Fuzz like a Pro: Using Auditor Knowledge to Detect Financial Vulnerabilities in Smart Contracts

Blockchain technology supports digital currency applications through Ethereum's smart contracts, enabling various functionalities but susceptible to security vulnerabilities. Notably, smart contracts are susceptible to Monetary Exploit Vulnerabilities (MEVs), which result in significant financial losses, evidenced by the billions of dollars lost to hacks in recent years. Traditional fuzzing tools, focused on underlying vulnerabilities such as opcode and stack patterns, fail to address complex, high-level MEVs that involve intricate interactions between contract functions and states. This paper introduces FuzzLaPRO (Fuzz like a PRO), an innovative fuzzing tool designed to understand and simulate smart contract logic to detect MEVs effectively. FuzzLaPRO leverages a Natural Language Processing (NLP) model, trained on a corpus of expert auditing reports and proofs of concept, to generate risk-aware function sequences that target MEVs. Additionally, we address the limitations of existing tools in handling distributed applications (Dapps) by implementing dynamic version discovery and implicit contract bridging. This allows FuzzLaPRO to adapt to various Ethereum Virtual Machine (EVM) versions and interact with implicitly deployed contracts, enhancing its applicability to real-world scenarios. We evaluated FuzzLaPRO on a dataset of 15,132 small and medium-sized smart contracts and 23 Dapps, discovering 79 new vulnerabilities at the smart contract level and 4 at the Dapp level, surpassing state-of-the-art fuzzers in both coverage efficiency and bug discovery rate. This work advances the smart contract security field by introducing a targeted, efficient fuzzing approach and sets a foundation for further innovations in automated security testing tools.