Skip to content

MetaTrustLabs/GPTScan

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

GPTScan

The complete source code is available at https://github.com/GPTScan/GPTScan.

A new version of LLM detector for smart contract bugs based on the LLM4Vuln paper can be found at https://app.metatrust.io/.

You can try GPTScan at https://app.metatrust.io/ for the moment, but we will replace it later with a new version (covering all kinds of logic bug rules).

This repository contains the prompts and rules (i.e., the GPT part) used in GPTScan, as well as the datasets.

The static part has been released at https://github.com/MetaTrustLabs/falcon-metatrust, from which GPTScan used partial code.

Interested users can write your own connectors to invoke relevant functions in the static part to reproduce GPTScan.

Preprint paper

Yuqiang Sun, Daoyuan Wu, Yue Xue, Han Liu, Haijun Wang, Zhengzi Xu, Xiaofei Xie, Yang Liu, GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis. 2024 IEEE/ACM 45th International Conference on Software Engineering (ICSE). [arxiv]

Bibtex:

@INPROCEEDINGS{sunicse2023gpt,
  author={Yuqiang Sun and Daoyuan Wu and Yue Xue and Han Liu and Haijun Wang and Zhengzi Xu and Xiaofei Xie and Yang Liu},
  booktitle={2024 IEEE/ACM 45th International Conference on Software Engineering (ICSE)}, 
  title={GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis}, 
  year={2024}

Dataset

Dataset used to evaluate GPTScan in the paper, are the following:

  1. Web3Bugs: https://github.com/MetaTrustLabs/GPTScan-Web3Bugs
  2. DefiHacks: https://github.com/MetaTrustLabs/GPTScan-DefiHacks
  3. Top200: https://github.com/MetaTrustLabs/GPTScan-Top200

Releases

No releases published

Packages

No packages published

Languages