Fan Long
Department of Computer Science
University of Toronto
Bahen Centre for Information Technology, BA3250
About
Research Focus
My research interests span programming languages, software engineering, systems security, and blockchain technology. I am actively involved in the Conflux project for building the next generation blockchain platform.
Recent News
Our paper on how to build multi-VM blockchain accepted to OOPSLA 2025.
Paper accepted to ICML 2025 on LLM Type Inference Benchmark!
Research Projects
AI for Software Engineering
Leveraging cutting-edge machine learning and large language models to enhance software development automation, reliability, and security.
Reliable Automation
Combining large language models with formal verification methods to achieve reliable and trustworthy automation in software engineering tasks.
Security in LLM Generated Code
Investigating security vulnerabilities in LLM-generated code to address emerging challenges in the era of AI-assisted software development.
Blockchain Scalability
Building next-generation blockchain systems that can process thousands of transactions per second while maintaining decentralization and security. Our work addresses the fundamental performance bottlenecks in current blockchain systems.
Conflux
A fast, scalable, and decentralized blockchain system using DAG structure and novel consensus protocol.
LVMT
LVMT's multi-layer authenticated storage system with vector commitments achieves 2.7x higher blockchain transaction throughput.
New Privacy Enabled Blockchains
We are working on new blockchain systems that integrate ZKP or MPC techniques to enhance privacy.
Smart Contract Security
Developing techniques to secure smart contracts against vulnerabilities that lead to significant financial losses. Our tools prevent exploits before deployment.
FlashSyn
FlashSyn's synthesis-via-approximation technique automatically generates flash loan attacks on DeFi protocols, succeeding on 16/18 benchmarks.
Trace2Inv
Trace2Inv mines and composes smart-contract runtime invariants from historical transaction traces to proactively block attacksโstopping up to 23/27 real-world exploits with ~0.28% false positives and minimal gas overhead.
OVer
OVer automatically detects and prevents oracle manipulation in DeFi smart contracts by analyzing skewed inputs, computing safe parameter ranges, and synthesizing guards, outperforming prior defenses while finishing in seconds on real protocols.