Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
129 tokens/sec
GPT-4o
28 tokens/sec
Gemini 2.5 Pro Pro
42 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Large Language Model-Powered Smart Contract Vulnerability Detection: New Perspectives (2310.01152v2)

Published 2 Oct 2023 in cs.CR and cs.AI

Abstract: This paper provides a systematic analysis of the opportunities, challenges, and potential solutions of harnessing LLMs such as GPT-4 to dig out vulnerabilities within smart contracts based on our ongoing research. For the task of smart contract vulnerability detection, achieving practical usability hinges on identifying as many true vulnerabilities as possible while minimizing the number of false positives. Nonetheless, our empirical study reveals contradictory yet interesting findings: generating more answers with higher randomness largely boosts the likelihood of producing a correct answer but inevitably leads to a higher number of false positives. To mitigate this tension, we propose an adversarial framework dubbed GPTLens that breaks the conventional one-stage detection into two synergistic stages $-$ generation and discrimination, for progressive detection and refinement, wherein the LLM plays dual roles, i.e., auditor and critic, respectively. The goal of auditor is to yield a broad spectrum of vulnerabilities with the hope of encompassing the correct answer, whereas the goal of critic that evaluates the validity of identified vulnerabilities is to minimize the number of false positives. Experimental results and illustrative examples demonstrate that auditor and critic work together harmoniously to yield pronounced improvements over the conventional one-stage detection. GPTLens is intuitive, strategic, and entirely LLM-driven without relying on specialist expertise in smart contracts, showcasing its methodical generality and potential to detect a broad spectrum of vulnerabilities. Our code is available at: https://github.com/git-disl/GPTLens.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (59)
  1. AlgoWriting. A simple guide to setting the gpt-3 temperature, 2020. https://algowriting.medium.com/gpt-3-temperature-setting-101-41200ff0d0be.
  2. Anthropic. Introducing claude. Anthropic Blog, 2022. https://www.anthropic.com/index/introducing-claude.
  3. Ethainter: a smart contract security analyzer for composite vulnerabilities. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation, pages 454–469, 2020.
  4. Vandal: A scalable security analysis framework for smart contracts. arXiv preprint arXiv:1809.03981, 2018.
  5. Language models are few-shot learners. Advances in neural information processing systems, 33:1877–1901, 2020.
  6. Gift: Graph-guided feature transfer for cold-start video click-through rate prediction. In Proceedings of the 31st ACM International Conference on Information & Knowledge Management, pages 2964–2973, 2022.
  7. When chatgpt meets smart contract vulnerability detection: How far are we? arXiv preprint arXiv:2309.05520, 2023.
  8. Evaluating large language models trained on code. arXiv preprint arXiv:2107.03374, 2021.
  9. Do you still need a manual smart contract audit? arXiv preprint arXiv:2306.12338, 2023.
  10. Slither: a static analysis framework for smart contracts. In 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), pages 8–15. IEEE, 2019.
  11. Generative adversarial nets. Advances in neural information processing systems, 27, 2014.
  12. Echidna: effective, usable, and fast fuzzing for smart contracts. In Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis, pages 557–560, 2020.
  13. J. Heller. Catch-22: a novel, volume 4. Simon and Schuster, 1999.
  14. Large language models for software engineering: A systematic literature review. arXiv preprint arXiv:2308.10620, 2023.
  15. Bert4eth: A pre-trained transformer for ethereum fraud detection. In Proceedings of the ACM Web Conference 2023, pages 2189–2197, 2023.
  16. Smartcondetect: Highly accurate smart contract code vulnerability detection mechanism using bert. In KDD Workshop on Programming Language Processing, 2021.
  17. Contractfuzzer: Fuzzing smart contracts for vulnerability detection. In Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, pages 259–269, 2018.
  18. Zeus: analyzing safety of smart contracts. In Ndss, pages 1–12, 2018.
  19. Competition-level code generation with alphacode. Science, 378(6624):1092–1097, 2022.
  20. Smartdagger: a bytecode-based static analysis approach for detecting cross-contract vulnerability. In Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, pages 752–764, 2022.
  21. Smart contract vulnerability detection: from pure neural network to interpretable graph feature and expert pattern fusion. arXiv preprint arXiv:2106.09282, 2021.
  22. Combining graph neural networks with expert knowledge for smart contract vulnerability detection. IEEE Transactions on Knowledge and Data Engineering, 2021.
  23. Manticore: A user-friendly symbolic execution framework for binaries and smart contracts. In 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), pages 1186–1189. IEEE, 2019.
  24. Mythril. https://github.com/Consensys/mythril.
  25. OpenAI. Gpt-4 technical report, 2023. https://arxiv.org/abs/2303.08774.
  26. Generative agents: Interactive simulacra of human behavior. arXiv preprint arXiv:2304.03442, 2023.
  27. Automated program repair based on code review: How do pre-trained transformer models perform? arXiv preprint arXiv:2304.07840, 2023.
  28. Verx: Safety verification of smart contracts. In 2020 IEEE symposium on security and privacy (SP), pages 1661–1677. IEEE, 2020.
  29. Communicative agents for software development. arXiv preprint arXiv:2307.07924, 2023.
  30. Towards automated reentrancy detection for smart contracts based on sequential models. IEEE Access, 8:19685–19695, 2020.
  31. Cross-modality mutual learning for enhancing smart contract vulnerability detection on bytecode. In Proceedings of the ACM Web Conference 2023, pages 2220–2229, 2023.
  32. Unsupervised representation learning with deep convolutional generative adversarial networks. arXiv preprint arXiv:1511.06434, 2015.
  33. Toolformer: Language models can teach themselves to use tools. arXiv preprint arXiv:2302.04761, 2023.
  34. Smarter contracts: Detecting vulnerabilities in smart contracts with deep transfer learning. In NDSS, 2023.
  35. Benchmarking language models for code syntax understanding. arXiv preprint arXiv:2210.14473, 2022.
  36. Verismart: A highly precise safety verifier for ethereum smart contracts. In 2020 IEEE Symposium on Security and Privacy (SP), pages 1678–1694. IEEE, 2020.
  37. Assbert: Active and semi-supervised bert for smart contract vulnerability detection. Journal of Information Security and Applications, 73:103423, 2023.
  38. Y. Sun and L. Gu. Attention-based machine learning model for smart contract vulnerability detection. In Journal of physics: conference series, volume 1820, page 012004. IOP Publishing, 2021.
  39. When gpt meets program analysis: Towards intelligent detection of smart contract logic vulnerabilities in gptscan. arXiv preprint arXiv:2308.03314, 2023.
  40. Towards safer smart contracts: A sequence learning approach to detecting security threats. arXiv preprint arXiv:1811.06632, 2018.
  41. Transformer-based language models for software vulnerability detection. In Proceedings of the 38th Annual Computer Security Applications Conference, pages 481–496, 2022.
  42. Llama: Open and efficient foundation language models. arXiv preprint arXiv:2302.13971, 2023.
  43. Securify: Practical security analysis of smart contracts. In Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, pages 67–82, 2018.
  44. N. vulnerability database. Common vulnerabilities and exposures (cves). https://cve.mitre.org/index.html.
  45. Codet5+: Open code large language models for code understanding and generation. arXiv preprint arXiv:2305.07922, 2023.
  46. Chain-of-thought prompting elicits reasoning in large language models. Advances in Neural Information Processing Systems, 35:24824–24837, 2022.
  47. D. Wong and M. Hemmel. Decentralized application security project top 10 of 2018, 2018.
  48. How effective are neural networks for fixing security vulnerabilities. arXiv preprint arXiv:2305.18607, 2023.
  49. V. Wüstholz and M. Christakis. Harvey: A greybox fuzzer for smart contracts. In Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pages 1398–1409, 2020.
  50. The rise and potential of large language model based agents: A survey. arXiv preprint arXiv:2309.07864, 2023.
  51. Automated program repair in the era of large pre-trained language models. In Proceedings of the 45th International Conference on Software Engineering (ICSE 2023). Association for Computing Machinery, 2023.
  52. xfuzz: Machine learning guided cross-contract fuzzing. IEEE Transactions on Dependable and Secure Computing, 2022.
  53. Tree of thoughts: Deliberate problem solving with large language models. arXiv preprint arXiv:2305.10601, 2023.
  54. Mpro: Combining static and symbolic analysis for scalable testing of smart contract. In 2019 IEEE 30th International Symposium on Software Reliability Engineering (ISSRE), pages 456–462. IEEE, 2019.
  55. Cumulative reasoning with large language models. arXiv preprint arXiv:2308.04371, 2023.
  56. Demystifying exploitable bugs in smart contracts. ICSE, 2023.
  57. A survey of large language models. arXiv preprint arXiv:2303.18223, 2023.
  58. Sok: Decentralized finance (defi) attacks. In 2023 IEEE Symposium on Security and Privacy (SP), pages 2444–2461. IEEE, 2023.
  59. Smart contract vulnerability detection using graph neural networks. In Proceedings of the Twenty-Ninth International Conference on International Joint Conferences on Artificial Intelligence, pages 3283–3290, 2021.
Citations (33)
View on Semantic Scholar

Summary

  • The paper presents a two-stage framework, GPTLens, that leverages separate generation and discrimination stages to enhance vulnerability detection in smart contracts.
  • It demonstrates a significant improvement in detection accuracy, nearly doubling the hit ratio from 38.5% to 76.9% by mitigating false positives and negatives.
  • The research highlights the practical implications of AI-driven smart contract auditing and sets the stage for advances in automated security verification.

LLM-Powered Smart Contract Vulnerability Detection: New Perspectives

The paper "LLM-Powered Smart Contract Vulnerability Detection: New Perspectives" presents a comprehensive analysis of leveraging LLMs, specifically models like GPT-4, to detect vulnerabilities in smart contracts. This research identifies the inherent challenges and opportunities in applying LLMs to the field of smart contract auditing and introduces a two-stage framework, named GPTLens, to enhance the effectiveness of this task.

Challenges and Observations

The authors delineate several challenges associated with using LLMs for vulnerability detection in smart contracts:

  1. False Positives: LLMs tend to generate numerous false positives, which necessitate substantial manual verification, thereby lowering the practical utility of these models.
  2. False Negatives: LLMs may fail to identify actual vulnerabilities, reducing recall rates. Some vulnerabilities go undetected due to the randomness inherent in the generative process.
  3. Balancing Correctness and Generality: While traditional tools rely on expert-designed patterns that offer limited scope, LLMs have the potential to generalize beyond predefined vulnerabilities. However, achieving a balance between generating correct outputs and maintaining generality remains a challenge.

GPTLens Framework

GPTLens tackles the above challenges by employing a novel, two-stage adversarial framework:

  • Generation Stage: Here, the LLM functions as multiple 'auditor' agents. Each agent generates a variety of possible vulnerabilities, aiming for high diversity in output, to capture plausible vulnerabilities.
  • Discrimination Stage: In this subsequent stage, a 'critic' agent evaluates the generated vulnerabilities. It ranks each finding based on factors such as correctness, severity, and profitability. The critic’s role is to mitigate the false positives by discerning the most plausible vulnerabilities from the generated set.

Empirical Results

The empirical evaluation involved testing on 13 smart contracts, each documented with a known vulnerability in the CVE database. The paper compared several configurations, demonstrating that the proposed GPTLens framework results in a marked improvement in vulnerability detection:

  • The hit ratio for identifying vulnerabilities at the contract level increased significantly. Notably, GPTLens with multiple auditors outperformed a conventional one-stage detection by almost doubling the hit ratio from 38.5% to 76.9%.
  • Even when considering trial-level outputs (individual generation runs), the accuracy improved from 33.3% to 59.0%, highlighting the efficacy of the two-stage strategy.

Theoretical and Practical Implications

This research provides essential insights into the development of AI-driven tools in the domain of smart contract auditing. The GPTLens framework suggests a path to more reliable and efficient detection processes that do not strictly rely on expert-crafted rules or predefined vulnerability types. This capability could extend to detecting novel and uncategorized vulnerabilities, thereby enhancing the robustness of smart contract security.

Speculation on Future Developments

Continued innovation in this area may hinge on several key areas:

  • Enhanced Diversity in LLM Generation: Developing new mechanisms for enhancing diversity without increasing false positives could further improve detection rates.
  • Improved In-Context Learning: Teaching critics to maintain consistency across batches could address current limitations related to token constraints.
  • Integration with External Knowledge: Leveraging the ability of LLMs to interface with tools or databases might provide additional contextual knowledge during detection, potentially improving accuracy and reducing false positives.
  • Role of LLMs in Broader Software Development: The integration of LLMs in tasks ranging from code generation to automated vulnerability repair holds significant promise, possibly revolutionizing approaches to software development by incorporating AI agents as central elements.

In conclusion, the paper's findings represent a substantive contribution to smart contract vulnerability detection, illustrating the dual potential of LLMs to enhance both the breadth of coverage and accuracy of vulnerability detection systems.

File Document Download Save Streamline Icon: https://streamlinehq.com PDF File Document Download Save Streamline Icon: https://streamlinehq.com Markdown