Title: Lightweight LLM Framework for Smart Contract Audits via Distillation and Aggregation

Abstract

Ensuring the security of smart contracts is a vital requirement for decentralized web services, necessitating rigorous auditing processes. Although Large Language Models (LLMs) have demonstrated potential in automating the identification of vulnerabilities, current methodologies often fall short in providing severity assessments alongside actionable fixes, while also imposing excessive computational burdens. This paper presents a streamlined, end-to-end security audit framework for smart contracts that leverages highly optimized, open-source LLMs with parameter counts ranging from 0.6B to 4B.

To enhance efficiency without sacrificing performance, the proposed framework separates complex audit operations into four distinct, yet interconnected modules: vulnerability detection, explanation generation, severity classification, and remediation suggestions. To achieve high precision with fewer parameters, the system employs Rank-Stabilized Low-Rank Adapters (rsLoRA), knowledge distillation techniques, and a proprietary Chain-of-Verification (CoVe) aggregation method. This aggregation strategy systematically filters and synthesizes various model drafts to produce a precise final audit report.

Empirical evaluations reveal that this lightweight pipeline surpasses state-of-the-art open-source dense coder LLMs, which range from 7B to 34B parameters. The framework achieves a vulnerability detection accuracy of 98.25% and an alignment score of 0.4375 in generative explanation tasks. Additionally, comprehensive ablation studies confirm the advantages of the decoupled audit approach over unified prompting methods. These findings also highlight a previously unidentified severity centrality bias, thereby setting a significant benchmark for subsequent research into LLM-assisted auditing.

Source: arXiv Generated at: 2026-06-03 00:00:00 UTC