RTMS: A Smart Contract Vulnerability Detection Method Based on Feature Fusion and Vulnerability Correlations
Abstract
:1. Introduction
- Training and detection processes typically rely on source code or its decompiled form. However, in reality, the source code of most smart contracts is not publicly available, and what we can mainly obtain is their bytecode. This situation limits the application scope and effectiveness of traditional methods [15].
- Many existing detection tools can only detect a single type of vulnerability [16]. However, in actual situations, smart contracts often contain multiple vulnerabilities, and detecting these vulnerabilities one by one can significantly increase the time and computational costs of the detection process, thereby affecting detection efficiency.
- Many existing text-based detection methods lack effective and independent slicing strategies and cannot extract features from multiple scales.
- Utilizing opcode as input: We have chosen opcode as the input format. Compared to bytecode, opcode offers stronger expressive power and incurs less information loss during the decompilation process. Moreover, compared to Solidity code, opcode is more accessible and facilitates simpler computation of gas values.
- Proposing a gas-consumption-based slicing method: We have designed a slicing method based on gas consumption. By prioritizing the analysis of the most logically complex opcode segments, this method enhances the efficiency and accuracy of feature extraction.
- Employing a hierarchical network structure: We have adopted a hierarchical network structure to expand the range of acceptable input lengths and to extract features from multiple dimensions. This significantly improves the efficiency of feature extraction and the generalization capability of the model.
- Introducing channel–sequence attention mechanisms: By incorporating channel-sequence attention mechanisms, we enable the model to learn correlations between vulnerabilities and refine initial classification results. This approach markedly enhances the performance and accuracy of multi-vulnerability detection.
2. Background
2.1. Classification of Smart Contract Vulnerabilities
2.2. Method of Smart Contract Vulnerability Detection
2.3. Related Work
3. Method
3.1. Overview
3.2. Data Preprocessing
3.2.1. Opcode Simplification
- Replace specific addresses in the opcodes with the symbol “adr”. Since the majority of vulnerabilities are related to code logic rather than specific address values, this transformation turns irrelevant information into relevant information.
- Merge similar instructions to increase their frequency, which helps concentrate features and mitigates the issue of overly long input data. For example, instructions like PUSH1–PUSH32, where the number following PUSH indicates the byte size of the PUSH, can be unified into a single PUSH instruction. Additionally, instructions that are infrequently used, have low logic, and have similar functionality, such as TIMESTAMP (to obtain the block timestamp), NUMBER (to obtain the block number), and GASLIMIT (to obtain the block’s gas limit), can be merged into a single BLOCK INFO instruction, which means obtaining block information. To facilitate subsequent operations, remove instructions that consume too much or too little gas within the same group and ultimately, select a group with the same gas consumption. The specific merged instructions are shown in Table 1, with all other instructions remaining unchanged.
- Remove consecutively appearing instructions. There are many instances of the same instruction appearing consecutively in the opcodes. For example, when the ADDRESS instruction (to get the current account address) appears consecutively, it represents only one logic. In such cases, the repeated instructions should be deleted to reduce the weight of that instruction.
Simplified | Original |
---|---|
PUSH | PUSH1-PUSH32 |
LOG | LOG0-LOG4 |
DUP | DUP1-DUP16 |
SWAP | SWAP1-SWAP16 |
BlOCK INFO | COINBASE, TIMESTAMP, NUMBER, GASLIMIT |
CONTRACT INFO | GAS, ADDRESS, BALANCE, GASPRICE |
SYSTEM INFO | ORIGIN, CODESIZE, EXTCODESIZE, RETURNDATASIZE |
CALL | CALLER, CALLVALUE, CALLDATALOAD, CALLDATASIZE |
LT | LT, SLT |
GT | GT, SGT |
3.2.2. Opcode Slicing
Algorithm 1: Algorithm for calculating the maximum gas consumption shard. Created by the authors. |
3.3. Data Imbalance Problem
3.4. Transfer Learning
4. Structure
4.1. CodeBERT
4.2. Detail Future Encoder
4.3. Attention-Based Gated Memory Network
4.4. RTBlock
5. Experiments
5.1. Datasets
5.2. Experimental Settings
5.3. Evaluation Metrics
5.4. Results Analysis
6. Conclusions and Future Work
6.1. Conclusions
6.2. Future Work
- Build authoritative datasets. Future efforts should be directed towards gathering datasets that encompass a broader spectrum of vulnerability types. Additionally, it is essential to standardize the format of these datasets, facilitating the data preprocessing work for subsequent researchers. By expanding existing datasets, we can provide richer resources for the training and evaluation of deep learning models, thereby enhancing their performance and reliability.
- Research vulnerability remediation strategies. Currently, relevant research is still mainly focused on the detection of contract vulnerabilities. In the future, security research can be conducted on vulnerability contracts to help relevant researchers understand the logic behind contract vulnerabilities.
- Develop integrated static and dynamic analysis models. Focus on addressing the limitations of our current deep learning approach, which relies heavily on static source code analysis and may miss certain execution paths, leading to false positives. Integrate detection tools across different levels to enhance the identification of vulnerabilities in contracts.
Author Contributions
Funding
Data Availability Statement
Acknowledgments
Conflicts of Interest
References
- Swan, M. Blockchain: Blueprint for a New Economy; O’Reilly Media, Inc.: Sebastopol, CA, USA, 2015. [Google Scholar]
- Sankar, L.S.; Sindhu, M.; Sethumadhavan, M. Survey of consensus protocols on blockchain applications. In Proceedings of the 2017 4th International Conference on Advanced Computing and Communication Systems (ICACCS), Coimbatore, India, 6–7 January 2017; IEEE: Piscataway, NJ, USA, 2017; pp. 1–5. [Google Scholar]
- Yang, X.; Li, W. A zero-knowledge-proof-based digital identity management scheme in blockchain. Comput. Secur. 2020, 99, 102050. [Google Scholar] [CrossRef]
- Rahman, M.S.; Al Omar, A.; Alam Bhuiyan, Z.; Basu, A.; Kiyomoto, S.; Wang, G. Accountable cross-border data sharing using blockchain under relaxed trust assumption. IEEE Trans. Eng. Manag. 2020, 67, 1476–1486. [Google Scholar] [CrossRef]
- Wan, Z.; Guan, Z.; Cheng, X. PRIDE: A private and decentralized usage-based insurance using blockchain. In Proceedings of the 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Halifax, NS, Canada, 30 July–3 August 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 1349–1354. [Google Scholar]
- Buterin, V. A next-generation smart contract and decentralized application platform. White Pap. 2014, 3, 13. [Google Scholar]
- Szabo, N. Smart contracts: Building blocks for digital markets. EXTROPY J. Transhumanist Thought 1996, 18, 28. [Google Scholar]
- Bhargavan, K.; Delignat-Lavaud, A.; Fournet, C.; Gollamudi, A.; Gonthier, G.; Kobeissi, N.; Kulatova, N.; Rastogi, A.; Sibut-Pinote, T.; Swamy, N.; et al. Formal verification of smart contracts: Short paper. In Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security, Vienna, Austria, 24 October 2016; pp. 91–96. [Google Scholar]
- Mossberg, M.; Manzano, F.; Hennenfent, E.; Groce, A.; Grieco, G.; Feist, J.; Brunson, T.; Dinaburg, A. Manticore: A user-friendly symbolic execution framework for binaries and smart contracts. In Proceedings of the 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), San Diego, CA, USA, 11–15 November 2019; IEEE: Piscataway, NJ, USA, 2019; pp. 1186–1189. [Google Scholar]
- Takanen, A.; Demott, J.D.; Miller, C.; Kettunen, A. Fuzzing for Software Security Testing and Quality Assurance; Artech House: New York, NY, USA, 2018. [Google Scholar]
- Chen, H.; Pendleton, M.; Njilla, L.; Xu, S. A survey on ethereum systems security: Vulnerabilities, attacks, and defenses. ACM Comput. Surv. (CSUR) 2020, 53, 1–43. [Google Scholar] [CrossRef]
- Hu, H.; Bai, Q.; Xu, Y. Scsguard: Deep scam detection for ethereum smart contracts. In Proceedings of the IEEE INFOCOM 2022-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Virtual Conference, 2–5 May 2022; IEEE: Piscataway, NJ, USA, 2022; pp. 1–6. [Google Scholar]
- Li, P.; Wang, G.; Xing, X.; Zhu, J.; Gu, W.; Zhai, G. A smart contract vulnerability detection method based on deep learning with opcode sequences. Peer-to-Peer Netw. Appl. 2024, 17, 3222–3238. [Google Scholar] [CrossRef]
- Liu, Y.; Wang, C.; Ma, Y. DL4SC: A novel deep learning-based vulnerability detection framework for smart contracts. Autom. Softw. Eng. 2024, 31, 24. [Google Scholar] [CrossRef]
- Surucu, O.; Yeprem, U.; Wilkinson, C.; Hilal, W.; Gadsden, S.A.; Yawney, J.; Alsadi, N.; Giuliano, A. A survey on ethereum smart contract vulnerability detection using machine learning. Disruptive Technol. Inf. Sci. VI 2022, 12117, 110–121. [Google Scholar]
- Qian, P.; Liu, Z.; He, Q.; Huang, B.; Tian, D.; Wang, X. Smart contract vulnerability detection technique: A survey. arXiv 2022, arXiv:2209.05872. [Google Scholar]
- Mehar, M.I.; Shier, C.L.; Giambattista, A.; Gong, E.; Fletcher, G.; Sanayhie, R.; Kim, H.M.; Laskowski, M. Understanding a revolutionary and flawed grand experiment in blockchain: The DAO attack. J. Cases Inf. Technol. (JCIT) 2019, 21, 19–32. [Google Scholar] [CrossRef]
- Sun, T.; Yu, W. A formal verification framework for security issues of blockchain smart contracts. Electronics 2020, 9, 255. [Google Scholar] [CrossRef]
- Torres, C.F.; Schütte, J.; State, R. Osiris: Hunting for integer bugs in ethereum smart contracts. In Proceedings of the 34th Annual Computer Security Applications Conference, San Juan, PR, USA, 3–7 December 2018; pp. 664–676. [Google Scholar]
- Zheng, Z.B.; Wang, C.D.; Cai, J.H. Analysis of the current status of smart contract security research and detection methods. Inf. Secur. Commun. Priv. 2020, 7, 93–105. [Google Scholar]
- Hildenbrandt, E.; Saxena, M.; Rodrigues, N.; Zhu, X.; Daian, P.; Guth, D.; Moore, B.; Park, D.; Zhang, Y.; Stefanescu, A.; et al. Kevm: A complete formal semantics of the ethereum virtual machine. In Proceedings of the 2018 IEEE 31st Computer Security Foundations Symposium (CSF), Oxford, UK, 9–12 July 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 204–217. [Google Scholar]
- Jiang, B.; Chen, Y.; Wang, D.; Ashraf, I.; Chan, W.K. WANA: Symbolic execution of wasm bytecode for extensible smart contract vulnerability detection. In Proceedings of the 2021 IEEE 21st International Conference on Software Quality, Reliability and Security (QRS), Hainan, China, 6–10 December 2021; IEEE: Piscataway, NJ, USA, 2021; pp. 926–937. [Google Scholar]
- Yang, H.; Gu, X.; Chen, X.; Zheng, L.; Cui, Z. CrossFuzz: Cross-contract fuzzing for smart contract vulnerability detection. Sci. Comput. Program. 2024, 234, 103076. [Google Scholar] [CrossRef]
- Wang, S.; Zhao, X. Contractsentry: A static analysis tool for smart contract vulnerability detection. Autom. Softw. Eng. 2025, 32, 1. [Google Scholar] [CrossRef]
- Qian, S.; Ning, H.; He, Y.; Chen, M. Multi-label vulnerability detection of smart contracts based on Bi-LSTM and attention mechanism. Electronics 2022, 11, 3260. [Google Scholar] [CrossRef]
- Wu, H.; Dong, H.; He, Y.; Duan, Q. Smart contract vulnerability detection based on hybrid attention mechanism model. Appl. Sci. 2023, 13, 770. [Google Scholar] [CrossRef]
- Wen, Q.; Zhou, T.; Zhang, C.; Chen, W.; Ma, Z.; Yan, J.; Sun, L. Transformers in time series: A survey. arXiv 2022, arXiv:2202.07125. [Google Scholar]
- Guo, J.; Lu, L.; Li, J. Smart Contract Vulnerability Detection Based on Multi-Scale Encoders. Electronics 2024, 13, 489. [Google Scholar] [CrossRef]
- Tong, V.; Dao, C.; Tran, H.-A.; Tran, T.X.; Souihi, S. Enhancing BERT-Based Language Model for Multi-label Vulnerability Detection of Smart Contract in Blockchain. J. Netw. Syst. Manag. 2024, 32, 63. [Google Scholar] [CrossRef]
- Wu, H.; Peng, Y.; He, Y.; Lu, S. EDSCVD: Enhanced Dual-Channel Smart Contract Vulnerability Detection Method. Symmetry 2024, 16, 1381. [Google Scholar] [CrossRef]
- Wood, G. Ethereum: A secure decentralised generalised transaction ledger. Ethereum Proj. Yellow Pap. 2014, 151, 1–32. [Google Scholar]
- Mujahid, M.; Kına, E.; Rustam, F.; Villar, M.G.; Alvarado, E.S.; Diez, I.D.L.T.; Ashraf, I. Data oversampling and imbalanced datasets: An investigation of performance for machine learning and feature engineering. J. Big Data 2024, 11, 87. [Google Scholar] [CrossRef]
- Yuan, D.; Wang, X.; Li, Y.; Zhang, T. Optimizing smart contract vulnerability detection via multi-modality code and entropy embedding. J. Syst. Softw. 2023, 202, 111699. [Google Scholar] [CrossRef]
- Liu, Y. RoBERTa: A robustly optimized BERT pretraining approach. arXiv 2019, arXiv:1907.11692. [Google Scholar]
- Feng, Z.; Guo, D.; Tang, D.; Duan, N.; Feng, X.; Gong, M.; Shou, L.; Qin, B.; Liu, T.; Jiang, D.; et al. Codebert: A pre-trained model for programming and natural languages. arXiv 2020, arXiv:2002.08155. [Google Scholar]
- Rossini, M. Slither Audited Smart Contracts Dataset. 2022. Available online: https://huggingface.co/datasets/mwritescode/slither-audited-smart-contracts/ (accessed on 6 February 2025).
- Feist, J.; Grieco, G.; Groce, A. Slither: A static analysis framework for smart contracts. In Proceedings of the 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), Montréal, QC, Canada, 27 May 2019; IEEE: Piscataway, NJ, USA, 2019; pp. 8–15. [Google Scholar]
- Bogatinovski, J.; Todorovski, L.; Džeroski, S.; Kocev, D. Comprehensive comparative study of multi-label classification methods. Expert Syst. Appl. 2022, 203, 117215. [Google Scholar] [CrossRef]
Parameter | Value |
---|---|
Optimizer | Adam |
Learning rate | 2 × 10−5 |
Dropout rate | 0.3 |
Batch size | 16 |
Epochs | 30 |
Vulnerability | Metrics | RTMS | Bi-LSTM-ATT | Bi-GRU-ATT | MEVD | EDSCVD |
---|---|---|---|---|---|---|
Re-entrancy | pre | 0.9662 | 0.7857 | 0.8159 | 0.8918 | 0.8778 |
rec | 0.9519 | 0.8128 | 0.8372 | 0.9266 | 0.8706 | |
F1 | 0.9589 | 0.7991 | 0.8264 | 0.9089 | 0.8742 | |
Permission Control | pre | 0.9329 | 0.7109 | 0.7527 | 0.8593 | 0.8342 |
rec | 0.8982 | 0.7461 | 0.7451 | 0.8744 | 0.8032 | |
F1 | 0.9153 | 0.7281 | 0.7489 | 0.8668 | 0.8184 | |
Integer Overflow | pre | 0.9538 | 0.7611 | 0.7819 | 0.8972 | 0.8664 |
rec | 0.9381 | 0.7916 | 0.8281 | 0.9070 | 0.8342 | |
F1 | 0.9459 | 0.7761 | 0.8043 | 0.9021 | 0.8501 | |
Insecure Calling | pre | 0.9468 | 0.7186 | 0.7659 | 0.8186 | 0.8090 |
rec | 0.9216 | 0.7595 | 0.7951 | 0.8242 | 0.7789 | |
F1 | 0.9289 | 0.7385 | 0.7802 | 0.8213 | 0.7937 |
Method | Precision | Recall | F1 Score | Jaccard | Hamming |
---|---|---|---|---|---|
RTMS-GSS | 0.9498 | 0.9341 | 0.9419 | 0.9312 | 0.0211 |
RTMS-GASS | 0.9337 | 0.9285 | 0.9311 | 0.9104 | 0.0285 |
RTMS-OT | 0.8636 | 0.7204 | 0.7855 | 0.7541 | 0.1027 |
Method | Precision | Recall | F1 Score | Jaccard | Hamming |
---|---|---|---|---|---|
Dense | 0.9026 | 0.8873 | 0.8949 | 0.8762 | 0.0687 |
1DCNN | 0.9282 | 0.9052 | 0.9166 | 0.9069 | 0.0373 |
Bi-LSTM | 0.9331 | 0.9176 | 0.9253 | 0.9104 | 0.0285 |
Self-Attention | 0.9307 | 0.9154 | 0.9230 | 0.9078 | 0.0314 |
Channel-Sequence-Attention | 0.9498 | 0.9341 | 0.9419 | 0.9312 | 0.0211 |
Method | Precision | Recall | F1 Score | Jaccard | Hamming |
---|---|---|---|---|---|
DL-Encoder-RTNet | 0.9498 | 0.9341 | 0.9419 | 0.9312 | 0.0211 |
DL-Encoder-TNet | 0.7524 | 0.6263 | 0.6836 | 0.6486 | 0.2784 |
DL-Encoder | 0.9162 | 0.9017 | 0.9089 | 0.8812 | 0.0724 |
DL-Encoder-BiLSTM | 0.9386 | 0.9231 | 0.9307 | 0.9172 | 0.0261 |
CodeBERT | 0.8752 | 0.7314 | 0.7895 | 0.7267 | 0.1054 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2025 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Gao, G.; Li, Z.; Jin, L.; Liu, C.; Li, J.; Meng, X. RTMS: A Smart Contract Vulnerability Detection Method Based on Feature Fusion and Vulnerability Correlations. Electronics 2025, 14, 768. https://doi.org/10.3390/electronics14040768
Gao G, Li Z, Jin L, Liu C, Li J, Meng X. RTMS: A Smart Contract Vulnerability Detection Method Based on Feature Fusion and Vulnerability Correlations. Electronics. 2025; 14(4):768. https://doi.org/10.3390/electronics14040768
Chicago/Turabian StyleGao, Gaimei, Zilu Li, Lizhong Jin, Chunxia Liu, Junji Li, and Xiangqi Meng. 2025. "RTMS: A Smart Contract Vulnerability Detection Method Based on Feature Fusion and Vulnerability Correlations" Electronics 14, no. 4: 768. https://doi.org/10.3390/electronics14040768
APA StyleGao, G., Li, Z., Jin, L., Liu, C., Li, J., & Meng, X. (2025). RTMS: A Smart Contract Vulnerability Detection Method Based on Feature Fusion and Vulnerability Correlations. Electronics, 14(4), 768. https://doi.org/10.3390/electronics14040768