Smart Contract Vulnerability Detection Using Lightweight Static Analysis and Symbolic Execution

Abstract

The rapid adoption of blockchain-based decentralized applications (DApps) has intensified the need for secure smart contract development. However, vulnerabilities in smart contracts continue to expose blockchain systems to severe security, financial, and operational risks. This paper presents a lightweight vulnerability detection framework that integrates static analysis with symbolic execution for efficient auditing of Solidity smart contracts. The proposed system performs multi-stage vulnerability assessment by initially analyzing contract bytecode and source code using rule-driven static analysis, followed by path-exploration–based symbolic execution for deep vulnerability detection. The approach focuses on identifying critical weaknesses including reentrancy, integer overflow and underflow, unchecked low-level calls, timestamp dependence, and denial-of-service–inducing patterns. Unlike heavyweight auditing tools, the framework is optimized for integration into development pipelines, offering real-time analysis with low computational overhead. Experimental evaluation on a benchmark dataset of vulnerable and benign contracts demonstrates high detection accuracy with minimal false positives. This work contributes to secure blockchain communication by enabling early detection of exploitable flaws, promoting safer smart contract deployment, and supporting automated vulnerability analysis during the development life cycle.