE 2025 oral presentation, Virtual
• 2024.08, ICSE’25 accepted papers symposium held by CCF Software Engineering Committee, Virtual
• 2024.04, ICSE 2024 oral presentation, Lisbon, Portugal
• 2024.02, ICSE’24 accepted papers symposium held by CCF Software Engineering Committee, Virtual
• 2023.07, ISSTA 2023 oral presentation, Seattle, USA

💻 Internships

• 2025.07 - now, DarkNavy, Shanghai, China.
• 2024.09 - 2024.12, GoPlus, Remote.
• 2023.08 - 2024.01, LightYear Security Lab, AntGroup, Hangzhou, China.
• 2021.10 - 2022.01, R&D of blockchain underlying platform, Webank, Shenzhen, China.
• 2021.07 - 2021.08, YGSoft, Wuhan, China.

✈️ Travels

- North America: 🇺🇸 - Europe: 🇫🇷 🇵🇹 🇲🇨 🇨🇭 - Asia: 🇯🇵 🇰🇷 🇸🇬 🇹🇭

🔧 Skills

• English: IELTS 7.0, GRE 321+4.0, CET6 566, CET4 626
• Programming Language: Python, Java, Solidity, Rust, C/C++, JavaScript, TypeScript