Call for Papers: Workshop Encouraging Building Better Blockchain Security (WEB3SEC 2025)

Overview: The fourth annual WEB3SEC workshop will be held on Monday, December 8, 2025, in conjunction with the Annual Computer Security Applications Conference (ACSAC) in Waikiki, Hawaii. This event provides a dedicated platform for blockchain and security experts to share insights and innovations in enhancing blockchain systems' security.

Workshop Website: For further details about WEB3SEC, please visit the workshop website at https://www.acsac.org/2025/workshops/WEB3SEC/ or https://web3sec.ws.

For other questions, please contact the Program Chair at dragan.boscovic@asu.edu.

Call for Papers Description: WEB3SEC invites researchers, practitioners, and industry experts to submit papers on advancements in blockchain security. The workshop seeks contributions that propose novel security techniques and approaches, serving as foundational elements for improved distributed ledgers.

Topics of Interest

1. Foundational Security & Cryptography

• Cryptography for Distributed Systems (ZKPs, Homomorphic Encryption, Digital Signatures)
• Secure Multi-Party Computation (MPC) in Web3
• Post-Quantum Cryptography & Quantum-Resistant Blockchains
• Random Number Generation (RNG) Vulnerabilities in Web3

2. Consensus & Network Security

• Attacks on Distributed Consensus Protocols (PoW, PoS, BFT, etc.)
• Long-Range Attacks, Nothing-at-Stake, and other PoS Risks
• Blockchain Data Availability & Integrity Challenges
• Eclipse Attacks, Sybil Resistance, and P2P Network Security

3. Smart Contract & DeFi Security

• Smart Contract Exploitation (Reentrancy, Oracle Manipulation, Frontrunning)
• DeFi Security: Flash Loans, MEV, and Protocol Design Flaws
• Formal Verification & Auditing Best Practices
• Smart Contract Upgradeability Risks

4. Identity, Privacy & Access Control

• Decentralized Identity (DID) & Self-Sovereign Identity (SSI) Risks
• Privacy-Preserving Techniques (ZK-SNARKs, Ring Signatures, Mixers)
• Account Management & Key Security (Social Recovery, MPC Wallets)
• Phishing, Scams, and User Education in Web3

5. Scalability & Layer-2 Security

• Layer-2 Security (Rollups, Sidechains, State Channels)
• Cross-Chain & Bridging Protocol Vulnerabilities
• Blockchain Scalability vs. Security Trade-offs
• Data Availability Problems (Fraud Proofs, Validity Proofs)

6. Oracles & External Data Risks

• Oracle Manipulation & Decentralized Oracle Security
• Trusted Execution Environments (TEEs) for Secure Data Feeds
• Verifiable Delay Functions (VDFs) for Fair Ordering

7. Governance & Economic Security

• Decentralized Governance Attacks (Vote Buying, Proposal Spam)
• Tokenomics & Cryptoeconomic Security (Ponzi Schemes, Rug Pulls)
• DAO Exploits & Treasury Management Risks
• Reputation Systems & Sybil-Resistant Trust Models

8. Anomaly Detection & AI in Web3 Security

• Machine Learning for Detecting Blockchain Anomalies
• On-Chain Forensics & Threat Intelligence
• AI-Assisted Smart Contract Auditing

9. Supply Chain & Real-World Web3 Security

• Securing Web3 Supply Chains (NFT Provenance, IoT + Blockchain)
• Smart Contract Dependency Risks (Library Exploits)

10. Compliance, Usability & Human Factors

• Regulatory Challenges for Web3 Security (AML, KYC, Privacy Laws)
• Usability vs. Security Trade-offs in Wallet Design
• Social Engineering & Behavioral Security in Web3

Submission Instructions 

• Page Limit: Submissions should consist of a PDF with no more than 6 double-column pages, excluding references and appendices. The total length must not exceed 10 pages.
• Paper Format: Use the IEEE template for your ACSAC paper, available here. For Latex, use \documentclass[conference,compsoc]{IEEEtran}.
• Anonymity: Submissions must be anonymized. Author names and affiliations should not be included. Authors can cite their work but must do so in the third person.
• Submission Website: https://easychair.org/my/conference?conf=web3sec2025

Review Process The review process is double-blind. Submissions must not include author names or affiliations, and efforts should be made to obscure identities.

Conflict of Interest Authors and PC members must disclose any conflicts of interest, including advisory or institutional relationships or collaborations within the past two years.

Publication Accepted papers will be published by IEEE Computer Society Conference Publishing Services (CPS) and will appear in the Computer Society Digital Library and IEEE Xplore® in an ACSAC Workshops 2025 volume alongside the main ACSAC 2025 proceedings. We are currently transitioning to technical sponsorship by IEEE Computer Society's Technical Community on Security and Privacy (TCSP) and expect approval before the proceedings are compiled.

Important Dates

• Submission Deadline: Oct 6, 2025
• Notification Deadline: Nov 10, 2025
• Camera-Ready Deadline: Nov 17, 2025
• Workshop Date: December 8, 2025

Registration Please register via the ACSAC 2025 Registration Page, and add the WEB3SEC workshop fee. Visa invitation letters are available for registered attendees upon request.

Attendance At least one author of each accepted paper must attend the workshop.

Organizing Committee

• General Chair: Hans Behrens, Plasma
• Program Chair:  Dragan Boscovic, Arizona State University
• PC Members: 
  • Khaled Salah, Kajifa University, UAE
  • Raja Jayaraman, New Mexico State University
  • Petar Jevtic, Arizona State University
  • James Aman, Constellation Network
  • TBD

Join us for a stimulating exchange of ideas at WEB3SEC 2025 in the beautiful setting of Hawaii!