Study Introduces ReX Framework to Assess LLM-Driven Exploit Generation for Smart Contracts

Global: Prompt to Pwn: Automated Exploit Generation for Smart Contracts

Researchers Zeke Xiao, Qin Wang, Yuekang Li and Shiping Chen have unveiled a new framework called ReX that automates the generation of exploits targeting smart contracts. The work was first submitted to arXiv on August 2, 2025 and revised on January 25, 2026, aiming to evaluate the capability of large language models (LLMs) to synthesize functional attacks and to highlight emerging security challenges.

Framework Overview

ReX integrates LLM‑based exploit synthesis with the Foundry development stack, enabling end‑to‑end creation, compilation, execution, and verification of attack code. The system orchestrates prompt engineering, a compiler feedback loop, and templated test harnesses to streamline the exploit development process.

Experimental Methodology

The authors assessed five recent LLMs across eight common smart‑contract vulnerability classes. Evaluation relied on a curated collection of more than 38 real‑world incident proof‑of‑concepts. Three automation aids—prompt refactoring, compiler feedback, and test harness templates—were incorporated to reduce manual intervention.

Key Findings

Results show that the models perform strongly on single‑contract proof‑of‑concepts but struggle with attacks that span multiple contracts. Performance variations were primarily linked to the specific LLM and the type of bug, while factors such as code structure and prompt tuning contributed only marginally.

Security Implications

The study surfaces notable gaps in existing defenses against LLM‑driven automated exploit generation. According to the authors, the findings underscore the need for enhanced protective measures, including more robust static analysis tools and runtime monitoring capable of detecting AI‑generated malicious code.

Limitations and Future Directions

The research is limited to the selected dataset and the five evaluated models, which may not represent the full spectrum of LLM capabilities. The authors suggest expanding the benchmark to include additional vulnerability classes and exploring defensive strategies that can adapt to rapidly evolving AI techniques.

Conclusion

ReX provides a comprehensive pipeline for assessing the exploit‑generation potential of LLMs in the smart‑contract domain. While the framework demonstrates feasibility, it also highlights the urgency for the blockchain security community to develop countermeasures against AI‑augmented threats.

This report is based on information from arXiv, licensed under Academic Preprint / Open Access. Based on the abstract of the research paper. Full text available via ArXiv.