LLM-Powered Detection of Price Manipulation in DeFi

TL;DR

This paper introduces PMDetector, a hybrid static and LLM-based framework for proactively detecting price manipulation vulnerabilities in DeFi smart contracts, outperforming existing methods in accuracy and efficiency.

Contribution

The paper presents a novel hybrid approach combining static analysis and large language models to proactively identify DeFi vulnerabilities, addressing limitations of prior reactive and heuristic methods.

Findings

PMDetector achieves 88% precision and 90% recall.

Auditing costs $0.03 and takes 4 seconds with GPT-4.1.

Outperforms state-of-the-art static and LLM-based approaches.

Abstract

Decentralized Finance (DeFi) smart contracts manage billions of dollars, making them a prime target for exploits. Price manipulation vulnerabilities, often via flash loans, are a devastating class of attacks causing significant financial losses. Existing detection methods are limited. Reactive approaches analyze attacks only after they occur, while proactive static analysis tools rely on rigid, predefined heuristics, limiting adaptability. Both depend on known attack patterns, failing to identify novel variants or comprehend complex economic logic. We propose PMDetector, a hybrid framework combining static analysis with Large Language Model (LLM)-based reasoning to proactively detect price manipulation vulnerabilities. Our approach uses a formal attack model and a three-stage pipeline. First, static taint analysis identifies potentially vulnerable code paths. Second, a two-stage LLM process filters paths by analyzing defenses and then simulates attacks to evaluate exploitability. Finally, a static analysis checker validates LLM results, retaining only high-risk paths and generating comprehensive vulnerability reports. To evaluate its effectiveness, we built a dataset of 73 real-world vulnerable and 288 benign DeFi protocols. Results show PMDetector achieves 88% precision and 90% recall with Gemini 2.5-flash, significantly outperforming state-of-the-art static analysis and LLM-based approaches. Auditing a vulnerability with PMDetector costs just $0.03 and takes 4.0 seconds with GPT-4.1, offering an efficient and cost-effective alternative to manual audits.