GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis
arxiv(2023)
摘要
Smart contracts are prone to various vulnerabilities, leading to substantial
financial losses over time. Current analysis tools mainly target
vulnerabilities with fixed control or data-flow patterns, such as re-entrancy
and integer overflow. However, a recent study on Web3 security bugs revealed
that about 80
lack of domain-specific property description and checking. Given recent
advances in Large Language Models (LLMs), it is worth exploring how Generative
Pre-training Transformer (GPT) could aid in detecting logicc vulnerabilities.
In this paper, we propose GPTScan, the first tool combining GPT with static
analysis for smart contract logic vulnerability detection. Instead of relying
solely on GPT to identify vulnerabilities, which can lead to high false
positives and is limited by GPT's pre-trained knowledge, we utilize GPT as a
versatile code understanding tool. By breaking down each logic vulnerability
type into scenarios and properties, GPTScan matches candidate vulnerabilities
with GPT. To enhance accuracy, GPTScan further instructs GPT to intelligently
recognize key variables and statements, which are then validated by static
confirmation. Evaluation on diverse datasets with around 400 contract projects
and 3K Solidity files shows that GPTScan achieves high precision (over 90
token contracts and acceptable precision (57.14
Web3Bugs. It effectively detects ground-truth logic vulnerabilities with a
recall of over 70
GPTScan is fast and cost-effective, taking an average of 14.39 seconds and 0.01
USD to scan per thousand lines of Solidity code. Moreover, static confirmation
helps GPTScan reduce two-thirds of false positives.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要