Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

UEChecker: Detecting Unchecked External Call Vulnerabilities in DApps via Graph Analysis

Dechao Kong, Xiaoqi Li, Wenkai Li

TL;DR

This work tackles the challenge of detecting unchecked external call vulnerabilities in DApps, where cross-contract interactions complicate security auditing. It introduces UEChecker, a Graph Convolutional Network–based framework that operates on call graphs derived from source code via Surya, incorporating edge prediction, node aggregation, and a Conformer Block to capture multi-scale dependencies. In experiments on 608 DApps, UEChecker achieves 87.59% accuracy and outperforms LSTM, GAT, and GCN baselines, with strong recall and precision. The approach demonstrates the practical potential of graph-based learning for cross-contract vulnerability detection and contributes a reproducible pipeline for DApp security auditing.

Abstract

The increasing number of attacks on the contract layer of DApps has resulted in economic losses amounting to $66 billion. Vulnerabilities arise when contracts interact with external protocols without verifying the results of the calls, leading to exploit entry points such as flash loan attacks and reentrancy attacks. In this paper, we propose UEChecker, a deep learning-based tool that utilizes a call graph and a Graph Convolutional Network to detect unchecked external call vulnerabilities. We design the following components: An edge prediction module that reconstructs the feature representation of nodes and edges in the call graph; A node aggregation module that captures structural information from both the node itself and its neighbors, thereby enhancing feature representation between nodes and improving the model's understanding of the global graph structure; A Conformer Block module that integrates multi-head attention, convolutional modules, and feedforward neural networks to more effectively capture dependencies of different scales within the call graph, extending beyond immediate neighbors and enhancing the performance of vulnerability detection. Finally, we combine these modules with Graph Convolutional Network to detect unchecked external call vulnerabilities. By auditing the smart contracts of 608 DApps, our results show that our tool achieves an accuracy of 87.59% in detecting unchecked external call vulnerabilities. Furthermore, we compare our tool with GAT, LSTM, and GCN baselines, and in the comparison experiments, UEChecker consistently outperforms these models in terms of accuracy.

UEChecker: Detecting Unchecked External Call Vulnerabilities in DApps via Graph Analysis

TL;DR

This work tackles the challenge of detecting unchecked external call vulnerabilities in DApps, where cross-contract interactions complicate security auditing. It introduces UEChecker, a Graph Convolutional Network–based framework that operates on call graphs derived from source code via Surya, incorporating edge prediction, node aggregation, and a Conformer Block to capture multi-scale dependencies. In experiments on 608 DApps, UEChecker achieves 87.59% accuracy and outperforms LSTM, GAT, and GCN baselines, with strong recall and precision. The approach demonstrates the practical potential of graph-based learning for cross-contract vulnerability detection and contributes a reproducible pipeline for DApp security auditing.

Abstract

The increasing number of attacks on the contract layer of DApps has resulted in economic losses amounting to $66 billion. Vulnerabilities arise when contracts interact with external protocols without verifying the results of the calls, leading to exploit entry points such as flash loan attacks and reentrancy attacks. In this paper, we propose UEChecker, a deep learning-based tool that utilizes a call graph and a Graph Convolutional Network to detect unchecked external call vulnerabilities. We design the following components: An edge prediction module that reconstructs the feature representation of nodes and edges in the call graph; A node aggregation module that captures structural information from both the node itself and its neighbors, thereby enhancing feature representation between nodes and improving the model's understanding of the global graph structure; A Conformer Block module that integrates multi-head attention, convolutional modules, and feedforward neural networks to more effectively capture dependencies of different scales within the call graph, extending beyond immediate neighbors and enhancing the performance of vulnerability detection. Finally, we combine these modules with Graph Convolutional Network to detect unchecked external call vulnerabilities. By auditing the smart contracts of 608 DApps, our results show that our tool achieves an accuracy of 87.59% in detecting unchecked external call vulnerabilities. Furthermore, we compare our tool with GAT, LSTM, and GCN baselines, and in the comparison experiments, UEChecker consistently outperforms these models in terms of accuracy.

Paper Structure

This paper contains 25 sections, 6 equations, 4 figures, 5 tables, 1 algorithm.

Table of Contents

  1. Introduction
  2. Motivation and Preliminary
  3. Model Selection
  4. Vulnerability Characteristics
  5. DApp Unchecked External Calls Vulnerabilities
  6. Methodology
  7. Code to call graph feature
  8. Code to dot:
  9. Graph Feature Extraction:
  10. Detection Models
  11. Edge Predection:
  12. Clustering Computation:
  13. Conformer Block:
  14. Convolutional Layer:
  15. Experiments
  16. ...and 10 more sections

Figures (4)

  • Figure 1: Each rectangle represents a contract. If a function within a contract calls a function in another contract, an arrow of a different color is used to indicate this interaction.
  • Figure 2: Real-world contract with unchecker external call vulnerability
  • Figure 3: Uniswap Flash Loan Attacks Reported in Previous Works
  • Figure 4: Overview of the Framework. The tool is divided into two phases, the first phase is the call graph feature information extraction and the second phase is the composition of the model layers