ChatGPT for security analysis for smart contract

Abstract

This paper examines the role of hybrid auditing frameworks in improving the detection of access control vulnerabilities in smart contracts deployed on blockchain platforms like Ethereum. Smart contracts, written in programming languages such as Solidity, are critical components of decentralized applications but are often exploited due to poorly implemented access control mechanisms. Traditional static analysis tools, while effective at identifying known vulnerabilities, struggle with nuanced or zero-day issues, leaving contracts susceptible to attacks that can result in significant financial losses. This study demonstrates the effectiveness of combining deterministic static analysis with contextual reasoning provided by Large Language Models. It highlights how AChecker's symbolic execution forms a reliable baseline for vulnerability detection while the Large Language Models refines and validates findings. Keywords: smart contracts, blockchain security, access control vulnerabilities, static analysis, large language models, hybrid auditing frameworks.