APPLICATION OF LARGE LANGUAGE MODELS IN SMART CONTRACT VULNERABILITY DETECTION

Authors

  • Yun Li (Corresponding Author) School of Finance and Economics, Hainan Vocational University of Science and Technology, Haikou 571126, Hainan, China.
  • YanLing Liu School of Finance and Economics, Hainan Vocational University of Science and Technology, Haikou 571126, Hainan, China.
  • ChangEr Liu School of Finance and Economics, Hainan Vocational University of Science and Technology, Haikou 571126, Hainan, China.
  • XinMan Luo School of Information Science and Technology, Qiongtai Normal University, Haikou 571100, Hainan, China.

Keywords:

Large language models, Smart contracts, Vulnerability detection, Blockchain security, Program analysis

Abstract

With the rapid iteration of blockchain technology, smart contracts, as core components of decentralized applications, directly impact the stability of on-chain assets and ecosystems through their security. Traditional vulnerability detection methods primarily rely on expert rules and static analysis, facing bottlenecks such as high false positive rates and poor adaptability to complex logical vulnerabilities. In recent years, Large Language Models (LLMs), with their exceptional code understanding and reasoning capabilities, have provided new technical pathways for smart contract security auditing. This paper focuses on LLM-driven smart contract vulnerability detection technologies, systematically reviewing mainstream application paradigms from prompt engineering to model fine-tuning. The paper first reviews the current state of smart contract security and the limitations of traditional methods; subsequently, it provides in-depth analysis of the architectural design and core mechanisms of representative frameworks such as GPTLens and SmartVD, evaluating their performance in detection accuracy and recall rate; finally, addressing current challenges including data scarcity, model hallucinations, and computational overhead, it proposes future evolution directions such as multimodal fusion and human-in-the-loop auditing, providing reference for research and practice in related fields.

References

[1] Buterin V. A next-generation smart contract and decentralized application platform. White Paper, 2014, 3(37): 2-1.

[2] Atzei N, Bartoletti M, Cimoli T. A survey of attacks on Ethereum smart contracts (SoK)//International Conference on Principles of Security and Trust. Berlin, Heidelberg: Springer, 2017: 164-186.

[3] Zhang P, Xiao F, Luo X. SolidityCheck: Quickly detecting smart contract problems through regular expressions. arXiv preprint arXiv:1911.09425, 2019.

[4] Brown T, Mann B, Ryder N, et al. Language models are few-shot learners//Advances in Neural Information Processing Systems (NeurIPS), 2020: 1877-1901.

[5] Chen M, Tworek J, Jun H, et al. Evaluating large language models trained on code. arXiv preprint arXiv:2107.03374, 2021.

[6] Liu C, Liu H, Cao Z, et al. ReGuard: Finding reentrancy bugs in smart contracts//Proceedings of the 40th International Conference on Software Engineering: Companion Proceedings (ICSE), 2018: 65-68.

[7] Tan B, Mariano B, Lahiri S K, et al. SolType: Refinement types for arithmetic overflow in Solidity. Proceedings of the ACM on Programming Languages, 2022, 6(POPL): 1-29.

[8] Liu Z, Qian P, Wang X, et al. Combining graph neural networks with expert knowledge for smart contract vulnerability detection. IEEE Transactions on Knowledge and Data Engineering, 2023, 35(2): 1296-1310.

[9] Kalra S, Goel S, Dhawan M, et al. ZEUS: Analyzing safety of smart contracts//Proceedings of the Network and Distributed System Security Symposium (NDSS), 2018: 1-12.

[10] Luu L, Chu D H, Olickel H, et al. Making smart contracts smarter//Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2016: 254-269.

[11] Tikhomirov S, Voskresenskaya E, Ivanitskiy I, et al. SmartCheck: Static analysis of Ethereum smart contracts//Proceedings of the 1st International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), 2018: 9-16.

[12] Hu S, Huang T, Ilhan F, et al. Large language model-powered smart contract vulnerability detection: New perspectives//2023 IEEE 5th International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA). IEEE, 2023: 297-306.

[13] Alam M T, Halder R, Maiti A. Detection made easy: Potentials of large language models for Solidity vulnerabilities. arXiv preprint arXiv:2409.10574, 2024.

[14] Luo Y, Xu W, Andersson K, et al. FELLMVP: An ensemble LLM framework for classifying smart contract vulnerabilities//2024 IEEE International Conference on Blockchain. IEEE, 2024: 89-96.

[15] Sun Y, Wu D, Xue Y, et al. LLM4Vuln: A unified evaluation framework for decoupling and enhancing LLMs' vulnerability reasoning. arXiv preprint arXiv:2401.16185, 2024.

[16] Zhao W X, Zhou K, Li J, et al. A survey of large language models. arXiv preprint arXiv:2303.18223, 2023.

[17] Dettmers T, Pagnoni A, Holtzman A, et al. QLoRA: Efficient finetuning of quantized LLMs//Advances in Neural Information Processing Systems (NeurIPS), 2023, 36: 10088-10115.

Downloads

Published

2026-04-10

Issue

Vol. 8 No. 2 (2026)

Section

Research Article

DOI:

https://doi.org/10.61784/jcsee3130

How to Cite

Yun Li, YanLing Liu, ChangEr Liu, XinMan Luo. Application Of Large Language Models In Smart Contract Vulnerability Detection. Journal of Computer Science and Electrical Engineering. 2026, 8(2): 67-70. DOI: https://doi.org/10.61784/jcsee3130.