SCPatcher: Automated Smart Contract Code Repair via Retrieval-Augmented Generation and Knowledge Graph
This addresses the inability of existing tools to effectively repair smart contract vulnerabilities, which is critical for developers and users in blockchain ecosystems, representing a novel method for a known bottleneck.
The paper tackles the problem of repairing smart contract vulnerabilities, which cause financial losses, by proposing SCPatcher, a framework that combines retrieval-augmented generation with a knowledge graph, achieving an 81.5% overall repair rate and 91.0% compilation pass rate.
Smart contract vulnerabilities can cause substantial financial losses due to the immutability of code after deployment. While existing tools detect vulnerabilities, they cannot effectively repair them. In this paper, we propose SCPatcher, a framework that combines retrieval-augmented generation with a knowledge graph for automated smart contract repair. We construct a knowledge graph from 5,000 verified Ethereum contracts, extracting function-level relationships to build a semantic network. This graph serves as an external knowledge base that enhances Large Language Model reasoning and enables precise vulnerability patching. We introduce a two-stage repair strategy, initial knowledge-guided repair followed by Chain-of-Thought reasoning for complex vulnerabilities. Evaluated on a diverse set of vulnerable contracts, SCPatcher achieves 81.5\% overall repair rate and 91.0\% compilation pass rate, substantially outperforming existing methods.