Computer Science

Computer Science ›› 2025, Vol. 52 ›› Issue (4): 362-368.doi: 10.11896/jsjkx.240800039

• Information Security • Previous Articles     Next Articles

Study on Smart Contract Vulnerability Repair Based on T5 Model

JIAO Jian1,2, CHEN Ruixiang1, HE Qiang3, QU Kaiyang3, ZHANG Ziyi1   

  1. 1 School of Computer Science,Beijing University of Information Technology,Beijing 102206,China
    2 Beijing University of Information Technology Future Blockchain and Privacy Computing High Precision and Advanced Innovation Center,Beijing 102206,China
    3 China Information Security Assessment Center,Beijing 100193,China
  • Received:2024-08-06 Revised:2024-09-26 Online:2025-04-15 Published:2025-04-14
  • About author:JIAO Jian,born in 1978,Ph.D,professor,is a member of CCF(No.28495M).His main research interests include network security and blockchain.
  • Supported by:
    Beijing Advanced Innovation Center for Future Blockchain and Privacy Computing(GJJ-23) and Computer School of the College Student Innovation and Entrepreneurship Training Program,which Promotes the Development of Classified Universities(5112410852).

PDF (PC)

111

Abstract: The current research on addressing vulnerabilities in Ethereum smart contracts primarily focuses on manually defined templates.This method requires developers to have extensive expertise,and its effectiveness is poor when dealing with complex vulnerabilities.This paper explores vulnerability repair techniques for smart contracts at the source code level in Solidity.By introducing a machine learning approach to vulnerability repair,we designe and implement a T5 model-based smart contract vulnerability repair system to tackle the problem of depending on manual intervention.Using data crawling and data augmentation techniques,we compile a training dataset specifically for the T5 model.The T5 model for repairing smart contract vulnerabilities is trained using machine learning techniques.A test dataset is constructed through web crawling to evaluate the system’s perfor-mance from various perspectives.The system’s accuracy in contract repair,gas consumption,and introduced code volume is compared with other contract vulnerability repair tools such as TIPS,SGUARD,and Elysium.Experimental results show that our system achieves good repair outcomes and overall performance superior to other vulnerability repair tools.

Key words: Smart contracts, Blockchain, T5 model, Machine learning, Vulnerability repair

CLC Number: 

  • TP309
[1]FAQIR-RHAZOUI Y,ARROYO J,HASSAN S.A comparative analysis of the platforms for decentralized autonomous organizations in the Ethereum blockchain[J].Journal of Internet Services and Applications,2021,12:1-20.
[2]GUPTA B C,KUMARN,HANDA A,et al.An insecurity study of ethereum smart contracts[C]//Security,Privacy,and Applied Cryptography Engineering:10th International Conference.SPACE,2020:17-21.
[3]КОМЛЕВА Н О,ТЕРЕЩЕНКО О.Requirements for thedevelopment of smart contracts and an overview of smart contract vulnerabilities at the Solidity code level on the Ethereum platform[J].Вiсник сучасних iнформацiйних технологй,2023,6(1):54-68.
[4]CHU H,ZHANG P,DONG H,et al.A survey on smart contract vulnerabilities:Data sources,detection and repair[J].Information and Software Technology,2023,159:107221.
[5]HE D,WU R,LI X,et al.Detection of vulnerabilities of block-chain smart contracts[J].IEEE Internet of Things Journal,2023,10(14):12178-12185.
[6]GAO C,YANG W,YE J,et al.sGuard+:Machine LearningGuided Rule-based Automated Vulnerability Repair on Smart Contracts[J].ACM Transactions on Software Engineering and Methodology,2024,33(5):1-55.
[7]KUSHWAHA S S,JOSHI S,SINGH D,et al.Systematic review of security vulnerabilities in ethereum blockchain smart contract[J].IEEE Access,2022,10:6605-6621.
[8]TAŞ R.Smart contract security vulnerabilities[J].ErzincanUniversity Journal of Science and Technology,2023,16(1):196-211.
[9]NARAYANA K L,SATHIYAMURTHY K.Automation and smart materials in detecting smart contracts vulnerabilities in Blockchain using deep learning[J].Materials Today:Proceedings,2023,81:653-659.
[10]CHU H T,ZHANG P C,DONG H,et al.A survey on smart contract vulnerabilities:Data sources,detection and repair[J].Information and Software Technology,2023,159:107221.
[11]RODLER M,LI W,KARAME G O,et al.{EVMPatch}:Timely and automated patching of ethereum smart contracts[C]//30th USENIX Security Symposium(USENIX Security 21).2021:1289-1306.
[12]ZHANG Y,MA S,LI J,et al.Smartshield:Automatic smartcontract protection made easy[C]//2020 IEEE 27th International Conference on Software Analysis,Evolution and Reengineering(SANER).IEEE,2020:23-34.
[13]JIN H,WANG Z,WEN M,et al.Aroc:An automatic repair framework for on-chain smart contracts[J].IEEE Transactions on Software Engineering,2021,48(11):4611-4629.
[14]FERREIRA TORRES C,JONKER H,STATE R.Elysium:Context-Aware Bytecode-Level Patching to Automatically Heal Vulnerable Smart Contracts[C]//Proceedings of the 25th International Symposium on Research in Attacks,Intrusions and Defenses.2022:115-128.
[15]YU X L,AL-BATAINEH O,LO D,et al.Smart contract repair[J].ACM Transactions on Software Engineering and Methodo-logy(TOSEM),2020,29(4):1-32.
[16]NGUYEN T D,PHAM L H,SUN J.SGUARD:towards fixing vulnerable smart contracts automatically[C]//2021 IEEE Symposium on Security and Privacy(SP).IEEE,2021:1215-1229.
[17]TOLMACH P,LI Y,LIN S W.Property-based automated repair of defi protocols[C]//Proceedings of the37th IEEE/ACM International Conference on Automated Software Engineering.2022:1-5.
[18]CHEN Q,ZHOU T,LIU K,et al.Tips:towards automatingpatch suggestion for vulnerable smart contracts[J].Automated Software Engineering,2023,30(2):31.
[19] CHEN R X,JIAO J,WANG R H.Intelligent Contract Vulnerability Detection System Based on Ontology Reasoning[J].Computer Science,2023,50(10):336-342.
[20]FEIST J,GRIECO G,GROCE A.Slither:a static analysisframework for smart contracts[C]//2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain(WETSEB).IEEE,2019:8-15.
[21]SHARMA N,SHARMA S.A survey of Mythril,a smart contract security analysis tool forEVM bytecode[J].Indian J Natural Sci,2022,13(75):51003-51010.
[1] WU Xingli, ZHANG Haoyue, LIAO Huchang. Review of Doctor Recommendation Methods and Applications for Consultation Platforms [J]. Computer Science, 2025, 52(5): 109-121.
[2] WANG Pu, GAO Zhanyun, WANG Zhenfei, SONG Zheli. BDBFT:A Consensus Protocol Based on Reputation Prediction Model for IoT Scenario [J]. Computer Science, 2025, 52(5): 366-374.
[3] YANG Fan, SUN Yi, LIN Wei, GAO Qi. Blockchain-based Highly Trusted Query Verification Scheme for Streaming Data [J]. Computer Science, 2025, 52(4): 352-361.
[4] HAN Lin, WANG Yifan, LI Jianan, GAO Wei. Automatic Scheduling Search Optimization Method Based on TVM [J]. Computer Science, 2025, 52(3): 268-276.
[5] DU Likuan, LIU Chen, WANG Junlu, SONG Baoyan. Self-learning Star Chain Space Adaptive Allocation Method [J]. Computer Science, 2025, 52(3): 359-365.
[6] XIONG Qibing, MIAO Qiguang, YANG Tian, YUAN Benzheng, FEI Yangyang. Malicious Code Detection Method Based on Hybrid Quantum Convolutional Neural Network [J]. Computer Science, 2025, 52(3): 385-390.
[7] ZUO Xuhong, WANG Yongquan, QIU Geping. Study on Integrated Model of Securities Illegal Margin Trading Accounts Identification Based on Trading Behavior Characteristics [J]. Computer Science, 2025, 52(2): 125-133.
[8] SHANG Qiuyan, LI Yicong, WEN Ruilin, MA Yinping, OUYANG Rongbin, FAN Chun. Two-stage Multi-factor Algorithm for Job Runtime Prediction Based on Usage Characteristics [J]. Computer Science, 2025, 52(2): 261-267.
[9] WANG Dong, LI Xiaoruo, ZHU Bingnan. Transaction Granularity Modifiable Consortium Blockchain Scheme Based on Dual Merkel Trees Block Structure [J]. Computer Science, 2024, 51(9): 408-415.
[10] LI Haixia, SONG Danlei, KONG Jianing, SONG Yafei, CHANG Haiyan. Evaluation of Hyperparameter Optimization Techniques for Traditional Machine Learning Models [J]. Computer Science, 2024, 51(8): 242-255.
[11] ZANG Wenyang, LYU Jinlai. Study on Time Rotation Notary Group Model Based on Threshold Signature [J]. Computer Science, 2024, 51(8): 403-411.
[12] XIANG Yanjie, HUANG Xiaofang, XIANG Kefeng, ZHENG Ji’nan. Blockchain Certificateless Encryption Mechanism Based on National Secret Algorithm [J]. Computer Science, 2024, 51(8): 440-446.
[13] ZHANG Daili, WANG Tinghua, ZHU Xinglin. Overview of Sample Reduction Algorithms for Support Vector Machine [J]. Computer Science, 2024, 51(7): 59-70.
[14] LI Zhiyuan, XU Binglei, ZHOU Yingyi. Blockchain Anonymous Transaction Tracking Method Based on Node Influence [J]. Computer Science, 2024, 51(7): 422-429.
[15] SUN Li. Application,Challenge and New Strategy of Block Chain Technology in Metaverse [J]. Computer Science, 2024, 51(7): 373-379.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.