An Initial Exploration of Fine-tuning Small Language Models for Smart Contract Reentrancy Vulnerability Detection

Generative AI techniques have been proposed for various aspects of coding for tasks ranging from coding assistants [1] to optimisation [2] and vulnerability detection [3] for which promising results are being heeded. Indeed, for many cases traditional types of code verification (be it at compile/development time [4] or runtime [5]) often out perform generative AI-based techniques, yet such tools are often rigid and less flexible compared to how generative AI techniques can be used. Given potential future 1 advancements of generative AI techniques, and given the flexible interface with which tools can interact with generative AI tools, it is useful to evaluate'how good are generative AI techniques at undertaking such tasks?' Indeed, extensive work in the domain has already been proposed surrounding this question, of which an extensive amount of literature has focused on the state-of-the-art large language models. Whilst it may be reasonable to make use of commercially/publicly available LLMs that are operated by a service provider, they indeed raise issues of privacy and confidentiality which some entities may rather not disclose certain intellectual property to (e.g.