Stefanos Chaliasos

PhD student, Imperial College London, London, UK
Security Researcher, zkSecurity

Stefanos Chaliasos is a PhD candidate at Imperial College London advised by Dr Ben Livshits and Professor Alastair F. Donaldson. He holds an MSc in Computer Science from the National and Kapodistrian University of Athens and a BSc in Management Science and Technology from the Athens University of Economics and Business. Stefanos is also a Security Researcher at zkSecurity focusing on securing protocols developing and using ZKPs.

He has previously worked as an R&D Engineer in Veridise Inc. and as a Research Scientist in MatterLabs developing automated techniques for testing Zero Knowledge Proof (ZKP) circuits and analyzing protocols using ZKPs. Furthermore, he worked in the industry as a software engineer at Greek Research and Technology Network (GRNET) and as a researcher in the FASTEN project.

His main research interests involve Blockchain Security, Software Testing, ZKPs, Program Analysis, and Programming Languages.

News

Jul 5, 2024 I will present our paper “SoK: What don’t we know? Understanding Security Vulnerabilities in SNARKs” in SBC conference.
Jul 3, 2024 Our paper “Analyzing and Benchmarking ZK-Rollups” has been accepted at AFT’24.
Jul 2, 2024 Our paper “zk-Bench: A Toolset for Comparative Evaluation and Performance Benchmarking of SNARKs” has been accepted at SCN’24.
Jun 6, 2024 Our paper “SoK: What don’t we know? Understanding Security Vulnerabilities in SNARKs” has been accepted at USENIX Security’24.

Selected Publications

  1. USENIX SEC’24
    SoK: What don’t we know? Understanding Security Vulnerabilities in SNARKs
    Stefanos Chaliasos, Jens Ernstberger, David Theodore, David Wong, Mohammad Jahanara, and Benjamin Livshits
    2024
  2. AFT’24
    Analyzing and Benchmarking ZK-Rollups
    Stefanos Chaliasos, Itamar Reif, Adria Torralba-Agel, Jens Ernstberger, Assimakis Kattis, and Benjamin Livshits
    2024
  3. ICSE’24
    Smart Contract and DeFi Security: Insights from Tool Evaluations and Practitioner Surveys
    Stefanos Chaliasos, Marcos Antonios Charalambous, Liyi Zhou, Rafaila Galanopoulou, Arthur Gervais, Dimitris Mitropoulos, and Ben Livshits
    2024
  4. USENIX SEC’23
    The blockchain imitation game
    Kaihua Qin, Stefanos Chaliasos, Liyi Zhou, Benjamin Livshits, Dawn Song, and Arthur Gervais
    2023
  5. SP’23
    SoK: Decentralized Finance (DeFi) Attacks
    Liyi Zhou, Xihan Xiong, Jens Ernstberger, Stefanos Chaliasos, Zhipeng Wang, Ye Wang, Kaihua Qin, Roger Wattenhofer, Dawn Song, and Arthur Gervais
    2023
  6. PLDI’22
    Finding Typing Compiler Bugs
    Stefanos Chaliasos*, Thodoris Sotiropoulos*, Diomidis Spinellis, Arthur Gervais, Ben Livshits, and Dimitris Mitropoulos
    In Proceedings of the 43nd ACM SIGPLAN International Conference on Programming Language Design and Implementation 2022
    * Both authors contributed equal
    Distinguished Paper Award and Best Artifact Award 🏆🏆

Activities

PC Member

  • 2024: FC, ISSTA/ECOOP (Tool Demos), ACM DeFi
  • 2023: ACM DeFi, POPL (Artifact Evaluation Committee), USENIX Security (Artifact Evaluation Committee), ECOOP (Extended Review Committee & AEC), PLDI (Artifact Evaluation Committee).
  • 2022: PLDI (Artifact Evaluation Committee), OSDI (Artifact Evaluation Committee), ATC (Artifact Evaluation Committee)
  • 2021: OOPSLA (Artifact Evaluation Committee)

External Reviewer/Subreviewer

  • EUROSEC, MSR, ESEC/FSE (Industry Track), S&P, USENIX Security, FC, CCS, NDSS

Awards and Honours

  • Doctoral Scholarship Award, Imperial College London

  • ICSE 21 Best Artifact Award for “Replication Package for Article: Data-Oriented Differential Testing of Object-Relational Mapping Systems”

  • PLDI’22 Distinguished Paper Award for “Finding Typing Compiler Bugs”

  • PLDI’22 Best Artifact Award for “Finding Typing Compiler Bugs”

Talks

  • ESORICS (2019): Mime Artist: Bypassing Whitelisting for the Web with JavaScript Mimicry Attacks

  • OOPSLA (2021): Well-Typed Programs Can Go Wrong: A Study of Typing-Related Bugs in JVM Compilers

  • Thesis Presentation @UOA (2021): A Study of Typing-Related Bugs in JVM Compilers

  • PLDI/SIGPLAN Track (2022): Well-Typed Programs Can Go Wrong: A Study of Typing-Related Bugs in JVM Compilers

  • Seminar Presentation @AUEB’s BALAB (2022): Decentralized Finance and Empirical Studies in Solidity Smart Contracts

  • Dagstuhl Seminar on DeFi Security (2022): Finding Bugs in zkEVMs

  • Crypto Economics Security Conference (2022): A Study of Inline Assembly in Solidity Smart Contracts

  • OOPSLA (2022): A Study of Inline Assembly in Solidity Smart Contracts

  • TAROT (2023): Fuzzing Zero Knowledge Proof Circuits

  • SBC (2023): Smart Contract and DeFi Security Tools: Do They Meet the Needs of Practitioners?

  • zkSummit 10 (2023): ZK Vulnerabilities and Attacks

  • Seminar Presentation @ETH’s AST Lab (2023): ZK Security and Formal Methods

  • Seminar Presentation @UCL’s CREST lab (2023): Smart Contract and DeFi Security Tools: Do They Meet the Needs of Practitioners?

  • ZKProof 6 (2024): SoK: What don’t we know? Understanding Security Vulnerabilities in SNARKs

  • Seminar Presentation @OpenZeppelin (2024): SoK: What don’t we know? Understanding Security Vulnerabilities in SNARKs

  • Monerokon (2024): SoK: What don’t we know? Understanding Security Vulnerabilities in SNARKs