The SWC-based Security Analysis Tool for Smart Contract Vulnerability Detection

Smart contracts publicly deployed on blockchain have been shown to contain several vulnerabilities that users can maliciously exploit. To detect smart contract vulnerabilities as categorized in the Smart Contract Weakness Classification (SWC) standard, we propose the SWC-based Analysis Tool (SWAT). It operates by matching patterns in Solidity codes, making it easy to use and allowing any Solidity developers to conveniently check their smart contracts before deploying. We conducted experiments to compare the proposed solution against state-of-the-art tools in identifying 46 SWC registries. SWAT outperformed the existing tools in terms of the number of SWC vulnerabilities supported. Moreover, our solution is memory-efficient as it uses 44.58% less memory than other tools.