计算机科学
脆弱性(计算)
计算机安全
多智能体系统
智能合约
分布式计算
嵌入式系统
人工智能
块链
作者
Zhiyuan Wei,Jing Sun,Yuqiang Sun,Ye Liu,Daoyuan Wu,Zijian Zhang,Xianhao Zhang,Meng Li,Yang Liu,Chunmiao Li,Mingchao Wan,Jin Song Dong,Liehuang Zhu
标识
DOI:10.1109/tse.2025.3597319
摘要
Blockchain’s inherent immutability, while transformative, creates critical security risks in smart contracts, where undetected vulnerabilities can result in irreversible financial losses. Current auditing tools and approaches often address specific vulnerability types, yet there is a need for a comprehensive solution that can detect a wide range of vulnerabilities with high accuracy. We propose LLM-SmartAudit, a novel framework that leverages Large Language Models (LLMs) to automate smart contract vulnerability detection and analysis. Using a multi-agent conversational architecture with a buffer-of-thought mechanism, LLM-SmartAudit maintains a dynamic record of insights generated throughout the audit process. This enables a collaborative system of specialized agents to iteratively refine their assessments, enhancing the accuracy and depth of vulnerability detection. To evaluate its effectiveness, LLM-SmartAudit was tested on three datasets: a benchmark for common vulnerabilities, a real-world project corpus, and a CVE dataset. It outperformed existing tools with 98% accuracy on common vulnerabilities and demonstrates higher accuracy in real-world scenarios. Additionally, it successfully identifies 12 out of 13 CVEs, surpassing other LLM-based methods. These results demonstrate the effectiveness of multi-agent collaboration in automated smart contract auditing, offering a scalable, adaptive, and highly efficient solution for blockchain security analysis.
科研通智能强力驱动
Strongly Powered by AbleSci AI