Research On Smart Contract Vulnerability Detection Method Based On Domain Features Of Solidity Contracts And Attention Mechanism

Smart contracts are automated programs on the blockchain that are irreversible once linked and can lead to significant losses if hackers exploit vulnerabilities.Hence,detecting vulnerabilities before deploying smart contracts is crucial.However,current traditional methods rely on domain experts and have low automation and weak generalization.Existing machine learning methods also have high false alarm rates as they do not consider semantic information and unique domain characteristics of smart contracts.This paper proposes a smart contract vulnerability detection model that can detect12 common smart contract vulnerabilities based on domain characteristics and attention mechanism.The data set is built using manual cross labeling,and the semantic distillation of smart contract code is carried out for fine-grained analysis and division.The model extracts the function control flow chart and function call diagram to learn the vulnerability code feature pattern.By analyzing vulnerability cases,the paper finds that vulnerabilities are related to unique domain characteristics.The self-attention mechanism is introduced to help the model learn domain features better.The paper also analyzes the effect of different deep learning models and finds the most suitable model（BILSTM）for the task.A new deep learning model BILSTM_Att+Dom is proposed based on this model,and experimental analysis explores the effects of self-attention mechanism and smart contract domain characteristics.The F1 value of BILSTM model increased by 4.8%and 6.9%respectively after adding attention mechanism and domain feature.The results show that the domain feature and attention mechanism are helpful to improve the effectiveness of model learning smart contract vulnerabilities.In comparison to traditional detection tools（such as Oyente,Mythril,Osiris,Slither,Smartcheck,and Security）and existing machine learning models（like Safer SC and DR-GCN）,the proposed BILSTM_Att+Dom in this paper has demonstrated an increase in F1 value of the domain model by 4.18-38.70%.These findings indicate that this approach can effectively assist developers in detecting vulnerabilities prior to contract deployment.The results show that this method can more effectively help developers detect vulnerabilities before deploying contracts.