<p>A smart contract fundamentally consists of code deployed on the blockchain, noted for its transparent and unchangeable execution. These characteristics, however, also expose it to attackers once any weaknesses are present. In recent years, attacks targeting smart contracts have caused substantial financial losses, highlighting the importance of robust vulnerability detection approaches. Conventional detection techniques, which rely on contextual semantics or symbolic execution, often face limitations in efficiency. Although neural network-based approaches have enhanced detection speed, they frequently compromise accuracy. This study introduces a framework for identifying and repairing vulnerabilities in smart contracts by utilizing multi-relational graphs combined with a pre-trained model. Initially, a Multi-Relational Graph (MRG) is constructed to represent the multi-dimensional aspects of execution logic and data dependencies by integrating multiple program feature graphs. To reduce interference from extraneous code, contract slices are then generated according to node and edge types defined within the MRG. These vectorized slices are subsequently processed by a pre-trained model called SCCodeBERT for both detection and repair of potential vulnerabilities. Experiments show that SCCodeBERT achieves an average accuracy of 96.06% and an F1-score of 90.90% on mainstream vulnerability datasets. Moreover, it reaches an average repair effectiveness of 86.42%, significantly outperforming current baseline approaches. This work presents a highly effective automated solution for enhancing smart contract security, offering notable theoretical and practical contributions.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Sccodebert: an automatic vulnerability detection and repair method for smart contracts

  • Jinlong Bai,
  • Lifeng Cao,
  • Xingchen Li,
  • Hengyi Lv,
  • Xuehui Du

摘要

A smart contract fundamentally consists of code deployed on the blockchain, noted for its transparent and unchangeable execution. These characteristics, however, also expose it to attackers once any weaknesses are present. In recent years, attacks targeting smart contracts have caused substantial financial losses, highlighting the importance of robust vulnerability detection approaches. Conventional detection techniques, which rely on contextual semantics or symbolic execution, often face limitations in efficiency. Although neural network-based approaches have enhanced detection speed, they frequently compromise accuracy. This study introduces a framework for identifying and repairing vulnerabilities in smart contracts by utilizing multi-relational graphs combined with a pre-trained model. Initially, a Multi-Relational Graph (MRG) is constructed to represent the multi-dimensional aspects of execution logic and data dependencies by integrating multiple program feature graphs. To reduce interference from extraneous code, contract slices are then generated according to node and edge types defined within the MRG. These vectorized slices are subsequently processed by a pre-trained model called SCCodeBERT for both detection and repair of potential vulnerabilities. Experiments show that SCCodeBERT achieves an average accuracy of 96.06% and an F1-score of 90.90% on mainstream vulnerability datasets. Moreover, it reaches an average repair effectiveness of 86.42%, significantly outperforming current baseline approaches. This work presents a highly effective automated solution for enhancing smart contract security, offering notable theoretical and practical contributions.