AttackPathGNN: Cross-function vulnerability detection in smart contracts using state interference graphs and conjunction pooling

Researchers introduce AttackPathGNN, a graph neural network that detects smart contract vulnerabilities by analyzing relationships between functions rather than isolated code patterns. The method achieves 92.3% F1 score on test datasets and identifies exploits like reentrancy that existing detectors miss, addressing security gaps exposed by historical attacks like The DAO.

AttackPathGNN represents a meaningful advancement in smart contract security detection by shifting focus from single-function vulnerability patterns to cross-function attack paths. This distinction proves critical because major exploits such as The DAO and Cream Finance exploit interactions between multiple functions rather than isolated code flaws. The model uses a State Interference Graph to map how functions share mutable storage and implements conjunction pooling to aggregate exploit preconditions, effectively scoring attacks based on whether mitigation measures exist.

The research addresses a fundamental limitation in existing learning-based detectors that rely on syntactic pattern matching within individual functions. By explicitly modeling reentrancy paths and typed interactions between functions, AttackPathGNN captures the complex dependencies that attackers exploit in practice. The reported 92.3% F1 score and 4.3% false-negative rate demonstrate practical viability, with particularly strong performance on reentrancy detection at 98.7%.

For the DeFi ecosystem, this tool carries significant implications. Developers gain actionable remediation reports at the function level, enabling targeted security audits rather than guesswork. Platforms deploying this detection mechanism could substantially reduce the attack surface for new protocols and existing deployments. The recovery of 6/10 DASP10 vulnerability categories at 100% accuracy suggests broad applicability across common vulnerability classes.

The technology's real-world value depends on adoption by auditors, protocol teams, and security firms. As smart contract complexity increases and capital at risk grows, tools that identify complex multi-function vulnerabilities become essential infrastructure. Future development should focus on covering additional vulnerability patterns and reducing false positives in live environments.

• →AttackPathGNN detects vulnerabilities across function relationships using state interference graphs, addressing attacks that single-function analysis misses
• →The model achieves 92.3% F1 score with 4.3% false-negative rate on SmartBugs Wild and 98.7% accuracy on reentrancy detection
• →Conjunction pooling mechanism ensures exploit scores collapse when any single mitigation (reentrancy guard, access control, SafeMath) is deployed
• →Each prediction includes structured remediation reports that translate verdicts into actionable function-level audit findings for developers
• →This approach directly addresses historical exploits like The DAO and Cream Finance that exploited multi-function interactions rather than isolated code flaws