Multiclass vulnerability and clone detection in Ethereum smart contracts using Block-wise Abstract Syntax Tree based Federated Graph Neural Networks

Abstract

Smart contracts on blockchain networks autonomously execute applications based on predefined conditions, making their security-critical due to the potential for significant financial losses from vulnerabilities. Current vulnerability detection algorithms commonly rely on expert-defined rules, which are prone to errors and insufficient for identifying complex vulnerability patterns. Given the immutability of smart contracts post-deployment, ensuring security before deployment is essential. This research presents Block-wise Abstract Syntax Tree based Federated Graph Neural Networks (BAST-FeGNN), a novel approach combining block-wise abstract syntax tree and Federated Graph Neural Networks (FeGNN) to detect code clones and multiclass vulnerabilities in Ethereum smart contracts. The BAST-FeGNN method operates in three stages: it first extracts security-related patterns from the base code using an abstract syntax tree; then, it constructs and normalizes a contract graph using FeGNN to capture critical nodes, analyze data and control flows. This integration of graph-based feature extraction with pattern matching allows precise detection of vulnerabilities like access control issues, reentrancy, and unchecked calls, as well as identifying code clones. Finally, the method pools these features for comprehensive vulnerability detection. BAST-FeGNN significantly enhances vulnerability detection accuracy and scalability, outperforming existing models with an accuracy of 95.35%, recall of 95.58%, F1-score of 95.80%, and precision of 96.10%, making it a robust solution for securing blockchain applications.