CHAINTRIX: A multi-pipeline LLM-augmented framework for automated smart-contract security auditing
Gabriela Dobrita, Simona-Vasilica Oprea, Adela Bara
TL;DR
Chaintrix is a comprehensive framework combining deterministic analysis and LLMs to improve the accuracy and efficiency of smart-contract security audits, significantly reducing false positives and detecting most high-severity vulnerabilities.
Contribution
It introduces a multi-pipeline LLM-augmented framework with a structured contract parser and staged verification to enhance smart-contract security auditing accuracy.
Findings
Detects 86 of 120 high-severity vulnerabilities (71.7% recall)
Achieves 100% recall in 25 audits, outperforming baseline models
Uses a structured contract representation to validate LLM claims
Abstract
Smart-contract exploits have caused billions of USD in cumulative losses, yet audits remain expensive and slow. Automated tools have emerged to close this gap, but each class has a characteristic failure mode. Static analyzers report findings that frequently fail manual triage at high rates, while large language models (LLMs) hallucinate findings that contradict the source code. Thus, we propose Chaintrix, an end-to-end auditing framework whose central architectural commitment is that every LLM-generated claim must be discharged against a deterministic structural contract representation. We introduce a Cross-Contract Interaction Model (CCIM) that parses Solidity into a structured map of function-level reads, writes, modifiers and resolved cross-contract calls. CCIM serves as the substrate against which all 12 of Chaintrix's deterministic signal engines and the parallel LLM audit…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.