A smart contract vulnerability detection method based on deep semantic feature fusion
摘要
Smart contracts are vulnerable to security risks introduced during development, while existing detection methods often suffer from high false positive rates and limited scalability on large contract repositories. To address these issues, this paper proposes a scalable vulnerability detection framework that integrates dynamic key node sampling with deep semantic edge enhancement. Control flow and data flow information is incorporated into a simplified abstract syntax tree (AST) to construct a semantic association graph (SAG), capturing inter-statement dependencies in smart contracts. GraphSAGE is then employed to dynamically prioritize vulnerability-related key nodes, and a multilayer Transformer is designed to model deep semantic dependencies among edges using self-attention and positional encoding. By jointly modeling large-scale graph structures and attention-based interactions, the proposed framework supports efficient, high-throughput vulnerability analysis. Experimental results on a large number of open-source datasets show that the proposed method achieves F1-scores of 96% on Reentrancy, 91% on Timestamp Dependency, 91% on Tx.origin, and 89% on Integer Overflow vulnerabilities, demonstrating its effectiveness and scalability.