基于T5模型的智能合约漏洞修复研究  

作　　者：焦健[1,2] 陈瑞翔 贺强[3] 渠开洋 张子怡 JIAO Jian;CHEN Ruixiang;HE Qiang;QU Kaiyang;ZHANG Ziyi(School of Computer Science,Beijing University of Information Technology,Beijing 102206,China;Beijing University of Information Technology Future Blockchain and Privacy Computing High Precision and Advanced Innovation Center,Beijing 102206,China;China Information Security Assessment Center,Beijing 100193,China)

机构地区：[1]北京信息科技大学计算机学院,北京102206 [2]北京信息科技大学未来区块链与隐私计算高精尖创新中心,北京102206 [3]中国信息安全测评中心,北京100193

出　　处：《计算机科学》2025年第4期362-368,共7页Computer Science

基　　金：北京未来区块链与隐私计算高级创新中心(GJJ-23);促进高校分类发展-大学生创新创业训练计划项目——计算机学院(5112410852)。

摘　　要：针对以太坊智能合约漏洞修复问题,目前的研究主要集中在人工定义模板的方法上。此方法需要开发者具备丰富的专业知识,面对复杂漏洞时修复效果较差。在Solidity智能合约源代码层面,围绕智能合约的漏洞修复技术开展研究。引入机器学习的漏洞修复方式,设计并实现一个T5模型智能合约漏洞修复系统,解决人工依赖的问题。利用数据爬虫技术和数据增强技术,构建相应T5模型训练数据集。利用机器学习技术,训练智能合约漏洞修复T5模型。通过网络爬虫构建了一个测试数据集,对所提系统进行多角度的性能评估。在合约修复准确率、gas消耗和引入代码量等方面,与TIPS,SGUARD和Elysium等合约漏洞修复工具进行对比。实验结果表明,所提系统修复效果良好,整体性能优于其他漏洞修复工具。The current research on addressing vulnerabilities in Ethereum smart contracts primarily focuses on manually defined templates.This method requires developers to have extensive expertise,and its effectiveness is poor when dealing with complex vulnerabilities.This paper explores vulnerability repair techniques for smart contracts at the source code level in Solidity.By introducing a machine learning approach to vulnerability repair,we designe and implement a T5 model-based smart contract vulnerability repair system to tackle the problem of depending on manual intervention.Using data crawling and data augmentation techniques,we compile a training dataset specifically for the T5 model.The T5 model for repairing smart contract vulnerabilities is trained using machine learning techniques.A test dataset is constructed through web crawling to evaluate the system’s perfor-mance from various perspectives.The system’s accuracy in contract repair,gas consumption,and introduced code volume is compared with other contract vulnerability repair tools such as TIPS,SGUARD,and Elysium.Experimental results show that our system achieves good repair outcomes and overall performance superior to other vulnerability repair tools.

关 键 词：智能合约 区块链 T5模型 机器学习 漏洞修复 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]