Original Source: Beosin
On June 9th, Anthropic officially launched the public version of Mythos, Claude Fable 5. Previously, Mythos demonstrated outstanding capabilities in security vulnerability discovery, rapidly identifying hidden vulnerabilities within systems, which garnered significant attention in the cybersecurity field.
The recent Zcash incident is a typical example of AI uncovering blockchain vulnerabilities. Security researcher Taylor Hornby, using the Anthropic Claude Opus 4.8 model, discovered a latent Orchard privacy pool soundness vulnerability within just a few hours. This vulnerability, which had gone unnoticed in multiple previous manual audits over four years, theoretically allowed the minting of unlimited undetected fake ZEC, directly causing the price of ZEC to plummet by nearly 40%.
Currently, AI has demonstrated astonishing efficiency in areas such as code pattern matching and batch preliminary screening. Integrating AI into the blockchain and smart contract security audit process is becoming a trend in the Web3 security industry. This article will analyze the strengths and weaknesses of AI in smart contract auditing based on real vulnerability cases and the actual performance of Fable 5.
Advantageous Scenarios for AI Auditing
Case Analysis: Storage Slot Collision
A certain contract used the following two components simultaneously:
1. A custom rewards mapping (used to record user claimable rewards)
2. The Solady library's ReentrancyGuard (to prevent reentrancy attacks)
However, the storage layouts of these two components conflicted.
Among them, Solady's ReentrancyGuard, for ultimate gas optimization, uses a fixed, low-numbered storage slot (typically a slot near constant obtained through specific calculations). The typical logic of the nonReentrant modifier is:
// A simplified versionmodifier nonReentrant() { // when entering, write guard slot as 0xff...ff(Sentinel Value) assembly { if eq(sload(REENTRANCY_GUARD_SLOT), 2) { revert(...) } // 2 represents locked sstore(REENTRANCY_GUARD_SLOT, 2) // locked } _; // recover when function finishes assembly { sstore(REENTRANCY_GUARD_SLOT, 1) }}
Custom rewards mapping:
mapping(address => uint256) public rewards;
According to Solidity storage layout rules (the first slot of a mapping is calculated from its declaration position), the first slot of the rewards mapping was exactly the same as the fixed guard slot of the ReentrancyGuard.
Attack process (detailed steps):
1. The attacker calls the getReward() function.
2. The nonReentrant modifier triggers, writing the guard slot as 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff (all 1s).
3. The contract code subsequently reads rewards[attacker's address] — but due to the slot collision, it actually reads the large value of 0xff...ff from the guard slot.
4. The contract assumes "there is a huge reward," thus transfers that amount of ETH to the attacker, while attempting to zero out rewards[attacker] (but writes back to the same guard slot).
5. Because the modifier restores the slot when the function ends, when the attacker calls getReward() again, the process repeats.
6. The attacker cyclically calls 200 times, successfully extracting a fixed amount of ETH each time, until the contract's available ETH is drained.
It's important to note that this is not a traditional "reentrancy attack" but rather the ReentrancyGuard's own protection mechanism being reverse-engineered by storage collision, turning into a vulnerability for infinite reward claims. Manual audits rarely dig line-by-line into the storage layout of third-party libraries, while AI can instantly perform library version comparison + precise storage slot mapping, directly hitting such "hidden collision" vulnerabilities.
Disadvantageous Scenarios for AI Auditing
Fable 5 performs excellently in detecting single-contract, pure-code-syntax, low-level storage-class vulnerabilities. However, it still shows obvious limitations when facing cross-protocol combined semantics and multi-contract composite attacks. We used the latest public version Fable 5 to retest contracts related to the Curve LlamaLend sDOLA attack incident. The results confirmed this issue.
This audit involved the following contract list: crvUSD Controller.vy, sDOLA.sol, ERC4626.sol, and other series contracts. Fable 5 failed to identify the core risks corresponding to this attack:
This incident belongs to a typical cross-protocol composite vulnerability. The syntax and logic of a single contract's code are flawless, but the attacker exploits multi-protocol linkage to construct an attack chain:
1. Utilizing flash loan tools to manipulate the price of the Curve liquidity pool, maliciously suppressing the asset price of sDOLA (an ERC-4626 vault share).
2. A large number of lending positions using sDOLA as collateral trigger the liquidation threshold.
3. The attacker executes liquidation operations in batches, profiting from them.
Such vulnerabilities are formed based on DeFi multi-protocol combinations, testing the comprehensive analysis capabilities of AI/audit experts regarding the overall business and protocol economic models. Currently, AI auditing still has shortcomings in cross-protocol combined semantics.
Conclusion
Through actual case testing, it can be seen that Fable 5 effectively uncovers hidden vulnerabilities that are easily missed in manual audits in standardized, detail-oriented scenarios such as storage slot conflicts, code pattern vulnerabilities, single-contract logic flaws, and batch code preliminary screening. However, when dealing with cross-protocol combined semantics, DeFi economic models, multi-contract linkage attacks, and complex business logic vulnerabilities, it struggles to understand the business nature of the on-chain ecosystem and discover composite attack paths. This part still requires analysis led by professional security auditors.
In daily audit work, Beosin has established a mature collaborative audit process combining AI and security audit experts. This not only significantly improves audit efficiency but also better identifies potential detailed risks and complex business logic vulnerabilities, making audit work more efficient, comprehensive, and in-depth.
