Publication Type

Journal Article

Version

acceptedVersion

Publication Date

1-2026

Abstract

Smart contracts are highly susceptible to manipulation attacks due to the leakage of sensitive information. Addressing manipulation vulnerabilities is particularly challenging because they stem from inherent data confidentiality issues rather than straightforward implementation bugs. To tackle this by preventing sensitive information leakage, we present PARTITIONGPT, the first LLM-driven approach that combines static analysis with the in-context learning capabilities of large language models (LLMs) to partition smart contracts into critical (privileged) and normal codebases, guided by a few annotated sensitive data variables. We evaluated PARTITIONGPT on 18 annotated smart contracts containing 99 sensitive functions. The results demonstrate that PARTITIONGPT successfully generates compilable, and verified partitions, achieving a precision of 80% while reducing more than 26% code compared to functionlevel partitioning approach. Furthermore, we evaluated PARTITIONGPT on nine real-world manipulation attacks that led to a total loss of 25 million dollars, PARTITIONGPT effectively prevents eight cases, highlighting its potential for broad applicability and the necessity for secure program partitioning during smart contract development to diminish manipulation vulnerabilities.

Keywords

Smart Contracts, Blockchains, Codes, Security, Runtime, Finance, Privacy, Logic, Information Leakage, Floors, Smart Contracts, Large Language Models, Sensitive Data

Discipline

Software Engineering

Research Areas

Intelligent Systems and Optimization

Areas of Excellence

Digital transformation

Publication

IEEE Transactions on Software Engineering

First Page

1

Last Page

19

ISSN

0098-5589

Identifier

10.1109/TSE.2026.3668858

Publisher

Institute of Electrical and Electronics Engineers

Additional URL

https://doi.org/10.1109/TSE.2026.3668858

Download

Share

COinS