English

Benchmarking LLM-Based Static Analysis for Secure Smart Contract Development: Reliability, Limitations, and Potential Hybrid Solutions

Cryptography and Security 2026-05-13 v1 Artificial Intelligence

Abstract

The irreversible nature of blockchain transactions makes the identification of smart contract vulnerabilities an essential requirement for secure system development. While Large Language Models (LLMs) are increasingly integrated into developer workflows, their reliability as autonomous security auditors remains unproven. We assess whether current generative models are a viable replacement for, or only a complement to, traditional static-analysis tools. Our findings indicate that LLM efficacy is undermined by both inherent lexical bias and a lack of rigorous validation of external data inputs. This reliance on non-semantic heuristics, such as identifier naming, leads to a high frequency of false positives. Furthermore, prompting techniques reveal a trade-off between precision and recall. These results were derived using our custom automated framework, which achieves 92% accuracy in classifying model outputs.

Keywords

Cite

@article{arxiv.2605.11163,
  title  = {Benchmarking LLM-Based Static Analysis for Secure Smart Contract Development: Reliability, Limitations, and Potential Hybrid Solutions},
  author = {Stefan-Claudiu Susan and Andrei Arusoaie and Dorel Lucanu},
  journal= {arXiv preprint arXiv:2605.11163},
  year   = {2026}
}

Comments

Accepted to IEEE COMPSAC 2026. Extended version with supplemental materials