# Research Roundup: How AI and LLMs Are Revolutionizing Smart Contract Security

> Insights from 7 Recent Papers on Using AI to Detect and Fix Smart Contract Vulnerabilities

**Published by:** [Sphene Labs: Open Lab Journal 📓](https://paragraph.com/@sphenelabs/)
**Published on:** 2025-05-10
**Categories:** smart contracts, llm, security, audit, research
**URL:** https://paragraph.com/@sphenelabs/research-roundup-how-ai-and-llms-are-revolutionizing-smart-contract-security

## Content

Smart contracts are the backbone of decentralized finance (DeFi), NFTs, DAOs, and many other Web3 innovations. But they’re also permanently deployed, immutable, and often handle millions in assets. Once a contract is deployed to the blockchain, you can’t just patch a bug like in traditional software—any vulnerability becomes a target. In 2022 and 2023 alone, over $3 billion was lost due to smart contract exploits, many of which could have been avoided with better auditing tools or detection systems. That’s why security is critical—not just during audits, but throughout the development lifecycle. And now, thanks to advances in AI, developers have access to powerful LLM-based tools that can assist in writing, reviewing, and even fixing vulnerable code. These are recent research papers from 2024, offering valuable insights for developers and security researchers exploring AI-assisted auditing.Research Insights Summary Paper TitleInsight & ApproachMain Use CaseResultsSmart Contract Vulnerability Detection: The Role of LLM Biagio Boi, Christian Esposito, Sokjoon Lee. ACM SAC Review, May 2024Uses GPT-3.5 trained on annotated vulnerabilities to detect complex bugs in Solidity code.Pre-deployment bug detectionLLMs significantly improve vulnerability coverage during audits.LLMSmartSec Viraaji Mothukuri, Reza M. Parizi, James L. Massa. Aug 2024Integrates fine-tuned GPT-4 with annotated control flow graphs for logic-aware auditing.Logic-based vulnerability detection and auto-fixReduces reliance on manual audits with cost-effective automation.GPTScan Yuqiang Sun, Daoyuan Wu, Yue Xue, et al. Apr 2024Combines GPT with semantic slicing and program analysis for deep code understanding.Finding logic bugs in money flow and control structuresIdentifies ~80% of logic flaws missed by traditional tools.ContractTinker Che Wang, Jiashuo Zhang, Jianbo Gao, et al. Oct 2024Uses Chain-of-Thought prompting with static analysis to suggest code patches.Automated vulnerability repairSuccessfully fixes high-severity real-world contract bugs.Prompt-Guided ChatGPT Jiarun Ma, Shiling Feng, Jiahao Zeng, et al. Aug 2024Enhances ChatGPT with structured prompts and opcode-aware heuristics.Detecting known vulnerability patternsPrompt tuning significantly improves detection accuracy.SLLM System Yunlai Zhou, Jianzhong Qi, Jin Zhu. Oct 2024Fuses Slither with GPT-4 using few-shot prompting for better bug classification.Classifying vulnerabilities accuratelyReduces false positives and improves audit precision.ACFIX Lyuye Zhang, Kaixuan Li, Kairan Sun, et al. Mar 2024, arXivGuides GPT-4 using mined access control (RBAC) patterns for secure patch generation.Fixing access control bugsAchieves 94.9% repair accuracy; outperforms baseline GPT.Research TL;DRLLMs can detect bugs well, especially when trained or fine-tuned on real vulnerability data (e.g., GPT-3.5, GPT-4, Llama-2).Hybrid approaches dominate — the most effective tools combine LLMs with traditional program analysis (like Control Flow Graphs or static analysis via Slither).Contract repair is real — tools like ContractTinker and ACFIX show LLMs can not only find bugs but also suggest patches with high success rates.Prompt engineering works — ChatGPT’s vulnerability detection improves drastically with structured prompts and domain-specific guidance.False positives are being reduced — systems like SLLM convert results into pseudocode and loop in feedback, making audits more accurate and less noisy.Access control is a major focus — several papers, especially ACFIX, target fixing privilege escalation and role-based vulnerabilities effectively.Cross-contract logic and subtle money flow bugs — previously missed by static tools — are now detectable by LLM-assisted tools like GPTScan and xFuzz.A Quick Overview of Manual Smart Contract InspectionWhile AI and LLM-based tools offer great support, manual review remains essential for catching subtle, business logic–specific issues. Here's a simplified checklist for developers doing a hands-on inspection:Manual Inspection BasicsUnderstand What Your Contract is Supposed to DoWrite a plain-English description of your contract’s purpose.List expected user roles (e.g., admin, user) and what they should/shouldn’t be able to do.This becomes your mental threat model.Know the Architecture of Your ProjectList all your contracts. Which ones are yours? Which ones are imported (e.g., OpenZeppelin)?Understand how contracts are connected: Who calls whom? Who owns what?Use the VS Code extension Solidity Visual Developer to visually inspect contract structure, call graphs, function dependencies, and inheritance. This gives you a map of your system—which is essential to understand the blast radius of any function.Build a Simple Threat ModelFor each contract, answer:What can an attacker try to manipulate?Where are funds stored or moved?Who can call upgrade/admin functions?Are there external calls? Are return values checked?Example outputUse annotations like @audit in your code to bookmark lines of concern if using the Solidity Visual Developer extension.Consider documenting findings in a spreadsheet with columns: Function | Risk Level | Reason | MitigationThe goal is to list assumptions and then try to break them or ensure they’re enforced in code.Check Transfer Logic and Access ControlSearch your contract code for these sensitive keywords:For each occurrence, ask yourself:Who is allowed to call this function?Is the access control enforced with a modifier or require()?Are return values checked (e.g., does transfer() return true)?Is the value coming from user input or untrusted source?If using delegatecall, is it protected by strict access control and input validation?If using token transfers, do you confirm success and avoid silent failures?Use Slither to Catch Common VulnerabilitiesExample findings:NaiveReceiverPool.flashLoan(...) uses arbitrary from in transferFrom() → potential for unauthorized token movementUnstoppableVault.execute(...) uses delegatecall on user-supplied data → critical control riskDamnValuableStaking.stake() ignores return value of transferFrom(...) → may fail silentlyShardsNFTMarketplace._closeOffer(...) performs external calls before updating state → reentrancy riskFreeRiderRecoveryManager.onERC721Received() uses tx.origin for auth → replace with msg.senderMath.sol and other files use ^ (bitwise XOR) where ** was likely intended → incorrect mathWhat NOT to DoDon’t assume a contract is safe just because it’s small.Don’t trust input values without require() checks.Don’t use tx.origin for authentication.Don’t ignore compiler warnings—they often flag real risks.How Developers Can Use ThisAI-assisted security tools are not meant to replace traditional audits—but they streamline the development process, help detect bugs early, and reduce time-to-audit. Here’s how smart contract developers and auditors can practically integrate these tools into their workflows:During DevelopmentIDE Integration: Use tools like Armur AI or LLMSmartSec that plug into VS Code or your editor of choice to get real-time feedback as you write Solidity.AI Code Review: After writing a function or module, prompt GPT-based tools to simulate an adversary—ask: “Where can this function break?”Prompt-Guided Checks: Apply techniques from Prompt-Guided ChatGPT or ACFIX to guide LLMs with your specific logic or access control patterns.Before DeploymentScan Entire Repos: Use SolidityScan, GPTScan, or SLLM to scan contracts end-to-end for known bugs and logic inconsistencies.Hybrid Analysis: Combine LLM suggestions with static analyzers like Slither, and fuzzers like Echidna to increase signal and reduce false positives.Threat Modeling: Pair LLMs with your manual threat model to validate assumptions (e.g., “Can anyone bypass this modifier?”).Post-Audit / MaintenanceRegression Checks: When updating contracts via proxy or upgradable patterns, rerun LLM scans to identify newly introduced risks.Bug Repair: Use tools like ContractTinker to generate patches for known vulnerabilities and test suggested fixes.Knowledge Sharing: Store past prompts and their LLM responses to build an internal library of reusable prompts for future audits.Used together, LLMs offer a powerful way to speed up reviews, detect non-obvious flaws, and elevate the baseline security posture of your contracts. If you're building or auditing smart contracts:Combine Slither/Echidna with LLM tools like GPTScan or SLLM to catch logic bugs early.Use prompt techniques from ACFIX or LLMSmartSec to enhance GPT-based contract review.Look into tools like ContractTinker for automatic remediation of discovered flaws.AI isn't magic—but used right, it can amplify your security toolkit and reduce audit time.Glossary: Web3 & Security Terms ExplainedFor readers newer to smart contract development, here’s a quick breakdown of terms used in this article:TermWhat It MeansSmart ContractA program stored on a blockchain that runs when triggered. Used to automate agreements or logic like token transfers or DAO voting.ImmutableOnce deployed, the code cannot be changed unless it uses upgradeable patterns like proxy contracts.DeFiShort for Decentralized Finance—apps like lending, trading, or yield farming that operate without centralized intermediaries.DAODecentralized Autonomous Organization—an on-chain group governed by smart contracts and token holders.LLM (Large Language Model)AI models (like GPT-4) trained to understand and generate human language, and increasingly used to analyze or write code.Static AnalysisExamining code without executing it, often used to catch security issues in smart contracts.Prompt EngineeringCrafting effective prompts to guide an AI (like ChatGPT) to produce accurate, relevant, or secure responses.CFG (Control Flow Graph)A diagram representing the execution paths within a smart contract. Useful for understanding logic and detecting flaws.Slither / EchidnaPopular open-source tools used to analyze and fuzz test Solidity smart contracts.ReentrancyA type of vulnerability where an external contract repeatedly calls into a function before the first invocation finishes—can drain funds.tx.originA global variable in Solidity that should not be used for authentication—it refers to the original caller, not necessarily the current one.FuzzingAutomated testing technique where random inputs are fed to a contract to try and trigger bugs or vulnerabilities.Proxy PatternA design that enables upgradeable smart contracts by separating logic and data storage.Blast RadiusThe extent of damage if a function is exploited.Helpful ReferencesA Guide to Smart Contract SecurityAuditing Smart Contracts - Security Review of Ethereum ApplicationsOWASP Smart Contract Top 10SolidityScan’s Web3HackHubSlitherDamn Vulnerable DeFi

## Publication Information

- [Sphene Labs: Open Lab Journal 📓](https://paragraph.com/@sphenelabs/): Publication homepage
- [All Posts](https://paragraph.com/@sphenelabs/): More posts from this publication
- [RSS Feed](https://api.paragraph.com/blogs/rss/@sphenelabs): Subscribe to updates

## Optional

- [Collect as NFT](https://paragraph.com/@sphenelabs/research-roundup-how-ai-and-llms-are-revolutionizing-smart-contract-security): Support the author by collecting this post
- [View Collectors](https://paragraph.com/@sphenelabs/research-roundup-how-ai-and-llms-are-revolutionizing-smart-contract-security/collectors): See who has collected this post