Guiding LLM-based Smart Contract Generation with Finite State Machine
Hao Luo, Yuhao Lin, Xiao Yan, Xintong Hu, Yuxiang Wang, Qiming Zeng, Hao Wang, Jiawei Jiang
TL;DR
This paper tackles the challenge of generating secure and functional smart contracts with LLMs. It introduces FSM-SCG, a two-stage requirement-to-FSM-to-code workflow that uses an enhanced SmartFSM as an intermediate representation and a feedback loop based on compilation and security checks to iteratively refine output. A large open-source fine-tuning dataset and FPFT-based training enable the LLM to translate user requirements into robust FSMs and then into correct Solidity code. Experimental results across multiple models show substantial improvements in compilation success rates (e.g., up to 95.1%) and reductions in vulnerability risk scores (approximately 68%), demonstrating the practical viability of FSM-guided contract generation. Overall, the framework advances secure, efficient smart contract generation by combining formal modeling, targeted prompting, and iterative quality assurance.
Abstract
Smart contract is a kind of self-executing code based on blockchain technology with a wide range of application scenarios, but the traditional generation method relies on manual coding and expert auditing, which has a high threshold and low efficiency. Although Large Language Models (LLMs) show great potential in programming tasks, they still face challenges in smart contract generation w.r.t. effectiveness and security. To solve these problems, we propose FSM-SCG, a smart contract generation framework based on finite state machine (FSM) and LLMs, which significantly improves the quality of the generated code by abstracting user requirements to generate FSM, guiding LLMs to generate smart contracts, and iteratively optimizing the code with the feedback of compilation and security checks. The experimental results show that FSM-SCG significantly improves the quality of smart contract generation. Compared to the best baseline, FSM-SCG improves the compilation success rate of generated smart contract code by at most 48%, and reduces the average vulnerability risk score by approximately 68%.
