SCRUTINEER: Detecting Logic-Level Usage Violations of Reusable Components in Smart Contracts
Xingshuang Lin, Binbin Zhao, Jinwen Wang, Qinge Xie, Xibin Zhao, Shouling Ji
TL;DR
This work tackles the challenge of detecting logic-level usage violations of smart contract reusable components (SCRs), which arise from implicit business-logic constraints not captured by syntax rules. It introduces SCRUTINEER, a four-component system that combines multi-level contract feature extraction, an LLM-powered SCR knowledge base (UkeAgent), a RAG-driven inspector (LuvAgent), and a two-pronged violation-detection engine (similarity-based and snapshot-based). The approach achieves strong evaluation metrics on ground-truth datasets ($0.8077$ precision, $0.8235$ recall, $0.8155$ F1) and demonstrates real-world impact by identifying $13$ zero-day vulnerabilities across on-chain contracts, including $9$ CVEs. The work integrates retrieval-augmented reasoning with domain-specific tools to provide a practical, scalable solution for securing SCR-based smart contracts and advances understanding of logic-level reuse risks in DeFi and beyond.
Abstract
Smart Contract Reusable Components(SCRs) play a vital role in accelerating the development of business-specific contracts by promoting modularity and code reuse. However, the risks associated with SCR usage violations have become a growing concern. One particular type of SCR usage violation, known as a logic-level usage violation, is becoming especially harmful. This violation occurs when the SCR adheres to its specified usage rules but fails to align with the specific business logic of the current context, leading to significant vulnerabilities. Detecting such violations necessitates a deep semantic understanding of the contract's business logic, including the ability to extract implicit usage patterns and analyze fine-grained logical behaviors. To address these challenges, we propose SCRUTINEER, the first automated and practical system for detecting logic-level usage violations of SCRs. First, we design a composite feature extraction approach that produces three complementary feature representations, supporting subsequent analysis. We then introduce a Large Language Model-powered knowledge construction framework, which leverages comprehension-oriented prompts and domain-specific tools to extract logic-level usage and build the SCR knowledge base. Next, we develop a Retrieval-Augmented Generation-driven inspector, which combines a rapid retrieval strategy with both comprehensive and targeted analysis to identify potentially insecure logic-level usages. Finally, we implement a logic-level usage violation analysis engine that integrates a similarity-based checker and a snapshot-based inference conflict checker to enable accurate and robust detection. We evaluate SCRUTINEER from multiple perspectives on 3 ground-truth datasets. The results show that SCRUTINEER achieves a precision of 80.77%, a recall of 82.35%, and an F1-score of 81.55% in detecting logic-level usage violations of SCRs.