The latest version of ChatGPT is able to identify Ethereum smart contract vulnerabilities and exploits — but will it replace developers in the future?
The newest version of ChatGPT has caused a stir online, scoring high marks for SAT tests and highlighting vulnerabilities and exploits in Ethereum smart contracts.
GPT-4 is the latest version of the highly influential artificial intelligence (AI) language model, boasting “human-level performance on various professional and academic benchmarks,” according to its developer OpenAI.
Aside from outstanding scores on a range of various professional and academic benchmarks, GPT-4 has also demonstrated the ability to review Ethereum smart contracts, highlighting vulnerabilities and even suggesting potential ways to exploit the code.
I dumped a live Ethereum contract into GPT-4.
In an instant, it highlighted a number of security vulnerabilities and pointed out surface areas where the contract could be exploited. It then verified a specific way I could exploit the contract pic.twitter.com/its5puakUW
— Conor (@jconorgrogan) March 14, 2023
Coinbase director Conor Grogan shared a prompt dialogue with ChatGPT in which the AI chatbot “highlighted a number of security vulnerabilities” before verifying a method to exploit the contract.
Related: 10 ways blockchain developers can use ChatGPT
Perhaps more interesting is that ChatGPT’s recommendation checks out, given that the exact same smart contract had been hacked in 2018 via the same method that the language model suggested.
On the back of the latest ChatGPT upgrade and its potential to review, suggest and provide insights to Ethereum smart contract developers, Cointelegraph journalist Ezra Reguerra explored the topic in conversation with attendees at the ETHDubai conference this week.
Blockchain developer Salman Arshad highlighted the connection that ChatGPT has with blockchain, given the focus on Web3 in security and auditing processes. Smart contract auditors are costly, and ChatGPT offers a timely and cost-efficient way to review code:
“ChatGPT and AI tools are a blessing; they are not our enemies and are not here to end the career of a developer.”
Arshad added that ChatGPT’s broad knowledge base is its strength, but it still requires human input for specific business logic and prompts. The benefit is that developers can get far more work done in far less time by using AI-powered tools:
“You know what your company wants to do. You can tell ChatGPT, and it can perfectly transform your commands into a smart contract, auditing process, document or white paper.”
Another blockchain developer, Syed Ghazanfer, also highlighted the collaborative nature of ChatGPT, which still remains far more beneficial to a wide range of users than the potential threat of automating processes and replacing human workers:
“I’m really in favor of ChatGPT. For it to replace you, you have to communicate requirements which are not possible in native English. That’s why we invented programming languages.”
Ghazanfer added that ChatGPT will remain a useful tool for developers, automating processes like reading and condensing full documentation.
As previously explored by Cointelegraph, ChatGPT is proving significantly useful for developers to solve coding problems. The AI-powered tool also promises to be useful for security audits of smart contracts and Web3 platforms.