Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Dual-view Aware Smart Contract Vulnerability Detection for Ethereum

Jiacheng Yao, Maolin Wang, Wanqi Chen, Chengxiang Jin, Jiajun Zhou, Shanqing Yu, Qi Xuan

TL;DR

This work addresses the challenge of detecting vulnerabilities in Ethereum smart contracts by proposing DVDet, a dual-view framework that jointly leverages source-code graphs and bytecode control-flow sequences. It introduces two specialized channels: an augmented AST-based graph path using edge-aware attention and a CFG-based sequence model with HyperAGRU, whose outputs are fused for final classification. The authors create richer datasets by aggregating multiple sources and labeling via a voting ensemble of static and symbolic tools, and they demonstrate that DVDet outperforms traditional static/dynamic methods and single-view deep learning baselines in both existence and type detection while maintaining high efficiency. The findings suggest that integrating information from both source code and bytecode perspectives yields more robust vulnerability detection, with implications for scalable and trustworthy blockchain security. Overall, DVDet offers a practical, high-performance approach for smart contract security analysis that can adapt to evolving vulnerability types and contract versions.

Abstract

The wide application of Ethereum technology has brought technological innovation to traditional industries. As one of Ethereum's core applications, smart contracts utilize diverse contract codes to meet various functional needs and have gained widespread use. However, the non-tamperability of smart contracts, coupled with vulnerabilities caused by natural flaws or human errors, has brought unprecedented challenges to blockchain security. Therefore, in order to ensure the healthy development of blockchain technology and the stability of the blockchain community, it is particularly important to study the vulnerability detection techniques for smart contracts. In this paper, we propose a Dual-view Aware Smart Contract Vulnerability Detection Framework named DVDet. The framework initially converts the source code and bytecode of smart contracts into weighted graphs and control flow sequences, capturing potential risk features from these two perspectives and integrating them for analysis, ultimately achieving effective contract vulnerability detection. Comprehensive experiments on the Ethereum dataset show that our method outperforms others in detecting vulnerabilities.

Dual-view Aware Smart Contract Vulnerability Detection for Ethereum

TL;DR

This work addresses the challenge of detecting vulnerabilities in Ethereum smart contracts by proposing DVDet, a dual-view framework that jointly leverages source-code graphs and bytecode control-flow sequences. It introduces two specialized channels: an augmented AST-based graph path using edge-aware attention and a CFG-based sequence model with HyperAGRU, whose outputs are fused for final classification. The authors create richer datasets by aggregating multiple sources and labeling via a voting ensemble of static and symbolic tools, and they demonstrate that DVDet outperforms traditional static/dynamic methods and single-view deep learning baselines in both existence and type detection while maintaining high efficiency. The findings suggest that integrating information from both source code and bytecode perspectives yields more robust vulnerability detection, with implications for scalable and trustworthy blockchain security. Overall, DVDet offers a practical, high-performance approach for smart contract security analysis that can adapt to evolving vulnerability types and contract versions.

Abstract

The wide application of Ethereum technology has brought technological innovation to traditional industries. As one of Ethereum's core applications, smart contracts utilize diverse contract codes to meet various functional needs and have gained widespread use. However, the non-tamperability of smart contracts, coupled with vulnerabilities caused by natural flaws or human errors, has brought unprecedented challenges to blockchain security. Therefore, in order to ensure the healthy development of blockchain technology and the stability of the blockchain community, it is particularly important to study the vulnerability detection techniques for smart contracts. In this paper, we propose a Dual-view Aware Smart Contract Vulnerability Detection Framework named DVDet. The framework initially converts the source code and bytecode of smart contracts into weighted graphs and control flow sequences, capturing potential risk features from these two perspectives and integrating them for analysis, ultimately achieving effective contract vulnerability detection. Comprehensive experiments on the Ethereum dataset show that our method outperforms others in detecting vulnerabilities.
Paper Structure (21 sections, 6 equations, 6 figures, 3 tables)

This paper contains 21 sections, 6 equations, 6 figures, 3 tables.

Table of Contents

  1. Introduction
  2. Related Work
  3. Traditional Vulnerability Detection Methods
  4. Deep Learning-based Detection Methods
  5. Dataset
  6. Data Collection
  7. Label Generation
  8. Methodology
  9. Source-code Aware Channel
  10. Augmented Smart Contract Graph Generation
  11. Edge-aware Attention Network
  12. Bytecode Aware Channel
  13. Control Flow Generation
  14. HyperAGRU
  15. Dual-view Vulnerability Detection
  16. ...and 6 more sections

Figures (6)

  • Figure 1: Distribution of vulnerabilities in different versions of contracts.
  • Figure 2: Dual-view aware smart contract vulnerability detection framework.
  • Figure 3: Illustration of encoding AST nodes using CodeBert.
  • Figure 4: An example of constructing weighted contract graph of reentry vulnerability.
  • Figure 5: Illustration of control flow generation.
  • ...and 1 more figures