-
Notifications
You must be signed in to change notification settings - Fork 1
/
index.html
252 lines (241 loc) · 14.3 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>GPTScan: A LLM-Empowered Logic Bug Scanner for Solidity</title>
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/[email protected]/css/bulma.min.css">
<link href="https://cdn.jsdelivr.net/npm/@fortawesome/[email protected]/css/fontawesome.min.css"
rel="stylesheet">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/jpswalsh/academicons@1/css/academicons.min.css">
<link rel="stylesheet" href="static/css/index.css">
</head>
<body>
<section class="hero">
<div class="hero-body">
<div class="container is-max-desktop">
<div class="column is-centered">
<div class="column has-text-centered">
<h1 class="title is-1 publication-title">
GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis
</h1>
<div class="column has-text-centered">
<span class="link-block">
<a href="https://dl.acm.org/doi/abs/10.1145/3597503.3639117"
class="external-link button is-dark is-rounded ">
<span class="icon">
<i class="fas fa-file-pdf"></i>
</span>
<span>Paper</span>
</a>
</span>
<span class="link-block">
<a href="https://arxiv.org/abs/2308.03314"
class="external-link button is-dark is-rounded ">
<span class="icon">
<i class="ai ai-arxiv"></i>
</span>
<span>arXiv</span>
</a>
</span>
<span class="link-block">
<a href="https://github.com/MetaTrustLabs/GPTScan" class="external-link button is-dark is-rounded">
<span class="icon">
<i class="fa-solid fa-database"></i>
</span>
<span>Dataset</span>
</a>
</span>
<!-- Code Link. -->
<span class="link-block">
<a href="https://github.com/GPTScan/GPTScan"
class="external-link button is-dark is-rounded ">
<span class="icon">
<i class="fab fa-github"></i>
</span>
<span>Code</span>
</a>
</span>
<span class="link-block">
<a href="#bibtex" class="external-link button is-dark is-rounded ">
<span class="icon">
<i class="fa-solid fa-quote-left"></i>
</span>
<span class="show_paper_citations" data="KAWDTzsAAAAJ:YsMSGLbcyi4C">Citations</span>
</a>
</span>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="section">
<div class="container is-max-desktop">
<!-- Abstract. -->
<div class="columns is-centered has-text-centered">
<div class="column is-four-fifths">
<h2 class="title is-3">Abstract</h2>
<div class="content has-text-justified">
<p>
Smart contracts are prone to various vulnerabilities, leading to substantial financial
losses over time. Current analysis tools mainly target vulnerabilities with fixed control-
or data-flow patterns, such as re-entrancy and integer overflow. However, a recent study on
Web3 security bugs revealed that about 80% of these bugs cannot be audited by existing tools
due to the lack of domain-specific property description and checking. Given recent advances
in Large Language Models (LLMs), it is worth exploring how Generative Pre-training
Transformer (GPT) could aid in detecting logic vulnerabilities.
</p>
<!-- <p>-->
<!-- k<b><span id="totalnum">123</span></b>-->
<!-- </p>-->
<div style="text-align: center;">
<img src="static/images/GPTScanWorkflow.svg"
style="width:900px !important;height:auto !important;">
</div>
<p>
In this paper, we propose GPTScan, the first tool combining GPT with static analysis for
smart contract logic vulnerability detection. Instead of relying solely on GPT to identify
vulnerabilities, which can lead to high false positives and is limited by GPT's pre-trained
knowledge, we utilize GPT as a versatile code understanding tool. By breaking down each
logic vulnerability type into scenarios and properties, GPTScan matches candidate
vulnerabilities with GPT. To enhance accuracy, GPTScan further instructs GPT to
intelligently recognize key variables and statements, which are then validated by static
confirmation. Evaluation on diverse datasets with around 400 contract projects and 3K
Solidity files shows that GPTScan achieves high precision (over 90%) for token contracts and
acceptable precision (57.14%) for large projects like Web3Bugs. It effectively detects
ground-truth logic vulnerabilities with a recall of over 70%, including 9 new
vulnerabilities missed by human auditors. GPTScan is fast and cost-effective, taking an
average of 14.39 seconds and 0.01 USD to scan per thousand lines of Solidity code. Moreover,
static confirmation helps GPTScan reduce two-thirds of false positives.
</p>
</div>
</div>
</div>
<!--/ Abstract. -->
<div class="columns is-centered has-text-centered">
<div class="column is-four-fifths">
<h2 class="title is-3" id="bibtex">Bibtex</h2>
<div class="content has-text-justified">
<article class="message is-primary">
<pre class="message-body" id="bibtex-text">
@inproceedings{sun2024gptscan,
author = {Sun, Yuqiang and Wu, Daoyuan and Xue, Yue and Liu, Han and Wang, Haijun and Xu, Zhengzi and Xie, Xiaofei and Liu, Yang},
title = {{GPTScan}: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis},
year = {2024},
isbn = {9798400702174},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/3597503.3639117},
doi = {10.1145/3597503.3639117},
booktitle = {Proceedings of the IEEE/ACM 46th International Conference on Software Engineering},
articleno = {166},
numpages = {13},
series = {ICSE '24}
}</pre>
</article>
</div>
</div>
</div>
</div>
</section>
<section class="section">
<div class="container is-max-desktop">
<div class="columns is-centered has-text-centered">
<div class="column is-four-fifths">
<h2 class="title is-3">Related Works</h2>
<div class="content has-text-justified">
<ul>
<li>
LLM4Vuln: A Unified Evaluation Framework for Decoupling and Enhancing LLMs' Vulnerability Reasoning [<a href="https://arxiv.org/abs/2401.16185">arXiv</a>]
</li>
<li>
Combining Fine-Tuning and LLM-based Agents for Intuitive Smart Contract Auditing with Justifications [<a href="https://arxiv.org/abs/2403.16073">arXiv</a>]
</li>
<li>
PropertyGPT: LLM-driven Formal Verification of Smart Contracts through Retrieval-Augmented Property Generation [<a href="https://arxiv.org/abs/2405.02580">arXiv</a>]
</li>
</ul>
</div>
</div>
</div>
</div>
<section class="section">
<div class="container is-max-desktop">
<div class="columns is-centered has-text-centered">
<div class="column is-four-fifths">
<h2 class="title is-3">Authors</h2>
<div class="column">
<table width="100%">
<tr>
<td width="25%"><img class="custom-style" src="static/images/yuqiang.jpg">
</td>
<td width="25%"><img class="custom-style" src="static/images/daoyuan.jpg">
</td>
<td width="25%"><img class="custom-style" src="static/images/avatar_scholar_256.png">
</td>
<td width="25%"><img class="custom-style" src="static/images/liuhan.jpg">
</td>
</tr>
<table>
<table width="100%">
<tr>
<td width="25%"><a href="https://aboutme.izaiahsun.com/">
<span class="tag is-light">Yuqiang Sun</span>
</a></td>
<td width="25%"><a href="https://daoyuan14.github.io/">
<span class="tag is-light">Daoyuan Wu</span>
</a></td>
<td width="25%"><a href="#">
<span class="tag is-light">Yue Xue</span>
</a></td>
<td width="25%"><a href="https://helayliu.github.io/">
<span class="tag is-light">Han Liu</span>
</a></td>
</tr>
</table>
</table>
</table>
<br>
<br>
<table width="100%">
<tr>
<td width="25%"><img class="custom-style" src="static/images/haijun.jpg">
</td>
<td width="25%"><img class="custom-style" src="static/images/zhengzi.jpg">
</td>
<td width="25%"><img class="custom-style" src="static/images/xiaofei.jpg">
</td>
<td width="25%"><img class="custom-style" src="static/images/liuyang.jpg">
</td>
</tr>
<table>
<table width="100%">
<tr>
<td width="25%"><a href="#">
<span class="tag is-light">Haijun Wang</span>
</a></td>
<td width="25%"><a
href="https://scholar.google.com/citations?user=zr6yQtsAAAAJ&hl=en">
<span class="tag is-light">Zhengzi Xu</span>
</a></td>
<td width="25%"><a href="https://xiaofeixie.bitbucket.io/">
<span class="tag is-light">Xiaofei Xie</span>
</a></td>
<td width="25%"><a href="https://personal.ntu.edu.sg/yangliu/">
<span class="tag is-light">Yang Liu</span>
</a></td>
</tr>
</table>
</table>
</table>
</div>
</div>
</div>
</div>
</section>
</body>
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/jquery.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/@fortawesome/[email protected]/js/all.min.js"></script>
<script src="static/js/scholar.js"></script>
</html>