AdvSCanner: Generating Adversarial Smart Contracts to Exploit Reentrancy Vulnerabilities Using LLM and Static Analysis
Smart contracts are prone to vulnerabilities, with reentrancy attacks posing significant risks due to their destructive potential. While various methods exist for detecting reentrancy vulnerabilities in smart contracts, such as static analysis, these approaches often suffer from high false positive rates and lack the ability to directly illustrate how detected vulnerabilities can be exploited in attacks.
In this paper, we tackle the challenging task of generating exploits for identified reentrancy vulnerabilities. To address this difficulty, we introduce AdvSCanner, a novel method that leverages Large Language Models (LLMs) and static analysis to automatically generate adversarial smart contracts (ASCs) designed to exploit reentrancy vulnerabilities in victim contracts. The basic idea of AdvSCanner is to extract attack flows associated with reentrancy vulnerabilities using static analysis and utilize them to guide LLMs in generating ASCs. To mitigate the inherent inaccuracies in LLM outputs, AdvSCanner incorporates a self-reflection component, which collects compilation and attack triggering feedback from the generated ASCs and refines the ASC generation if necessary. Experimental evaluations demonstrate the effectiveness of AdvSCanner, achieving a significantly higher success rate (85.90%) compared to the best baseline method, which only achieves 32.05%. Furthermore, a case study illustrates that AdvSCanner can greatly reduce auditing time from 24 hours (without assistance) to approximately 3 hours when used during the auditing process.
Thu 31 OctDisplayed time zone: Pacific Time (US & Canada) change
15:30 - 16:30 | Smart contract and block chain 2NIER Track / Research Papers / Tool Demonstrations at Camellia Chair(s): Vladimir Filkov University of California at Davis, USA | ||
15:30 15mTalk | Semantic Sleuth: Identifying Ponzi Contracts via Large Language Models Research Papers Cong Wu The University of Hong Kong, Jing Chen Wuhan University, Ziwei Wang Wuhan University, Ruichao Liang Wuhan University, Ruiying Du Wuhan University | ||
15:45 15mTalk | AdvSCanner: Generating Adversarial Smart Contracts to Exploit Reentrancy Vulnerabilities Using LLM and Static Analysis Research Papers Yin Wu Xi'an Jiaotong University, Xiaofei Xie Singapore Management University, Chenyang Peng Xi'an Jiaotong University, Dijun Liu Ant Group, Hao Wu Xi'an JiaoTong University, Ming Fan Xi'an Jiaotong University, Ting Liu Xi'an Jiaotong University, Haijun Wang Xi’an Jiaotong University | ||
16:00 10mTalk | ContractTinker: LLM-Empowered Vulnerability Repair for Real-World Smart Contracts Tool Demonstrations Che Wang Peking University, China, Jiashuo Zhang Peking University, China, Jianbo Gao Beijing Jiaotong University, Libin Xia Peking University, Zhi Guan Peking University, Zhong Chen | ||
16:10 10mTalk | HighGuard: Cross-Chain Business Logic Monitoring of Smart Contracts Tool Demonstrations Mojtaba Eshghie KTH Royal Institute of Technology, Cyrille Artho KTH Royal Institute of Technology, Sweden, Hans Stammler KTH Royal Institute of Technology, Wolfgang Ahrendt Chalmers University of Technology, Thomas T. Hildebrandt University of Copenhagen, Gerardo Schneider University of Gothenburg | ||
16:20 10mTalk | Oracle-Guided Vulnerability Diversity and Exploit Synthesis of Smart Contracts Using LLMs NIER Track Mojtaba Eshghie KTH Royal Institute of Technology, Cyrille Artho KTH Royal Institute of Technology, Sweden |