Move smart contracts feature strong typing and resource safety, yet their type system cannot prevent all vulnerabilities, and existing fuzzing tools struggle to generate syntactically and semantically valid transactions. To address this, we propose the first type-aware fuzzing framework for Move. Our approach models Move’s type system via a type graph to guide test-case generation, integrates graph-traversal-driven transaction sequence mutation, and employs a collaborative symbolic execution engine to bypass complex validation logic—enabling automatic discovery and reproduction of exploit chains. Crucially, the framework enforces strict type consistency throughout testing, ensuring transaction validity and deep path coverage. Evaluated on 109 real-world Move projects, it achieves 100% detection of critical vulnerabilities and 79% of major vulnerabilities, successfully reproducing high-impact attacks—including those against Cetus and Nemo.

Move is a research-oriented programming language design for secure and verifiable smart contract development and has been widely used in managing billions of digital assets in blockchains, such as Sui and Aptos. Move features a strong static type system and explicit resource semantics to enforce safety properties such as the prevention of data races, invalid asset transfers, and entry vulnerabilities. However, smart contracts written in Move may still contain certain vulnerabilities that are beyond the reach of its type system. It is thus essential to validate Move smart contracts. Unfortunately, due to its strong type system, existing smart contract fuzzers are ineffective in producing syntactically or semantically valid transactions to test Move smart contracts. This paper introduces the first fuzzing framework, Belobog, for Move smart contracts. Belobog is type-aware and ensures that all generated and mutated transactions are well-typed. More specifically, for a target Move smart contract, Belobog first constructs a type graph based on Move's type system, and then generates or mutates a transaction based on the graph trace derived from the type graph. In order to overcome the complex checks in Move smart contracts, we further design and implement a concolic executor in Belobog. We evaluated Belobog on 109 real-world Move smart contract projects. The experimental results show that Belobog is able to detect 100% critical and 79% major vulnerabilities manually audited by human experts. We further selected two recent notorious incidents in Move smart contracts, i.e., Cetus and Nemo. Belobog successfully reproduced full exploits for both of them, without any prior knowledge.