AI-Driven Smart Contract Vulnerability Detection: A Systematic Review of Methods, Challenges, and Future Prospects
Main Article Content
Abstract
Smart contracts (SCs) have become an essential component in the world of decentralized applications, automating transactions across blockchain networks without the need for intermediaries, and with this rise in adoption, the technology has also brought forth growing concern due to security vulnerabilities, which have led to serious financial damage, and the problem is far from being solved. Traditional auditing methods often struggle to capture the more intricate vulnerabilities hidden within smart contract logic, particularly owing to the irreversible nature of blockchain transactions. Given these challenges, researchers have been actively exploring more advanced detection techniques. Despite progress, many existing studies tend to focus narrowly on specific methods, whether static analysis, dynamic testing, or machine learning models, without offering a comprehensive comparison across all available approaches. This fragmented landscape leaves a noticeable gap for practitioners looking for a well-rounded understanding of smart contract security solutions. To address this, our study set out to systematically review the existing body of work, analysing 21 reviewed studies published between 2020 and 2024. The primary aim was to combine the diverse techniques that have been proposed for detecting vulnerabilities in smart contracts, ranging from static and dynamic analyses to more recent AI-driven models, graph-based techniques, and hybrid systems, critically evaluating their strengths, weaknesses, and practical effectiveness. The methodology followed a structured approach. We searched major research databases, IEEE Xplore, ACM Digital Library, SpringerLink, ScienceDirect, and Scopus—using carefully crafted search queries to ensure that we captured the most relevant and up-to-date papers. Our findings revealed that AI-based methods, especially those leveraging deep neural networks and graph neural networks, have achieved impressive detection accuracy in controlled environments. For example, models such as ContractWard and SCVDIE-ENSEMBLE reported Micro-F1 scores of 98.48% and 95.46%, respectively, but these models also have a trade-off—they demand high computational resources, which limits their real-world deployment in resource-constrained settings. On the other hand, lighter tools such as Slither and NeuCheck offer faster detection and lower resource usage but might fall short in regard to identifying more complex or new vulnerabilities. We also noticed a growing trend towards real-time monitoring tools, such as SODA and GPTScan, which aim to strike a balance by reducing false positives while providing proactive security measures. However, several challenges remain unresolved where many AI-driven models still rely heavily on labelled datasets, which may not generalize well to novel attack patterns. Scalability is another concern, especially for models that are computationally intensive.
Article Details
Issue
Section

This work is licensed under a Creative Commons Attribution 4.0 International License.