We introduce SCooLS, our Smart Contract Learning (Semi-supervised) engine. SCooLS uses neural networks to analyze Ethereum contract bytecode and identifies specific vulnerable functions. SCooLS incorporates two key elements: semi-supervised learning and graph neural networks (GNNs). Semi-supervised learning produces more accurate models than unsupervised learning, while not requiring the large oracle-labeled training set that supervised learning requires. GNNs enable direct analysis of smart contract bytecode without any manual feature engineering, predefined patterns, or expert rules. SCooLS is the first application of semi-supervised learning to smart contract vulnerability analysis, as well as the first deep learning-based vulnerability analyzer to identify specific vulnerable functions. SCooLS's performance is better than existing tools, with an accuracy level of 98.4%, an F1 score of 90.5%, and an exceptionally low false positive rate of only 0.8%. Furthermore, SCooLS is fast, analyzing a typical function in 0.05 seconds. We leverage SCooLS's ability to identify specific vulnerable functions to build an exploit generator, which was successful in stealing Ether from 76.9% of the true positives.

翻译：我们提出了SCooLS——一种智能合约半监督学习引擎。SCooLS利用神经网络分析以太坊合约字节码，能够识别特定的易受攻击函数。该引擎包含两个关键技术：半监督学习与图神经网络（GNN）。半监督学习相比无监督学习能生成更精确的模型，且无需监督学习所需的大规模预言机标注训练集；而图神经网络则支持直接分析智能合约字节码，无需任何人工特征工程、预定义模式或专家规则。SCooLS首次将半监督学习应用于智能合约漏洞分析，也是首个基于深度学习识别特定易受攻击函数的漏洞分析工具。其性能优于现有工具，准确率达98.4%，F1分数为90.5%，假阳性率低至0.8%。此外，SCooLS处理单个函数的分析时间仅需0.05秒。我们利用SCooLS识别特定易受攻击函数的能力构建了漏洞利用生成器，成功从76.9%的真实正样本中窃取了以太币。