A Comparative Evaluation of Deep Learning Techniques for Smart Contract Vulnerability Classification

Smart contracts are self-executing digital contracts that run on a blockchain network. They enable the automation and decentralization of various operations and have become increasingly popular in recent years. However, smart contracts are susceptible to vulnerabilities, and their deployment without proper security testing can result in severe consequences, such as financial losses and reputational damage. In this paper, we explore the use of deep learning techniques, particularly Convolutional Neural Networks (CNNs), for detecting and classifying vulnerabilities in smart contracts deployed on the Ethereum main net. We compare different kinds of neural architectures, i.e., a baseline LSTM, multiple 1D CNNs working on the smart contracts’ bytecode, a Vision Transformer (Swin v2 Tiny), and various 2D CNNs that work on RGB images obtained from the bytecode (i.e., ResNet-50, ResNeXt-50, Inception v3, and EfficientNetv2 Small). We provide an in-depth analysis of these techniques to classify a dataset of smart contracts we have collected. Our study shows that the use of deep neural networks can represent a promising technique to automatically assess smart contracts’ correctness and classify potential vulnerabilities. According to our experiments, the ResNet 1D CNN working directly on the smart contract bytecode offers the best results in terms of classification capabilities. Moreover, due to the unbalanced sizes of the different classes, the classification resulted in more effectiveness for the unchecked calls and reentrancy vulnerability classes, while still providing good results for others.