Contract-Graph Fusion and Cross-Graph Matching for Smart-Contract Vulnerability Detection

Abstract

Smart contracts empower many blockchain applications but are exposed to code-level defects. Existing methods do not scale to the evolving code, do not represent complex control and data flows, and lack granular and calibrated evidence. To address the above concerns, we present an across-graph corresponding contract-graph method for vulnerability detection: abstract syntax, control flow, and data flow are fused into a typed, directed contract-graph whose nodes are enriched with pre-code embeddings (GraphCodeBERT or CodeT5+). A Graph Matching Network (GMN) with cross-graph attention compares contract-graphs, aligns homologous sub-graphs associated with vulnerabilities, and supports the interpretation of statements at the level of balance between a broad structural coverage and a discriminative pairwise alignment. The evaluation follows a deployment-oriented protocol with thresholds fixed for validation, multi-seed averaging, and a conservative estimate of sensitivity under low-false-positive budgets. On SmartBugs Wild, the method consistently and markedly exceeds strong rule-based and learning baselines and maintains a higher sensitivity to matching false-positive rates; ablations track the gains to multi-graph fusion, pre-trained encoders, and cross-graph matching, stable through seeds.

1. Introduction

Smart contracts are the core element of the blockchain stack and face persistent security risks due to code-level weaknesses. Many vulnerabilities are related to Solidity features and suboptimal development practices [1]. High-impact incidents in 2023, including Lido DAO and Deus DAO with losses over USD $6.5$ million [2], and other events, such as Euler Finance and CertiK [3], show that local design or implementation flaws can escalate to protocol-level failures. As decentralized finance and other critical applications are more dependent on chain execution [3], detection methods must balance accuracy, scalability and operational reliability.

Vulnerability detection has therefore become a central theme of blockchain security [4]. Traditional program analysis, including static analysis and formal verification, can provide strong guarantees for some bugs, but it is difficult to adapt to large heterogeneous code bases and rapidly changing attack surfaces. Data-driven methods reduce part of this gap. Earlier neural approaches treated code as token sequences or shallow characteristics and could not capture program structure or data dependencies [5]. Large language models improve context modeling, but are expensive and often underrepresent complex control and data flows [6]. Graph-based analysis addresses these limitations by modeling code as graphs, so that graph neural networks combine structural and semantic signals and reason over paths and dependencies. Many existing graph methods still rely on a single modality such as the abstract syntax tree (AST), the control-flow graph (CFG), or the data-flow graph (DFG), or operate only at the contract level, which limits recognition of patterns that span structural views or recur across contracts [5,7].

Integrating multimodal program modeling with cross-contract pattern recognition is central to smart-contract vulnerability detection. At the representation level, a typed directed multi-graph that fuses abstract syntax, control flow, and data flow makes interactions among external calls, execution order, and state variable dependencies explicit, which closes blind spots left by single-view methods [5]. While such structural representation is helpful, it alone is insufficient. Contextual semantics from modern code encoders such as GraphCodeBERT and CodeT5+ add language-aware and domain-aware signals that improve discrimination under varied coding styles and obfuscation [8,9]. Effective generalization across contracts then requires alignment, where attention-based graph matching focuses inference on homologous sub-graphs that carry vulnerability evidence and improves performance on unseen contracts while preserving assertion-level interpretability [7]. Audit realism also matters. Threshold calibration, multi-seed reporting, and conservative estimates under low-FPR budgets control review cost without reducing sensitivity; on large real-world corpora such as SmartBugs Wild, multi-graph and cross-graph pipelines consistently surpass single-view baselines, with clear gains in low-FPR regimes [10].

Building on prior work and real-world audit requirements, this study is structured to achieve two practitioner-relevant objectives: robust cross-contract generalization and calibrated performance under low-false-positive budgets. Our contributions are threefold. First, we propose a unified multi-graph representation that fuses the AST, CFG, and DFG, enabling joint modeling of syntax, control, and data dependencies in a single space and improving coverage of execution semantics, including cross-dimensional triggers often missed by single-view methods. Second, we enrich node features with contextual semantics via GraphCodeBERT and CodeT5+, strengthening discrimination between benign and vulnerable variants across heterogeneous coding styles and obfuscation, thereby improving robustness. Third, we employ a Graph Matching Network with cross-graph attention to align homologous sub-graphs and concentrate evidence on vulnerability-relevant regions, which supports assertion-level cues and downstream localization. We further adopt a deployment-oriented evaluation protocol with validation-calibrated thresholds, multi-seed reporting, and conservative estimates of the average normalized positive rate under low-FPR budgets, controlling audit cost without sacrificing sensitivity. On SmartBugs Wild, comprising 47,398 unique Solidity files and about 203,716 contracts, we report sensitivity at 1%, 5%, and 10% operating points. The method attains a macro F1 of 90.18%, surpasses strong baselines in macro precision and recall, and exhibits higher sensitivity in low-FPR regions. Ablations confirm complementary gains from multi-graph fusion, semantic encoders, and cross-graph matching, with results stable across seeds.

The rest of this document is organized as follows: Section 2 examines the detection of vulnerability based on graphs and motivates multi-graph fusion with cross-graph alignment. Section 3 describes contract-graph construction, encoder integration, and matching architecture. Section 4 presents datasets, baselines, measures, and results, including low-false-positive sensitivity and ablations. Section 5 concludes with the limitations and directions for the deployment of unified extensions.

2. Related Works

Traditional vulnerability detection relies primarily on rule-based static and dynamic analyses. Static analysis checks program syntax without execution and can identify common errors, such as buffer overflows, through predefined patterns [11]. However, its dependence on hand-made rules limits its adaptability to previously invisible or semantically complex vulnerabilities. Dynamic analysis, on the other hand, observes execution-dependent behaviors and identifies abnormal paths during runtime [12]. However, its effectiveness is fundamentally limited by the scope of the test, leaving much of the execution space unexplored. These inherent limitations have motivated the transition to neural network-based approaches, in particular graph neural networks (GNNs), which are well adapted to capture the structural and semantic dependencies of source code and thus allow more generalized, robust, and scalable vulnerability detection beyond rigid rules or incomplete runtime traces.

Recent studies model the program code as graphs to combine structural and semantic hints. However, unique encoding (AST, CFG, or DFG only) often misses the interactions between control and data that trigger vulnerabilities. Multi-graph and heterogeneous formulations address this gap by coding syntax, control flow, and data dependencies together, and report more stable detection and localization at the function and statement levels [5,8,13]. In smart contracts, attention mechanisms further separate control signals from data signals and mitigate false correlations, improving trigger location through dual or heterogeneous attention [7,14]. One work on robustness and interpretation uses contextual graphic enhancement and assignment [15]. These results suggest that fusion benefits from explicit relationship separation and task-aware weighting, rather than naive concatenation.

Pre-trained code models provide contextual representations that encode long-term semantics and lexical regularity; CodeT5+ is a representative model for understanding and producing code [9]. In addition to sequence encoders alone, hybrid pipelines that combine sequence-level integrations with graph encoders consistently improve software vulnerability detection and just-in-time (JIT) scenarios by injecting structural biases from program graphs [5,8,16]. Recent studies show that graph-aware alignment and the transmission of cross-graph messages can mitigate the heuristic stack exposed in ablation analyses by selectively transferring information across modalities and attenuating cross-graph conflicts. These trends are consistent with the evidence from hybrid static–dynamic pipelines and heterogeneous graph architectures, and they motivate tighter graph–text connections, as well as more stringent evaluation protocols to address data leakage, fragility under small edits, and generalization gaps [17,18,19].

In the field of smart contracts, surveys synthesize attack taxonomies, data sources, assessment practices, and deployment concerns, emphasizing the trade-offs between coverage, interpretability, and operational costs [20,21,22,23,24]. Contract-related learners extend coverage through transfer and multi-label learning [25], while program analysis and measurement studies reveal risks rooted in contract-specific semantics and inter-contract interactions [26]. Public datasets and benchmarks (e.g., SmartBugs Wild) enable reproducible evaluation and large-scale error analysis [10,27,28]. In these threads, graph learning and pre-training are complementary: robust detection depends on the modeling of fine-grained interactions between syntax, control flow, and data flow. Our work follows this direction by fusing the AST, CFG, and DFG under a common spine with cross-sectional alignment and attention, aiming to precisely locate triggers and provide evidence-based reports at a practical cost. Recent heterogeneous and semantic graph approaches (e.g., HGAT [29], MVD-HG [30], and SCVHunter [7]) empirically demonstrate the effectiveness of multi-graph, alignment-based and attention-based designs by showing consistent gains in widely used smart-contract benchmarks and ablation settings, and further underline the need for transparent and reproducible evaluation protocols.

3. Proposed Approach

3.1. Overview

The proposed framework detects smart-contract vulnerabilities by the similarity of the contract-graph (Figure 1). Given a pair of Solidity contracts, it generates a similarity score that reflects the likelihood of shared vulnerabilities. During the construction of the graphs, marked training contracts (safe or vulnerable) are preprocessed to remove irrelevant code; static analysis extracts the AST, CFG, and DFG, which are merged into a structural and semantic context of directed multi-graph coding for the pre-trained encoder. In the cross-graph similarity phase, the GMN consumes graph pairs and learns vulnerability discrimination characteristics by optimizing supervised losses. In inference, the target contract is iteratively paired with vulnerable examples of the training set, converted to graphic form, and measured by the trained GMN using cosine similarity. If a similarity point exceeds a predefined threshold, the contract is labeled as vulnerable; otherwise, after evaluating all examples, it is classified as secure.

3.2. Contract-Graph Construction

The contract-graph construction process transforms smart-contract source code into a structured graph representation by integrating key code features through static analysis, which involves two main steps: information extraction and information integration. First, static analysis tools extract three core structures from contract code: AST, CFG, and DFG. The AST captures the syntactic structure of code statements, and these statements are identified by nodeType. The CFG models execution paths and control logic, and the DFG tracks variable usage and inter-statement data dependencies. Afterwards, these structures are integrated into a unified contract-graph. Each CFG node is replaced by its corresponding AST subtree to preserve syntactic details, and redundant nodes are pruned during this replacement. Two virtual nodes, v_fun and v_loop, are introduced to capture the function and the loop contexts, respectively. Directed edges of the AST, CFG, and DFG are combined, with type labels indicating the origin of each edge. This merged graph contains both structural and semantic information: structural information contains control flow and data flow, while semantic information contains syntactic type. Its visual workflow is illustrated in Figure 2.

Given a contract S with statement set $\mathcal{U}$ and variable set $\mathcal{V}$, static analyses derive the abstract syntax tree ${\mathcal{T}}_{\mathrm{ast}}=P_{\mathrm{ast}}\left(S\right)$, the control-flow graph ${\mathcal{G}}_{\mathrm{cfg}}=(V_{\mathrm{cfg}},E_{\mathrm{cfg}})$, and the data-flow graph ${\mathcal{G}}_{\mathrm{dfg}}=(V_{\mathrm{dfg}},E_{\mathrm{dfg}})$. For each $u\in \mathcal{U}$, a parser mapping $m:\mathcal{U}\to 2^{V_{\mathrm{ast}}}$ selects the associated AST node subset, yielding a pruned subtree ${\mathcal{T}}_u={\mathcal{T}}_{\mathrm{ast}}\left[m\left(u\right)\right]$. The contract is represented as a typed multi-graph $\mathrm{CG}\left(S\right)=(V,E,X,\psi ,\tau )$ with $E=E_{\mathrm{ast}}\cup E_{\mathrm{cfg}}\cup E_{\mathrm{dfg}}$, edge types $\psi :E\to \{\mathrm{ast},\mathrm{cfg},\mathrm{dfg}\}$, and node types $\tau :V\to {\Sigma }_{\mathrm{node}}$; auxiliary vertices $v_{\mathrm{fun}}$ and $v_{\mathrm{loop}}$ encode function and loop scopes. Construction replaces eligible CFG nodes by the corresponding ${\mathcal{T}}_u$, reconnects incident CFG edges to the subtree root, and updates $(\psi ,\tau )$ consistently. Node features $X\in {\mathbb{R}}^{\left|V\right|\times d}$ combine contextual embeddings with structural descriptors, and a token-level alignment $\pi :V\to 2^{\{1,\dots ,L\}}$ supports pooling and evidence tracing. Under a single-pass extraction regime, the end-to-end assembly runs in $O\left(\right|V|+|E\left|\right)$ time; control-/data-flow metadata are obtained with Slither [31], and AST structures (including nodeType) with solc-typed-ast [32]. The complete pipeline is summarized in Algorithm 1.

Algorithm 1 BuildContractGraph: extraction and fusion

Require:  Source code S, tokenizer, static analyzers Ensure:  $\mathrm{CG}\left(S\right)=(V,E,X,T)$ and alignment $\pi$  1: $\mathcal{T}\leftarrow P_{\mathrm{ast}}\left(S\right)$; $(V_{\mathrm{cfg}},E_{\mathrm{cfg}})\leftarrow \mathrm{CFG}\left(S\right)$; $(V_{\mathrm{dfg}},E_{\mathrm{dfg}})\leftarrow \mathrm{DFG}\left(S\right)$  2: Build $m\left(u\right)=V\left({\mathcal{T}}_u\right)$ for $u\in \mathcal{U}$; record token alignment $\pi$  3: Replace each CFG node by ${\mathcal{T}}_u$; reconnect links; prune redundant leaves  4: Add $v_{\mathrm{fun}},v_{\mathrm{loop}}$; connect statements within each function/loop  5: Set $E=E_{\mathrm{ast}}\cup E_{\mathrm{cfg}}\cup E_{\mathrm{dfg}}$ with type maps $\psi ,\tau$  6: return $\mathrm{CG}\left(S\right)=(V,E,⌀,T)$ and $\pi$                                                       ▹X set in Section 3.3

3.3. Pre-Training Phase

In contrast to GraphCodeBERT, which adopts a DFG-centric input, this approach integrates the AST, CFG, and DFG into a unified contract-graph (CG). Let $\mathcal{G}\left(S\right)=(V,E)$ denote the CG for source code S. Let $V=\mathrm{Var}=\{v_1,\dots ,v_k\}$ be the variable set. Let $E=\{e_1,\dots ,e_{\ell }\}$ be the set of directed, typed edges that encode AST, control-flow, and data-flow relations. The input sequence is $X=\left\{\right[\mathrm{CLS}],S,[\mathrm{SEP}],\mathrm{Var}\}$ with total length L. It is embedded into $H^0\in {\mathbb{R}}^{L\times d}$ using token embeddings and positional encodings. Variable tokens receive specialized positional encodings to capture data-flow structure.

A 12-layer Transformer processes $H^0$ with masked multi-head attention:

$$\mathrm{Attn}(Q,K,V;M)=\mathrm{softmax}\left({\displaystyle \frac{Q{K}^{\top }}{\sqrt{d}}}+M\right)V,$$

where Q, K, and V are the query, key, and value projections, d is the feature dimension, and M is the attention mask. The mask permits attention between adjacent tokens, CG-connected tokens (via AST/CFG/DFG edges), code–variable matches, and special tokens ([CLS], [SEP]). Other entries are set to $-\infty$. For layer $n\in [1,12]$,

$$G^n=\mathrm{LN}\left(\mathrm{Attn}\left(H^{n-1}\right)+H^{n-1}\right),H^n=\mathrm{LN}\left(\mathrm{FFN}\left(G^n\right)+G^n\right),$$

with $\mathrm{LN}$ denoting layer normalization and $\mathrm{FFN}$ a two-layer feed-forward network.

Node and edge features for downstream tasks are derived from $H^{12}$. For node i, features are obtained by pooling over the token alignment $\pi \left(i\right)$ and concatenating type encodings and Skip-gram embeddings:

$$x_i=\left[\mathrm{pool}\left(H^{12}\left[\pi \left(i\right)\right]\right);W_{\mathrm{type}}{\mathbf{1}}_{\tau \left(i\right)};e_i^{\mathrm{sg}}\right],$$

where $\tau \left(i\right)$ is the node type, $W_{\mathrm{type}}$ is the type-embedding matrix, and $e_i^{\mathrm{sg}}$ is the Skip-gram embedding. Edge features ${\alpha }_{ij}$ include edge-type encodings and optional Skip-gram components to capture relational context.

Pre-training optimizes three objectives with a weighted sum:

$$\mathcal{L}={\lambda }_1{\mathcal{L}}_{\mathrm{MLM}}+{\lambda }_2{\mathcal{L}}_{\mathrm{DFG}}+{\lambda }_3{\mathcal{L}}_{\mathrm{Align}}.$$

Here, ${\mathcal{L}}_{\mathrm{MLM}}$ (masked language modeling) [33] learns syntax and semantics, ${\mathcal{L}}_{\mathrm{DFG}}$ models variable dependencies and data flow, and ${\mathcal{L}}_{\mathrm{Align}}$ aligns variable representations between source code and data-flow views. This design fuses static structure from the AST/CFG with data-flow semantics from the DFG and supports smart-contract vulnerability detection.

3.4. Cross-Graph Similarity with a Contract-Graph Matcher

Vulnerability detection is formulated as cross-graph similarity between two contract-graphs ${\mathrm{CG}}_1=(V_1,E_1,X_1)$ and ${\mathrm{CG}}_2=(V_2,E_2,X_2)$. Graph ${\mathrm{CG}}_1$ is derived from a known vulnerable contract, and ${\mathrm{CG}}_2$ is obtained from a target contract. Nodes correspond to statements or variables. Edges encode abstract syntax, control-flow, and data-flow relations. Feature matrices $X_1$ and $X_2$ are produced by a shared pre-trained encoder to ensure consistent representations across graphs.

Node and edge embeddings are initialized with multilayer perceptrons to place inputs in a common latent space suitable for graph matching:

$${\eta }_i^{\left(0\right)}={\mathrm{MLP}}_{\mathrm{node}}\left(x_i\right),e_{ij}={\mathrm{MLP}}_{\mathrm{edge}}\left({\alpha }_{ij}\right),$$

where ${\eta }_i^{\left(0\right)}$ is the initial hidden state of node i, $x_i$ is the preprocessed node feature, and ${\alpha }_{ij}$ is the raw edge feature for $(i,j)$. The embedding $e_{ij}$ encodes edge attributes in the same latent space as node states.

Each iteration t applies two operations: intra-graph aggregation and cross-graph attention. Intra-graph aggregation preserves local dependencies and computes messages between neighbors:

$${\mu }_{j\to i}^{\left(t\right)}=f_m\left({\eta }_i^{\left(t\right)},{\eta }_j^{\left(t\right)},e_{ij}\right),(i,j)\in E_1\cup E_2,$$

where $f_m$ is a feed-forward message function. Cross-graph attention enables interaction between nodes across graphs to compare vulnerability patterns. Attention weights are

$$a_{ij}^{\left(t\right)}={softmax}_j\left({\left({\eta }_i^{\left(t\right)}\right)}^{\top }W{\eta }_j^{\prime \left(t\right)}\right),v_{j\to i}^{\left(t\right)}=a_{ij}^{\left(t\right)}{\eta }_j^{\prime \left(t\right)},$$

where W is a trainable projection and ${\eta }_j^{\prime \left(t\right)}$ denotes the hidden state of a node from the opposite graph. Node updates fuse the previous state with aggregated messages:

$${\eta }_i^{(t+1)}=f_u\left({\eta }_i^{\left(t\right)},\sum _j{\mu }_{j\to i}^{\left(t\right)},\sum _{j^{\prime }}{v}_{j^{\prime }\to i}^{\left(t\right)}\right),$$

with $f_u$ being a feed-forward update rule. The resulting interactions yield similarity signals that highlight matched substructures indicative of shared vulnerabilities.

The hidden state of node i at iteration $t+1$ is updated by combining three components: the previous state, aggregated intra-graph messages, and aggregated cross-graph messages. The update rule is

$${\eta }_i^{(t+1)}=f_u\left({\eta }_i^{\left(t\right)},\sum _{j:(j,i)\in E_1\cup E_2}{\mu }_{j\to i}^{\left(t\right)},\sum _{j^{\prime }}{v}_{j^{\prime }\to i}^{\left(t\right)}\right),$$

where $f_u$ is a feed-forward function that maps the aggregated inputs to the next hidden state. A typical choice instantiates $f_u$ as a multilayer perceptron with a nonlinearity and optional gating; residual connections and layer normalization can be applied to improve stability. The cross-graph attention that yields $v_{j^{\prime }\to i}^{\left(t\right)}$ is illustrated in Figure 3.

After T iterations, node embeddings are aggregated into graph-level representations by a permutation-invariant readout $f_a$. Common choices include mean pooling and max pooling; the resulting vectors summarize global vulnerability signals in a contract-graph:

$$g_1=f_a\left({\left\{{\eta }_i^{\left(T\right)}\right\}}_{i\in V_1}\right),g_2=f_a\left({\left\{{\eta }_j^{\left(T\right)}\right\}}_{j\in V_2}\right).$$

Cosine similarity is then computed after ${\ell }_2$ normalization to remove scale effects:

$${\widehat{g}}_1={\displaystyle \frac{g_1}{{\parallel g_1\parallel }_2}},{\widehat{g}}_2={\displaystyle \frac{g_2}{{\parallel g_2\parallel }_2}},s={\widehat{g}}_1^{\top }{\widehat{g}}_2.$$

The similarity score $s\in [-1,1]$ quantifies alignment between two contracts. Values close to 1 indicate high similarity and a greater likelihood of shared vulnerabilities. Values near $-1$ indicate low similarity.

The pipeline is computationally efficient for large-scale analysis. Contract-graph construction runs in $O\left(\right|V|+|E\left|\right)$ time. For the pre-trained encoder with sequence length L and feature dimension d, each layer incurs $O\left(L^2\right)$ for self-attention and $O\left(Ld\right)$ for projections and feed-forward blocks. For the GMN with T iterations, intra-graph message passing costs $O\left(T\left(\right|E_1|+|E_2\left|\right)\right)$, and cross-graph attention costs $O\left(T|V_1\left|\right|V_2|\right)$. This complexity profile balances accuracy and efficiency and supports practical deployment in real-world detection workflows.

3.5. Training and Detection

Training uses a margin-based contrastive loss to separate similar and dissimilar contract pairs. Similar pairs comprise contracts that share the same vulnerability type; dissimilar pairs comprise one vulnerable and one secure contract. For a labeled pair $(S_a,S_b,y)$, $y=1$ denotes a similar pair and $y=0$ denotes a dissimilar pair. The graph embeddings of $S_1$ and $S_2$ are $g_1$ and $g_2$. The similarity score is $s=cos(g_1,g_2)$. The loss is

$${\mathcal{L}}_{\mathrm{pair}}=y{(1-s)}^2+(1-y)max{\left(0,s-m\right)}^2,$$

where $m\in (0,1)$ is a margin hyperparameter. The margin enforces a minimum separation for dissimilar pairs and improves the model’s discrimination between vulnerable and non-vulnerable patterns during training.

During detection, all vulnerable contracts from the training set are embedded to form the reference library $\mathcal{Z}$. The library summarizes known vulnerability patterns. A target contract is processed by the same construction and encoding pipeline to obtain its embedding g. The maximum cosine similarity to the library identifies the most relevant pattern:

$$s\left(G\right)=\underset{z\in \mathcal{Z}}{max}cos(g,z).$$

The target is classified as vulnerable if $s\left(G\right)\ge \tau$, where $\tau$ is selected on a validation set to balance precision and recall. Precision controls false positives. Recall controls false negatives. This procedure yields a stable operating point for practical deployment. Algorithm 2 outlines graph construction, encoder pre-training and pooling, pairwise optimization of the matcher, construction of the reference library, and maximum-similarity inference.

Algorithm 2 TrainAndDetect: margin-based training and library-guided inference

Require:  Labeled contracts $\left\{(S_i,y_i)\right\}$; validation-selected threshold $\tau$  1: Build $\mathrm{CG}\left(S\right)$ and alignment $\pi$ via Algorithm 1  2: Pre-train encoder; extract and pool node/edge features  3: Train the matcher on pairs $(S_1,S_2,y)$ by minimizing ${\mathcal{L}}_{\mathrm{pair}}$  4: Assemble vulnerable embedding library $\mathcal{Z}\leftarrow \{z=\mathrm{embed}(S):y=1\}$  5: Detect: embed target contract G as g; compute $s\left(G\right)$; output vulnerable if $s\left(G\right)\ge \tau$, else secure

4. Empirical Evaluation

The method is evaluated on three fronts: first, the end-to-end accuracy against the rule-based and learning-based baselines; secondly, the benefit of fusing AST+CFG+DFG over single views; and thirdly, the ablations of the key modules. Sensitivity is also studied under low-false-positive budgets.

4.1. Datasets

The SmartBugs Wild dataset [10] is used as a public corpus of Solidity contracts. It contains $\mathrm{47,398}$ unique .sol files (approximately $\mathrm{203,716}$ contracts). Labels cover reentrancy (RE), timestamp dependency (TD), and integer overflow/underflow (IO), plus non-vulnerable files.

4.2. Baselines and Setup

(1)

Static analysis and graphs. ASTs are extracted with solc-typed-ast [32]. CFG/DFG and def-use metadata come from Slither [31]. These artifacts are merged into contract-level graphs (Section 3.2) using NetworkX [34].

(2)

Encoder and matcher. GraphCodeBERT [33] is used (12 layers, hidden size 768, 12 heads, Adam). The contract-graph matcher uses embedded size 100, four hidden layers, learning rate ${10}^{-4}$, and test time threshold $\tau =0.8$. Training occurs for 85 iterations (Section 3.4).

(3)

Baselines. For transparency and comparability, the baselines are organized into two families under a uniform evaluation interface-rule-based: sFuzz [35], SmartCheck [36], Osiris [37], Oyente [38], and Mythril [39]; and learning-based: LineVul [40], GCN [41], TMP [42], AME [43], Peculiar [44], CBGRU [45], and CGE [46]. All experiments follow the configurations specified in the original works.

(4)

Splits and protocol. A 60/20/20 train/validation/test split is used. The thresholds are chosen during validation and fixed during testing. Each experiment uses five random seeds; the means are reported.

(5)

Metrics. Precision, recall, and $F_1$ follow the standard definitions, which are not repeated here. For completeness, $F_2$ and Fowlkes–Mallows (FM) are reported as deterministic functions of $(P,R)$.

4.3. End-to-End Results

Table 1. Detection results by method. Columns 2–13 report per-class recall (R), precision (P), and $F_1$ for reentrancy, timestamp, and integer overflow, with macro-averaged $P/R/F_1$ (cols. 11–13). The three right-hand columns show the $F_2$/FM class calculated from $(P,R)$.

Methods	Reentrancy			Timestamp			Integer Overflow			Macro Avg			${\mathit{F}}_2$/FM
	$\mathit{R}$	$\mathit{P}$	${\mathit{F}}_{\mathbf{1}}$	$\mathit{R}$	$\mathit{P}$	${\mathit{F}}_{\mathbf{1}}$	$\mathit{R}$	$\mathit{P}$	${\mathit{F}}_{\mathbf{1}}$	$\mathit{R}$	$\mathit{P}$	${\mathit{F}}_{\mathbf{1}}$	RE	TD	IO
sFuzz	13.99	10.71	12.13	28.05	24.73	26.29	25.66	27.70	26.64	22.57	21.05	21.69	13.18/12.24	27.32/26.34	26.04/26.66
SmartCheck	17.24	46.86	25.21	78.81	47.65	59.39	69.79	41.35	51.93	55.28	45.29	45.51	19.73/28.42	69.69/61.28	61.35/53.72
Osiris	62.82	39.91	48.81	53.65	59.85	56.58	61.33	41.79	49.71	59.27	47.18	51.70	56.35/50.07	54.79/56.67	56.09/50.63
Oyente	63.20	45.08	52.62	57.01	59.17	58.07	58.13	58.53	58.33	69.45	54.26	56.34	58.50/53.38	57.43/58.08	58.21/58.33
Mythril	76.00	43.22	55.10	50.00	58.05	53.73	70.73	68.73	69.72	65.58	56.67	59.52	65.99/57.31	51.43/53.87	70.32/69.72
LineVul	72.84	83.57	77.84	65.80	88.90	75.63	73.42	75.45	74.42	70.69	82.64	75.96	74.76/78.02	69.41/76.48	73.82/74.43
GCN	74.37	73.70	74.03	79.25	74.03	76.55	71.02	68.61	69.79	74.88	72.11	73.46	74.24/74.03	78.15/76.60	70.52/69.80
TMP	76.16	76.26	76.21	74.52	78.36	76.39	68.58	71.62	70.07	73.09	75.41	74.22	76.18/76.21	75.26/76.42	69.17/70.08
AME	79.71	81.31	80.50	82.24	80.98	81.61	69.48	71.75	70.60	77.14	78.01	77.57	80.02/80.51	81.98/81.61	69.92/70.61
Peculiar	80.53	85.39	82.89	87.94	87.60	87.77	83.72	84.23	83.97	84.06	85.74	84.88	81.46/82.92	87.87/87.77	83.82/83.97
CBGRU	81.70	85.16	83.39	81.68	81.51	81.59	79.48	80.29	79.88	80.95	82.32	81.62	82.37/83.41	81.65/81.59	79.64/79.88
CGE	86.78	83.83	85.28	87.39	89.09	88.23	84.86	86.95	85.89	86.34	86.62	86.47	86.17/85.29	87.72/88.24	85.27/85.90
Proposed	90.27	92.34	91.29	90.38	91.54	90.95	87.45	89.17	88.30	89.37	91.02	90.18	90.68/91.30	90.61/90.96	87.79/88.31

reports precision, recall, and macro-averaged $F_1$ for reentrancy, timestamp dependency, and integer overflow. The proposed framework attains 91.02% macro precision, 89.37% macro recall, and 90.18% macro $F_1$, exceeding the strongest baseline, CGE [46], by 4.40, 3.03, and 3.71 percentage points, respectively. Pattern-based tools (sFuzz [35], SmartCheck [36], Mythril [39]) yield only 21.69%–59.52% macro $F_1$, reflecting the brittleness of fixed rules, whereas learning-based methods perform more consistently. Within these, GNN-based approaches outpace sequence-only models such as LineVul [40] (75.96% macro $F_1$) by leveraging structural context.

Per-category analysis indicates the largest gain on reentrancy: the method achieves 91.29% $F_1$, a +6.01 percentage-point improvement over CGE, attributable to fused AST/CFG/DFG representations that capture syntax–execution–dependency interactions. Advantages also hold for timestamp dependency (90.95%, +2.72 pp) and integer overflow (88.30%, +2.41 pp). Auxiliary metrics corroborate these trends: for reentrancy, the $F_2$-score is 90.68% and the Fowlkes–Mallows coefficient is 91.30%, underscoring utility in security auditing where both recall and precision are critical. Overall, combining multi-graph fusion, pre-trained semantic encoding, and cross-graph matching addresses limitations of rule-based and sequence-only baselines and yields consistent, across-task improvements.

4.4. Low-FPR Sensitivity

False-positive rate (FPR) is the proportion of non-vulnerable contracts incorrectly classified as vulnerable and is a key consideration in audits where false alarms waste reviewer effort. To compute the observed FPR from available summary statistics, the confusion-matrix relations are inverted using prevalence $\pi \in (0,1)$, recall R (true-positive rate), and precision P.

$$P={\displaystyle \frac{\pi R}{\pi R+(1-\pi ){\mathrm{FPR}}_{\star }}}⟹{\mathrm{FPR}}_{\star }={\displaystyle \frac{\pi R\left(\frac{1}{P}-1\right)}{1-\pi }},$$

where ${\mathrm{FPR}}_{\star }$ denotes the FPR implied by $(P,R,\pi )$. Following [17], the low-FPR normalized sensitivity (vertically normalized partial ROC area) is

$${\mu }_{\mathrm{TPR}}\left(\alpha \right)={\displaystyle \frac{1}{\alpha }}{\int }_0^{\alpha }\mathrm{TPR}\left(u\right)du\in [0,1],\alpha \in (0,1),$$

which emphasizes detector behavior under a false-positive budget $\alpha$. Under the ROC convex-hull (ROCCH) model and the constraint $\mathrm{TPR}\left(u\right)\le R$, the tight lower bound is

$${\mu }_{\mathrm{TPR}}^{\mathrm{lower}}\left(\alpha \right)=\left\{\begin{array}{cc}\left({\displaystyle \frac{R}{2}}\right){\displaystyle \frac{\alpha }{{\mathrm{FPR}}_{\star }}},\hfill & \alpha \le {\mathrm{FPR}}_{\star },\hfill \\ R\left(1-{\displaystyle \frac{{\mathrm{FPR}}_{\star }}{2\alpha }}\right),\hfill & \alpha >{\mathrm{FPR}}_{\star },\hfill \end{array}\right.$$

which is continuous at $\alpha ={\mathrm{FPR}}_{\star }$. The protocol fixes the prevalence at $\pi =5\%$ and reports ${\mu }_{\mathrm{TPR}}^{\mathrm{lower}}\left(\alpha \right)$ at $\alpha \in \{1\%,5\%,10\%\}$.

Figure 4 plots ${\mu }_{\mathrm{TPR}}^{\mathrm{lower}}\left(\alpha \right)$ versus $\alpha$ for reentrancy (RE), timestamp dependency (TD), and integer overflow (IO), comparing the proposed method with CGE, Peculiar, CBGRU, and Mythril. The proposed method attains the highest normalized mean TPR across all $\alpha$: for RE, the gains over the baselines range from $+11.82$ to $+54.91$ percentage points at $\alpha =1\%$, from $+4.97$ to $+40.09$ at $\alpha =5\%$, and from $+3.95$ to $+31.96$ at $\alpha =10\%$. All curves are monotonic non-decreasing and are upper-bounded by recall R, consistent with the ROCCH constraint.

These advantages arise from the fused AST/CFG/DFG representation, which captures syntax–control–data interactions, and from cross-graph matching that aligns vulnerability-relevant sub-graphs to reduce false positives. In contrast, the pattern-based Mythril [36] is constrained by fixed rules and shows limited adaptability to code variants; the sequence-based CBGRU underutilizes structural context; and Peculiar [44] emphasizes structural patterns yet may underexploit semantic cues. As a result, these baselines struggle to balance TPR and FPR in the low-FPR regime, whereas the proposed method delivers more favorable trade-offs for practical audits.

4.5. Visual Diagnostics

Figure 5 compares $F_1$ bars with low recall and precision markers. When the two markers are in close proximity to the top of a bar, the operating threshold is well calibrated; a visible separation indicates asymmetric errors, i.e., a preference for accuracy over recall or vice versa. In reentrancy, timestamp dependency, and integer overflow, the proposed method appears as the rightmost bar (the diagram is sorted by $F_1$), showing the highest $F_1$ in each class. It also shows minimal marker gaps. For reentry, its $F_1$ is $91.29\%$ (consistent with Table 1); the almost-overlap of recall and precision markers further indicates a balanced precision trade-off.

Among the baselines, CGE is the closest competitor; however, for reentrancy, its recall is about four percentage points lower than its precision, suggesting a lack of detection of positive cases at the selected threshold and reflecting the lack of explicit cross-graph interaction modeling. Peculiar shows a pre-precision profile with a 3–5-percentage-point gap between precision and recall markers, while CBGRU suppresses the recall for an integer overflow with a gap of about six percentage points. Rule-based tools such as Mythril occupy the leftmost positions (the lowest $F_1$) and display the largest marker gaps, in line with the fragility of fixed rules under code variants. Overall, our combined AST/CFG/DFG representation and cross-graph matching method reduces false positives without sacrificing recall, resulting in a more favorable precision–recall balance for audit-oriented use.

4.6. Fusion and Ablations

Table 2. Single-view inputs and ablations on three vulnerabilities.

Methods	Reentrancy			Timestamp			Integer Overflow
	$\mathit{R}$ (%)	$\mathit{P}$ (%)	${\mathit{F}}_{\mathbf{1}}$(%)	$\mathit{R}$ (%)	$\mathit{P}$ (%)	${\mathit{F}}_{\mathbf{1}}$ (%)	$\mathit{R}$ (%)	$\mathit{P}$ (%)	${\mathit{F}}_{\mathbf{1}}$ (%)
AST only	82.19	86.23	84.16	82.47	85.68	84.04	80.34	83.75	82.00
CFG only	83.45	86.78	85.08	83.19	85.27	84.22	81.27	83.53	82.39
DFG only	84.56	88.34	86.41	84.34	87.12	85.71	82.14	85.22	83.65
Proposed (DFG only)	84.56	88.34	86.41	84.34	87.12	85.71	82.14	85.22	83.65
Proposed (no pre-trained encoder)	80.58	85.12	82.78	81.22	85.89	83.49	79.34	83.62	81.42
Proposed (no matcher)	82.19	83.45	82.82	82.67	84.23	83.44	81.48	82.27	81.87
Proposed (full)	90.27	92.34	91.29	90.38	91.54	90.95	87.45	89.17	88.30

Notation: “no pretrained encoder” removes the pre-trained code encoder; “no matcher” removes cross-graph matching.

reports per-class $F_1$ for single-graph input variants and ablations of the proposed framework. The full model fuses the AST, CFG, and DFG and attains the best performance—$91.29\%$ on reentrancy, $90.95\%$ on timestamp dependency, and $88.30\%$ on integer overflow—surpassing all single-graph inputs. The AST-only variant peaks at $84.16\%$ $F_1$, reflecting its inability to encode control- or data-flow constraints, whereas the DFG-only variant, the strongest single-graph baseline at $86.41\%$ $F_1$, still underperforms on control-intensive patterns due to limited modeling of execution structure.

Ablations corroborate the contribution of each component. Replacing the fused graph with DFG alone yields consistent drops across classes. Removing the pre-trained encoder (GraphCodeBERT) reduces the reentrancy $F_1$ to $82.78\%$ ($-8.51$ percentage points relative to the full model), indicating that semantic priors are necessary beyond structural cues. Eliminating the cross-graph matcher further degrades performance by weakening alignment of vulnerability-relevant sub-graphs across contracts. Taken together, multi-graph fusion, pre-trained semantics, and cross-graph alignment act synergistically to provide more comprehensive code representations and higher detection accuracy.

5. Conclusions and Future Work

This work presents the GMN, a framework that unites multi-graph fusion, semantic improvement with GraphCodeBERT, and cross-graph matching for smart-contract vulnerability detection. By combining the AST, CFG, and DFG into a single contract-graph, this method captures syntax, execution logic, and variable dependency in a single representation. The pre-developed encoder provides contextual semantic embeddings for nodes and edges, and a network corresponding to the graph with cross-graph attention aligns vulnerability-related sub-graphs across contracts, so that the inference focuses on evidenced code regions and reduces false positives. Experiments on SmartBugs Wild show that the GMN achieves a macro-average ($F_1$) of $90.18\%$ across reentry, time dependency, and integer overflow, surpasses rule- and learning-based baselines, and offers superior performance in low-false-positive regimes, supporting audit-oriented use. At the same time, the current scope focuses on single-contract analysis and assumes static adaptation to the evolving characteristics of Solidity. Future work will model inter-contract interactions and transaction-level behaviors, introduce adaptive and continuous learning to follow emerging vulnerabilities and language updates, and evaluate the robustness of code perturbations and oppositional corrections. We will also strengthen transparency through calibrated threshold selection, reproducible protocols, and evidence-based reports linking each detection to its supporting sub-graphs.