90 min · Detect · Patch · Exploit · EVMbench · Heimdallr · Cascaded Verification
Prerequisite: S00–S10
A smart contract security harness operates in three modes: Detect (find), Patch (fix), Exploit (build and run PoC). EVMbench scores all three.
EVMbench: 117 curated vulnerabilities across 40 repositories. Reentrancy, integer overflow, access control, flash loan, business logic.
Three structural failures:
The LLM's job: "is this candidate real and exploitable in context" — not "find the bug from raw source."
92.45% · $2.31/10K LOC · 17/20
Detection rate · cost per 10K lines · real-world attacks reconstructed (post-June 2025)
Three innovations: function-level reorganization (minimize context), heuristic reasoning (scaffold for business logic), cascaded verification (eliminate FPs before they reach the auditor).
The hardest class: logic bugs that are syntactically valid, pass all static checks, economically exploitable. Beanstalk governance attack: $182M in a single flash-loan-funded transaction. No static analyzer flags that.
Static analysis checks patterns, not intent. The bug is not in any single line — it is in the relationship between code and the protocol's intended invariants.
A flash loan lets a borrower act as a whale for one transaction. Any protocol whose safety depends on "an attacker cannot afford to manipulate the market" is vulnerable.
Harness traces data flow: external price source → state-changing operation. Spot DEX price = manipulable. TWAP over N blocks = resistant. Flags any protocol consuming a spot price in a value-transfer path.
Context budget: Heimdallr's function-level reorganization feeds the LLM the function + its call-graph neighbors, not the entire 2,000-line contract.
Detection without exploitation is a hypothesis. EVMbench's Exploit mode scores whether the agent can write and run a working exploit, not just identify the bug.
| Field | Content |
|---|---|
| tx hash | Exploit transaction in forked environment |
| block number | The forked block — state at which exploit is valid |
| state before/after | Storage slots and balances |
| call trace | Internal + external call sequence |
| economic impact | Token amounts + dollar value at fork prices |
| PoC file | Reproducible with forge test |
A client who receives a tx trace showing 10K ETH moved cannot argue the finding is theoretical.
Generating a fix is harder than finding the bug. The patch must remove the vulnerability while preserving every intended behavior. Removing withdraw() "fixes" reentrancy and breaks the protocol.
Heimdallr's cascaded verification: static analysis → test suite → exploit re-run → formal verification where feasible. A finding is output only if it survives.
Survives all four → verified patch → human approval gate. The harness does NOT deploy.
A patch that addresses the specific PoC but leaves the underlying vulnerability. PoC used 10 ETH deposit; patch rejects exactly 10 ETH deposits. PoC fails — vulnerability remains (50 ETH still exploits).
Cure: static-analysis re-check and formal verification, not just exploit re-run. The exploit re-run alone is insufficient.
The audit harness is operational: three-mode architecture, invariant extraction, exploit PoCs, cascaded patch verification.
S12 covers benchmarking against EVMbench (the 92% vs 34% gap), Solana and cross-chain security, and the audit as deliverable — client-ready reports in the format top firms publish.