Cointime

Download App
iOS & Android

MetaTrust's AI Scan Engine: Harnessing the Power of GPT and Static Analysis

Validated Project

We are excited to announce that MetaTrust Labs has developed an innovative GPT-based auditing engine, specifically designed to analyze logic smart contract vulnerabilities that were previously deemed un-auditable by machines, as per the ICSE'23 Web3Bugs paper.

In contrast to other companies that solely rely on GPT for scanning, resulting in a high number of false positives, we believe that the true potential of GPT can be fully harnessed when combined with a powerful static analysis tool like MetaScan. Specifically, while ChatGPT excels at reading code and recognizing its properties, it struggles to effectively analyze the control and data dependencies of key variables, often misidentifying patched code as vulnerable. On the other hand, static analysis may not be adept at intelligently recognizing code scenarios or properties, but it provides accurate dependency analysis and formal verification. To leverage the strengths of both GPT and static analysis, we have designed a novel architecture for a GPT-based scanning engine (details to be introduced in a forthcoming academic paper). This engine has been seamlessly integrated into MetaTrust's MetaScan service.

We have tested this AI scan engine on various Web3Bugs. One example is https://github.com/metatrust-demo/LogicBug-Prepo, which was audited on Code4rena. As depicted in the following screenshot, our engine was successful in detecting a high-risk logic vulnerability that allowed the first depositor to disrupt the minting of shares.

Another example is from a past attack incident that led to a BSC token named ATK suffering a $127k loss on October 12, 2022. By scanning this vulnerable contract with MetaScan, our AI engine was able to effectively pinpoint the following vulnerable function:

The application of AI in blockchain security is exciting. We believe that combining GPT and static analysis with AI technologies can detect potential vulnerabilities that human auditors find difficult to identify. Although AI will not completely replace manual audits, it can greatly enhance audit efficiency and coverage. We are working to build a reliable AI system to protect blockchain users and help build a safer cryptocurrency ecosystem. While there is still a long way to go, the future is promising. We firmly believe that the blockchain industry will continue to benefit from the development of AI.

AI has huge potential in the field of blockchain security. By combining GPT and static analysis with AI technologies, we can detect potential vulnerabilities that human auditors find difficult to identify. We are constantly improving our AI scanning engine to provide the best results, working to build a reliable AI system to protect on-chain assets and project security. The AI scanning engine of MetaScan is an important step towards achieving this goal. Try MetaScan for FREE now.

Follow Us

Website: metatrust.io

Twitter: @MetaTrustLabs

Comments

All Comments

Recommended for you

  • Citi report: predicts that corporate finance will undergo major changes in the next 3 to 5 years, and DLT and AI will play a role

    Citi GPS has released a report titled "Financials 2030" exploring the future development direction of corporate finance functions. A survey found that 93% of surveyed financial executives believe that there will be significant changes in corporate finance functions in the next three to five years, but more than half of them are unsure of what these changes will be.

  • Fiamma Completes $4 Million Seed Round Financing

    Fiamma, a project based on BitVM2's on-chain ZKP verification infrastructure and Babylon's ecological infrastructure, announced the completion of a $4 million seed round of financing. Lightspeed Faction and L2 Iterative Ventures led the investment, with participation from Astera Ventures, Contribution Capital, Sats Ventures, Chapter One and FoundersHead, as well as BOB (Build on Bitcoin), Satlayer and Daedalus founders. The new funds will be used to accelerate product development and promote the adoption of its underlying technology.

  • Australia’s financial regulator proposes new crypto rules, emphasizing risks and mitigation measures

     Australian Securities and Investments Commission (ASIC) has released a consultation paper suggesting updates to its regulatory guidelines for digital assets, with a focus on compliance requirements under the Corporations Act. The revisions to Information Sheet 225 (INFO 225) include 13 worked examples aimed at clarifying when digital assets qualify as financial products, such as stablecoins, packaged tokens, and staking services. In these examples, ASIC outlines scenarios involving exchange tokens, interest-bearing stablecoins, and tokenized assets such as concert tickets. The draft guidance proposes that classification depends on "inherent rights, interests, expectations, and product features that are offered together with the token." ASIC encourages cryptocurrency companies to apply for an Australian Financial Services License, providing them with a safe harbor from legal action.

  • BlackRock executive: More and more investors from different wealth classes are looking at Bitcoin as a hedging tool

    Bitcoin has been rising all the way, breaking through the $100,000 mark. A large part of the demand driving the rise in Bitcoin prices has recently flowed into Bitcoin ETFs. Jay Jacobs, head of thematic and active ETFs in the United States at BlackRock, said that since its launch in January of this year, the value of the IBIT ETF has grown to over $45 billion, and its value has increased by $4.1 billion in just the past month. Jacobs said that in addition to candidates who are more friendly to cryptocurrencies winning in elections, an increasing number of investors from different wealth levels are beginning to see Bitcoin as a tool to hedge against geopolitical risks and currency depreciation caused by inflation. As ETFs become an easy way for investors to understand Bitcoin price trends, mainstream interest in cryptocurrencies reaching a critical point is only a matter of time. (Jinse)

  • BTC breaks through $101,500

    the market shows that BTC has broken through $101,500 and is currently trading at $101,510.91, with a 24-hour increase of 6.15%. The market is volatile, so please be prepared for risk control.

  • Trump announces series of appointments for key government positions

    President-elect Donald Trump has made a series of appointments, including Peter Navarro as senior counselor for trade and manufacturing, Paul Atkins as commissioner of the Securities and Exchange Commission, and former Rep. Billy Long as the Internal Revenue Service's commissioner. Trump has chosen people for most Senate-confirmed Cabinet-level jobs, as well as key roles that don't require confirmation. However, he is reportedly considering replacing Defense Secretary nominee Pete Hegseth amid allegations of public drunkenness and sexual misconduct.

  • Source: CFTC chairman candidate has put the suspension of Biden-era enforcement actions on the agenda

    According to FOX Business reporter Eleanor Terrett, CFTC Commissioner Caroline D. Pham is one of the candidates for the new CFTC chairman. Under the leadership of the new leadership, the suspension of enforcement actions during the Biden era has been put on the agenda.

  • Matrixport: Solana’s funding rate is currently as high as 70% annualized, and a price correction may occur

    According to a report, Matrixport has released a chart today stating that Grayscale has submitted an application to convert Solana Trust into a spot ETF. Although the current asset management scale of the product is relatively small at $134 million, if approved, it will set an important market precedent for other ETF issuers. It is important to note that Solana's financing rate is currently as high as 70% annualized, which creates significant pressure on leveraged long positions. Historical experience shows that similar high financing rates are often related to price corrections, as was the case in March of this year when the SOL-USDT price fell under similar financing rate backgrounds.

  • Japanese Prime Minister Shigeru Ishiba is cautious about separate taxation of cryptocurrencies and approval of ETFs

     Japanese Prime Minister Shizuo Shima expressed caution about the unified 20% separate taxation rule for cryptocurrency in a representative issue at a plenary session of the House of Representatives. "Is it appropriate to encourage investment in cryptocurrency such as stocks and investment trusts that have investor protection regulations? Will the public understand the idea of applying separate self-assessment taxation? There are several issues that need to be resolved. We need to consider it carefully." At the same time, "whether cryptocurrency should be included in ETFs depends on whether cryptocurrency is an asset that needs to be made more easily accessible to the public."

  • Web3 data and AI company Validation Cloud completes $10 million in new round of financing

     Web3 data and AI company Validation Cloud announced a $10 million financing round from True Global Ventures. The company plans to use the funds to expand its AI products and achieve seamless access to Web3 data.