Detecting Various DeFi Price Manipulations with LLM Reasoning

Juantao ZHONG; Daoyuan WU; Ye LIU; Maoyi XIE; Yang LIU; Yi LI; Ning LIU

doi:10.1109/ASE63991.2025.00149

Detecting Various DeFi Price Manipulations with LLM Reasoning

Juantao ZHONG
, Daoyuan WU
, Ye LIU^*
, Maoyi XIE
, Yang LIU
, Yi LI
, Ning LIU

^*Corresponding author for this work

Lingnan University

Research output: Book Chapters | Papers in Conference Proceedings › Conference paper (refereed) › Referred Conference Paper › peer-review

Abstract

DeFi (Decentralized Finance) is one of the most important applications of today’s cryptocurrencies and smart contracts. It manages hundreds of billions in Total Value Locked (TVL) on-chain, yet it remains susceptible to common DeFi price manipulation attacks. Despite state-of-the-art (SOTA) systems like DeFiRanger and DeFort, we found that they are less effective to non-standard price models in custom DeFi protocols, which account for 44.2% of the 95 DeFi price manipulation attacks reported over the past three years.

In this paper, we introduce the first LLM-based approach, DeFiScope, for detecting DeFi price manipulation attacks in both standard and custom price models. Our insight is that large language models (LLMs) have certain intelligence to abstract price calculation from smart contract source code and infer the trend of token price changes based on the extracted price models. To further strengthen LLMs in this aspect, we leverage Foundry to synthesize on-chain data and use it to fine-tune a DeFi price-specific LLM. Together with the high-level DeFi operations recovered from low-level transaction data, DeFiScope detects various DeFi price manipulations according to systematically mined patterns. Experimental results show that DeFiScope achieves a high recall of 80% on real-world attacks, a precision of 96% on suspicious transactions, and zero false alarms on benign transactions, significantly outperforming SOTA approaches. Moreover, we evaluate DeFiScope’s cost-effectiveness and demonstrate its practicality by helping our industry partner confirm 147 real-world price manipulation attacks, including discovering 81 previously unknown historical incidents.

Original language	English
Title of host publication	2025 40th IEEE/ACM International Conference on Automated Software Engineering, ASE 2025: Proceedings
Publisher	IEEE
Pages	1781-1793
Number of pages	13
ISBN (Electronic)	9798350357332
DOIs	https://doi.org/10.1109/ASE63991.2025.00149
Publication status	Published - Nov 2025
Event	2025 40th IEEE/ACM International Conference on Automated Software Engineering - Seoul, Korea, Republic of Duration: 16 Nov 2025 → 20 Nov 2025

Publication series

Name	IEEE/ACM International Conference on Automated Software Engineering
Publisher	IEEE
ISSN (Print)	1938-4300
ISSN (Electronic)	2643-1572

Conference

Conference	2025 40th IEEE/ACM International Conference on Automated Software Engineering
Abbreviated title	ASE 2025
Country/Territory	Korea, Republic of
City	Seoul
Period	16/11/25 → 20/11/25

Funding

This research was supported by Lingnan Grant SUG-002/2526, HKUST TLIP Grant FF612, the National Natural Science Foundation of China (Project No. 72304232), the Singapore Ministry of Education Academic Research Fund Tier 2 (T2EP20224-0003) and the Nanyang Technological University Centre for Computational Technologies in Finance (NTU-CCTF). Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of MOE and NTU-CCTF.

Keywords

large language model
smart contract
defi
price manipulation
vulnerability detection

Access to Document

10.1109/ASE63991.2025.00149

Understanding and Testing the Security of Large Language Model Context Protocols (MCP)
WU, D. (PI)
LU Research Committee
1/09/25 → 31/08/27
Project: Grant Research

Cite this

ZHONG, J., WU, D., LIU, Y., XIE, M., LIU, Y., LI, Y., & LIU, N. (2025). Detecting Various DeFi Price Manipulations with LLM Reasoning. In 2025 40th IEEE/ACM International Conference on Automated Software Engineering, ASE 2025: Proceedings (pp. 1781-1793). (IEEE/ACM International Conference on Automated Software Engineering). IEEE. https://doi.org/10.1109/ASE63991.2025.00149

@inproceedings{2410c60b747840c7a732b7e299f1b31f,

title = "Detecting Various DeFi Price Manipulations with LLM Reasoning",

abstract = "DeFi (Decentralized Finance) is one of the most important applications of today{\textquoteright}s cryptocurrencies and smart contracts. It manages hundreds of billions in Total Value Locked (TVL) on-chain, yet it remains susceptible to common DeFi price manipulation attacks. Despite state-of-the-art (SOTA) systems like DeFiRanger and DeFort, we found that they are less effective to non-standard price models in custom DeFi protocols, which account for 44.2\% of the 95 DeFi price manipulation attacks reported over the past three years. In this paper, we introduce the first LLM-based approach, DeFiScope, for detecting DeFi price manipulation attacks in both standard and custom price models. Our insight is that large language models (LLMs) have certain intelligence to abstract price calculation from smart contract source code and infer the trend of token price changes based on the extracted price models. To further strengthen LLMs in this aspect, we leverage Foundry to synthesize on-chain data and use it to fine-tune a DeFi price-specific LLM. Together with the high-level DeFi operations recovered from low-level transaction data, DeFiScope detects various DeFi price manipulations according to systematically mined patterns. Experimental results show that DeFiScope achieves a high recall of 80\% on real-world attacks, a precision of 96\% on suspicious transactions, and zero false alarms on benign transactions, significantly outperforming SOTA approaches. Moreover, we evaluate DeFiScope{\textquoteright}s cost-effectiveness and demonstrate its practicality by helping our industry partner confirm 147 real-world price manipulation attacks, including discovering 81 previously unknown historical incidents.",

keywords = "large language model, smart contract, defi, price manipulation, vulnerability detection",

author = "Juantao ZHONG and Daoyuan WU and Ye LIU and Maoyi XIE and Yang LIU and Yi LI and Ning LIU",

year = "2025",

month = nov,

doi = "10.1109/ASE63991.2025.00149",

language = "English",

series = "IEEE/ACM International Conference on Automated Software Engineering",

publisher = "IEEE",

pages = "1781--1793",

booktitle = "2025 40th IEEE/ACM International Conference on Automated Software Engineering, ASE 2025: Proceedings",

note = "2025 40th IEEE/ACM International Conference on Automated Software Engineering, ASE 2025 ; Conference date: 16-11-2025 Through 20-11-2025",

}

ZHONG, J, WU, D, LIU, Y, XIE, M, LIU, Y, LI, Y & LIU, N 2025, Detecting Various DeFi Price Manipulations with LLM Reasoning. in 2025 40th IEEE/ACM International Conference on Automated Software Engineering, ASE 2025: Proceedings. IEEE/ACM International Conference on Automated Software Engineering, IEEE, pp. 1781-1793, 2025 40th IEEE/ACM International Conference on Automated Software Engineering, Seoul, Korea, Republic of, 16/11/25. https://doi.org/10.1109/ASE63991.2025.00149

Detecting Various DeFi Price Manipulations with LLM Reasoning. / ZHONG, Juantao; WU, Daoyuan; LIU, Ye et al.
2025 40th IEEE/ACM International Conference on Automated Software Engineering, ASE 2025: Proceedings. IEEE, 2025. p. 1781-1793 (IEEE/ACM International Conference on Automated Software Engineering).

Research output: Book Chapters | Papers in Conference Proceedings › Conference paper (refereed) › Referred Conference Paper › peer-review

TY - GEN

T1 - Detecting Various DeFi Price Manipulations with LLM Reasoning

AU - ZHONG, Juantao

AU - WU, Daoyuan

AU - LIU, Ye

AU - XIE, Maoyi

AU - LIU, Yang

AU - LI, Yi

AU - LIU, Ning

PY - 2025/11

Y1 - 2025/11

N2 - DeFi (Decentralized Finance) is one of the most important applications of today’s cryptocurrencies and smart contracts. It manages hundreds of billions in Total Value Locked (TVL) on-chain, yet it remains susceptible to common DeFi price manipulation attacks. Despite state-of-the-art (SOTA) systems like DeFiRanger and DeFort, we found that they are less effective to non-standard price models in custom DeFi protocols, which account for 44.2% of the 95 DeFi price manipulation attacks reported over the past three years. In this paper, we introduce the first LLM-based approach, DeFiScope, for detecting DeFi price manipulation attacks in both standard and custom price models. Our insight is that large language models (LLMs) have certain intelligence to abstract price calculation from smart contract source code and infer the trend of token price changes based on the extracted price models. To further strengthen LLMs in this aspect, we leverage Foundry to synthesize on-chain data and use it to fine-tune a DeFi price-specific LLM. Together with the high-level DeFi operations recovered from low-level transaction data, DeFiScope detects various DeFi price manipulations according to systematically mined patterns. Experimental results show that DeFiScope achieves a high recall of 80% on real-world attacks, a precision of 96% on suspicious transactions, and zero false alarms on benign transactions, significantly outperforming SOTA approaches. Moreover, we evaluate DeFiScope’s cost-effectiveness and demonstrate its practicality by helping our industry partner confirm 147 real-world price manipulation attacks, including discovering 81 previously unknown historical incidents.

AB - DeFi (Decentralized Finance) is one of the most important applications of today’s cryptocurrencies and smart contracts. It manages hundreds of billions in Total Value Locked (TVL) on-chain, yet it remains susceptible to common DeFi price manipulation attacks. Despite state-of-the-art (SOTA) systems like DeFiRanger and DeFort, we found that they are less effective to non-standard price models in custom DeFi protocols, which account for 44.2% of the 95 DeFi price manipulation attacks reported over the past three years. In this paper, we introduce the first LLM-based approach, DeFiScope, for detecting DeFi price manipulation attacks in both standard and custom price models. Our insight is that large language models (LLMs) have certain intelligence to abstract price calculation from smart contract source code and infer the trend of token price changes based on the extracted price models. To further strengthen LLMs in this aspect, we leverage Foundry to synthesize on-chain data and use it to fine-tune a DeFi price-specific LLM. Together with the high-level DeFi operations recovered from low-level transaction data, DeFiScope detects various DeFi price manipulations according to systematically mined patterns. Experimental results show that DeFiScope achieves a high recall of 80% on real-world attacks, a precision of 96% on suspicious transactions, and zero false alarms on benign transactions, significantly outperforming SOTA approaches. Moreover, we evaluate DeFiScope’s cost-effectiveness and demonstrate its practicality by helping our industry partner confirm 147 real-world price manipulation attacks, including discovering 81 previously unknown historical incidents.

KW - large language model

KW - smart contract

KW - defi

KW - price manipulation

KW - vulnerability detection

U2 - 10.1109/ASE63991.2025.00149

DO - 10.1109/ASE63991.2025.00149

M3 - Conference paper (refereed)

T3 - IEEE/ACM International Conference on Automated Software Engineering

SP - 1781

EP - 1793

BT - 2025 40th IEEE/ACM International Conference on Automated Software Engineering, ASE 2025: Proceedings

PB - IEEE

T2 - 2025 40th IEEE/ACM International Conference on Automated Software Engineering

Y2 - 16 November 2025 through 20 November 2025

ER -

Detecting Various DeFi Price Manipulations with LLM Reasoning

Abstract

Publication series

Conference

Funding

Keywords

Access to Document

Fingerprint

Projects

Understanding and Testing the Security of Large Language Model Context Protocols (MCP)

Cite this