Search papers, labs, and topics across Lattice.
This paper introduces an LLM-based framework for detecting vulnerabilities in smart contracts by creating vulnerability-specific detectors. They construct a dataset of 31,165 annotated vulnerability instances across 15 blockchain platforms and use AST-based context extraction to inform targeted prompt design. Experiments show the framework achieves high recall (0.92 positive, 0.85 negative) across 13 vulnerability categories, demonstrating the effectiveness of tailored prompting.
LLMs can achieve surprisingly high precision in smart contract vulnerability detection, but only with vulnerability-specific prompts and AST-based context.
Smart contracts on blockchains are prone to diverse security vulnerabilities that can lead to significant financial losses due to their immutable nature. Existing detection approaches often lack flexibility across vulnerability types and rely heavily on manually crafted expert rules. In this paper, we present an LLM-based framework for practical smart contract vulnerability detection. We construct and release a large-scale dataset comprising 31,165 professionally annotated vulnerability instances collected from over 3,200 real-world projects across 15 major blockchain platforms. Our approach leverages precise AST-based context extraction and vulnerability-specific prompt design to instantiate customized detectors for 13 prevalent vulnerability categories. Experimental results demonstrate strong effectiveness, achieving an average positive recall of 0.92 and an average negative recall of 0.85, highlighting the potential of carefully engineered contextual prompting for scalable and high-precision smart contract security analysis.
