USCSA: Evolution-Aware Security Analysis for Proxy-Based Upgradeable Smart Contracts

TL;DR

USCSA is a novel security analysis tool for upgradeable smart contracts that leverages AST difference analysis and large language models to detect vulnerabilities caused by upgrades, improving security auditing accuracy.

Contribution

It introduces a new approach combining AST difference analysis and LLM-assisted reasoning to identify upgrade-induced vulnerabilities in smart contracts.

Findings

Achieves 92.26% precision in vulnerability detection

Detects 89.67% of upgrade-related vulnerabilities

Provides a high-confidence, efficient security auditing method

Abstract

In the case of upgrading smart contracts on blockchain systems, it is essential to consider the continuity of upgrades and subsequent maintenance. In practice, upgrade operations often introduce new vulnerabilities. Existing static analysis tools usually only scan a single version and are unable to capture the correlation between code changes and emerging risks. To address this, we propose an Upgradeable Smart Contract Security Analyzer, USCSA, which uses Abstract Syntax Tree (AST) difference analysis to assess risks associated with the upgrade process and utilizes large language models (LLMs) for assisted reasoning to achieve high-confidence vulnerability attribution. We collected and analyzed 3,546 cases of vulnerabilities in upgradeable contracts, covering common vulnerability categories such as reentrancy, access control flaws, and integer overflow. Experimental results show that USCSA achieves a precision of 92.26%, a recall of 89.67%, and an F1-score of 90.95% in detecting upgrade-induced vulnerabilities. As a result, USCSA provides a significant advantage to improve the security and integrity of upgradeable smart contracts, offering a novel and efficient solution for security auditing on blockchain applications.