CN117667676A - AIGC-based block chain intelligent contract IDE verification test method and system - Google Patents
AIGC-based block chain intelligent contract IDE verification test method and system Download PDFInfo
- Publication number
- CN117667676A CN117667676A CN202311559675.5A CN202311559675A CN117667676A CN 117667676 A CN117667676 A CN 117667676A CN 202311559675 A CN202311559675 A CN 202311559675A CN 117667676 A CN117667676 A CN 117667676A
- Authority
- CN
- China
- Prior art keywords
- contract
- test
- attack
- intelligent contract
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012795 verification Methods 0.000 title claims abstract description 60
- 238000010998 test method Methods 0.000 title claims abstract description 14
- 238000012360 testing method Methods 0.000 claims abstract description 156
- 238000012549 training Methods 0.000 claims abstract description 44
- 238000004458 analytical method Methods 0.000 claims abstract description 17
- 238000012986 modification Methods 0.000 claims abstract description 15
- 230000004048 modification Effects 0.000 claims abstract description 15
- 230000006870 function Effects 0.000 claims description 37
- 238000004088 simulation Methods 0.000 claims description 32
- 238000000034 method Methods 0.000 claims description 27
- 230000008439 repair process Effects 0.000 claims description 19
- 238000012545 processing Methods 0.000 claims description 17
- 238000012544 monitoring process Methods 0.000 claims description 12
- 230000002159 abnormal effect Effects 0.000 claims description 11
- 238000012550 audit Methods 0.000 claims description 7
- 238000013480 data collection Methods 0.000 claims description 7
- 230000007246 mechanism Effects 0.000 claims description 7
- 238000013475 authorization Methods 0.000 claims description 6
- 230000001419 dependent effect Effects 0.000 claims description 6
- 238000002347 injection Methods 0.000 claims description 6
- 239000007924 injection Substances 0.000 claims description 6
- 238000002372 labelling Methods 0.000 claims description 6
- 238000007781 pre-processing Methods 0.000 claims description 6
- 230000008263 repair mechanism Effects 0.000 claims description 6
- 238000011160 research Methods 0.000 claims description 6
- 230000036962 time dependent Effects 0.000 claims description 6
- 238000012546 transfer Methods 0.000 claims description 6
- 238000010200 validation analysis Methods 0.000 claims description 6
- 238000005457 optimization Methods 0.000 abstract description 8
- 238000001514 detection method Methods 0.000 abstract description 7
- 238000010801 machine learning Methods 0.000 abstract description 5
- 238000005516 engineering process Methods 0.000 description 6
- 230000008569 process Effects 0.000 description 5
- 238000011161 development Methods 0.000 description 4
- 230000003068 static effect Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000010219 correlation analysis Methods 0.000 description 1
- 238000013524 data verification Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 238000013100 final test Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000001939 inductive effect Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000003058 natural language processing Methods 0.000 description 1
- 239000000758 substrate Substances 0.000 description 1
Landscapes
- Debugging And Monitoring (AREA)
Abstract
The invention provides a block chain intelligent contract IDE verification test method and system based on AIGC, comprising the following steps: step 1: writing intelligent contracts; step 2: contract analysis optimization flow; step 3: modification of the smart contract; step 4: formalized verification; step 5: contract testing; step 6: final verification test on the chain; step 7: and performing data feeding training and model updating. The invention can analyze a large number of codes through a machine learning algorithm, quickly find potential security holes, improve the security detection efficiency, and has stronger capability of repairing identification codes by using AI prompt words.
Description
Technical Field
The invention relates to the technical field of blockchains, in particular to an AIGC-based blockchain intelligent contract IDE verification test method and system.
Background
With the continuous development of blockchain technology, intelligent contracts have been widely used as one of important applications of blockchain technology. An intelligent contract is an automatically executed contract that automatically executes terms in the contract without intervention by a third party. The writing and testing of the intelligent contracts are important links in the development of the intelligent contracts, but the writing and testing efficiency of the intelligent contracts is low due to the complexity and difficult predictability of the intelligent contracts, and meanwhile, the intelligent contracts have the problems of safety, reliability and the like.
Patent document CN115841297a discloses a project implementation progress supervision method based on intelligent contracts, comprising the steps of: s1, taking a ubantu system as a building substrate, initializing an created block of a block chain and building a private network through Go-Etherum software; s2, submitting and writing an intelligent contract on the upper chain of the enterprise project implementation progress through a solubility language by taking a Remix ide as a development platform; s3, repeatedly testing the performance and safety of the intelligent contract, enabling the user to link and confirm the right, submitting the project progress, and successfully confirming the right. However, the present patent cannot completely solve the existing technical problems, and cannot meet the needs of the present invention.
In order to solve these problems, some methods, such as using static analysis tools, model detection tools, etc., have been proposed, but these methods have certain limitations, and cannot completely solve the problems of writing and testing intelligent contracts. AIGC (AI generated content) is a method for intelligent contract analysis based on inductive reasoning and counterexample guidance, which can automatically deduce the specifications and invariants of intelligent contracts and generate counterexamples to help programmers to debug and repair.
An intelligent contract is an automated contract based on blockchain technology, the code of which is typically made up of a plurality of functions. The contract change responsible for logic is composed of many contract files; when the smart contract is written, it needs to be subjected to correlation analysis to determine whether its functions and logic meet expectations. Accordingly, there is a need to develop an analysis tool that enables static and dynamic analysis of smart contracts to discover potential errors and vulnerabilities and optimize their logic.
AIGC is currently generally an interface of a general model, and in order to enable the AI model to be more matched with analysis optimization of a blockchain intelligent contract, prompt words need to be optimized; due to the diversity and rapid iteration of on-chain attack techniques, timely collection and processing of the model training feed data is required.
The correctness of the intelligent contracts is critical to the security and stability of the blockchain system. Accordingly, there is a need to develop a formal verification tool that can formally verify smart contracts to ensure that they meet expected security and correctness requirements.
AIGC is an artificial intelligence technology that enables automated generation and optimization of code. However, the ability of the AIGC itself to directly recognize related errors cannot meet the requirements, and more specialized prompt (AIPrompt) needs to be performed, so that related prompt words need to be added in the contract IDE module; in the invention, the AIGC and the blockchain intelligent contracts are required to be integrated and fused to achieve the purpose of the scheme finally.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide an AIGC-based block chain intelligent contract IDE verification test method and system.
The block chain intelligent contract IDE verification test method based on AIGC provided by the invention comprises the following steps:
step 1: writing codes by using intelligent contract IDE and obtaining related prompt words of the codes;
step 2: the codes and related prompt words are transmitted to an AI through an interface, the AI is used for analyzing the intelligent contract, loopholes and errors in the intelligent contract are found out, and a corresponding repairing scheme is provided;
step 3: modifying the intelligent contract code according to the repair scheme provided by the AI by the developer, and then submitting the repaired code to the AI again for analysis;
step 4: after the intelligent contract code is compiled and verified by the platform, fusing prompt words related to the block chain contract security form verification;
step 5: writing out a test case according to the service and the function logic through AI, testing the contract, and verifying the correctness of the contract;
step 6: performing simulation function logic case test and attack test on the blockchain network, and verifying the effectiveness and safety of intelligent contract code modification;
Step 7: and performing data feeding training and model updating.
Preferably, the step 2 includes:
step 2.1: preprocessing the new smart contract code, including removing annotations, formatting, and tokenizing;
step 2.2: extracting the same feature set as that during model training from a new intelligent contract code, wherein the feature set comprises variable names, function calls and control flow structures;
step 2.3: loading a pre-trained AI model and inputting the extracted characteristic data;
step 2.4: analyzing the input intelligent contract code, marking errors or loopholes, and providing repair suggestions according to training data;
step 2.5: performing manual auditing and verification;
step 2.6: feedback on problems found in practical applications is integrated into the next iteration of the model to further optimize its performance.
Preferably, the step 5 includes:
simulation of normal test: simulating a user to use the intelligent contract under normal conditions, including normal transaction, data query and contract call; simulating simultaneous use of intelligent contracts by a large number of users in a short time to test performance of the contracts under high pressure; simulating the operation of users with different authority levels or other contracts on a target contract, wherein the operation comprises an administrator and a common user;
Simulation anomaly test: simulation provides input data to contracts that is in error, out of range, or significantly meaningless; simulating the condition that the same transaction is submitted for a plurality of times due to network delay or malicious attack; simulating a loop formed by calling two or more contracts mutually, thereby causing deadlock or resource exhaustion; simulating the expiration, aborted or deleted condition of the validity period of the contract; simulation contracts fail randomly during execution for some reason; updating the anomaly test according to a novel anomaly attack on an external blockchain, and then training a related model;
the countermeasure is fed back to the testing party after the code is modified through AI, so that the contract code is updated and perfected, and the method comprises the following steps: setting an error processing mechanism for contract; limiting and managing resource usage by setting gas prices and restrictions; performing authorization and access control; verifying the reliability of the time stamp and the random number generation; recording logs of key operation of the contract, and performing security audit regularly; an update and repair mechanism for contracts is provided.
Preferably, the step 6 includes:
step 6.1: deploying the intelligent contract into a test network similar to the actual network, ensuring that the test is performed in a controlled environment;
Step 6.2: simulating a functional logic case test;
normal operation test: simulating conventional contractual operations, including transfers and queries;
abnormal condition test: simulating erroneous inputs and anomalies of operation beyond limits;
role and rights test: simulating different user roles to operate, including an administrator and a common user;
step 6.3: attack testing;
replay attack: attempting to resubmit using the previous transaction data;
logical vulnerability attack: attempting to operate with potential logical vulnerabilities in the contract code, including double payment, advance access to certain functions;
denial of service attack: attempting to disable the contract by sending a large number of requests or utilizing certain characteristics of the contract;
timing dependent attack: attempting to exploit characteristics of the blockchain network to conduct an attack, including transaction validation time;
randomness attack: attempting to predict or affect the randomness of contracts that rely on random number generation;
step 6.4: boundary testing;
input/output boundary test: tests were performed using various extreme and boundary values, including maximum, minimum, negative, zero and null values;
time boundary test: contracts for time-dependent functions attempt to operate at various points in time.
Preferably, the step 7 includes:
and (3) data collection: collecting the latest attack manipulation data including public security reports, vulnerability notices and research papers;
and (3) data processing: processing the collected data into a format suitable for AI learning, including extracting key features and labeling results;
data injection: injecting the processed data into an AI training data set;
model updating: training a new model and then replacing the old model;
monitoring and feedback: and monitoring the performance of the AI, if a new problem or attack technique is found, collecting data, and then continuing to train the model.
The block chain intelligent contract IDE verification test system based on AIGC provided by the invention comprises:
module M1: writing codes by using intelligent contract IDE and obtaining related prompt words of the codes;
module M2: the codes and related prompt words are transmitted to an AI through an interface, the AI is used for analyzing the intelligent contract, loopholes and errors in the intelligent contract are found out, and a corresponding repairing scheme is provided;
module M3: modifying the intelligent contract code according to the repair scheme provided by the AI by the developer, and then submitting the repaired code to the AI again for analysis;
module M4: after the intelligent contract code is compiled and verified by the platform, fusing prompt words related to the block chain contract security form verification;
Module M5: writing out a test case according to the service and the function logic through AI, testing the contract, and verifying the correctness of the contract;
module M6: performing simulation function logic case test and attack test on the blockchain network, and verifying the effectiveness and safety of intelligent contract code modification;
module M7: and performing data feeding training and model updating.
Preferably, the module M2 comprises:
module M2.1: preprocessing the new smart contract code, including removing annotations, formatting, and tokenizing;
module M2.2: extracting the same feature set as that during model training from a new intelligent contract code, wherein the feature set comprises variable names, function calls and control flow structures;
module M2.3: loading a pre-trained AI model and inputting the extracted characteristic data;
module M2.4: analyzing the input intelligent contract code, marking errors or loopholes, and providing repair suggestions according to training data;
module M2.5: performing manual auditing and verification;
module M2.6: feedback on problems found in practical applications is integrated into the next iteration of the model to further optimize its performance.
Preferably, the module M5 comprises:
simulation of normal test: simulating a user to use the intelligent contract under normal conditions, including normal transaction, data query and contract call; simulating simultaneous use of intelligent contracts by a large number of users in a short time to test performance of the contracts under high pressure; simulating the operation of users with different authority levels or other contracts on a target contract, wherein the operation comprises an administrator and a common user;
Simulation anomaly test: simulation provides input data to contracts that is in error, out of range, or significantly meaningless; simulating the condition that the same transaction is submitted for a plurality of times due to network delay or malicious attack; simulating a loop formed by calling two or more contracts mutually, thereby causing deadlock or resource exhaustion; simulating the expiration, aborted or deleted condition of the validity period of the contract; simulation contracts fail randomly during execution for some reason; updating the anomaly test according to a novel anomaly attack on an external blockchain, and then training a related model;
the countermeasure is fed back to the testing party after the code is modified through AI, so that the contract code is updated and perfected, and the method comprises the following steps: setting an error processing mechanism for contract; limiting and managing resource usage by setting gas prices and restrictions; performing authorization and access control; verifying the reliability of the time stamp and the random number generation; recording logs of key operation of the contract, and performing security audit regularly; an update and repair mechanism for contracts is provided.
Preferably, the module M6 comprises:
module M6.1: deploying the intelligent contract into a test network similar to the actual network, ensuring that the test is performed in a controlled environment;
Module M6.2: simulating a functional logic case test;
normal operation test: simulating conventional contractual operations, including transfers and queries;
abnormal condition test: simulating erroneous inputs and anomalies of operation beyond limits;
role and rights test: simulating different user roles to operate, including an administrator and a common user;
module M6.3: attack testing;
replay attack: attempting to resubmit using the previous transaction data;
logical vulnerability attack: attempting to operate with potential logical vulnerabilities in the contract code, including double payment, advance access to certain functions;
denial of service attack: attempting to disable the contract by sending a large number of requests or utilizing certain characteristics of the contract;
timing dependent attack: attempting to exploit characteristics of the blockchain network to conduct an attack, including transaction validation time;
randomness attack: attempting to predict or affect the randomness of contracts that rely on random number generation;
module M6.4: boundary testing;
input/output boundary test: tests were performed using various extreme and boundary values, including maximum, minimum, negative, zero and null values;
time boundary test: contracts for time-dependent functions attempt to operate at various points in time.
Preferably, the module M7 comprises:
and (3) data collection: collecting the latest attack manipulation data including public security reports, vulnerability notices and research papers;
and (3) data processing: processing the collected data into a format suitable for AI learning, including extracting key features and labeling results;
data injection: injecting the processed data into an AI training data set;
model updating: training a new model and then replacing the old model;
monitoring and feedback: and monitoring the performance of the AI, if a new problem or attack technique is found, collecting data, and then continuing to train the model.
Compared with the prior art, the invention has the following beneficial effects:
(1) More efficient security detection: the traditional security detection needs to manually carry out code examination and vulnerability discovery, time and labor are wasted, an AIGC technical tool can analyze a large number of codes through a machine learning algorithm, potential security vulnerabilities are quickly found, the security detection efficiency is improved, and the capability of repairing identification codes by using AI prompt words is stronger;
(2) More accurate formalized verification: the traditional formal verification needs to write complex logic rules manually, errors and loopholes are easy to occur, and the AIGC technical tool can automatically generate verification rules meeting specifications through natural language processing and other technologies, so that the accuracy and reliability of verification are improved; the capability of formal verification of data updating can be fed in real time;
(3) More comprehensive automated testing: while the traditional automatic test can only cover a part of code paths and boundary conditions, but cannot cover all possible conditions completely, the AI technology can realize comprehensive automatic test by simulating various conditions and abnormal conditions, thereby improving the quality and stability of contracts;
(4) Model adaptation after accurate feeding data training is more: when the AI interface is directly called in the traditional mode, the model is a general model, the recognition, optimization and repair capability of contracts are limited, and the model trained by feeding the updated data in the profession has professional matching with the intelligent contracts of the blockchain.
Drawings
Other features, objects and advantages of the present invention will become more apparent upon reading of the detailed description of non-limiting embodiments, given with reference to the accompanying drawings in which:
FIG. 1 is a contract analysis optimization flow chart;
FIG. 2 is a contract test flow chart;
fig. 3 is a formal verification flow chart.
Detailed Description
The present invention will be described in detail with reference to specific examples. The following examples will assist those skilled in the art in further understanding the present invention, but are not intended to limit the invention in any way. It should be noted that variations and modifications could be made by those skilled in the art without departing from the inventive concept. These are all within the scope of the present invention.
Example 1
The invention provides an AIGC-based block chain intelligent contract IDE verification test method, which completes analysis, modification test and formal verification of contracts through the integration of AIGC and block chain intelligent contracts, thereby improving the writing test efficiency of intelligent contracts and the security of contracts.
In the invention, AIGC is integrated with the blockchain intelligent contract, and the following functions can be realized:
1. contract analysis optimization flow
As shown in fig. 1, after the BaaS platform intelligent contract IDE is developed, a developer transmits codes and related prompt words to an AI through an interface; the AI can analyze the intelligent contract, find out vulnerabilities and errors therein, and return to provide corresponding repair schemes, which are then compiled, tested, and validated in the IDE of the intelligent contract.
2. Contract test flow
As shown in fig. 2, after the developer completes writing and modifying the intelligent contract code, the AIGC can write out a test case according to the service and the functional logic; these test cases are then used to test the contract on the IDE to verify the correctness of the contract. Through contract testing, the correctness and the safety of the contract can be improved.
3. Formal verification
As shown in fig. 3, after the developer writes the code for completing the intelligent contract on the blockchain IDE, the developer is verified to be correct through platform compiling; fusing prompt words related to the block chain contract security form verification in the BaaS platform; then the data is sent to AI; the AI can perform associated formal verification on the intelligent contract, and output formal verification results and related modification opinions, so that the correctness and the safety of the contract are ensured. The correctness and the safety of the contract can be improved through formal verification. In addition, because the on-chain attack means is updated faster, the latest attack manipulation data can be fed to AI training learning in a timing and staged mode, so that the formal verification capability is improved.
Embodiments of the present invention include the steps of:
step 1: intelligent contract writing
In using the method of the present invention, it is first necessary to write the code of the smart contract, which can be done by the smart contract IDE (Integrated Development Environment) on the blockchain platform, and the developer can write the code using the smart contract IDE and get the relevant hint words of the code.
Step 2: contract analysis optimization flow
After the intelligent contract IDE of the BaaS (Blockchain-as-a-Service) platform is developed, the developer transmits codes and related prompt words to the AI through an interface. The AI can analyze the intelligent contracts, find vulnerabilities and errors therein, and return to provide corresponding repair schemes. The AI analyzes a large number of codes through a machine learning algorithm, so that potential security holes are quickly found, and the security detection efficiency is improved.
The main principle of AI is as follows: on the one hand, AI learns relevant code segments or logic to be associated with the past loopholes through relevant training models, and can quickly find out the loopholes to feed back to contract writers under the action of the prompt words; contract analysis, on the other hand, is a method of ensuring that a program meets its specifications. Machine learning models can be trained to help automate this process, particularly for complex smart contracts; it may take into account all possible execution paths and try to find errors or vulnerabilities that may trigger under certain input conditions.
The main flow is as follows:
1. data collection and pretreatment: for new smart contract codes, pre-processing, such as removing notes, formatting, and tagging, is performed to make the model easier to understand and analyze.
2. Feature extraction: even with pre-trained models, the same feature set as when the model is trained needs to be extracted from the new contract code. Such as variable names, function calls, control flow structures, etc., which ensure that the model can function efficiently on new code.
3. Using a pre-training model: and loading a pre-trained AI model and inputting the characteristic data extracted in the first two steps.
4. Vulnerability detection and repair suggestions: the model analyzes the entered smart contract code, marks out possible errors or vulnerabilities, and provides repair suggestions based on its previous training data.
5. Manual auditing and verification: although AI models can automatically identify and suggest repairing vulnerabilities, ultimately the developer is still required to finally verify. The developer needs to check the suggestions of the model, determine if they are applicable to the current context, and make the necessary modifications.
6. Feedback and optimization: if some suggestions of the model are found inaccurate or missing some holes in the actual application, these feedback can be integrated into the next iteration of the model to further optimize its performance.
Step 3: modification of smart contracts
Vulnerabilities and errors analyzed by AIGC require repair. The developer modifies the smart contract code according to the repair scheme provided by the AI. The repaired code will again be submitted to the AIGC for analysis.
Step 4: formal verification
After the developer writes the codes of the intelligent contracts on the blockchain BaaS platform IDE, the codes are compiled and verified by the platform, and then the codes are fused by prompt words related to the blockchain contract security form verification in the BaaS platform; in this regard, the BaaS platform verifies whether or not the source code is translated into object code, typically machine code or bytecode, by a set of preset contract syntax specifications and standards inside the BaaS platform, if the source code is translated into object code by a compliance compiler, depending on the underlying blockchain virtual machine object platform. The steps are completed, and the description accords with the specification of the platform. The BaaS platform maintains a formalized hint word library that describes common security issues and unsafe behavior in smart contracts. In the verification and compiling process, when the code matches with one or more items in the hint word library, the IDE sends the hint word and the code to an interface of the AIGC; feedback is provided immediately to the developer. For example, if a developer uses a code pattern that is known to cause security problems, the IDE may highlight the relevant code and provide a prompt to suggest a fix. The AI can perform formal verification of another layer of trained security model related to the sent intelligent contract and the fusion prompt word, and output formal verification results and related modification opinions, so that the correctness and the safety of the contract are ensured. The correctness and the safety of the contract can be improved through formal verification. In addition, because the on-chain attack means is updated faster, the latest attack manipulation data can be fed to AI training learning in a timing and staged mode, so that the formal verification capability is improved.
Step 5: contract testing
After the developer completes the writing and modification of the intelligent contract code, the AI can write out the test case according to the service and the functional logic. The AI realizes comprehensive automatic test by simulating various conditions and abnormal conditions, and improves the quality and stability of contracts. These test cases are then used to test the contract on the IDE to verify the correctness of the contract. Through contract testing, the correctness and the safety of the contract can be improved.
Comprising the following steps:
(1) Simulation of normal test:
the general operation is as follows: the simulation user normally uses smart contracts, such as normal transactions, data queries, contract invocations, and the like.
High concurrency request: simulation uses smart contracts simultaneously by a large number of users in a short time to test the performance of the contracts under high pressure.
Operations of different rights: the operation of a target contract by users of different permission levels or other contracts, such as administrators and general users, is simulated.
(2) Simulation anomaly test:
invalid input data: simulation provides input data to contracts that is in the form of errors, out of range or significantly nonsensical.
Repeating the transaction: simulating the situation that the same transaction is submitted for a plurality of times due to network delay or malicious attack.
Contract call loops: simulating loops formed by two or more contracts invoking each other may result in deadlock or resource exhaustion.
Contract expiration or failure: simulating the expiration, aborted or deleted condition of the validity period of the contract.
Random failure: simulation contracts fail randomly during execution for various reasons (e.g., resource limitations, external dependency issues, etc.).
These anomaly tests can be updated according to novel anomaly attacks on the external blockchain; then training a related model;
(3) Countermeasures
Error handling mechanism: ensuring that contracts have proper error handling mechanisms can properly handle invalid input data and other expected anomalies.
Limiting and managing resource usage: for example, by setting the appropriate gas prices and limits, it is ensured that the contract does not run out of resources due to long cycles or extensive computation.
Authorization and access control: ensuring that only authorized users or contracts can perform certain operations, avoiding unauthorized access and operation.
Timestamp and random number generation: the time stamps and random numbers used by the contract are ensured to be reliable to prevent replay attacks and other related security issues.
Log and audit: the contract should log critical operations and periodically conduct security audits to check if there are abnormal or suspicious operations.
Contract update and repair: providing an update and repair mechanism for contracts ensures that known problems and vulnerabilities can be quickly responded to and repaired.
These relevant countermeasures can be fed back to the tester after the code is modified by the AI, so that the contract code is updated and perfected.
Step 6: in-chain final verification test
After the above is completed, the simulation function logic case test and the attack test can be performed on the blockchain network in a targeted manner. Deploying the intelligent contract on the blockchain network; the final test of the smart contract is then performed, which requires testing of all possible logic functions and security boundary conditions as well as some common attack tests. These ensure proper operation in all cases. Thereby enabling verification of validity and security of smart contract code modifications.
The final verification test process on the chain is as follows:
1. deploying smart contracts
Test network deployment: first, the intelligent contracts are deployed into a test network similar to the actual network, which ensures that the test is performed in a controlled environment without affecting the actual network.
2. Analog functional logic case test
Normal operation test: simulating conventional contract operations, such as transfers, queries, etc., ensures that contracts will perform properly under normal conditions.
Abnormal condition test: simulating abnormal situations such as false inputs, operations exceeding limits and the like ensures that the contract can properly handle the abnormal situations.
Role and rights test: different user roles are simulated to operate, such as an administrator, a common user and the like, so that normal operation of access control and authority management functions of contracts is ensured.
3. Attack testing
Replay attack: attempting to resubmit using the previous transaction data ensures that the contract is able to identify and block this type of attack.
Logical vulnerability attack: attempts to operate with potential logical vulnerabilities in the contract code, such as double payments, advanced access to certain functions, etc.
Denial of service attack: attempts have been made to make contracts inoperable by sending a large number of requests or utilizing certain characteristics of the contract.
Timing dependent attack: attempts are made to exploit the characteristics of the blockchain network, such as transaction validation time.
Randomness attack: if the contract relies on random number generation, an attempt is made to predict or affect its randomness.
4. Boundary testing
Input/output boundary test: tests were performed using various extreme and boundary values, such as maximum, minimum, negative, zero, null, etc.
Time boundary test: if the contract has time-dependent functions, such as expiration time, lock period, etc., an attempt is made to operate at various points in time to ensure that the contract is properly handled.
Through the above testing process on the blockchain network chain, the intelligent contract can be ensured to be correct in function and reach the expected standard in the aspects of safety, performance, stability and the like.
Step 7: data feeding training and updating of model
Feeding the latest attack manipulation data to AI training learning is a very important method to keep AI's understanding of the current attack approach. The following are the main relevant flows:
and (3) data collection: up-to-date attack-maneuver data is collected, which may include public security reports, vulnerability announcements, research papers, etc. The data should contain enough detailed information so that the AI can learn the specific operation and effect of the attack maneuver.
And (3) data processing: the collected data is processed into a format suitable for AI learning. This may include extracting key features, labeling results, etc. For example, if an exploit attack, it may be necessary to mark the target of the attack, exploit vulnerabilities, the steps of the attack, etc.
Data injection: and injecting the processed data into the training data set of the AI. The specific method depends on the training framework and model of the AI. For most machine learning models, this may only require new data to be added to the training dataset and then retrained.
Model updating: the new model is trained and then the old model is replaced. This may require some verification and testing to ensure the performance of the new model.
Monitoring and feedback: monitoring the performance of the AI, if a new problem or attack technique is found, more data needs to be collected and then the above steps are repeated.
Because the attack on the chain updates very quickly, this process may need to be done periodically to keep the AI up-to-date.
After updating the AI model, the BaaS platform intelligent contract IDE calls the interface of the AI special model to repeat steps 1-6.
Example 2
The invention also provides an AIGC-based blockchain intelligent contract IDE verification test system which can be realized by executing the flow steps of the AIGC-based blockchain intelligent contract IDE verification test method, namely, the person skilled in the art can understand the AIGC-based blockchain intelligent contract IDE verification test method as a preferred implementation mode of the AIGC-based blockchain intelligent contract IDE verification test system.
The block chain intelligent contract IDE verification test system based on AIGC provided by the invention comprises: module M1: writing codes by using intelligent contract IDE and obtaining related prompt words of the codes; module M2: the codes and related prompt words are transmitted to an AI through an interface, the AI is used for analyzing the intelligent contract, loopholes and errors in the intelligent contract are found out, and a corresponding repairing scheme is provided; module M3: modifying the intelligent contract code according to the repair scheme provided by the AI by the developer, and then submitting the repaired code to the AI again for analysis; module M4: after the intelligent contract code is compiled and verified by the platform, fusing prompt words related to the block chain contract security form verification; module M5: writing out a test case according to the service and the function logic through AI, testing the contract, and verifying the correctness of the contract; module M6: performing simulation function logic case test and attack test on the blockchain network, and verifying the effectiveness and safety of intelligent contract code modification; module M7: and performing data feeding training and model updating.
The module M2 includes: module M2.1: preprocessing the new smart contract code, including removing annotations, formatting, and tokenizing; module M2.2: extracting the same feature set as that during model training from a new intelligent contract code, wherein the feature set comprises variable names, function calls and control flow structures; module M2.3: loading a pre-trained AI model and inputting the extracted characteristic data; module M2.4: analyzing the input intelligent contract code, marking errors or loopholes, and providing repair suggestions according to training data; module M2.5: performing manual auditing and verification; module M2.6: feedback on problems found in practical applications is integrated into the next iteration of the model to further optimize its performance.
The module M5 includes:
simulation of normal test: simulating a user to use the intelligent contract under normal conditions, including normal transaction, data query and contract call; simulating simultaneous use of intelligent contracts by a large number of users in a short time to test performance of the contracts under high pressure; simulating the operation of users with different authority levels or other contracts on a target contract, wherein the operation comprises an administrator and a common user;
simulation anomaly test: simulation provides input data to contracts that is in error, out of range, or significantly meaningless; simulating the condition that the same transaction is submitted for a plurality of times due to network delay or malicious attack; simulating a loop formed by calling two or more contracts mutually, thereby causing deadlock or resource exhaustion; simulating the expiration, aborted or deleted condition of the validity period of the contract; simulation contracts fail randomly during execution for some reason; updating the anomaly test according to a novel anomaly attack on an external blockchain, and then training a related model;
the countermeasure is fed back to the testing party after the code is modified through AI, so that the contract code is updated and perfected, and the method comprises the following steps: setting an error processing mechanism for contract; limiting and managing resource usage by setting gas prices and restrictions; performing authorization and access control; verifying the reliability of the time stamp and the random number generation; recording logs of key operation of the contract, and performing security audit regularly; an update and repair mechanism for contracts is provided.
The module M6 includes:
module M6.1: deploying the intelligent contract into a test network similar to the actual network, ensuring that the test is performed in a controlled environment;
module M6.2: simulating a functional logic case test;
normal operation test: simulating conventional contractual operations, including transfers and queries;
abnormal condition test: simulating erroneous inputs and anomalies of operation beyond limits;
role and rights test: simulating different user roles to operate, including an administrator and a common user;
module M6.3: attack testing;
replay attack: attempting to resubmit using the previous transaction data;
logical vulnerability attack: attempting to operate with potential logical vulnerabilities in the contract code, including double payment, advance access to certain functions;
denial of service attack: attempting to disable the contract by sending a large number of requests or utilizing certain characteristics of the contract;
timing dependent attack: attempting to exploit characteristics of the blockchain network to conduct an attack, including transaction validation time;
randomness attack: attempting to predict or affect the randomness of contracts that rely on random number generation;
module M6.4: boundary testing;
Input/output boundary test: tests were performed using various extreme and boundary values, including maximum, minimum, negative, zero and null values;
time boundary test: contracts for time-dependent functions attempt to operate at various points in time.
The module M7 includes:
and (3) data collection: collecting the latest attack manipulation data including public security reports, vulnerability notices and research papers;
and (3) data processing: processing the collected data into a format suitable for AI learning, including extracting key features and labeling results;
data injection: injecting the processed data into an AI training data set;
model updating: training a new model and then replacing the old model;
monitoring and feedback: and monitoring the performance of the AI, if a new problem or attack technique is found, collecting data, and then continuing to train the model.
Those skilled in the art will appreciate that the systems, apparatus, and their respective modules provided herein may be implemented entirely by logic programming of method steps such that the systems, apparatus, and their respective modules are implemented as logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers, etc., in addition to the systems, apparatus, and their respective modules being implemented as pure computer readable program code. Therefore, the system, the apparatus, and the respective modules thereof provided by the present invention may be regarded as one hardware component, and the modules included therein for implementing various programs may also be regarded as structures within the hardware component; modules for implementing various functions may also be regarded as being either software programs for implementing the methods or structures within hardware components.
The foregoing describes specific embodiments of the present invention. It is to be understood that the invention is not limited to the particular embodiments described above, and that various changes or modifications may be made by those skilled in the art within the scope of the appended claims without affecting the spirit of the invention. The embodiments of the present application and features in the embodiments may be combined with each other arbitrarily without conflict.
Claims (10)
1. An AIGC-based blockchain intelligent contract IDE verification test method, comprising:
step 1: writing codes by using intelligent contract IDE and obtaining related prompt words of the codes;
step 2: the codes and related prompt words are transmitted to an AI through an interface, the AI is used for analyzing the intelligent contract, loopholes and errors in the intelligent contract are found out, and a corresponding repairing scheme is provided;
step 3: modifying the intelligent contract code according to the repair scheme provided by the AI by the developer, and then submitting the repaired code to the AI again for analysis;
step 4: after the intelligent contract code is compiled and verified by the platform, fusing prompt words related to the block chain contract security form verification;
step 5: writing out a test case according to the service and the function logic through AI, testing the contract, and verifying the correctness of the contract;
Step 6: performing simulation function logic case test and attack test on the blockchain network, and verifying the effectiveness and safety of intelligent contract code modification;
step 7: and performing data feeding training and model updating.
2. The aicc-based blockchain intelligent contract IDE verification test method of claim 1, wherein the step 2 includes:
step 2.1: preprocessing the new smart contract code, including removing annotations, formatting, and tokenizing;
step 2.2: extracting the same feature set as that during model training from a new intelligent contract code, wherein the feature set comprises variable names, function calls and control flow structures;
step 2.3: loading a pre-trained AI model and inputting the extracted characteristic data;
step 2.4: analyzing the input intelligent contract code, marking errors or loopholes, and providing repair suggestions according to training data;
step 2.5: performing manual auditing and verification;
step 2.6: feedback on problems found in practical applications is integrated into the next iteration of the model to further optimize its performance.
3. The aicc-based blockchain intelligent contract IDE verification test method of claim 1, wherein the step 5 includes:
Simulation of normal test: simulating a user to use the intelligent contract under normal conditions, including normal transaction, data query and contract call; simulating simultaneous use of intelligent contracts by a large number of users in a short time to test performance of the contracts under high pressure; simulating the operation of users with different authority levels or other contracts on a target contract, wherein the operation comprises an administrator and a common user;
simulation anomaly test: simulation provides input data to contracts that is in error, out of range, or significantly meaningless; simulating the condition that the same transaction is submitted for a plurality of times due to network delay or malicious attack; simulating a loop formed by calling two or more contracts mutually, thereby causing deadlock or resource exhaustion; simulating the expiration, aborted or deleted condition of the validity period of the contract; simulation contracts fail randomly during execution for some reason; updating the anomaly test according to a novel anomaly attack on an external blockchain, and then training a related model;
the countermeasure is fed back to the testing party after the code is modified through AI, so that the contract code is updated and perfected, and the method comprises the following steps: setting an error processing mechanism for contract; limiting and managing resource usage by setting gas prices and restrictions; performing authorization and access control; verifying the reliability of the time stamp and the random number generation; recording logs of key operation of the contract, and performing security audit regularly; an update and repair mechanism for contracts is provided.
4. The aicc-based blockchain intelligent contract IDE verification test method of claim 1, wherein the step 6 includes:
step 6.1: deploying the intelligent contract into a test network similar to the actual network, ensuring that the test is performed in a controlled environment;
step 6.2: simulating a functional logic case test;
normal operation test: simulating conventional contractual operations, including transfers and queries;
abnormal condition test: simulating erroneous inputs and anomalies of operation beyond limits;
role and rights test: simulating different user roles to operate, including an administrator and a common user;
step 6.3: attack testing;
replay attack: attempting to resubmit using the previous transaction data;
logical vulnerability attack: attempting to operate with potential logical vulnerabilities in the contract code, including double payment, advance access to certain functions;
denial of service attack: attempting to disable the contract by sending a large number of requests or utilizing certain characteristics of the contract;
timing dependent attack: attempting to exploit characteristics of the blockchain network to conduct an attack, including transaction validation time;
randomness attack: attempting to predict or affect the randomness of contracts that rely on random number generation;
Step 6.4: boundary testing;
input/output boundary test: tests were performed using various extreme and boundary values, including maximum, minimum, negative, zero and null values;
time boundary test: contracts for time-dependent functions attempt to operate at various points in time.
5. The aicc-based blockchain intelligent contract IDE verification test method of claim 1, wherein the step 7 includes:
and (3) data collection: collecting the latest attack manipulation data including public security reports, vulnerability notices and research papers;
and (3) data processing: processing the collected data into a format suitable for AI learning, including extracting key features and labeling results;
data injection: injecting the processed data into an AI training data set;
model updating: training a new model and then replacing the old model;
monitoring and feedback: and monitoring the performance of the AI, if a new problem or attack technique is found, collecting data, and then continuing to train the model.
6. An AIGC-based blockchain smart contract IDE verification test system, comprising:
module M1: writing codes by using intelligent contract IDE and obtaining related prompt words of the codes;
Module M2: the codes and related prompt words are transmitted to an AI through an interface, the AI is used for analyzing the intelligent contract, loopholes and errors in the intelligent contract are found out, and a corresponding repairing scheme is provided;
module M3: modifying the intelligent contract code according to the repair scheme provided by the AI by the developer, and then submitting the repaired code to the AI again for analysis;
module M4: after the intelligent contract code is compiled and verified by the platform, fusing prompt words related to the block chain contract security form verification;
module M5: writing out a test case according to the service and the function logic through AI, testing the contract, and verifying the correctness of the contract;
module M6: performing simulation function logic case test and attack test on the blockchain network, and verifying the effectiveness and safety of intelligent contract code modification;
module M7: and performing data feeding training and model updating.
7. The aicc-based blockchain intelligent contract IDE verification test system of claim 6, wherein the module M2 includes:
module M2.1: preprocessing the new smart contract code, including removing annotations, formatting, and tokenizing;
module M2.2: extracting the same feature set as that during model training from a new intelligent contract code, wherein the feature set comprises variable names, function calls and control flow structures;
Module M2.3: loading a pre-trained AI model and inputting the extracted characteristic data;
module M2.4: analyzing the input intelligent contract code, marking errors or loopholes, and providing repair suggestions according to training data;
module M2.5: performing manual auditing and verification;
module M2.6: feedback on problems found in practical applications is integrated into the next iteration of the model to further optimize its performance.
8. The aicc-based blockchain intelligent contract IDE verification test system of claim 6, wherein the module M5 includes:
simulation of normal test: simulating a user to use the intelligent contract under normal conditions, including normal transaction, data query and contract call; simulating simultaneous use of intelligent contracts by a large number of users in a short time to test performance of the contracts under high pressure; simulating the operation of users with different authority levels or other contracts on a target contract, wherein the operation comprises an administrator and a common user;
simulation anomaly test: simulation provides input data to contracts that is in error, out of range, or significantly meaningless; simulating the condition that the same transaction is submitted for a plurality of times due to network delay or malicious attack; simulating a loop formed by calling two or more contracts mutually, thereby causing deadlock or resource exhaustion; simulating the expiration, aborted or deleted condition of the validity period of the contract; simulation contracts fail randomly during execution for some reason; updating the anomaly test according to a novel anomaly attack on an external blockchain, and then training a related model;
The countermeasure is fed back to the testing party after the code is modified through AI, so that the contract code is updated and perfected, and the method comprises the following steps: setting an error processing mechanism for contract; limiting and managing resource usage by setting gas prices and restrictions; performing authorization and access control; verifying the reliability of the time stamp and the random number generation; recording logs of key operation of the contract, and performing security audit regularly; an update and repair mechanism for contracts is provided.
9. The aicc-based blockchain intelligent contract IDE verification test system of claim 6, wherein the module M6 includes:
module M6.1: deploying the intelligent contract into a test network similar to the actual network, ensuring that the test is performed in a controlled environment;
module M6.2: simulating a functional logic case test;
normal operation test: simulating conventional contractual operations, including transfers and queries;
abnormal condition test: simulating erroneous inputs and anomalies of operation beyond limits;
role and rights test: simulating different user roles to operate, including an administrator and a common user;
module M6.3: attack testing;
replay attack: attempting to resubmit using the previous transaction data;
Logical vulnerability attack: attempting to operate with potential logical vulnerabilities in the contract code, including double payment, advance access to certain functions;
denial of service attack: attempting to disable the contract by sending a large number of requests or utilizing certain characteristics of the contract;
timing dependent attack: attempting to exploit characteristics of the blockchain network to conduct an attack, including transaction validation time;
randomness attack: attempting to predict or affect the randomness of contracts that rely on random number generation;
module M6.4: boundary testing;
input/output boundary test: tests were performed using various extreme and boundary values, including maximum, minimum, negative, zero and null values;
time boundary test: contracts for time-dependent functions attempt to operate at various points in time.
10. The aicc-based blockchain intelligent contract IDE verification test system of claim 6, wherein the module M7 includes:
and (3) data collection: collecting the latest attack manipulation data including public security reports, vulnerability notices and research papers;
and (3) data processing: processing the collected data into a format suitable for AI learning, including extracting key features and labeling results;
Data injection: injecting the processed data into an AI training data set;
model updating: training a new model and then replacing the old model;
monitoring and feedback: and monitoring the performance of the AI, if a new problem or attack technique is found, collecting data, and then continuing to train the model.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311559675.5A CN117667676A (en) | 2023-11-21 | 2023-11-21 | AIGC-based block chain intelligent contract IDE verification test method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311559675.5A CN117667676A (en) | 2023-11-21 | 2023-11-21 | AIGC-based block chain intelligent contract IDE verification test method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117667676A true CN117667676A (en) | 2024-03-08 |
Family
ID=90063280
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311559675.5A Pending CN117667676A (en) | 2023-11-21 | 2023-11-21 | AIGC-based block chain intelligent contract IDE verification test method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117667676A (en) |
Citations (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019101235A2 (en) * | 2019-03-04 | 2019-05-31 | Alibaba Group Holding Limited | Methods and devices for testing signature verification for blockchain system |
| US20190213115A1 (en) * | 2018-01-08 | 2019-07-11 | Accenture Global Solutions Limited | Utilizing artificial intelligence to test cloud applications |
| CN110543419A (en) * | 2019-08-28 | 2019-12-06 | 杭州趣链科技有限公司 | intelligent contract code vulnerability detection method based on deep learning technology |
| CN110633567A (en) * | 2019-05-31 | 2019-12-31 | 天津理工大学 | RASP-based intelligent contract virtual machine vulnerability detection system and method |
| WO2020103545A1 (en) * | 2018-11-19 | 2020-05-28 | 苏宁云计算有限公司 | Blockchain-based smart contract debugging and releasing method and system |
| CN111563040A (en) * | 2020-05-08 | 2020-08-21 | 中国工商银行股份有限公司 | Block chain intelligent contract code testing method and device |
| CN114510414A (en) * | 2022-01-17 | 2022-05-17 | 北京大学 | Method and system for formalized verification of intelligent contract functional attribute based on symbolic execution |
| CN115017513A (en) * | 2022-05-31 | 2022-09-06 | 电子科技大学 | Intelligent contract vulnerability detection method based on artificial intelligence |
| CN115220765A (en) * | 2022-03-08 | 2022-10-21 | 洪兴发 | Vulnerability supplementary repair analysis method and system based on big data vulnerability analysis |
| US20230014140A1 (en) * | 2021-07-14 | 2023-01-19 | Fortior Blockchain, Lllp | Smart contract system using artificial intelligence |
| US20230063753A1 (en) * | 2021-08-30 | 2023-03-02 | International Business Machines Corporation | Testing virtual reality integration with a development environment |
| CN116627804A (en) * | 2023-04-29 | 2023-08-22 | 武汉迈威通信股份有限公司 | Test method, system, electronic equipment and storage medium based on artificial intelligence |
| CN116662991A (en) * | 2023-03-29 | 2023-08-29 | 苏州中科乐联信息技术有限公司 | Intelligent contract intention detection method based on artificial intelligence |
| CN116720184A (en) * | 2023-04-27 | 2023-09-08 | 厦门农芯数字科技有限公司 | Malicious code analysis method and system based on generation type AI |
| CN116820996A (en) * | 2023-07-19 | 2023-09-29 | 杭州深度智联数字科技有限责任公司 | Automatic generation method and device for integrated test cases based on artificial intelligence |
| CN116932148A (en) * | 2023-09-19 | 2023-10-24 | 山东浪潮数据库技术有限公司 | Problem diagnosis system and method based on AI |
| US20230359746A1 (en) * | 2022-05-04 | 2023-11-09 | Jpmorgan Chase Bank, N.A. | Systems and methods for shift left testing |
-
2023
- 2023-11-21 CN CN202311559675.5A patent/CN117667676A/en active Pending
Patent Citations (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190213115A1 (en) * | 2018-01-08 | 2019-07-11 | Accenture Global Solutions Limited | Utilizing artificial intelligence to test cloud applications |
| WO2020103545A1 (en) * | 2018-11-19 | 2020-05-28 | 苏宁云计算有限公司 | Blockchain-based smart contract debugging and releasing method and system |
| WO2019101235A2 (en) * | 2019-03-04 | 2019-05-31 | Alibaba Group Holding Limited | Methods and devices for testing signature verification for blockchain system |
| CN110633567A (en) * | 2019-05-31 | 2019-12-31 | 天津理工大学 | RASP-based intelligent contract virtual machine vulnerability detection system and method |
| CN110543419A (en) * | 2019-08-28 | 2019-12-06 | 杭州趣链科技有限公司 | intelligent contract code vulnerability detection method based on deep learning technology |
| CN111563040A (en) * | 2020-05-08 | 2020-08-21 | 中国工商银行股份有限公司 | Block chain intelligent contract code testing method and device |
| US20230014140A1 (en) * | 2021-07-14 | 2023-01-19 | Fortior Blockchain, Lllp | Smart contract system using artificial intelligence |
| US20230063753A1 (en) * | 2021-08-30 | 2023-03-02 | International Business Machines Corporation | Testing virtual reality integration with a development environment |
| CN114510414A (en) * | 2022-01-17 | 2022-05-17 | 北京大学 | Method and system for formalized verification of intelligent contract functional attribute based on symbolic execution |
| CN115220765A (en) * | 2022-03-08 | 2022-10-21 | 洪兴发 | Vulnerability supplementary repair analysis method and system based on big data vulnerability analysis |
| US20230359746A1 (en) * | 2022-05-04 | 2023-11-09 | Jpmorgan Chase Bank, N.A. | Systems and methods for shift left testing |
| CN115017513A (en) * | 2022-05-31 | 2022-09-06 | 电子科技大学 | Intelligent contract vulnerability detection method based on artificial intelligence |
| CN116662991A (en) * | 2023-03-29 | 2023-08-29 | 苏州中科乐联信息技术有限公司 | Intelligent contract intention detection method based on artificial intelligence |
| CN116720184A (en) * | 2023-04-27 | 2023-09-08 | 厦门农芯数字科技有限公司 | Malicious code analysis method and system based on generation type AI |
| CN116627804A (en) * | 2023-04-29 | 2023-08-22 | 武汉迈威通信股份有限公司 | Test method, system, electronic equipment and storage medium based on artificial intelligence |
| CN116820996A (en) * | 2023-07-19 | 2023-09-29 | 杭州深度智联数字科技有限责任公司 | Automatic generation method and device for integrated test cases based on artificial intelligence |
| CN116932148A (en) * | 2023-09-19 | 2023-10-24 | 山东浪潮数据库技术有限公司 | Problem diagnosis system and method based on AI |
Non-Patent Citations (1)
| Title |
|---|
| 佚名: "当AI遇上区块链:用ChatGPT探索智能合约漏洞监测的新路径", Retrieved from the Internet <URL:《https://www.sohu.com/a/668985767_121124367》> * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Watson et al. | On learning meaningful assert statements for unit test cases | |
| Wang et al. | Automatic generation of acceptance test cases from use case specifications: an nlp-based approach | |
| Yu et al. | Alleviating patch overfitting with automatic test generation: a study of feasibility and effectiveness for the Nopol repair system | |
| Le Goues et al. | Current challenges in automatic software repair | |
| Le Goues et al. | A systematic study of automated program repair: Fixing 55 out of 105 bugs for $8 each | |
| Holler et al. | Fuzzing with code fragments | |
| Le Goues et al. | Specification mining with few false positives | |
| Partush et al. | Abstract semantic differencing for numerical programs | |
| Kim et al. | Software vulnerability detection methodology combined with static and dynamic analysis | |
| Kong et al. | The impacts of techniques, programs and tests on automated program repair: An empirical study | |
| Zheng et al. | Atr: Template-based repair for alloy specifications | |
| Reger | Automata based monitoring and mining of execution traces | |
| Jiang et al. | Input test suites for program repair: A novel construction method based on metamorphic relations | |
| Pinconschi et al. | A comparative study of automatic program repair techniques for security vulnerabilities | |
| Zheng et al. | Dappscan: building large-scale datasets for smart contract weaknesses in dapp projects | |
| Dhar et al. | CLOTHO: Saving programs from malformed strings and incorrect string-handling | |
| Wang et al. | Reef: A framework for collecting real-world vulnerabilities and fixes | |
| Briem et al. | Offside: Learning to identify mistakes in boundary conditions | |
| Di Nardo et al. | Augmenting field data for testing systems subject to incremental requirements changes | |
| CN117667676A (en) | AIGC-based block chain intelligent contract IDE verification test method and system | |
| An et al. | Fonte: Finding Bug Inducing Commits from Failures | |
| Di Ruscio et al. | Simulating upgrades of complex systems: The case of Free and Open Source Software | |
| Khalilian et al. | APRSuite: A suite of components and use cases based on categorical decomposition of automatic program repair techniques and tools | |
| CN113836023A (en) | Compiler security testing method based on system structure cross check | |
| Ribeiro | Large Language Models for Automated Program Repair |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |