Page 348 - 《软件学报》2026年第1期

P. 348

揭晚晴等: 智能合约与 DeFi 协议漏洞检测技术综述 345

Abstract: As core programmable components of blockchain, smart contracts are responsible for asset management and the execution of
complex business logic, forming the foundation of decentralized finance (DeFi) protocols. However, with the rapid advancement of
blockchain technology, security issues related to smart contracts and DeFi protocols have become increasingly prominent, attracting
numerous attackers seeking to exploit vulnerabilities for illicit gains. In recent years, several major security incidents involving smart
contracts and DeFi protocols have highlighted the importance of vulnerability detection research, making it a critical area for security
defense. This study systematically reviews existing literature and proposes a comprehensive framework for research on vulnerability
detection in smart contracts and DeFi protocols. Specifically, vulnerabilities and detection techniques are categorized and analyzed for both
domains. For smart contracts, the study focuses on the application of large language models (LLM) as primary detection engines and their
integration with traditional methods. For DeFi protocols, it categorizes and details various protocol-level vulnerabilities and their detection
methods, analyzing the strengths and limitations of detection strategies before and after attacks, addressing gaps in existing reviews on
DeFi vulnerability detection. Finally, this study summarizes the challenges faced by current detection approaches and outlines future
research directions, aiming to provide new insights and theoretical support for the security detection of smart contracts and DeFi protocols.
Key words: smart contract; DeFi protocol; vulnerability detection; large language model (LLM)

区块链 [1] 作为一种分布式账本技术, 具备去中心化、不可篡改、透明等特性. 智能合约 [2] 作为区块链的核心
组成部分, 则赋予了区块链可编程的特性, 使其可以利用自动化脚本代码来编辑和操作业务及数据, 大幅推动区块
链应用迅速渗透到金融、供应链、医疗等经济社会多个领域 [3] . 在此基础上, 去中心化金融 (decentralized finance,
DeFi) 得以迅速发展. DeFi 协议通过智能合约提供了无须信任中介的金融服务, 例如借贷、资产交易、流动性挖
[4]
矿和衍生品合约等. DeFi 协议的业务特性包括去中心化治理、无中介信任、资产流动性优化、可组合性和开放
性, 允许用户直接在区块链上进行点对点的金融交易, 促进了更为公平和高效的金融市场发展. 然而, 这些特性在
为用户提供便利和创新的同时, 也为攻击者创造了潜在的漏洞利用机会.
随着区块链技术的广泛应用, 智能合约和 DeFi 协议的安全性问题也愈发凸显 [5,6] , 是制约区块链生态系统稳
定运行的关键. 智能合约的不可篡改性虽然确保了交易的透明性和信任度, 但也使得一旦代码中存在漏洞, 修复这
些漏洞将变得极为困难. 随着 DeFi 生态系统的发展, 智能合约的安全问题逐步延伸至 DeFi 协议, 导致了更为复杂
和严重的安全风险, 下面结合图 1 典型的安全事件按时间顺序进行分析.

The DAO Parity 合约 BEC 合约 Uranium XCarnival
重入漏洞事件访问控制事件整型溢出事件会计错误事件不一致状态更新事件

2020.09 2021.05 2023.10
2016.06 2017.07 2018.04 2021.04 2022.08

bZx 协议 PancakeBunny MEV 机器人
安全事件协议安全事件安全事件

图 1 典型安全事件时间线

在智能合约层面, 重入攻击 [7] 、访问控制 [8] 和整数溢出 [9] 等传统漏洞仍然具有重要影响, 近年来涉及复杂合约
逻辑和业务流程的漏洞在实际安全事件中的比例也在显著上升 [10] . 例如, 2021 年, Uranium Finance 因会计错误导
致利息计算多了两个 0, 被攻击者利用, 造成 5 700 万美元的损失 [11] ; 2022 年, XCarnival 由于状态更新不一致, 非
同质化代币 (non-fungible token, NFT) 借贷池在交易过程中遭遇智能合约攻击, 攻击者通过反复借入贷款而不偿
还, 耗尽了整个资金池, 造成 380 万美元被盗 [12] .
DeFi 协议通常由一组智能合约组成, 服务于去 DeFi 应用, 旨在实现无中介的、自动化的金融服务, 满足用户
在不同场景中的需求, 如去中心化借贷、去中心化交易所等. 由于 DeFi 协议的执行逻辑涉及多个合约之间的交
互, 其安全漏洞往往源于智能合约间的复杂互动, 从而引发许多新的漏洞. 这些漏洞可能导致整个协议的安全性下

343 344 345 346 347 348 349 350 351 352 353