CyLab Seminar: Arthur Gervais
August 25, 2023
12:00 p.m. ET
4th floor Panther Hollow, and live-streamed at https://youtube.com/live/54c6Bx1Rmg4?feature=share
*This event is part of the CyLab Seminar Series and is made possible by a generous grant from the Ripple University Blockchain Research Initiative.
Speaker: Arthur Gervais
Associate Professor of Information Security, University College London
Talk Title: Do you still need a manual smart contract audit?
Abstract: Why pay tens of thousands of USD, and wait weeks for a smart contract security audit? In this paper, we explore the potential of using large language models (LLMs) to perform smart contract security audits. Gervais and fellow researchers explore prompt engineering for effective security analysis, while comparing the performance and accuracy of LLMs given a ground-truth dataset of 52 DeFi smart contracts that were attacked in the wild. On vulnerable contracts, their system SmartGPT achieves a hit rate of 40\% on the correct vulnerability type, yet exhibits a high false positive rate which still requires manual auditor attention. They find that SmartGPT achieves a 20% better F1-score than a random model. Extending SmartGPT is as easy as providing a new vulnerability type name along its technical description. While there are many possible improvements, this study paves the way for faster, more cost-effective and systematic smart contract security audits using LLMs, revolutionizing the field of smart contract security.
Bio: Arthur Gervais is a distinguished computer scientist and Associate Professor of Information Security at University College London, where he leads a research group focused on blockchain security. His expertise spans smart contract security, decentralized systems, and blockchain privacy. Gervais has received numerous accolades for his contributions, including top-ranked computer security faculty status at UCL and Imperial, as well as Best Paper and Best Artifact awards. He has significantly impacted both academia and industry, with thousands of citations and six companies implementing his research. In addition to his position at UCL, Gervais is an Affiliate Faculty at UC Berkeley and a pioneer in blockchain education. He co-instructed the first DeFi Massive Open Online Course alongside renowned experts, attracting over 4,000 students. Gervais actively engages with the blockchain community, regularly speaking at community venues, serving on various committees and advising startups to drive innovation and security in the field.