Leveraging Mixture-of-Experts Framework for Smart Contract Vulnerability Repair with Large Language Model
This program is tentative and subject to change.
Smart contracts are a core component of blockchain ecosystems, but their transparency and immutability make them vulnerable to attacks, leading to significant financial losses. Thus, repairing vulnerabilities in smart contracts is crucial for establishing a trustworthy blockchain environment. Existing smart contract vulnerability repair methods suffer from a critical “one-for-all” design limitation, where a single model is tasked with fixing diverse vulnerability types, leading to suboptimal performance due to insufficient specialization. To address this, we propose MoEFix, a novel framework leveraging a Mixture-of-Experts (MoE) architecture tailored for smart contract characteristics. MoEFix partitions vulnerabilities into subspaces, trains specialized experts for each type (e.g., reentrancy, integer overflow), and employs a vulnerability-aware router to dynamically allocate repairs. We further redesign the repair workflow to align with large language models, enabling end-to-end secure contract generation instead of partial patches, and to achieve this, we curated a dataset of 1,391 contracts covering five critical vulnerability types. To validate our approach, we extend the benchmark PVD test suite. Experiments demonstrate that MoEFix outperforms state-of-the-art methods by 21.64% in overall accuracy, achieving improvements of 26.19% (reentrancy) and 23.08% (delegatecall) for specific vulnerabilities.
This program is tentative and subject to change.
Tue 18 NovDisplayed time zone: Seoul change
14:00 - 15:30 | |||
14:00 10mTalk | Leveraging Mixture-of-Experts Framework for Smart Contract Vulnerability Repair with Large Language Model Research Papers Hang Yuan Institute of Software, Chinese Academy of Sciences, University of Chinese Academy of Sciences, China, Xizhi Hou Institute of Software, Chinese Academy of Sciences; University of Chinese Academy of Sciences, Lei Yu Institute of Software, Chinese Academy of Sciences, University of Chinese Academy of Sciences, China, Li Yang Institute of Software, Chinese Academy of Sciences, Jiayue Tang Institute of Software, CAS, Univ. of Chinese Academy of Sciences, Jiadong Xu Institute of Software, Chinese Academy of Sciences, University of Chinese Academy of Sciences, Yifei Liu Institute of Software, Chinese Academy of Sciences, University of Chinese Academy of Sciences, Fengjun Zhang Institute of Software, Chinese Academy of Sciences, China, Chun Zuo Sinosoft | ||
14:10 10mTalk | Why Is My Transaction Risky? Understanding Smart Contract Semantics and Interactions in the NFT Ecosystem Research Papers Yujing Chen Zhejiang University, Xuanming Liu Zhejiang University, Zhiyuan Wan Zhejiang University, Zuobin Wang Zhejiang University, David Lo Singapore Management University, Difan Xie Hangzhou High-Tech Zone (Binjiang) Institute of Blockchain and Data Security, Xiaohu Yang Zhejiang University | ||
14:20 10mTalk | Demystifying OpenZeppelin's Own Vulnerabilities and Analyzing Their Propagation in Smart Contracts Research Papers Han Liu The Hong Kong University of Science and Technology, Daoyuan Wu Lingnan University, Yuqiang Sun Nanyang Technological University, Shuai Wang Hong Kong University of Science and Technology, Yang Liu Nanyang Technological University, Yixiang Chen East China Normal University | ||
14:30 10mTalk | PROMFUZZ: Leveraging LLM-Driven and Bug-Oriented Composite Analysis for Detecting Functional Bugs in Smart Contracts Research Papers Xingshuang Lin Zhejiang University, Qinge Xie Georgia Institute of Technology, Binbin Zhao Zhejiang University, Yuan Tian , Saman Zonouz Georgia Institute of Technology, Na Ruan Shanghai Jiaotong University, Jiliang Li Xi'an Jiaotong University, Raheem Beyah Georgia Institute of Technology, Shouling Ji Zhejiang University | ||
14:40 10mTalk | VeriExploit: Automatic Bug Reproduction in Smart Contracts via LLMs and Formal Methods Research Papers Chenfeng Wei The University of Manchester, Shiyu Cai The University of Manchester, Yiannis Charalambous The University of Manchester, Tong Wu , Sangharatna Godboley NIT Warangal, Lucas C. Cordeiro University of Manchester, UK and Federal University of Amazonas, Brazil | ||
14:50 10mTalk | SolContractEval: A Benchmark for Evaluating Contract-Level Solidity Code Generation Research Papers Zhifan Ye Zhejiang University, Jiachi Chen Sun Yat-sen University, Zhenzhe Shao Sun Yat-sen University, Lingfeng Bao Zhejiang University, Xiaohu Yang Zhejiang University, Zhongxin Liu Zhejiang University | ||
15:00 10mTalk | PrefGen: A Preference-Driven Methodology for Secure Yet Gas-Efficient Smart Contract Generation Research Papers Zhiyuan Peng Shanghai Jiao Tong University, Xin Yin Zhejiang University, Zijie Zhou China University of Petroleum (Beijing), Chenhao Ying Shanghai Jiao Tong University, Chao Ni Zhejiang University, Yuan Luo Shanghai Jiao Tong University Pre-print | ||
15:10 10mTalk | Soleker: Uncovering Vulnerabilities in Solana Smart Contracts Research Papers Kunsong Zhao The Hong Kong Polytechnic University, Yunpeng Tian The Hong Kong Polytechnic University, Zuchao Ma The Hong Kong Polytechnic University, Xiapu Luo Hong Kong Polytechnic University | ||
15:20 10mTalk | Have We Solved Access Control Vulnerability Detection in Smart Contracts? A Benchmark Study Research Papers Han Liu The Hong Kong University of Science and Technology, Daoyuan Wu Lingnan University, Yuqiang Sun Nanyang Technological University, Shuai Wang Hong Kong University of Science and Technology, Yang Liu Nanyang Technological University | ||