AI in Blockchain Security: Potential and Limitations in Smart Contract Audits

Posted on by Artificial Intelligence
Futuristic, AI-powered cyber lab, dusk lighting, vibrant digital holograms, curious yet focused mood, AI algorithms analyzing vast blockchain data, holographic display of smart contract code in progress, human auditor decrypting vulnerabilities alongside AI, contrast between artificial and human intelligence, sense of partnership and watchfulness.

As artificial intelligence continues to evolve, blockchain security firms are assessing the potential of AI in identifying weaknesses in smart contract codes. OpenZeppelin, a leading blockchain security company, recently conducted an experiment to determine the effectiveness of OpenAI’s GPT-4 model in discovering various smart contract vulnerabilities.

The study aimed to evaluate whether GPT-4’s impressive performance in solving traditional coding problems and academic exams could be applied to smart contract codes. The AI model was tested using 28 Ethernaut challenges, a series of tasks designed to expose smart contract vulnerabilities. GPT-4 was successful in solving 19 of the 23 tasks it was given before its training data cutoff date in September 2021. However, the model failed in four of the final five challenges.

Despite its seemingly reasonable success rate, experts at OpenZeppelin found that the AI tool’s outputs lacked the “reliable reasoning” required for security purposes. In some instances, GPT-4 correctly identified vulnerabilities but failed to explain the attack vector or propose solutions. Furthermore, the AI model was found to rely on false information and even invented vulnerabilities that did not exist.

This experiment highlights the limitations of AI in dealing with complex tasks such as identifying smart contract vulnerabilities. Mariko Wakabayashi, machine learning lead at OpenZeppelin, pointed out that while AI has strengths in solving creative and open-ended tasks, its weaknesses are too great for reliable security applications.

The need for human auditors in the field of blockchain security remains crucial, as experts must assess the accuracy of the solutions provided by AI models. It’s clear that even though AI can add value to the field, it cannot replace the expertise and judgment of human auditors in the near future.

While some crypto companies, like Crypto.com, are optimistic about the use of AI in their operations, others like Bitget adopt a more cautious approach. Misinformation and false investment advice played a significant role in Bitget’s decision to limit AI tool usage.

In conclusion, AI developments hold significant promise for improving efficiency and acting as a catalyst for innovation in the realm of blockchain and cryptocurrency. However, the technology remains supplemental to human expertise. Blockchain security professionals must not rely solely on AI to identify and address vulnerabilities in smart contracts.

Source: Blockworks

Sponsored ad

More Articles

Intricate cityscape, Ethiopian marketplace, diverse people using mobile devices, warm setting sun, subtle crypto symbols, blend of traditional culture and futuristic tech, dynamic contrast, lively atmosphere, impressionist style, sense of innovation and revolution.

M-Pesa Shakes Up Ethiopia’s Mobile Money Scene: Digital Finance and Crypto’s Murky Status

The National Bank of Ethiopia has issued a mobile money-service license to M-Pesa, challenging state-owned Telebirr’s dominance. This development supports Ethiopia’s shift towards greater financial digitalization and increased digital payments accessibility for unbanked Ethiopians. Nonetheless, the legal status of crypto assets remains unclear in the country.

A digital scene of neural net AI integrated with a sophisticated cryptocurrency exchange on a tech-driven planet. The planet glows under the gentle warmth of evening light, creating a calm and hopeful ambiance. Minimalistic blockchain transactions are automatized, popping up around the hemisphere, symbolizing grid trading strategies. Silhouettes of encrypted data function as a layer of protection against the backdrop, indicating privacy assurance. Robots representing AIs handle multi-language communications while interacting with digital figures representing users. The style is a blend of cyberpunk and abstract, depicting a complex yet efficient future.

Embracing AI in Crypto Exchanges: Advances and Challenges for BitGet

BitGet is using artificial intelligence (AI) to streamline operations and enhance user convenience in crypto exchanges. AI is instrumental in multi-language services, customer interactions and developing grid trading strategies. However, alongside AI advancements, user privacy and data protection remain crucial, with Zero-knowledge proof (ZK-proof) technology providing a solution for confidentiality and self-custody.