GraBit: A Sequential Model-Based Framework for Smart Contract Vulnerability Detection

The security of smart contracts has garnered considerable attention given the potential for substantial financial losses and erosion of trust in blockchain platforms. Numerous methods have been proposed to detect vulnerabilities in smart contracts. Notably, as the number of smart contracts continues to proliferate, automated techniques based on deep learning (DL) are making remarkable progress. However, a significant challenge persists in acquiring an efficient embedding representation that is compatible with DL models with input length restrictions. In this paper, we propose a novel detection method named GraBit for identifying reentrancy vulnerability-one of the most critical vulnerabilities in smart contracts. GraBit leverages the pretrained model GraphCodeBERT to embed both the source code and concise key data flow graphs extracted from the code. Additionally, we customize a sequential model based on Bi-directional Long Short-Term Memory and attention mechanism to effectively capture contextual semantic information. To evaluate the performance of GraBit, we conduct extensive experiments on a public large-scale dataset. Our experimental results reveal that GraBit achieves a remarkable F1-score of 94.44% in detecting reentrancy vulnerability, outperforming state-of-the-art methods.