SolGPT: A GPT-Based Static Vulnerability Detection Model for Enhancing Smart Contract Security

In this study, we present SolGPT, a novel approach to addressing the pivotal issue of detecting and mitigating vulnerabilities inherent in smart contracts, particularly those written in Solidity, the predominant language for smart contracts. Conventional deep learning methodologies largely rely on an abundant pool of labeled training instances, a resource that remains scarce in the domain, thereby limiting the efficacy of vulnerability detection. SolGPT seeks to counteract this limitation by employing an augmented GPT-2 architecture uniquely tailored for smart contract analysis. The model is enriched by Solidity Adaptive Pre-Training to amplify its feature extraction prowess, hence, reducing the reliance on copious amounts of labeled samples. SolGPT further enhances its field-specific adaptation via the introduction of SolTokenizer, a specialized tokenizer devised for smart contracts, thereby augmenting tokenization precision and efficiency. Subsequently, the model is refined to proficiently pinpoint known vulnerabilities in smart contracts, thereby offering real-time vulnerability detection and prescribing preventive countermeasures. Comprehensive evaluation demonstrates that SolGPT outperforms the state-of-the-art detection techniques in terms of accuracy, F1 score, and two other pertinent performance metrics. Notably, when compared to the best-performing alternative among the four vulnerabilities, SolGPT exhibits an average accuracy improvement of 12.85% and an average F1 score improvement of 18.55%. Consequently, the results underscore the potential of SolGPT in substantially advancing the security framework of the blockchain ecosystem.