Ethereum Blockchain Smart Contract Vulnerability Detection Using Deep Learning

Abstract

Blockchain technology, employing advanced cryptography, stands as an optimal means to establish trust among unfamiliar online counterparts. It facilitates secure transactions and consensus among participants. Ethereum, a prominent blockchain network, extends this utility by introducing smart contracts. These are predefined programs containing data and methods for execution. Once deployed, these contracts remain unalterable due to blockchain's immutable nature. However, unlike conventional software that can be readily patched, they may harbor vulnerabilities. Smart contracts operate with the Ethereum cryptocurrency Ether, rendering fixes intricate and economically impactful. Static analyzers exist to spot vulnerabilities in smart contacts during development, but they are time-intensive. We propose a machine learning-based approach for detecting reentrancy vulnerabilities in smart contracts. Our system comprises three components: data preparation, Op2Vec, and an LSTM model. We collected 30,000 smart contracts, dividing them into two sets of 15,000 each for Op2Vec generation and LSTM training, respectively. We mapped opcode keywords to vector representations using a Skip-Gram algorithm, resulting in a 100-dimensional dictionary with 72 unique opcodes. Labeling was done using the Slither static analyzer, with 116 contracts identified as vulnerable and an additional 132 clean contracts for dataset balance. A Bidirectional LSTM (Bi-LSTM) model was devised by employing assembly data to detect flaws. The developed Bi-LSTM model demonstrated promise in reentrancy vulnerability detection, achieving a 96% accuracy rate in testing and reducing the analysis time to less than a fifth of that required by static analyzers. The codes and data are shared on GitHub as an open-source software package in a way that benefits everyone interested: https://github.com/miralabai/blockchain-vulnerability-detection. © 2023 IEEE.