基于路径融合的智能合约漏洞检测方法

doi:10.3778/j.issn.1002-8331.2406-0313

摘要/Abstract

摘要： 随着去中心化互联网的发展，智能合约因其不可修改性而需要在部署前确保安全性，以防范潜在的漏洞风险。尽管已有一些基于深度学习的方法用于智能合约的漏洞检测，但仍然存在以下两个问题：一是缺乏对合约结构和语义信息的充分理解；二是神经网络模型受输入长度的制约，对长合约性能不佳。针对这两个问题，提出基于语法控制流图的合约分解和路径融合方法。基于抽象语法树构建智能合约的语法控制流图，并采用贪心策略将语法控制流图分解为多条结构简单的路径；使用预训练的代码模型学习路径的向量表示。融合不同路径的特征向量以实现漏洞检测。为验证模型的有效性，构建了一个包含7 511个真实世界智能合约的数据集，实验结果表明，和主流方法相比该方法能够有效提高智能合约漏洞检测的精确率、召回率和F1值。

关键词: 智能合约, 漏洞检测, 控制流图, 预训练模型

Abstract: With the development of decentralized internet, smart contracts need to ensure security before deployment due to their immutability to prevent potential vulnerabilities. Despite some deep learning-based methods for vulnerability detection in smart contracts, two main issues persist： insufficient understanding of contract structure and semantic information, and poor performance on long contracts due to the input length limitations of neural network models. To address these issues, a method based on syntax control flow graph decomposition and path fusion is proposed. Firstly, for a smart contract, a syntax control flow graph is constructed based on its abstract syntax tree, and a greedy strategy is used to decompose the graph into multiple paths from entry nodes to exit nodes. Secondly, a pre-trained code model is used to learn the vector representation of these paths. Finally, the feature vectors of different paths are fused to achieve vulnerability detection. A dataset containing 7 511 real-world smart contracts is constructed to validate the model’s effectiveness. Experimental results show that the decomposed paths effectively improve the precision, recall, and F1 score of smart contract vulnerability detection.

Key words: smart contract, vulnerability detection, control flow graph, pre-trained models

范亚生, 谢春丽, 魏家劲, 曾友. 基于路径融合的智能合约漏洞检测方法[J]. 计算机工程与应用, 2025, 61(20): 315-326.

FAN Yasheng, XIE Chunli, WEI Jiajin, ZENG You. Vulnerability Detection Method for Smart Contract Based on Path Fusion[J]. Computer Engineering and Applications, 2025, 61(20): 315-326.

参考文献

[1] WRIGHT C S. Bitcoin: a peer-to-peer electronic cash system[J]. SSRN Electronic Journal, 2008: 236214.
[2] PIERRO D M. What is the blockchain?[J]. Computing in Science & Engineering, 2017, 19(5): 92-95.
[3] BUTERIN V. A next generation smart contract & decentralized application platform[EB/OL]. (2013-04-06)[2024-04-16]. https://ethereum.org/zh/whitepaper/.
[4] YAKOVENKO A. Solana: a new architecture for a high performance blockchain[EB/OL]. (2021-12-06)[2024-04-16]. https://solana.com/solana-whitepaper.pdf.
[5] FALKON, S. The story of the DAO—its history and consequences[EB/OL]. (2017-12-24)[2024-04-16]. https://medium.com/swlh/the-story-of-the-dao-its-history-and-consequences-71e6a8a551ee.
[6] 张健, 张超, 玄跻峰, 等. 程序分析研究进展[J]. 软件学报, 2019, 30(1): 80-109.
ZHANG J, ZHANG C, XUAN J F, et al. Recent progress in program analysis[J]. Journal of Software, 2019, 30(1): 80-109.
[7] YOU J, XIA S, LI J Q. A survey on formal methods using in software development[C]//Proceedings of the IET International Conference on Information Science and Control Engineering Institution of Engineering and Technology, 2012: 1-40.
[8] 梅宏, 王千祥, 张路, 等. 软件分析技术进展[J]. 计算机学报, 2009, 32(9): 1697-1710.
MEI H, WANG Q X, ZHANG L, et al. Software analysis: a road map[J]. Chinese Journal of Computers, 2009, 32(9): 1697-1710.
[9] LU L, CHU D H, OLICKEL H, et al. Making smart contracts smarter[C]//Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2016: 254-269.
[10] TIKHOMIROV S, VOSKRESENSKAYA E, IVANITSKIY I, et al. SmartCheck: static analysis of ethereum smart contracts[C]//Proceedings of the 1st International Workshop on Emerging Trends in Software Engineering for Blockchain. New York: ACM, 2018: 9-16.
[11] FEIST J, GRIECO G, GROCE A. Slither: a static analysis framework for smart contracts[C]//Proceedings of the IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain. Piscataway: IEEE, 2019: 8-15.
[12] LIU H, LIU C, ZHAO W Q, et al. S-Gram: towards semantic-aware security auditing for Ethereum smart contracts[C]//Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering. New York: ACM, 2018: 814-819.
[13] HOCHREITER S, SCHMIDHUBER J. Long short-term memory[J]. Neural Computation, 1997, 9(8): 1735-1780.
[14] SCHUSTER M, PALIWAL K K. Bidirectional recurrent neural networks[J]. IEEE Transactions on Signal Processing, 1997, 45(11): 2673-2681.
[15] VASWANI A, SHAZEER N, PARMAR N, et al. Attention is all you need[C]//Advances in Neural Information Processing Systems, 2017: 6000-6010.
[16] HUANG J J, HAN S M, YOU W, et al. Hunting vulnerable smart contracts via graph embedding based bytecode matching[J]. IEEE Transactions on Information Forensics and Security, 2021, 16: 2144-2156.
[17] DANNEN C. Introducing Ethereum and solidity[M]. CA: Apress, 2017.
[18] CHEN D, FENG L, FAN Y Q, et al. Smart contract vulnerability detection based on semantic graph and residual graph convolutional networks with edge attention[J]. Journal of Systems and Software, 2023, 202: 111705.
[19] FENG Z, GUO D, TANG D, et al. CodeBERT: a pre-trained model for programming and natural languages[J]. arXiv: 2002.08155, 2020.
[20] ANGELO D M, SALZER G. Consolidation of ground truth sets for weakness detection in smart contracts[C]//Proceedings of the International Conference on Financial Cryptography and Data Security. Cham: Springer Nature Switzerland, 2024: 439-455.
[21] DURIEUX T, FERREIRA J F, ABREU R, et al. Empirical review of automated analysis tools on 47,587 Ethereum smart contracts[C]//Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering. New York: ACM, 2020: 530-541.
[22] YASHAVANT C S, KUMAR S, KARKARE A. ScrawlD: a dataset of real world Ethereum smart contracts labelled with vulnerabilities[J]. arXiv:2202.11409, 2022.
[23] HILDENBRANDT E, SAXENA M, RODRIGUES N, et al. KEVM: a complete formal semantics of the ethereum virtual machine[C]//Proceedings of the IEEE 31st Computer Security Foundations Symposium. Piscataway: IEEE, 2018: 204-217.
[24] MIKOLOV T, CHEN K, CORRADO G, et al. Efficient estimation of word representations in vector space[C]//Proceedings of the Conference on Empirical Methods in Natural Language Processing, 2013: 2-4.
[25] BOJANOWSKI P, GRAVE E, JOULIN A, et al. Enriching word vectors with subword information[J]. Transactions of the Association for Computational Linguistics, 2017, 5: 135-146.
[26] WANG W, SONG J J, XU G Q, et al. ContractWard: automated vulnerability detection models for Ethereum smart contracts[J]. IEEE Transactions on Network Science and Engineering, 2021, 8(2): 1133-1144.
[27] WU H J, ZHANG Z, WANG S W, et al. Peculiar: smart contract vulnerability detection based on crucial data flow graph and pre-training techniques[C]//Proceedings of the IEEE 32nd International Symposium on Software Reliability Enginee-ring. Piscataway: IEEE, 2021: 378-389.
[28] LIU Z G, QIAN P, WANG X Y, et al. Combining graph neural networks with expert knowledge for smart contract vulnerability detection[J]. arXiv:2107.11598, 2021.
[29] SARZYNSKA-WAWER J, WAWER A, PAWLAK A, et al. Detecting formal thought disorder by deep contextualized word representations[J]. Psychiatry Research, 2021, 304: 114135.
[30] RADFORD A, NARASIMHAN K, SALIMANS T, et al. Improving language understanding by generative pre-trai-ning[EB/OL]. (2018-11-15)[2024-04-16]. https://openai.com/index/language-unsupervised/.
[31] DEVLIN J, CHANG M W, LEE K, et al. BERT: pre-training of deep bidirectional transformers for language underst-anding[C]//Proceedings of the Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, 2019: 4171-4186.
[32] DASP. Decentralized application security project?top 10?of?2018[EB/OL]. (2018-01-01) [2024-04-16]. https://www.dasp.co.
[33] JORAN H. Tree sitter solidity[EB/OL]. (2020-01-01) [2024-04-16]. https://github.com/JoranHonig/tree-sitter-solidity.
[34] PARIKH A, T?CKSTR?M O, DAS D, et al. A decomposable attention model for natural language inference[C]//Proceedings of the Conference on Empirical Methods in Natural Language Processing. Stroudsburg: ACL, 2016: 2249-2255.
[35] BA J L, KIROS J R, HINTON G E. Layer normalization[J]. arXiv:1607.06450, 2016.
[36] PyTorch. Tensors and dynamic neural networks in Python with strong GPU acceleration[EB/OL]. (2020-01-01) [2024-04-16]. https://pytorch.org.