Automated Vulnerability Detection in Smart Contracts using Control Flow Graphs and Machine Learning

The security of smart contracts, a fundamental component of decentralized applications (dApps) on blockchain platforms, remains a critical concern due to the risk of severe financial losses from vulnerabilities. Traditional detection methods, such as fuzzing and symbolic execution, are effective at finding vulnerabilities but tend to be computationally expensive and time-consuming. This paper introduces a novel approach to vulnerability detection in smart contracts by combining machine learning with control flow graph (CFG) analysis. The proposed method trains machine learning models on optimized control flow graphs (CFGs) generated from pre-labeled smart contracts, enhancing both the speed and accuracy of vulnerability detection. Unlike existing tools, it operates solely on the contract's bytecode, eliminating the need for Solidity source or ABI files and thereby enhancing accessibility and applicability. The proposed system, SmartCFG, demonstrates superior computational efficiency and classification accuracy compared to traditional methods. While primarily designed to assist auditors, our approach provides a robust preliminary step in identifying potentially vulnerable contracts, complementing manual audits and enhancing overall smart contract security assessments.