Enhancing Smart Contract Security: Empirical Characterization, Fault Analysis, and Vulnerability Detection

PhD Thesis Proposal Defence


Title: "Enhancing Smart Contract Security: Empirical Characterization, Fault
Analysis, and Vulnerability Detection"

by

Miss Lu LIU


Abstract:

The advent of smart contracts on blockchains has fueled the rapid growth of 
Decentralized Finance (DeFi), an ecosystem managing billions of dollars in 
assets. Due to the immutability and autonomous execution nature of 
blockchains, the security and reliability of smart contracts are paramount. 
The exploitation of a single, subtle vulnerability in a smart contract can 
lead to catastrophic and irreversible financial losses. However, a 
significant gap exists in understanding how developers use fundamental 
language primitives to enforce correctness and the types of logic flaws that 
arise from their misuse.

This thesis aims to enhance smart contract security through comprehensive 
studies, beginning with an empirical characterization of defensive 
programming practices, followed by a systematic analysis of associated 
faults, and then proposing a novel, hybrid vulnerability detection framework. 
It consists of the following three studies.

The first study empirically characterizes state-reverting statements, 
require, revert, and throw, the principal mechanisms for handling exceptional 
conditions in Ethereum smart contracts. The study conducts the first 
large-scale empirical study on their usage across thousands of real-world 
smart contracts. The analysis reveals that these statements are pervasive, 
appearing more frequently than general-purpose if statements, and are 
primarily used to perform seven critical types of authority verification and 
input validity checks. This study establishes an understanding of the 
intended purpose and importance of these statements in securing contract 
logic.

The second study investigates the landscape of faults that occur when 
state-reverting statements are used improperly. The study constructs the 
first comprehensive dataset of 320 real-world state-reverting faults, curated 
from open-source project histories and security audit reports. Through manual 
analysis, the study derives a detailed taxonomy of 17 distinct fault types 
and distills 12 common fixing strategies. To assess the capabilities of the 
existing security tools, the study performs a large- scale evaluation of 12 
state-of-the-art security analysis tools on a benchmark of these faults. The 
results reveal that existing tools achieve an average detection rate of only 
14.4%, proving their inability to effectively identify these subtle yet 
critical logic flaws.

The third study focuses on the automated detection of smart contract 
vulnerabilities. The study proposes a hybrid framework for identifying price 
manipulation vulnerabilities in DeFi. Focusing on financially devastating 
price manipulation attacks, the study combines static taint analysis for 
identifying potentially vulnerable code paths, a two-stage Large Language 
Model (LLM) pipeline for deep semantic reasoning about economic logic and 
defensive measures, and a final static analysis checker to validate findings 
and mitigate LLM hallucinations. Evaluated on a comprehensive benchmark of 73 
real-world vulnerable DeFi protocols and 288 benign ones, the proposed 
framework achieves 88% precision and 90% recall, significantly outperforming 
existing static analysis and LLM-based approaches.


Date:                   Monday, 29 September 2025

Time:                   4:00pm - 6:00pm

Venue:                  Room 3598
                        Lifts 27/28

Committee Members:      Prof. Shing-Chi Cheung (Supervisor)
                        Dr. Yepang Liu (Co-supervisor, SUSTech)
                        Prof. Raymond Wong (Chairperson)
                        Dr. Shuai Wang