TRACE: Securing smart contract repository against access control vulnerability

Author

Chong CHEN
Lingfeng BAO
David LO, Singapore Management UniversityFollow
Yanlin WANG
Zhenyu SHAN
Ting CHEN
Guangqiang YIN
Jianxing YU
Zibin ZHENG
Jiachi CHEN

Publication Type

Journal Article

Version

acceptedVersion

Publication Date

1-2026

Abstract

Smart contract vulnerabilities have led to billions of dollars in economic losses. Among these, improper Access Control, which allows unauthorized users to execute restricted functions, is particularly prevalent and has caused significant financial damage. Smart contract repositories contain source code, documentation, configuration files, and other artifacts necessary for building and deploying smart contracts. GitHub hosts numerous open-source repositories of this kind, which serve as intermediate artifacts in development and require compilation and packaging to produce deployable contracts. Third-party developers often reference, reuse, or fork code from these repositories during custom development. However, if the referenced code contains vulnerabilities, it can introduce significant security risks. Existing tools for detecting smart contract vulnerabilities are limited in their ability to handle such complex repositories, as they typically require the target contract to be compilable to generate an abstract representation of the program for further analysis. This paper presents TRACE, a tool designed to secure non-compilable smart contract repositories against access control vulnerabilities. TRACE employs LLMs to locate sensitive functions involving critical operations (e.g., transfer) within the contract and subsequently completes function snippets into a fully compilable contract. TRACE constructs a function call graph from the abstract syntax tree (AST) of the completed contract. It uses the control flow graph (CFG) of each function as node information. The nodes of the sensitive functions are then analyzed to detect Access Control vulnerabilities. Experimental results demonstrate that TRACE outperforms state-of-the-art tools on an open-sourced CVE dataset, detecting 14 out of 15 CVEs. In addition, it achieves 89.2% precision on 5,000 recent on-chain contracts, far exceeding the best existing tool at 76.9%. On 83 real-world repositories, TRACE achieves 87.0% precision, significantly surpassing DeepSeek-R1’s 14.3%.

Keywords

Access control, LLM, Smart contract, Static analysis, Vulnerability detection

Discipline

Databases and Information Systems | Information Security | Software Engineering

Research Areas

Software and Cyber-Physical Systems

Publication

IEEE Transactions on Software Engineering

First Page

1

Last Page

14

ISSN

0098-5589

Identifier

10.1109/TSE.2026.3660900

Publisher

Institute of Electrical and Electronics Engineers

Citation

CHEN, Chong; BAO, Lingfeng; LO, David; WANG, Yanlin; SHAN, Zhenyu; CHEN, Ting; YIN, Guangqiang; YU, Jianxing; ZHENG, Zibin; and CHEN, Jiachi. TRACE: Securing smart contract repository against access control vulnerability. (2026). IEEE Transactions on Software Engineering. 1-14.
Available at: https://ink.library.smu.edu.sg/sis_research/11023

Copyright Owner and License

Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1109/TSE.2026.3660900