ISSN :3049-2335
natan katz
Adv. Know. Base. Syst. Data Sci. Cyber., 2 (2):215-235
natan katz : Co-founder of a startup, independent researcher of AI, and cyber
Article History: Received on: 02-Apr-25, Accepted on: 16-May-25, Published on: 23-May-25
Corresponding Author: natan katz
Email: natan.katz@gmail.com
Citation: natan katz (2025). Smart Contracts- Vulnerabilities, CodeLlama Usage and Gas-Driven Detection. Adv. Know. Base. Syst. Data Sci. Cyber., 2 (2 ):215-235
Smart contracts are a major tool in Ethereum transactions. Therefore
hackers can exploit them by adding code vulnerabilities to their sources
and using these vulnerabilities for performing malicious transactions. This
paper presents two successful approaches for detecting malicious contracts:
one uses opcode and relies on GPT2 and the other uses the Solidity source
and a LORA fine-tuned CodeLlama. Finally, we present an XGBOOST
model that combines gas properties and Hexa-decimal signatures for detecting
malicious transactions. This approach relies on early assumptions
that maliciousness is manifested by the uncommon usage of the contracts’
functions and the effort to pursue the transaction.
[1] https://chat.openai.com/ [2] https://openai.com/dall-e-2 [3] https://en.wikipedia.org/wiki/Sentiment_analysis [4] https://etherscan.io/ [5] https://www.udemy.com/course/build-your-blockchain-az [6] V. Buterin. DAOs, DACs, DAs and More: An Incomplete Terminology Guide. 2014. Available at : https://blog.ethereum.org/2014/05/06/daos-dacs-das-and-more-an-incomplete-terminologyguide [7] A. Moskov . What is Ethereum - The Ultimate Beginner’s Guide. 2017. https://coincentral.com/what-is-ethereum-the-ultimate-beginners-guide [8] M. Leising .The Ether Thief 2017. A vailable at :https://www.bloomberg.com/features/2017-theether-thief [9] https://www.freecodecamp.org/news/smart-contracts-for-dummies [10] Vanunu, Zaikin, Barda . Cyber and Hacking in the Worlds of Blockchain and Crypto. 2023 [11] https://ethereum.org/en/what-is-ethereum/ [12] N. Custodio .Smart Contract for Dummies. 2017. Available at: https://www.freecodecamp.org/news/smart-contracts-for-dummies-a1ba1e0b9575/ [13] https://cryptorunner.com/what-is-ethereum/ [14] https://ethereum.org/se/developers/docs/smart-contracts/ 233 https://cybersecurityjournal.info/ | August 2025Advances in Knowledge-Based Systems, Data Science, and Cybersecurity [15] https://coinloan.io/blog/smart-contract-platforms-overview [16] https://medium.com/coinmonks/evm-part-ii-the-journey-of-smart-contracts-from-soliditycode-to-bytecode [17] Louis Abraham’s Home Page, 2022. Calling a Contract Without ABI on Ethereum https://louisabraham.github.io/articles/no-abi [18] R. O. Duda , P. Hart , D. G. Stork Pattern Classification. Wiley, 2000. [19] https://cs229.stanford.edu/ [20] https://towardsdatascience.com/understanding-random-forest [21] https://xgboost.readthedocs.io/en/stable/ [22] https://xgboost.readthedocs.io/en/stable/tutorials/model.html [23] Mikolov T, Karafiát M, Burget L, Cernocký J, Khudanpur S. Recurrent Neural Network Based Language Model. InInterspeech 2010;2:1045-1048. [24] Sutskever I, Vinyals O, Le QV. Sequence to Sequence Learning With Neural Networks. 2014 https://arxiv.org/pdf/1409.3215 [25] A. Molak. Causal Inference and Discovery in Python: Unlock the Secrets of Modern Causal Machine Learning With DoWhy, EconML, PyTorch and More. Packt Publishing.2023 [26] https://www.youtube.com/c/BradyNealCausalInference [27] https://medium.com/p/4dc706680294 [28] https://medium.com/towards-data-science/explainability-using-bayesian-networks4dc706680294 [29] https://www.bnlearn.com/examples/ [30] https://pypi.org/project/bnlearn/ [31] https://www.uib.no/en/rg/ml/119695/bayesian-networks [32] https://hackernoon.com/hack-solidity-reentrancy-attack [33] https://cryptomarketpool.com/reentrancy-attack-in-a-solidity-smart-contract/ [34] https://medium.com/immunefi/the-ultimate-guide-to-reentrancy-19526f105ac [35] Radford A, Narasimhan K, Salimans T, Sutskever I. Improving Language Understanding by Generative Pre-Training 2018. [36] Radford A, Wu J, Child R, Luan D, Amodei D. Language Models Are Unsupervised Multitask Learners. OpenAI blog. 2019;18:9. [37] https://huggingface.co [38] https://ai.meta.com/llama/ [39] huggingface.co/docs/transformers/model_doc/llama2 234 https://cybersecurityjournal.info/ | August 2025 Natan Katz [40] https://huggingface.co/docs/transformers/main/model_doc/code_llama [41] https://forta.org/blog/how-fortas-predictive-ml-models-detect-attacks-before-exploitation/ [42] https://www.chainabuse.com/ [43] https://de.fi/ [44] https://ethervm.io/decompile [45] https://huggingface.co/datasets/mwritescode/slither-audited-smart-contracts [46] Natan Katz and Uri Utai. Parametric PDF for Goodness of Fit. Advances in Artificial Intelligence and Machine Learning 2023;3:47. [47] N Katz, CodeLlama FineTuning for Classification, Available at :https://medium.com/@natankatz/codellama-classification-finetuning-28fa5546f64f [48] https://huggingface.co/ckandemir/solidity-generator [49] Devlin J, Chang MW, Lee K, Toutanova K. BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding. 2019. Arxiv preprint : https://arxiv.org/pdf/1810.04805 [50] https://huggingface.co/datasets/mwritescode/slither-audited-smart-contracts [51] https://web3py.readthedocs.io/en/stable/ [52] https://www.chainabuse.com/ [53] https://www.4byte.directory [54] https://builtin.com/data-science/step-step-explanation-principal-component-analysis [55] https://scikit- learn.org/stable/modules/generated/sklearn.ensemble.IsolationForest.html [56] https://github.com/natank1/finetunecodellama2binary/tree/main