Web3學者峰會2026/ Web3 Scholars Conference 2026
本页面报名者仅可参加本场活动,即Web3學者峰會2026
4月23日9點起可以簽到入場。
Tickets you register on this page only give you access to Web3 Scholars Conference 2026 .
You can check in with your e-ticket and a valid photo ID after 9:00, Apr.23.
本活動簽到時,請出示電子票二維碼及帶有本人照片的有效身份證件。
The QR code of your ticket and a valid photo ID are required at the check-in counters.
活動簡介/Event Introduction
Event introduction (No words limit)
The Web3 Scholars Conference (WSC) is a research‑driven forum that prioritizes technical depth and innovative Web3 research. In line with the broader Web3 Scholars vision, WSC focuses on technical and organizational innovations across the blockchain ecosystem and invites leading researchers to curate and select the most technically rigorous talks.
WSC aims to drive innovation within the Web3 community and enhance collaboration among scholars, researchers, and practitioners. Through carefully curated talks, rich networking, and interactive breakout sessions, the conference seeks to foster a vibrant, inclusive research community and to anchor a world‑class hub for Web3 scholarship in Asia, catalyzing breakthroughs that shape the next generation of decentralized protocols, applications, and digital public goods from Asia to the world.
Web3學者峰會(WSC)是一個以研究為導向的論壇,優先考慮具有技術深度和創新性的Web3研究。秉承Web3學者的願景,WSC聚焦區塊鏈生態系統內的技術和組織創新,並邀請頂尖研究人員策劃和甄選最具技術嚴謹性的演講。
WSC旨在推動Web3社區的創新,並加強學者、研究人員和建設者之間的合作。通過精心策劃的演講、豐富的交流機會和互動式分組討論,大會力求培育一個充滿活力、包容性強的研究社區,並在亞洲打造世界一流的Web3學術中心,從而推動突破性進展,塑造從亞洲到全球的下一代去中心化協定、應用和數位公共產品。
Date 时间:
2026.4.23 11:30-17:30
Location 地点:
Stage2, Hall5BCDE, Hong Kong Convention and Exhibition Center
香港会议展览中心 5BCDE 会场二
Agenda 议程:
12:00 – 12:15 Welcome to WSC 2026
12:15 - 12:45 Keynote
12:45 - 13:05 B-Privacy: Defining and Enforcing Privacy in Weighted Voting
Patrick McCorry, Researcher, Arbitrum Foundation
13:05 - 13:25 Updates to the Rollup Centric Roadmap
Josh Rudolf, Head of Platform, Ethereum Foundation
13:25 - 13:40 Folding Schemes and Their Applications in Blockchains
Chengru Zhang, University of Hong Kong, Researcher at the Ethereum Foundation
Session 1: Smart Contract Attacks, MEV, and Infrastructure (Session Chair: Yuzhe Tang, Associate Professor @ Syracuse University)
14:00 - 14:15 Beyond Guesswork: LLM Driven Semantic Distillation to Fuzz and Exploit Smart Contracts
Ziqiao Kong (Nanyang Technological University); Wanxu Xia (Beihang University); Borui Li (Jilin University); Yi Lu (Movebit); Pan Li (Bitslab); Yang Liu (Nanyang Technological University)
Abstract:
Smart contracts manage billions of dollars in on-chain liquidity, and any vulnerability could result in catastrophic losses of funds. While fuzzing remains one of the most effective ways to reveal vulnerabilities, it fails to detect nearly 80% of real-world smart contract bugs, according to a recent study, due to limited oracles and semantic understanding. Given the complex and distinct business models of the smart contracts, manually building oracles is also not feasible in practice.
To bridge this gap, we introduce a new fuzzing workflow to automatically distill DeFi semantics and vulnerability patterns to exploit smart contracts. First, our workflow builds a foundational knowledge base by extracting generalized DeFi semantics and vulnerability patterns from historical data, including codebases, documentation, unit tests, and audit reports. Second, when analyzing a new target, the engine categorizes the project type to retrieve the relevant semantic models and deeply analyzes the target's source code to yield an attacking scenario and a concrete, highly targeted fuzzing oracle with pre-conditions and post-conditions. Finally, these synthesized oracles are plugged directly into a fuzzer to rigorously test the contract, automatically detecting broken invariants and synthesizing exploits. Our workflow will collect line and semantic coverage and repeat the steps with different learned semantics to maximize the coverage.
We have implemented a prototype to automatically extract DeFi semantics for fuzzing oracles on both Solidity and Move projects. The preliminary evaluation results are promising: we can both reproduce full exploits of vulnerabilities denoted as "Machine Unauditable Bugs" and identify new bugs in projects still under auditing.
14:15 - 14:30 TxRay: Agentic Postmortem of Live Blockchain Attacks
Ziyue Wang (independent); Jiangshan Yu (The University of Sydney); Kaihua Qin (University of Warwick); Dawn Song (UC Berkeley); Arthur Gervais (University College London); Liyi Zhou (University of Sydney)
Abstract:
Decentralized Finance (DeFi) has turned blockchains into financial infrastructure, allowing anyone to trade, lend, and build protocols without intermediaries. DeFi’s openness exposes pools of value controlled by code, and within five years the DeFi ecosystem has lost over 15.6B USD to reported exploits. Many of these exploits arise from permissionless opportunities that any participant can trigger using only public state and standard interfaces; we refer to these as Anyone-Can-Take (ACT) opportunities. Despite full on-chain visibility, postmortems remain manual and slow, hindering incident response and systematic measurement.
We present TXRAY, a Large Language Model (LLM)-based postmortem system that turns a single ACT transaction into a validated, executable case: it reconstructs the full lifecycle, recovers an evidence-backed root cause, and synthesizes a runnable Proof of Concept (PoC) that deterministically reproduces the incident. TXRAY derives incident-specific semantic oracles from the recovered mechanism and accepts a postmortem only when the PoC satisfies them. To evaluate PoC correctness and quality, we develop PoCEvaluator, an independent agentic execution-and-review evaluator. On 114 incidents from DeFiHackLabs, TxRay produces an expert-aligned root-cause report and an executable PoC for 105 incidents, achieving 92.11% end-to-end reproduction. Under PoCEvaluator, 98.1% of TxRay PoCs avoid hard-coding attacker addresses, a +22.9pp lift over DeFiHack-Labs, decoupling reproduction from attacker-controlled on-chain state (e.g., contracts deployed by the attacker, prerequisite approvals, or required funds) and yielding self-contained, root-cause-consistent reconstructions. In a live deployment, TxRay delivers validated root causes in 40 minutes and PoC s in 59 minutes at median latency. TxRay’s oracle-validated PoCs enable attack imitation, improving coverage by 15.6% and 65.5% over STING and APE.
14:30 - 14:45 More to Extract: Discovering MEV by Token Contract Analysis
Jiaqi Chen, Yuzhe Tang (Syracuse University); Yue Duan (Singapore Management University)
Abstract:
This paper tackles the discovery of tMEV, that is, the Maximal Extractable Value on blockchains that arises from Token smart contracts. This scope differs from the existing MEV-discovery research, which analyzes application-layer contracts or attacker contracts, but ignores the wide and diverse range of token contracts.
This paper presents a pipeline of techniques for tMEV discovery, including tSCAN, a static analysis tool for identifying non-standard supply-control functions in token contracts, and tSEARCH, a searcher that uncovers profitable tMEV opportunities by generating, refining, and solving token-specific constraints.
By replaying real-world transactions, this paper demonstrates both the profitability of tMEV strategies and existing searchers' unawareness of them: the proposed tSEARCH extracts 10× more profit than observed MEV activity on Ethereum. The practicality of tMEV searching is demonstrated through a prototype built on Slither, showing high effectiveness with low performance overhead.
14:45 - 15:00 Understanding and Mitigating Denial-of-Service Risk on Block Builders
Yuzhe Tang, Wanning Ding (Syracuse University); Yibo Wang (University of Wyoming); Jiaqi Chen (Syracuse University); Taesoo Kim (Georgia Institute of Technology and Microsoft)
Abstract:
In Ethereum, block-building is critical to network health: Its disruption can undermine validator incentives and delay transaction finality for users. This paper addresses an open research problem: the design of asymmetric denial-of-service attacks targeting multi-round transaction execution, an emerging paradigm used by prominent builders in Ethereum's PBS bundle processing and layer-two sequencers.
We develop low-cost, risk-free, and stealthy attacks that exploit inter-transaction dependency in contract execution and atomicity semantics in bundle processing. Our systematic attack designs have been implemented on Flashbots' bundle clients and two layer-two clients, zkSync and Scroll. Experimental results on the client software show a high success rate for these attacks, which significantly reduce validator fees and slow block production. We also propose mitigation strategies to defend against the discovered vulnerabilities.
15:00 - 15:15 Break
Session 2: Blockchain Systems and Cryptography (Session Chair: Pascal Berrang, Associate Professor @ University of Birmingham, Zeroth Research)
15:15 - 15:30 (INVITED TALK): ZK Model Checking: Trustless Verification for the Legacy Software Stack
Pascal Berrang (University of Birmingham, Zeroth Research)
Abstract:
Zero-knowledge proofs have transformed trust in web3 — enabling private, verifiable computation over financial state, TLS sessions, and on-chain logic — yet the vast majority of real-world software remains outside this trust model entirely. We introduce ZK model checking: a framework for proving that arbitrary programs satisfy formal properties without revealing the program itself, combining classical model checking with modern ZK proof systems to generate succinct, publicly verifiable safety certificates for legacy code. Applications range from AI safety attestations and privacy-preserving regulatory compliance to verifiable off-chain computation and auditable oracles — bringing legacy software into the web3 trust perimeter, much like zkTLS did for the web.
15:30 - 15:45 SoK: Understanding zk SNARKs: The Gap Between Research and Practice
Junkai Liang (Peking University); Daqi Hu (Peking University); Pengfei Wu (Singapore Management University,); Yunbo Yang (East China Normal University); Qingni Shen (Peking University); Zhonghai Wu (Peking University)
Abstract:
Zero-knowledge succinct non-interactive argument of knowledge (zk-SNARK) serves as a powerful technique for proving the correctness of computations and has attracted significant interest from researchers. Numerous concrete schemes and implementations have been proposed in academia and industry. Unfortunately, the inherent complexity of zk-SNARK has created gaps between researchers, developers and users, as they focus differently on this technique. For example, researchers are dedicated to constructing new efficient proving systems with stronger security and new properties. At the same time, developers and users care more about the implementation’s toolchains, usability and compatibility. This gap has hindered the development of zk-SNARK field.
In this work, we provide a comprehensive study of zk-SNARK, from theory to practice, pinpointing gaps and limitations. We first present a master recipe that unifies the main steps in converting a program into a zk-SNARK. We then classify existing zk-SNARKs according to their key techniques. Our classification addresses the main difference in practically valuable properties between existing zk-SNARK schemes. We survey over 40 zk-SNARKs since 2013 and provide a reference table listing their categories and properties. Following the steps in master recipe, we then survey 11 general-purpose popular used libraries. We elaborate on these libraries’ usability, compatibility, efficiency and limitations. Since installing and executing these zk-SNARK systems is challenging, we also provide a completely virtual environment in which to run the compiler for each of them. We identify that the proving system is the primary focus in cryptography academia. In contrast, the constraint system presents a bottleneck in industry. To bridge this gap, we offer recommendations and advocate for the open-source community to enhance documentation, standardization and compatibility.
15:45 - 16:00 PRIME: Efficient Algorithm for Token Graph Routing Problem
Haotian Xu (The Hong Kong University of Science and Technology (Guangzhou)); Yuqing Zhu (Nanyang Technological University); Yuming Huang (National University of Singapore); Jing Tang (The Hong Kong University of Science and Technology)
Abstract:
Optimizing asset exchanges in decentralized finance (DeFi) presents a challenging graph query problem known as the Token Graph Routing Problem (TGRP). In this model, assets represent vertices and exchanges form edges, recasting the graph query task as a routing problem over a large-scale, dynamic graph. However, the existing solutions fail to solve the problem efficiently due to the non-linear nature of the edge weights defined by a concave swap function. To address the challenge, we propose PRIME, a two-stage iterative graph algorithm designed for the problem. The first stage employs a pruned graph search to efficiently identify a set of high-potential routing paths. The second stage formulates the allocation task as a strongly convex optimization problem, which we solve using our novel Adaptive Sign Gradient Method (ASGM) with a linear convergence rate. Extensive experiments on real-world Ethereum data confirm PRIME’s advantages over industry baselines. PRIME consistently outperforms the widely-used routing algorithm, achieving up to 8.42 basis points (bps) better execution prices on large trades while reducing computation time up to 96.7%. The practicality of PRIME is further validated by its deployment in hedge fund production environments, demonstrating its viability as a scalable graph query processing solution for high-frequency decentralized markets.
Session 3: Governance, Economics and Regulation (Session Chair: Sherman S. M. Chow, Associate Professor @ The Chinese University of Hong Kong)
16:00 - 16:15 My Biases against Ethereum's P2P Network, Ledger Model, and PBS Architecture
Ren Zhang (Cryptape Co. Ltd. and Nervos)
Abstract:
A combined presentation of three research papers examining Ethereum across network, ledger, and block building layers:
A Place for Everyone vs Everyone in its Place: Measuring and Attacking the Ethereum Global Network
Chenyu Li (Institute of Information Engineering, Chinese Academy of Sciences); Ren Zhang (Cryptape and Nervos); Xiaorui Gong (Institute of Information Engineering, Chinese Academy of Sciences)
Beneath the Surface: A Dive into UTxO and Account Models
Ren Zhang (Cryptape and Nervos); Zhichun Lu (University of Sydney); Yunwen Liu (KU Leuven); Jiangshan Yu (University of Sydney)
Order Flow Exclusivity and Value Extraction Mechanism: An Analysis of Ethereum Builder Centralization
Ao Zhang (Tsinghua University); Yunwen Liu (KU Leuven); Ren Zhang (Cryptape and Nervos); Yingdi Shan (Tsinghua University); Yongwei Wu (Tsinghua University)
16:15 - 16:30 Evasion Under Blockchain Sanctions
Endong Liu (University of Birmingham); Mark Ryan (University of Birmingham); Liyi Zhou (University of Sydney); Pascal Berrang (University of Birmingham)
Abstract:
Sanctioning blockchain addresses has become a common regulatory response to malicious activities. However, enforcement on permissionless blockchains remains challenging due to complex transaction flows and sophisticated fund-obfuscation techniques. Using cryptocurrency mixing tool Tornado Cash as a case study, we quantitatively assess the effectiveness of U.S. Office of Foreign Assets Control (OFAC) sanctions over a 957-day period, covering 6.79 million Ethereum blocks and 1.07 billion transactions. Our analysis reveals that while OFAC sanctions reduced overall Tornado Cash deposit volume by 71.03% to approximately 2 billion USD, attackers still relied on Tornado Cash in 78.33% of Ethereum-related security incidents, underscoring persistent evasion strategies.
In this paper, we identify three significant, structural limitations in current sanction enforcement practices: (i) fragmented censorship in blockchain consensus and application layer; (ii) the complexity of obfuscation virtual asset services exploited by users; and (iii)~the susceptibility of na{"i}ve binary sanction classifications to dusting attacks. Our analysis and findings contribute to ongoing discussions around regulatory effectiveness in Decentralized Finance by providing empirical evidence, clarifying enforcement challenges, and informing future compliance strategies in response to sanctions and blockchain-based security risks.
16:30 - 16:45 群龍無首天下治:「無大台」協議的誘因機制 / Law and Order without a Sheriff
Shuyang Tang (Shanghai Jiao Tong University); Sherman S. M. Chow (The Chinese University of Hong Kong)
Abstract:
Decentralization is one of Web3's core promises, but decentralization alone does not guarantee good outcomes. In practice, systems with unconstrained local behavior often drift toward fragility, concentration, or economic mismatch.
This talk argues for a different design principle: bring order without recentralization. In other words, it presents a coordination design lens for Web3 systems.
We illustrate this through two case studies at different layers of the stack. At the monetary layer, we present a decentralized liquidity-control approach that adapts mint/burn decisions to market conditions using transaction-fee signals and truthful auctions. At the payment-network layer, we present a structured payment channel network design that uses strategic mesh connections and expander-inspired constraints to reduce hub concentration while preserving user autonomy.
Although these problems are usually discussed separately, they share the same underlying issue: good global behavior does not emerge automatically from local freedom. Across both cases, the key lesson is that protocols should encode incentives and structure so that the desired system behavior becomes locally rational.
The talk highlights concrete mechanisms, practical tradeoffs, and a broader direction for Web3 research: decentralized systems should remain open while becoming more stable, maintainable, and coordinated. It also sketches a next step toward a decentralized coordination layer for L2 applications and autonomous agents.
Call for papers
Key Dates
Talk submission deadline: Feb 20 (AoE)
Final acceptance notification: Mar 6 (AoE)
Conference date: Apr 23
Submission Server
https://wsc26.hotcrp.com/u/0/
Submission Instructions
Each talk submission should include:
An abstract (up to 250 words) summarizing the work.
A description of the key technical contribution (up to 250 words).
An explanation of why this will make an interesting talk for WSC (up to 250 words), including its relevance and potential impact.
A paper in PDF form (preprint, working draft, or published version).
(Optional) Information on previous acceptance at a conference or workshop.
(Optional) Links to previous talks on this work (e.g., videos or slides).
(Optional) Any previous reviews received (e.g., from conferences or journals).
Submission Policy
Submissions must present original work and accurately acknowledge all prior and related research; work previously accepted or published elsewhere is welcome, as WSC does not have formal proceedings.
We do not accept talks whose primary focus is token price prediction, trading signals, or investment advice, in order to maintain a research‑oriented, non‑financial‑advice program.
At least one author of each accepted submission is expected to attend the conference in person and present the talk on site.
Review and Conflict of Interest Policy
Authors must report in the submission site any conflicts with program committee (PC) members. A conflict exists if an author has the same affiliation as a PC member, has ever acted as their PhD supervisor or been supervised by them, has a close personal relationship with them, or has been co‑authors on a paper within the past two years. PC members will not review, read the reviews of, or participate in discussions of submissions they are conflicted with; submissions conflicted with both PC chairs will be handled by a designated “conflict chair.” Reviewers will primarily evaluate whether the submission will make an interesting and technically strong talk for WSC. They are expected only to briefly check that the paper is consistent with the stated key technical contribution and are not required to read the paper in full. Submissions may be anonymous at the authors’ discretion; if authors choose anonymity, the PDF should omit names and affiliations, but all conflicts must still be fully and accurately reported in the submission site.
Topics of Interest
We welcome technically deep Web3 research and systems work, including but not limited to:
Core protocols and infrastructure (consensus, networking, scalability, data availability).
Cryptography, security, and privacy (e.g., ZK, MPC, smart contract and protocol security).
Blockchain systems and scaling (L1/L2, rollups, interoperability, storage and state management).
Mechanism design and on‑chain markets (protocol economics, MEV, agentic payments, stablecoins, DeFi primitives; excluding token price prediction and trading‑signal work).
Identity, governance, applications, and public goods (DAOs, wallets, developer tooling, public goods funding, and real‑world impact).
AI and blockchain (AI‑native protocols, on‑chain agents, AI‑driven tools for security, analysis, and user experience).
Security, abuse, and forensics in Web3 ecosystems (fraud detection, phishing and scams, transaction graph analysis, monitoring, and incident response).
Empirical, usability, and policy studies of Web3 systems (measurements, user behavior, legal and regulatory aspects, CBDC and digital payments).
Organizing Committee
Audrey Tang, DRK Lab
Jiangshan Yu, The University of Sydney
Liyi Zhou, The University of Sydney
Shyam Sridhar, Ethereum Foundation
Program Chairs
Jiangshan Yu, The University of Sydney
Liyi Zhou, The University of Sydney
Program Committee
Andrew Lewis Pye, The London School of Economics and Political Science
Arthur Gervais, University College London
Daniel Xiapu Luo, The Hong Kong Polytechnic University
Deepak Maram, Mysten Labs
Fan Zhang, Yale University
Jeremy Clark, Concordia University
Jiaheng Zhang, National University of Singapore
Kaihua Qin, University of Warwick
Patrick McCorry, Arbitrum Foundation
Will Scott, Protocol Labs
Yajin Zhou, The Chinese University of Hong Kong and BlockSec
Yu Yu, Shanghai Jiao Tong University