Software Weakness Detection in Solidity Smart Contracts Using Control and Data Flow Analysis: A Novel Approach with Graph Neural Networks

Smart contracts on blockchain platforms are susceptible to security issues that can lead to significant financial losses. This study converts the Solidity code into abstract syntax trees and generates control flow graphs and data flow graphs. These graphs train a graph convolutional network model to detect security weaknesses. The proposed system outperforms traditional tools, achieving higher accuracy, recall, precision, and F1 scores when detecting weaknesses such as integer overflow/underflow, reentrancy, delegate call to the untrusted callee, and time-based issues. This study demonstrates that leveraging control and data flow analysis with graph neural networks significantly enhances smart contract security and provides a robust and reliable solution.