Table of Contents
Fetching ...

An Effective and Cost-Efficient Agentic Framework for Ethereum Smart Contract Auditing

Xiaohui Hu, Wun Yu Chan, Yuejie Shi, Qumeng Sun, Wei-Cheng Wang, Chiachih Wu, Haoyu Wang, Ningyu He

TL;DR

This work tackles the challenge of secure and scalable auditing for Ethereum smart contracts under DeFi workloads. It introduces Heimdallr, a three-stage agentic framework (Contextual Profiling, Plan-Remind-Solve auditing, and False Positive Filtration) that preserves essential business-logic context while leveraging lightweight LLMs. The approach combines graph-based code partitioning, neuro-symbolic reasoning, adversarial state evaluation, and formal constraint solving to achieve high detection rates with low false positives, all at substantially reduced cost. Empirical results show Heimdallr reconstructing 17 of 20 real-world exploits post-June 2025, uncovering zero-day vulnerabilities in live protocols, and delivering production-ready services with privacy-preserving local deployment; these findings underscore its potential to enable continuous, expert-level DevSecOps for DeFi.

Abstract

Smart contract security is paramount, but identifying intricate business logic vulnerabilities remains a persistent challenge because existing solutions consistently fall short: manual auditing is unscalable, static analysis tools are plagued by false positives, and fuzzers struggle to navigate deep logic states within complex systems. Even emerging AI-based methods suffer from hallucinations, context constraints, and a heavy reliance on expensive, proprietary Large Language Models. In this paper, we introduce Heimdallr, an automated auditing agent designed to overcome these hurdles through four core innovations. By reorganizing code at the function level, Heimdallr minimizes context overhead while preserving essential business logic. It then employs heuristic reasoning to detect complex vulnerabilities and automatically chain functional exploits. Finally, a cascaded verification layer validates these findings to eliminate false positives. Notably, this approach achieves high performance on lightweight, open-source models like GPToss-120B without relying on proprietary systems. Our evaluations demonstrate exceptional performance, as Heimdallr successfully reconstructed 17 out of 20 real-world attacks post June 2025, resulting in total losses of $384M, and uncovered 4 confirmed zero-day vulnerabilities that safeguarded $400M in TVL. Compared to SOTA baselines including both official industrial tools and academic tools, Heimdallr at most reduces analysis time by 97.59% and financial costs by 98.77% while boosting detection precision by over 93.66%. Notably, when applied to auditing contests, Heimdallr can achieve a 92.45% detection rate at a negligible cost of $2.31 per 10K LOC. We provide production-ready auditing services and release valuable benchmarks for future work.

An Effective and Cost-Efficient Agentic Framework for Ethereum Smart Contract Auditing

TL;DR

This work tackles the challenge of secure and scalable auditing for Ethereum smart contracts under DeFi workloads. It introduces Heimdallr, a three-stage agentic framework (Contextual Profiling, Plan-Remind-Solve auditing, and False Positive Filtration) that preserves essential business-logic context while leveraging lightweight LLMs. The approach combines graph-based code partitioning, neuro-symbolic reasoning, adversarial state evaluation, and formal constraint solving to achieve high detection rates with low false positives, all at substantially reduced cost. Empirical results show Heimdallr reconstructing 17 of 20 real-world exploits post-June 2025, uncovering zero-day vulnerabilities in live protocols, and delivering production-ready services with privacy-preserving local deployment; these findings underscore its potential to enable continuous, expert-level DevSecOps for DeFi.

Abstract

Smart contract security is paramount, but identifying intricate business logic vulnerabilities remains a persistent challenge because existing solutions consistently fall short: manual auditing is unscalable, static analysis tools are plagued by false positives, and fuzzers struggle to navigate deep logic states within complex systems. Even emerging AI-based methods suffer from hallucinations, context constraints, and a heavy reliance on expensive, proprietary Large Language Models. In this paper, we introduce Heimdallr, an automated auditing agent designed to overcome these hurdles through four core innovations. By reorganizing code at the function level, Heimdallr minimizes context overhead while preserving essential business logic. It then employs heuristic reasoning to detect complex vulnerabilities and automatically chain functional exploits. Finally, a cascaded verification layer validates these findings to eliminate false positives. Notably, this approach achieves high performance on lightweight, open-source models like GPToss-120B without relying on proprietary systems. Our evaluations demonstrate exceptional performance, as Heimdallr successfully reconstructed 17 out of 20 real-world attacks post June 2025, resulting in total losses of 400M in TVL. Compared to SOTA baselines including both official industrial tools and academic tools, Heimdallr at most reduces analysis time by 97.59% and financial costs by 98.77% while boosting detection precision by over 93.66%. Notably, when applied to auditing contests, Heimdallr can achieve a 92.45% detection rate at a negligible cost of $2.31 per 10K LOC. We provide production-ready auditing services and release valuable benchmarks for future work.
Paper Structure (42 sections, 12 equations, 4 figures, 3 tables, 1 algorithm)

This paper contains 42 sections, 12 equations, 4 figures, 3 tables, 1 algorithm.

Figures (4)

  • Figure 1: Qualitative evaluation of existing smart contract auditing strategies.
  • Figure 2: Implementation of Heimdallr
  • Figure 3: F1 vs. Monetary Cost.
  • Figure 4: F1 vs. Time Cost.