Related papers: ETrace:Event-Driven Vulnerability Detection in Smart Contracts via LLM-Based Trace Analysis

ETrace:Event-Driven Vulnerability Detection in Smart Contracts via LLM-Based Trace Analysis

URL: http://arxiv.org/abs/2506.15790v3
Date: Wed, 30 Jul 2025 07:32:19 GMT
Title: ETrace:Event-Driven Vulnerability Detection in Smart Contracts via LLM-Based Trace Analysis
Authors: Chenyang Peng, Haijun Wang, Yin Wu, Hao Wu, Ming Fan, Yitao Zhao, Ting Liu,
Abstract summary: We present ETrace, a novel event-driven vulnerability detection framework for smart contracts.<n>By extracting fine-grained event sequences from transaction logs, the framework leverages Large Language Models (LLMs) as adaptive semantic interpreters.<n>ETrace implements pattern-matching to establish causal links between transaction behavior patterns and known attack behaviors.
Score: 14.24781559851732
License: http://creativecommons.org/licenses/by-sa/4.0/
Abstract: With the advance application of blockchain technology in various fields, ensuring the security and stability of smart contracts has emerged as a critical challenge. Current security analysis methodologies in vulnerability detection can be categorized into static analysis and dynamic analysis methods.However, these existing traditional vulnerability detection methods predominantly rely on analyzing original contract code, not all smart contracts provide accessible code.We present ETrace, a novel event-driven vulnerability detection framework for smart contracts, which uniquely identifies potential vulnerabilities through LLM-powered trace analysis without requiring source code access. By extracting fine-grained event sequences from transaction logs, the framework leverages Large Language Models (LLMs) as adaptive semantic interpreters to reconstruct event analysis through chain-of-thought reasoning. ETrace implements pattern-matching to establish causal links between transaction behavior patterns and known attack behaviors. Furthermore, we validate the effectiveness of ETrace through preliminary experimental results.

Related papers

White-Basilisk: A Hybrid Model for Code Vulnerability Detection [50.49233187721795]
We introduce White-Basilisk, a novel approach to vulnerability detection that demonstrates superior performance.<n>White-Basilisk achieves results in vulnerability detection tasks with a parameter count of only 200M.<n>This research establishes new benchmarks in code security and provides empirical evidence that compact, efficiently designed models can outperform larger counterparts in specialized tasks.
arXiv Detail & Related papers (2025-07-11T12:39:25Z)
From Data Behavior to Code Analysis: A Multimodal Study on Security and Privacy Challenges in Blockchain-Based DApp [1.6081378516701994]
The recent proliferation of blockchain-based decentralized applications (DApp) has catalyzed transformative advancements in distributed systems.<n>This study initiates with a systematic analysis of behavioral patterns derived from empirical DApp datasets.<n>The principal security vulnerabilities in vulnerability-based smart contracts developed via Solidity are then critically examined.
arXiv Detail & Related papers (2025-04-16T08:30:43Z)
EthCluster: An Unsupervised Static Analysis Method for Ethereum Smart Contract [1.1923665587866032]
We train a model using unsupervised learning to identify vulnerabilities in the Solidity source code of smart contracts.<n>To address the challenges associated with real-world smart contracts, our training data is derived from actual vulnerability samples.
arXiv Detail & Related papers (2025-04-14T08:36:21Z)
Are You Getting What You Pay For? Auditing Model Substitution in LLM APIs [60.881609323604685]
Large Language Models (LLMs) accessed via black-box APIs introduce a trust challenge.<n>Users pay for services based on advertised model capabilities.<n> providers may covertly substitute the specified model with a cheaper, lower-quality alternative to reduce operational costs.<n>This lack of transparency undermines fairness, erodes trust, and complicates reliable benchmarking.
arXiv Detail & Related papers (2025-04-07T03:57:41Z)
Lie Detector: Unified Backdoor Detection via Cross-Examination Framework [68.45399098884364]
We propose a unified backdoor detection framework in the semi-honest setting.<n>Our method achieves superior detection performance, improving accuracy by 5.4%, 1.6%, and 11.9% over SoTA baselines.<n> Notably, it is the first to effectively detect backdoors in multimodal large language models.
arXiv Detail & Related papers (2025-03-21T06:12:06Z)
Learning on LLM Output Signatures for gray-box Behavior Analysis [52.81120759532526]
Large Language Models (LLMs) have achieved widespread adoption, yet our understanding of their behavior remains limited.<n>We develop a transformer-based approach to process contamination and data detection in gray-box settings.<n>Our approach achieves superior performance on hallucination and data detection in gray-box settings, significantly outperforming existing baselines.
arXiv Detail & Related papers (2025-03-18T09:04:37Z)
ContractTrace: Retracing Smart Contract Versions for Security Analyses [4.126275271359132]
We introduce ContractTrace, an automated infrastructure that accurately identifies and links versions of smart contracts into coherent lineages.<n>This capability is essential for understanding vulnerability propagation patterns and evaluating the effectiveness of security patches in blockchain environments.
arXiv Detail & Related papers (2024-12-30T11:10:22Z)
Combining GPT and Code-Based Similarity Checking for Effective Smart Contract Vulnerability Detection [0.0]
We present SimilarGPT, a vulnerability identification tool for smart contract.<n>The main concept of SimilarGPT is to measure the similarity between the code under inspection and the secure code from third-party libraries.<n>We propose optimizing the detection sequence using topological ordering to enhance logical coherence and reduce false positives during detection.
arXiv Detail & Related papers (2024-12-24T07:15:48Z)
LLM-SmartAudit: Advanced Smart Contract Vulnerability Detection [3.1409266162146467]
This paper introduces LLM-SmartAudit, a novel framework to detect and analyze vulnerabilities in smart contracts. Using a multi-agent conversational approach, LLM-SmartAudit employs a collaborative system with specialized agents to enhance the audit process. Our framework can detect complex logic vulnerabilities that traditional tools have previously overlooked.
arXiv Detail & Related papers (2024-10-12T06:24:21Z)
Con-ReCall: Detecting Pre-training Data in LLMs via Contrastive Decoding [118.75567341513897]
Existing methods typically analyze target text in isolation or solely with non-member contexts.<n>We propose Con-ReCall, a novel approach that leverages the asymmetric distributional shifts induced by member and non-member contexts.
arXiv Detail & Related papers (2024-09-05T09:10:38Z)
Enhancing Smart Contract Security Analysis with Execution Property Graphs [48.31617821205042]
We introduce Clue, a dynamic analysis framework specifically designed for a runtime virtual machine.<n>Clue captures critical information during contract executions, employing a novel graph-based representation, the Execution Property Graph.<n> evaluation results reveal Clue's superior performance with high true positive rates and low false positive rates, outperforming state-of-the-art tools.
arXiv Detail & Related papers (2023-05-23T13:16:42Z)

This list is automatically generated from the titles and abstracts of the papers in this site.