Thrilled to share that our paper has been accepted to the 41st IEEE/ACM International Conference on Automated Software Engineering (ASE 2026)! This year, ASE received 1304 submissions, with 115 papers directly accepted.
As the TON blockchain continues to grow, analyzing TVM bytecode remains challenging due to its unique continuation mechanism and savelist-based register preservation, which allows data to flow across continuation boundaries without traversing the operand stack. Existing bytecode analyses therefore miss important cross-continuation data flows.
In this work, we present TasmScan [1], the first bytecode-level static analysis framework for TVM that performs continuation-aware taint analysis directly on bytecode without requiring source code. TasmScan models savelist semantics through a sound register analysis, lifts TVM bytecode into a typed intermediate representation (TASIR), and performs path-sensitive taint analysis with context-aware sources to detect security defects.
Our evaluation on 2,921 real-world TON smart contracts and a 208-contract benchmark with human-confirmed ground truth demonstrates that TasmScan:
- Resolves 294,546 dynamic continuation targets with 100% precision.
- Achieves 95.3% recall and 96.8% precision across five defect classes on the benchmark.
- Estimates 85.8% precision on a stratified sample from the full corpus.
- Delivers a 17× median speedup over the state-of-the-art symbolic-execution baseline while completing 100% of analyses with zero crashes or timeouts.
Congratulations to Yixuan and Yin on this exciting achievement! Looking forward to presenting our work at ASE 2026.
References
- Liu, Y., Wu, Y., & Li, Y. (2026, October). TasmScan: Continuation-Aware Taint Analysis for TVM Bytecode with Savelist Abstraction. Proceedings of the 41st IEEE/ACM International Conference on Automated Software Engineering (ASE).