Towards Safer Smart Contracts: A Sequence Learning Approach to Detecting Security Threats

Symbolic analysis of security exploits in smart contracts has demonstrated to be valuable for analyzing predefined vulnerability properties. While some symbolic tools perform complex analysis steps, they require a predetermined invocation depth to search vulnerable execution paths, and the search time increases with depth. The number of contracts on blockchains like Ethereum has increased 176 fold since December 2015. If these symbolic tools fail to analyze the increasingly large number of contracts in time, entire classes of exploits could cause irrevocable damage. In this paper, we aim to have safer smart contracts against emerging threats. We propose the approach of sequential learning of smart contract weaknesses using machine learning---long-short term memory (LSTM)---that easily learns from a large number of contracts, leading to safer smart contracts. Our experimental studies on approximately 1.7 million smart contracts revealed encouraging results. We observed a detection accuracy of $96.44\%$ and $F_1$ score of $96.38\%$ on contract security exploits. In addition, our approach accurately detected up to $90.48\%$ of contracts that were false positive (FP) errors by MAIAN, a prominent symbolic tool.