As blockchain platforms grow exponentially, millions of lines of smart contract code are being deployed to manage extensive digital assets. However, vulnerabilities in this mission-critical code have led to significant exploitations and asset losses. Thorough automated security analysis of smart contracts is thus imperative. This paper introduces LLM4Fuzz to optimize automated smart contract security analysis by leveraging large language models (LLMs) to intelligently guide and prioritize fuzzing campaigns. While traditional fuzzing suffers from low efficiency in exploring the vast state space, LLM4Fuzz employs LLMs to direct fuzzers towards high-value code regions and input sequences more likely to trigger vulnerabilities. Additionally, LLM4Fuzz can leverage LLMs to guide fuzzers based on user-defined invariants, reducing blind exploration overhead. Evaluations of LLM4Fuzz on real-world DeFi projects show substantial gains in efficiency, coverage, and vulnerability detection compared to baseline fuzzing. LLM4Fuzz also uncovered five critical vulnerabilities that can lead to a loss of more than $247k.

翻译：随着区块链平台呈指数级增长，数以百万行计的智能合约代码被部署用于管理大规模数字资产。然而，这些关键任务代码中的漏洞已导致重大资产损失与安全事件。因此，对智能合约进行彻底的自动化安全分析势在必行。本文提出LLM4Fuzz，通过利用大型语言模型（LLMs）智能化引导并优化模糊测试策略，以提升自动化智能合约安全分析的效能。传统模糊测试在探索巨大状态空间时存在效率低下的问题，而LLM4Fuzz借助LLMs将模糊器导向更可能触发漏洞的高价值代码区域与输入序列。此外，LLM4Fuzz可基于用户自定义不变量利用LLMs引导模糊器，从而减少盲目探索的开销。在真实DeFi项目上的评估表明，与基线模糊测试相比，LLM4Fuzz在效率、覆盖率及漏洞检测方面均取得显著提升。该工具还发现了五个可能导致超过24.7万美元损失的关键漏洞。