基于大语言模型的开放网络智能合约缺陷检测[j]

IF 8.9 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Internet of Things Journal Pub Date : 2025-03-25 DOI:10.1109/JIOT.2025.3553917

Huilin Ge;Ze Wang;Runbang Liu;Zhiwen Qiu;Jie Xia;Ting Chen;Hongzi Zhu

{"title":"基于大语言模型的开放网络智能合约缺陷检测[j]","authors":"Huilin Ge;Ze Wang;Runbang Liu;Zhiwen Qiu;Jie Xia;Ting Chen;Hongzi Zhu","doi":"10.1109/JIOT.2025.3553917","DOIUrl":null,"url":null,"abstract":"Smart contracts on the open network (TON) have become vital in Internet of Things (IoT) applications due to their low latency and high scalability. However, the unique architectural features of TON introduce specialized vulnerabilities that existing tools fail to address comprehensively. In this letter, we propose a novel defect detection framework that combines large language models (LLMs) for automated defect discovery with a locatable call graph for precise and efficient code analysis. Our method identifies four new types of TON-specific defects: 1) Ignore Errors Mode Usage; 2) Premature Acceptance; 3) Pseudo Deletion; and 4) Improper Jetton Refund. Evaluated on 1640 real-world smart contracts written in FunC and Tact, the framework uncovers 669 defects, with an average of one defect every 2.45 code segments. The detection achieves an average F1 score of 99.75% for FunC and 100% for Tact contracts. Additionally, our approach demonstrates lightweight computational overhead, consuming only 12.6 MB of memory and achieving a mean response time of 0.05 s. These results highlight the accuracy, efficiency, and practicality of our framework for securing TON-based smart contracts in IoT ecosystems.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 11","pages":"18443-18446"},"PeriodicalIF":8.9000,"publicationDate":"2025-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Adapting Large Language Models for Smart Contract Defects Detection in the Open Network Blockchain\",\"authors\":\"Huilin Ge;Ze Wang;Runbang Liu;Zhiwen Qiu;Jie Xia;Ting Chen;Hongzi Zhu\",\"doi\":\"10.1109/JIOT.2025.3553917\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Smart contracts on the open network (TON) have become vital in Internet of Things (IoT) applications due to their low latency and high scalability. However, the unique architectural features of TON introduce specialized vulnerabilities that existing tools fail to address comprehensively. In this letter, we propose a novel defect detection framework that combines large language models (LLMs) for automated defect discovery with a locatable call graph for precise and efficient code analysis. Our method identifies four new types of TON-specific defects: 1) Ignore Errors Mode Usage; 2) Premature Acceptance; 3) Pseudo Deletion; and 4) Improper Jetton Refund. Evaluated on 1640 real-world smart contracts written in FunC and Tact, the framework uncovers 669 defects, with an average of one defect every 2.45 code segments. The detection achieves an average F1 score of 99.75% for FunC and 100% for Tact contracts. Additionally, our approach demonstrates lightweight computational overhead, consuming only 12.6 MB of memory and achieving a mean response time of 0.05 s. These results highlight the accuracy, efficiency, and practicality of our framework for securing TON-based smart contracts in IoT ecosystems.\",\"PeriodicalId\":54347,\"journal\":{\"name\":\"IEEE Internet of Things Journal\",\"volume\":\"12 11\",\"pages\":\"18443-18446\"},\"PeriodicalIF\":8.9000,\"publicationDate\":\"2025-03-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Internet of Things Journal\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10937768/\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10937768/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

开放网络（TON）上的智能合约由于其低延迟和高可扩展性而在物联网（IoT）应用中变得至关重要。然而，TON独特的架构特性引入了现有工具无法全面解决的专门漏洞。在这封信中，我们提出了一个新的缺陷检测框架，它结合了用于自动缺陷发现的大型语言模型（llm）和用于精确和高效代码分析的可定位调用图。我们的方法确定了四种新的ton特定缺陷类型：1)忽略错误模式使用；2)过早接受；3)伪删除；4)退票不当。在对用FunC和Tact编写的1640个真实智能合约进行评估后，该框架发现了669个缺陷，平均每2.45个代码段就有一个缺陷。FunC和Tact合同的平均F1得分分别为99.75%和100%。此外，我们的方法显示了轻量级的计算开销，仅消耗12.6 MB内存，平均响应时间为0.05 s。这些结果突出了我们在物联网生态系统中保护基于ton的智能合约框架的准确性、效率和实用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Adapting Large Language Models for Smart Contract Defects Detection in the Open Network Blockchain

Smart contracts on the open network (TON) have become vital in Internet of Things (IoT) applications due to their low latency and high scalability. However, the unique architectural features of TON introduce specialized vulnerabilities that existing tools fail to address comprehensively. In this letter, we propose a novel defect detection framework that combines large language models (LLMs) for automated defect discovery with a locatable call graph for precise and efficient code analysis. Our method identifies four new types of TON-specific defects: 1) Ignore Errors Mode Usage; 2) Premature Acceptance; 3) Pseudo Deletion; and 4) Improper Jetton Refund. Evaluated on 1640 real-world smart contracts written in FunC and Tact, the framework uncovers 669 defects, with an average of one defect every 2.45 code segments. The detection achieves an average F1 score of 99.75% for FunC and 100% for Tact contracts. Additionally, our approach demonstrates lightweight computational overhead, consuming only 12.6 MB of memory and achieving a mean response time of 0.05 s. These results highlight the accuracy, efficiency, and practicality of our framework for securing TON-based smart contracts in IoT ecosystems.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.