AI for Code Review

ai-for-code-review uses AI to automate and enhance the evaluation of software code.

AI for Smart Contract Audits

• AI can perform security audits for smart contracts, addressing critical security challenges in decentralized web services Decoupled Smart Contract Audits.
• These audits can include severity evaluations and actionable remediation recommendations Decoupled Smart Contract Audits.
• Frameworks can decouple comprehensive audit tasks into vulnerability detection, explanation, severity classification, and remediation recommendation Decoupled Smart Contract Audits.
• Lightweight open-source-models (0.6B-4B parameters) can be optimized for efficiency in these tasks Decoupled Smart Contract Audits.
• Techniques like Rank-Stabilized Low-Rank Adapters (rsLoRA), knowledge distillation, and Chain-of-Verification (CoVe) aggregation can maintain high accuracy with smaller models Decoupled Smart Contract Audits.
• This decoupled approach can outperform larger models (7B to 34B parameters) in vulnerability detection and generative explanation tasks Decoupled Smart Contract Audits.
• Research has identified a "severity centrality bias" in LLM-assisted auditing Decoupled Smart Contract Audits.

AI for Abstract Interpretation and Program Analysis

• SAIL is a framework that uses LLMs to synthesize globally sound abstract transformers for abstract interpreters SAIL: Sound Abstract Interpreters with LLMs.
• This automates the construction of sound abstract interpreters, which is a bottleneck in abstract interpretation for safely approximating program behaviors SAIL: Sound Abstract Interpreters with LLMs.
• The synthesis task is formalized as a constrained optimization problem SAIL: Sound Abstract Interpreters with LLMs.
• SAIL employs a mathematically grounded cost function to measure the degree of unsoundness of generated candidate transformers, while enforcing syntactic and semantic validity SAIL: Sound Abstract Interpreters with LLMs.
• It combines model generation, syntactic and semantic validation, and cost-function-based refinement SAIL: Sound Abstract Interpreters with LLMs.
• SAIL can synthesize non-trivial sound abstract transformers across diverse abstract domains, focusing on neural network verification SAIL: Sound Abstract Interpreters with LLMs.
• Evaluation results indicate SAIL matches the performance of manually designed transformers SAIL: Sound Abstract Interpreters with LLMs.
• It can also synthesize sound and high-precision transformers for complex non-linear operators that do not exist in the literature SAIL: Sound Abstract Interpreters with LLMs.

Key References

• Decoupled Smart Contract Audits: Lightweight LLM Framework via Distillation and Aggregation
• SAIL: Sound Abstract Interpreters with LLMs