Unveiling vulnerable smart contracts: Toward profiling vulnerable smart contracts using genetic algorithm and generating benchmark dataset

Abstract

Smart contracts (SCs) are crucial in maintaining trust within blockchain networks. However, existing methods for analyzing SC vulnerabilities often lack accuracy and effectiveness, while approaches based on Deep Neural Networks (DNNs) struggle with detecting complex vulnerabilities due to limited data availability. This paper proposes a novel approach for analyzing SC vulnerabilities. Our method leverages an advanced form of the Genetic Algorithm (GA) and includes the development of a comprehensive benchmark dataset consisting of 36,670 Solidity source code samples. The primary objective of our study is to profile vulnerable SCs effectively. To achieve this goal, we have devised an analyzer called SCsVulLyzer based on GAs, designed explicitly for profiling SCs. Additionally, we have carefully curated a new dataset encompassing a wide range of examples, ensuring the practical validation of our approach. Furthermore, we have established three distinct taxonomies that cover SCs, profiling techniques, and feature extraction. These taxonomies provide a systematic classification and analysis of information, improving the efficiency of our approach. Our methodology underwent rigorous testing through experimentation, and the results demonstrated the superior capabilities of our model in detecting vulnerabilities. Compared to traditional and DNN-based approaches, our approach achieved higher precision, recall, and F1-score, which are widely used metrics for evaluating model performance. Across all these metrics, our model showed exceptional results. The customization and adaptations we implemented within the GA significantly enhanced its effectiveness. Our approach detects SC vulnerabilities more efficiently and facilitates robust exploration. These promising results highlight the potential of GA-based profiling to improve the detection of SC vulnerabilities, contributing to enhanced security in blockchain networks.