Go to ICLR 2026 Conference homepageNATLM: Detecting Defects in NFT Smart Contracts Leveraging LLM
Keywords: NFT, LLM, Smart Contract, Semantic Analysis
Abstract: Security issues are becoming increasingly significant with the rapid evolution of Non-fungible Tokens (NFTs). The potential defects in NFT smart contracts could lead to substantial financial losses if exploited. To tackle this issue, this paper presents a framework called NATLM (NFT Assistant LLM), to detect potential defects in NFT smart contracts. NATLM effectively identifies 4 common types of vulnerabilities in NFT smart contracts, including ERC-721 Reentrancy, Public Burn, Risky Mutable Proxy, and Unlimited Minting. Relying exclusively on large language models (LLMs) for defect detection can lead to a high false-positive rate. To improve it, NATLM integrates static analysis with LLMs, specifically Gemini Pro 1.5. Initially, NATLM employs static analysis to extract structural, syntactic, and execution flow information from the code, represented through Abstract Syntax Trees (AST) and Control Flow Graphs (CFG). These extracted features are then combined with vectors of known defect examples to create a matrix for input into the knowledge base. Subsequently, the feature vectors and code vectors of the analyzed contract are compared with the contents in the knowledge base. Finally, the deep semantic analysis capabilities of LLM are used to identify defects in NFTs. Experimental results indicate that NATLM analyzed 8,672 collected NFT smart contracts, achieving an F1 score of 88.94\%, outperforming other baselines.
Supplementary Material: zip
Primary Area: other topics in machine learning (i.e., none of the above)
Submission Number: 5038
Loading