Smart Contract Vulnerability Detection Method Based on Vulnerability Propagation Path
摘要
With the rapid development of blockchain technology, smart contracts, as decentralized applications running on blockchain platforms, have been widely applied in various fields. Once deployed on the blockchain, smart contracts are immutable, making it crucial to perform vulnerability detection before deployment to identify potential security risks. Existing smart contract vulnerability detection methods detect vulnerabilities by extracting features from the smart contract code. However, these methods overlook key functions and variables that cause vulnerabilities as well as their dependencies with other code elements. They do not adequately extract critical features, resulting in a high false positive rate. Therefore, this paper proposes a smart contract vulnerability detection method based on vulnerability propagation paths. First, key functions and variables are identified based on the type of vulnerability, and their dependencies with other code elements are analyzed. Vulnerability propagation paths highly correlated with vulnerabilities are then extracted. These paths are integrated into a mask through a shielding function to guide the pre-trained model’s attention to important node information, generating contract graph node embeddings. The graph convolutional network is then used to aggregate features based on the code structure. Finally, a prediction difference strategy is employed to enhance the training effect, achieving precise vulnerability detection. Experiments conducted on a real Ethereum smart contract dataset demonstrate the effectiveness of our method.