solidity-vulnerability-detector / design_document.md
jhsu12's picture
Add multi-expert training and evaluation scripts
7e93a29 verified
|
Raw
History Blame Contribute Delete
5.12 kB

Multi-Expert Smart Contract Vulnerability Detection β€” Design Document

Current Results Diagnosis

Critical Failures

  • 25% parse failures (302/1206): Model output format is inconsistent
  • Access Control F1: 0.0235 β€” Model essentially never detects this (recall 0.012)
  • Reentrancy precision: 0.0663 β€” Model hallucinates Reentrancy everywhere (196 predictions vs 52 actual)
  • Only Integer Overflow performs well (F1: 0.8207)

Root Causes

  1. Severe class imbalance in training data: Integer Overflow 3412 vs tx.origin 11
  2. Single model trying to learn 6 distinct vulnerability patterns simultaneously β€” patterns are very different (state updates for Reentrancy, auth checks for Access Control, arithmetic for Integer Overflow)
  3. No reasoning chains β€” model memorizes shortcuts rather than reasoning about code semantics
  4. Output format too rigid β€” model doesn't consistently follow the structured template

Research-Backed Solution: Multi-Expert Architecture

Key Papers Referenced

  • VulnLLM-R (2512.07533): Reasoning models with distillation, constitution-based correction
  • Smart-LLaMA-DPO (2506.18245): Balanced detection + explanation loss, DPO for explanation quality
  • SmartLLM (2502.13167): Multi-role pipeline (Detector β†’ Reasoner β†’ Verificator)
  • SmartVD (2409.10574): Composite function F(C) = (binary, type, severity)

Architecture: Router + Type-Specific Expert Adapters

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”     β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚   Input Code    │────▢│  Stage 1: Router (Binary + Type Hint) β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜     β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                                     β”‚
                    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
                    β–Ό                β–Ό                β–Ό
          β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
          β”‚Expert 1:    β”‚  β”‚Expert 2:    β”‚  β”‚Expert 3:    β”‚
          β”‚Reentrancy   β”‚  β”‚Access Ctrl  β”‚  β”‚Integer Ov/  β”‚
          β”‚LoRA (r=32) β”‚  β”‚LoRA (r=32)  β”‚  β”‚Under LoRA   β”‚
          β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
          β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
          β”‚Expert 4:    β”‚  β”‚Expert 5:    β”‚
          β”‚Timestamp    β”‚  β”‚Unchecked    β”‚
          β”‚Dependence   β”‚  β”‚Calls        β”‚
          β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                    β”‚                β”‚
                    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                                     β”‚
                    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
                    β–Ό                β–Ό                β–Ό
            β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
            β”‚  Aggregate  │──│   Stage 3:  │──│   Severity  β”‚
            β”‚   Results   β”‚  β”‚  Finalize   β”‚  β”‚  (if vuln)  β”‚
            β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Why This Works

  1. Each expert only solves a binary problem: "Is this Reentrancy?" vs "Is this NOT Reentrancy?"
  2. No inter-type confusion: Reentrancy expert never confuses with Access Control
  3. Router provides type hints: Reduces the search space
  4. Small adapters (r=32): Total trainable params ~6 Γ— 50M = 300M vs current single adapter ~616M
  5. Can be trained in parallel: 6 independent training jobs

Training Strategy Per Expert

Each expert trains on:

  • Positive: All contracts with that specific vulnerability type
  • Negative: Safe contracts + contracts with OTHER vulnerability types (hard negatives)
  • This teaches the expert: "What makes THIS type different from ALL others?"

Reasoning Chains (from VulnLLM-R)

Each expert outputs reasoning before classification:

<analysis>
1. Identify external calls: `msg.sender.call{value: bal}("")`
2. Check state update timing: `balances[msg.sender] = 0` is AFTER the call
3. Follows checks-effects-interactions? No β€” external call before state update
</analysis>
<answer>
Vulnerable: Yes
Type: Reentrancy
Severity: Critical
</answer>

Output Format Fix

Use XML-style tags instead of markdown β€” easier for the model to learn and parse deterministically.