1 Understanding Security Issues in the DAO Governance Process Junjie Ma†‡, Muhui Jiang‡, Jinan Jiang‡, Xiapu Luo‡∗, Yufeng Hu¶, Yajin Zhou¶, Qi Wang§∗, Fengwei Zhang§∗ †Research Institute of Trustworthy Autonomous Systems, Southern University of Science and Technology, China §Computer Science and Engineering, Southern University of Science and Technology, China ‡Department of Computing, The Hong Kong Polytechnic University, China ¶Department of Computer Science and Technology, Zhejiang University, China Abstract—TheDecentralizedAutonomousOrganization(DAO) Recently, a growing number of decentralized applications has emerged as a popular governance solution for decentralized (dApps) have adopted DAO as their governance method. For applications (dApps), enabling them to manage their members example,Uniswap[2],oneofthemostvaluableDecentralized across world. This structure ensures that no single entity can Exchange (DEX), with a daily trading volume exceeding 500 arbitrarilycontrolthedAppwithoutapprovalfromthemajority of members. However, despite its advantages, DAOs face several million dollars [3], employs DAO for its asset management. challenges within their governance processes that can compro- Additionally, DAO platforms such as XDAO [4], Aragon [5], misetheirintegrityandpotentiallyleadtothelossofdAppassets. and DAOhaus [6], which help developers to deploy DAO in In this paper, we first provided an overview of the DAO minutes, have attracted the interest of thousands of organiza- governance process within the blockchain. Next, we identified tions[7].Inparticular,XDAOhasfacilitatedthesetupofover issues within 3 key components of the governance process: the Governance Contract, Documentation, and Proposal. Regarding 16,000 DAOs across various blockchains [4]. According to the Governance Contract, malicious developers could embed the analysis [8], the total treasury governed by DAOs exceeds backdoors or malicious code to manipulate the governance 18.8 billion dollars, with over 2.5 million users. This trend process. In terms of Documentation, inadequate or unclear highlightsthatDAOhasbecomeawidelyadoptedgovernance documentation from developers may prevent members from method among blockchain developers. effectively participating, increasing the risk of undetected gov- ernance attacks or enabling a small group of members to However,therapidriseinDAOshasbroughtwithitseveral dominate the process. Lastly, with Proposals, members could challenges. Many DAO developers and members fail to pay submit malicious proposals with embedded malicious code in an adequate attention to the issues in the governance process, attempt to gain control of the DAO. To address these issues, leading to an increase in attacks targeting DAOs [9], [10], we developed automated methods to detect such vulnerabilities. [11], [12], [13], [14], [15], [16], [17], [18]. For instance, a To investigate the prevalence of these issues within the current DAO ecosystem, we constructed a state-of-the-art dataset that DAO can be attacked through malicious code hidden within includes 3,348 DAOs, 144 documentation, and 65,436 proposals a proposal. A notable example is the Beanstalk attack, which across 9 different blockchains. Our analysis reveals that many resulted in a loss of 182 million dollars [18]. The attacker DAOdevelopersandmembershavenotgivensufficientattention deceived members into trusting the malicious code in the to these issues. For the Governance Contract, 176 DAOs allow proposal was benign. Moreover, DAO governance process external entities to control their governance contracts, while one DAOpermitsdeveloperstoarbitrarilychangethecontract’slogic. can be manipulated by developers through hidden backdoor In terms of Documentation, only 71 DAOs provide adequate functions controlled by an external entity rather than the guidance for their members on governance processes. As for governance contract itself. This allows developers to bypass Proposals, over 90% of the examined proposals (32,500) fail the governance process and take control of DAO assets. An to provide consistent descriptions and code for their members, example of this is the VPANDA DAO Rug Pull [19], where highlighting a significant gap in transparency within the DAO governance process. For a better DAO governance ecosystem, a developer illegally transferred over 1 million locked tokens DAOdevelopersandmemberscanutilizethemethodstoidentify from the contract, gaining over 265 thousand dollars. and address issues within governance process. Previous studies within the field of DAOs have primarily Index Terms—Decentralized Governance, Program Analysis, focused on analyzing DAO activities and issues related to Smart Contracts, Language Models. voting in the governance process [20], [21], [22], [23], [24], [25], [26], [27], [28], such as centralized voting power. To the best of our knowledge, no previous work has focused I. INTRODUCTION on the issues affecting the entire DAO governance process. DECENTRALIZED Autonomous Organization (DAO) is Our work fills this gap by conducting a comprehensive study a governance method constructed based on blockchain towards the issue within the DAO governance process com- smart contracts [1]. The DAO ensures that all privileged ac- ponentGovernance Contract,DocumentationandProposal tionsrequiremajorityconsensusfromitsmembers,effectively as identified in the section III. The Governance Contract preventing any single member from taking arbitrary actions. governs the entire process, so its integrity must be safe- ∗ Xiapu Luo, Qi Wang, and Fengwei Zhang are the corresponding guarded by developers. If not, developers could manipulate authors. theoutcomebycontrollingproposalsoralteringthecontract’s 2 logic. In terms of Documentation, DAOs should provide of proposals decreased from 34 to 9, while the average voting clear and comprehensive instructions to guide members on participation drops from 3,342 to just 33. For Proposal, we how to engage in the governance process. A lack of proper found that only 3,018 out of 35,518 proposals do mention all documentation may hinder member participation and create their code actions in the proposal, such as which functions opportunities for attackers to push through malicious propos- will be invoked and how many tokens will be transferred. To als. For Proposal, especially those that involve transferring assesstheeffectivenessofourapproachindetectingreal-world DAO assets or modifying ownership, the code logic must malicious proposals, we tested it against 13 malicious pro- be clearly defined and fully explained to DAO members. posals from recent governance attack incidents. Our method Failure to do so could allow attackers to hide malicious code, successfully detected all of these attacks. resulting in unauthorized control of DAO assets without the We hope that our paper can guide developers in deploying members’ awareness. To investigate the issues within these andmaintainingtheirDAOsinamoresecureandcomprehen- components, we address the following 3 research questions, sive manner, while also raising awareness among members each corresponding to a aspect of the governance process. about potential risks within DAO governance. RQ1:DoesDAOachieveimpartialdecentralizedgovernance? Our contributions can be summarized as follows. RQ2: Does DAO offer sufficient governance process docu- Public Dataset. We collected 3,348 actively used DAO mentation for their members? implementations, 144 documentation, and 35,518 proposals RQ3: Does Proposal ensure consistency between descriptions across 9 popular blockchains. Our dataset included famous and code? DAOs such as Uniswap [2] and Compound [31], as well as For RQ1, we verify whether the DAO achieves impar- DAOsfromplatformslikeAragon[5].Thecollecteddatawill tial decentralized governance, ensuring that developers can- be released for further research. not compromise the governance process. First, we perform Comprehensive Study. We conducted an in-depth study of static analysis of the governance contract to confirm that DAO implementations, addressing 3 key research questions it correctly implements decentralized governance. Next, we related to each component of DAO governance processes. extract the controller addresses of privileged functions to InsightfulFindings.Ourstudyrevealedsignificantsecurity determine whether the contract is self-governed or controlled issuesincurrentDAOimplementations.Wefoundthataround by developers. Finally, we trace the creation process of the 5% of DAOs are controlled by unknown entities, over 94% governance contract to ensure developers cannot arbitrarily lack any documentation, and more than 92% of proposals fail modify the contract’s logic. For RQ2, we investigate whether to explain the actions their code will execute. the DAO provides sufficient guidance to its members for participating in the governance process, thereby encouraging II. BACKGROUND member engagement. We leverage Large Language Models A. Decentralized Autonomous Organization (LLM) with Chain of Thought (CoT) [29] to evaluate if the Decentralized Autonomous Organization (DAO) is first in- DAO documentation complies with the 6 requirements out- troduced by Ethereum white paper [1]. DAO utilizes smart linedintheDAOModelLaw[30].InRQ3,weassesswhether contracts to enable collective control of the organization by the proposals submitted by members exhibit consistent and all its members. Currently, there are two types of DAO immutable code behavior that aligns with their descriptions, governance [32], [33]: on-chain governance and off-chain ensuring that attackers cannot hide malicious code within a governance. On-chain governance requires all the governance normal proposal description. First, we trace the proposal code processes to be conducted on the blockchain by smart con- to verify its immutability. Then, we use a combination of tracts, including proposing proposals, voting, and executing. Natural Language Processing (NLP) and LLM to ensure that Onthecontrary,inoff-chaingovernance,thedecision-making the actions described by the code are accurately reflected in process (e.g., proposing proposals or voting) is performed the proposal descriptions. outside the blockchain. The execution process is carried out The issues we address in this study have not been ex- manually by the DAO developer, granting it complete control plored in prior research. Moreover, our investigation covers over the DAO contracts. We exclude off-chain governance an extensive dataset of over 3,000 DAOs across 5 platforms fromourscopeasitcontravenestherequirementsintheDAO and 9 blockchains. Our results show that many DAOs exhibit definition [1] and the DAO Model Law [30], which mandate issueswithintheirgovernanceprocesses.FortheGovernance governance process to be executed on the blockchain. Contract, we found that 176 DAOs allow external entities to control their governance contracts, and we identified 1 B. DAO Platform DAOwherethedevelopercanarbitrarilymodifythecontract’s code logic. Regarding the provision of Documentation to The DAO platform is designed to provide DAO developers assist members in participating in governance, only 144 out with the tools to easily create their own DAOs. Developing a of 3,348 DAOs provided documentation for their members. DAO requires advanced programming and blockchain knowl- Among these, only 71 DAOs offered guidance specifically for edge. Current DAO platforms such as XDAO [4], Aragon [5], their governance process. Given that such documentation is DAOhaus [6], and DAOstack [6] offer comprehensive assis- crucialforequippingmemberswiththenecessaryinformation tance in DAO creation. This support ranges from deploying to engage in governance, we found that its absence correlates contracts to building websites. With these platforms, develop- withasignificantdeclineinparticipation.Theaveragenumber ers can create their own DAO in minutes. 3 Fig. 2: A simplified privilege function restriction requires the function caller to be the governance contract. Fig. 1: The DAO Governance Process. Governanceprocess.Managingandimplementingchanges within a DAO relies on the governance process. This is C. DAO Model Law achieved by submitting proposals to the governance contract TheDAOModelLaw[30],atypeofModelLaw[34],aims and conducting votes on these proposals. If a proposal passes to bridge the gap between DAOs and traditional regulatory the voting process, the code within it is executed by the frameworks,whichhaveyettoadapttotheneworganizational governance contract to implement the changes towards the structuresenabledbyblockchain.TheDAOModelLawstipu- DAO. This ensures that the majority of the DAO members latesrulesapplicabletobothon-chainsmartcontractsandoff- approve all the changes. The governance process begins at a chain documentation. Once these rules are adhered to, DAOs member ④ submitting a proposal to the governance contract. and their members can achieve legal certainty. Then, a member can ⑤ cast a vote for the newly submitted proposal. A proposal is passed when it has received sufficient voting power in support from members. If the guardian does III. DAOGOVERNANCEPROCESS notidentifytheproposalasamaliciousone⑥,thecodewithin the proposal will be executed by the governance contract ⑦. We provide a comprehensive overview of the DAO gover- Documentation. Considering the complexity of the gov- nance process, as shown in Figure 1. ernance process, the documentation should provide complete Participants. The participants in the DAO governance guidance on the governance process. This encompasses de- process fall into one of three roles: developer, member, and livering detailed information on becoming a DAO member, guardian. The first role, developer, is involved in the devel- providing step-by-step guides to participate in the governance opment of the DAO’s smart contracts and interface. He is responsible for ① deploying the governance contracts to the process, and outlining the existence of guardian. blockchain network, as well as ② creating the documentation for the DAO. The second role, member, is a blockchain IV. APPROACH user who learns the governance process by ③ reading the documentation. He can participate in DAO governance by ④ A. Research Questions submitting or ⑤ voting for a proposal via the DAO gover- We examine the issues within each component of the nance contract [31]. The last role is the guardian, a specific governanceprocess-GovernanceContract,Documentation, blockchain user tasked with ⑥ monitoring the DAO gover- and Proposal - with the following research questions. nance process. If the guardian detects malicious proposals The Governance Contract controls the entire governance targeting DAO governance, he has the authority within the process. According to the definition [1], it is essential for governance contract to cancel such proposals. achieving impartial and immutable in decentralized gover- Governance contract. The governance contract controls nance,preventingdevelopersfromarbitrarilymanipulatingthe the governance process, storing all the proposals and votes results. As shown in Figure 2, the setVotingDelay function, from members. It provides functions that allow members to which is designed to adjust the voting duration, includes a submit new proposals, vote on these proposals, and execute modifier named onlyGovernance. This modifier ensures that thecodewithintheproposals.Thegovernancecontractshould the function can only be invoked when the caller’s address be configured as the only way to change the DAO contracts. (msg.sender)matchestheaddressofthegovernancecontract Proposal.Proposalreferstoaformalsubmissiontothegov- itself.Thisrestrictionindicatesthatthefunctionoperatesunder ernancecontractmadebyamembertosuggestchangestothe the authority of the governance contract. However, if such DAO(i.e.,fundingrequest,contractparametersconfiguration). functions are controlled by developers, they could potentially Typically, as shown in Figure 14, the proposal encompasses manipulate parameters such as the voting duration and the two elements: description and code. The description, penned required voting power for proposals, thereby influencing the in natural language, outlines the intent of the proposal. It governance process results. provides members with information regarding the proposal Thus,weproposeRQ1toexaminewhethertheGovernance codeanditsreason.Thecodecontainsthecodethegovernance Contract achieve impartial decentralized governance. contract will execute if the proposal passes. It refers to the RQ1: Does DAO achieve impartial decentralized gover- technical implementation of the proposal. nance? 4 TABLE I: Types of DAOs, along with their corresponding As for the Documentation, each DAO should provide de- quantity,website,documentation,andproposalinthedatabase. tailedinstructionsforitsmembersonhowtoparticipateinthe governanceprocess,withanemphasisondisclosingitscritical DAOType DAO(original) DAO(filtered) Website Documentation Proposal aspects.Theabsenceofpropergovernancedocumentationcan XDAO 16,018 2,357 105 52 29,586 Aragon 2,939 630 51 24 21,023 discourage members from participating, as they would need Tally 1,256 266 69 55 8,999 DAOhaus 278 62 8 5 1,827 to rely on reading the governance source code to understand DAOstack 41 30 8 5 2,419 Self-developed 3 3 3 3 1,582 the process. This scenario can lead to governance outcomes Total 20,535 3,348 244 144 65,436 being controlled by only a small group of members. For instance,intheSynthetifyDAOgovernanceattackonOctober OurdatasetfocusesonDAOsoperatingonEVM-compatible 17, 2023 [35], an attacker submitted a malicious proposal chains with a Total Value Locked (TVL) exceeding 50 mil- aimed at seizing control of the DAO’s assets. Due to the lack lion dollars. These chains include Ethereum [39], BSC [40], of governance documentation, none of the members actively Polygon [41], Fantom [42], Gnosis [43], Avalanche [44], participated in the process, and as a result, no one vetoed the Arbitrum [45], Cronos [46], and Optimism [47]. We collected malicious proposal during the 7-day voting period, leading to data from these sources until September 1, 2024. The results a loss of 230 thousand dollars. are shown in Table I. In total, we gathered data on 30,535 In RQ2, we assess whether DAOs provide sufficient docu- DAOs. To remove unused or experimental DAOs that might mentationtoguidemembersinparticipatinginthegovernance. introduce bias into the results, we filtered the dataset by RQ2: Does DAO offer sufficient governance process docu- selecting those DAOs with at least four proposals and eight mentation for their members? voting records from at least two different members. This As for the Proposal, attackers can submit malicious pro- processresultedinafinaldatasetof3,348activelyusedDAOs. posals to gain control of the DAO or misappropriate its assets Toensurethecompletenessofourdataset,wecross-checked by embedding malicious code within the proposal. They may it with the top 20 DAOs listed on CoinMarketCap [3]. The deceive members by providing misleading descriptions that results confirm that all top 20 DAOs, including Uniswap [2] make the code appear legitimate. and Compound [31] from Tally, as well as Curve [48] and In RQ3, we investigate the consistency between proposal MakerDAO [49] from DeepDAO, are included in our dataset. descriptions and the underlying code to prevent malicious Documentation. To collect the documentation, we first members from submitting deceptive proposals that disguise gathered DAO websites using platform APIs and data from harmful actions as legitimate ones. DeepDAO. For DAOs without a listed website, we queried RQ3: Does Proposal ensure consistency between descrip- their public name tag [50] from blockchain scanners to deter- tions and code? mineifthegovernancecontractwaslinkedtoaDAOwebsite. We then used Selenium [51] to crawl through the DAO B. Data Collection websites to retrieve documentation. Specifically, we focused In this section, we aim to collect and construct a com- on links containing keywords such as ”whitepaper” or ”doc.” prehensive DAO dataset for our analysis, which includes the If no such specific links were found, we archived the entire DAOname,governancecontract,website,documentation,and website for further analysis. As shown in Table I, we found proposals related to the DAO governance process. However, that only a small proportion of DAOs, specifically 244 out of gathering this data presents several challenges. 3,348, provide a website. However, we discovered that 100 First,thereisnoexistingcomprehensivedatasetthatencom- of these websites were either offline or had expired domain passes all relevant DAO information. Second, current DAO names, leaving only 144 operational DAO websites. data platforms fail to provide documentation and include We hypothesize that this may be due to the lack of website only a limited number of DAO websites. Third, not all DAO maintenance, with only popular DAOs able to create and platforms offer APIs for retrieving proposals. sustain their websites. To validate this, we examined DAOs To address these challenges, we outline our data collection withaTotalValueLocked(TVL)exceeding20milliondollars, methods for each type of data as follows: based on data from CoinMarketCap [3]. We found that all 11 DAONameandGovernanceContract.Togatherascom- DAOs in this category still maintain their websites. prehensive a list of DAOs as possible, we collect DAO names Next, we analyzed whether the low rate of online websites and corresponding governance contract addresses from plat- could be due to DAOs being out of service. We defined formsmentionedinpreviousstudies[36],suchasAragon[5], a DAO as out-of-service if it had not submitted any new DAOhaus [6], and DAOstack [37]. Additionally, we include proposals within a year. Our findings revealed that 2,477 out DAOs from two currently popular platforms, XDAO [4] and of3,348DAOsarestillactive,while871arenolongeractive. Tally [38]. To account for self-developed DAOs that do not Interestingly, 54 out of the 871 inactive DAOs still maintain belong to these platforms, we also collect DAO information their websites, whereas only 90 out of the 2,477 active DAOs from the DAO analytics website DeepDAO [8]. have maintained their websites. Using the APIs provided by these platforms, we collect Proposal. To retrieve the proposals, for platforms such DAOnamesandgovernancecontractaddresses.Sincethedata as Aragon, DAOhaus, and DAOstack that provide APIs, we from DeepDAO may include DAOs from other platforms, we utilized these APIs to download all the proposals associated remove duplicates, treating two DAOs with identical contract with each DAO. For other DAOs that do not provide an addresses as the same entity. API, we extracted proposal creation event logs [52] from 5 theDAO’sgovernancecontractmatchesthetemplatecontract. If either of these checks passes, we determine that the DAO has correctly implemented decentralized governance. For DAOs from Tally, the developers are allowed to add new functions based on the template contract provided by OpenZeppelin [53] or Compound [31]. We can not directly compare the bytecode of these contracts to ascertain if it is Fig. 3: The DAO from Aragon, despite its claims of being thesameasthetemplatecontract.Thus,wecheckwhetherthe governed by DAO, does not provide functionality for its governance contract includes the three governance functions members to propose or vote on proposals. fromthetemplatecontract(i.e.,Propose,Vote,andExecute)as required by the DAO Model Law [30] as well as the template the governance contract addresses and retrieved the proposal contract from OpenZeppelin and Compound. (1)Propose. A information directly from these logs. member can submit a proposal by invoking this function. (2)Vote.Foraproposalrecordedinthecontract,membershave V. DOESDAOACHIEVEIMPARTIALDECENTRALIZED the ability to cast their votes using this function. (3)Execute. GOVERNANCE?(RQ1) Thefunctioncanexecutethecodeoftheproposal.IfaDAO’s governance contract includes all 3 required functions, we In this section, we examine whether existing governance concludethatitadherestothetemplatecontract.WeuseEVM contracts implement impartiality in decentralized governance. CFG BUILDER [54] to extract the bytecode of each function Specifically, we assess 3 key aspects of the governance con- from the governance contract. We then compute the similarity tract:correctness,self-governance,andimmutability.First,for of bytecode between the governance contract’s functions and correctness, we evaluate whether the governance contract is the template functions by calculating hypervectors of n-grams capable of facilitating a decentralized governance process. A (n=5) of opcodes and comparing them using the Jaccard failure in this capability would violate the core principles of a similarity [55]. If the similarity score exceeds 0.8 [56], we DAO.Second,weassessself-governancetoensurethatdevel- consider the functions to be equivalent. To account for dis- opers cannot compromise governance outcomes by invoking crepancies caused by different versions of Solidity compiler, privileged functions, which would undermine decentralized we recompile the contracts using each major Solidity version. control. Finally, for immutability, we investigate whether the If the target function matches any version of the template governance contract’s code can be altered by developers, as contract function, we conclude that the DAO’s governance this could allow manipulation of the governance process. contract includes the required function. For other DAOs, if the governance contract is open-source, A. Correctness of Governance Contract supported by documentation, and aligns with decentralized AsstipulatedbytheDAOdefinition[1],[30],aDAO’sgov- governance principles, we infer that the DAO has achieved ernance must be decentralized. This requires the governance decentralized governance. Otherwise, we check whether the contract to effectively facilitate decentralized governance. If governance contract is similar to the contract provided by the the governance contract lacks the ability to ensure this, it platform or includes functions similar to those in the template would violate the core principles of a DAO. As illustrated contract, using the same approach outlined above. in Figure 3, the DAO 0x022f...528a from Aragon claims to Result.Theresults,asshowninTableII,indicatethatallthe be a DAO. However, it does not include the necessary voting analyzed DAOs implement decentralized governance. How- functionality, preventing members from proposing or voting ever, during the evaluation of our method (Appendix A), we on proposals. Consequently, all DAO assets and privileges are detected that some DAOs on certain platforms do not enforce controlled solely by the DAO developers, undermining the decentralized governance in their governance contracts. This principles of decentralization. is due to platforms giving developers the discretion to either Approach. To evaluate whether a DAO has correctly im- include or exclude decentralized governance during DAO cre- plemented decentralized governance within its Governance ation. To uphold the principles of decentralization, platforms Contract, we employ different methods depending on the type may want to consider making decentralized governance a ofDAO.ForDAOsfromplatformsXDAO,Aragon,DAOhaus, mandatory feature for developers. and DAOstack, it is mandatory for them to use the template governance contracts provided by their platforms [21]. We B. Self-governance of Governance Contract first conduct a manual analysis to verify whether the template governance contracts from these platforms correctly imple- All privileged functions within the governance contract ment decentralized governance. Next, we confirm whether should be controlled by the governance contract itself to pre- each DAO has adopted the provided template governance vent any potential violations from developers. The privileged contract. To verify whether a DAO’s governance contract function is defined as a function that can be executed only matches the template, we trace the creator of the governance byaprivilegedaddress[57],[58].However,ifthegovernance contract and compare it to the deployer address listed in the contract does not govern certain DAO functions, this could platform’s deployment guide. For governance contracts with lead to security vulnerabilities. In the case of the governance different creator addresses, we check whether the bytecode of contract 0x41E6......7a42 from the DAO ”mini dao,” shown

6 TABLE II: Numbers of DAOs that achieve decentralized governance(DG),alongwiththosewhereprivilegedfunctions are controlled by the governance contract or other entities. DAO Type With DG Without DG Governance Other XDAO 2,357 0 2,286 71 Aragon 630 0 612 18 Tally 266 0 179 87 Fig. 5: The governance contract of DAO based on OpenZep- DAOhaus 62 0 62 0 DAOstack 30 0 30 0 pelin, created using the CREATE2 chain. The contract allows Self-developed 3 0 3 0 developers to indirectly destroy it by executing a delegate call Total 3,348 0 3,172 176 to another contract that contains the SELFDESTRUCT. C. Immutability of Governance Contract After the Constantinople update [59], the EVM introduced a new opcode, CREATE2, which allows a smart contract to be deployed at a predetermined address [60]. This can be exploited as an attack vector, as it enables contract developers to modify the contract code after deployment while keeping Fig. 4: The decompiled governance contract from mini dao thecontract’saddressunchanged[13],[61],asdemonstratedin showsthatthedevelopercontrolsprivilegedfunctions(setVot- Appendix B. Unlike traditional proxy contracts [62], where a ingPeriod and setProposalThreshold), enabling him to control developermustfirstdeployanintermediarycontractthatstores proposal voting duration and required voting power. the governance contract’s address if they wish to make the in Figure 4, these functions are controlled by an admin, an contract upgradeable, they can later deploy a new governance Externally Owned Account (EOA) choosed by the developer, contract and update the proxy contract’s address through a rather than by the governance contract itself. As a result, transaction. As a result, any changes or upgrades to the gov- the developer could manipulate the process by adjusting the ernance contract can be tracked through the proxy contract’s voting delay to ensure only they can vote, or by setting an transactionhistory.Inthiscase,whiletheproxycontract’sad- unreasonably high proposal threshold to cancel any unwanted dressremainsthesame,theactualgovernancecontractaddress proposals. changes with each update. However, with the CREATE2 Approach. Thus, we examine whether there are privileged method, as discussed in Appendix B, developers can secretly functions within the governance contract that are controlled re-deploy the governance contract by first destroying the by external entities instead of the governance contract itself. contract and then redeploying it at the same address. This For DAOs from platforms XDAO and Aragon, these DAOs allowsthegovernancecontract’saddresstoremainunchanged, use a standardized contract for both governance logic and making it difficult for regular blockchain users to detect that access control. Additionally, these platforms provide official the contract code has been altered or upgraded unless they APIs [4][5] to query the governor of the privileged functions. thoroughly trace all related transactions. In contrast to the By using these APIs, we can determine whether the gover- proxy contract approach, CREATE2 maintains the same nance contract controls all privileged functions. address despite any changes to its logic. As illustrated in For other DAOs, inspired by previous studies [57][58], Figure 5, the governance contract of DAO 0xfbac...41b6, built we apply static analysis of the governance contract bytecode on OpenZeppelin and deployed via the CREATE2 chain, con- to identify privileged functions and extract the privileged tains a function named functionDelegateCall. This function addresses associated with these functions. Specifically, to allows developers to delegate calls to external contracts. By identify privileged functions, we analyze whether a function exploiting this functionality, developers can indirectly destroy checks the caller’s address, obtained via the CALLER op- the governance contract to invoke a SELFDESTRUCT opcode code, against a specific address from contract storage using hidden within an another contract. the EQ opcode. This comparison is used to determine the Approach. We first define the Contract Creation Chain jump target. We then extract the address and compare it with (CCC) of a governance contract as follows: Given a gover- the governance contract address to ascertain if they match. nance contract address G, we trace its contract deployment Result.AsdemonstratedinTableII,themajorityofDAOs, transaction.IfitisdeployedbyacontractC 0 ,weaddittothe particularly those on platforms DAOhaus and DAOstack, CCC. We then trace the creator of C 0 , designated as C 1 , and strictly follow the requirement that all functions within the continuethisprocessuntilwefindacontractthatiscreatedby governance contract should be governed by the governance an EOA address E. The CCC(G) =< G,C 0 ,C 1 ,......,E > contract itself. However, 176 governance contracts retain cer- shows the governance contract G is created from a chain of tain privileged functions that are not governed by themselves. contracts that extend from C 0 to E. As indicated in Section VI, most DAOs fail to explain the To determine whether a given governance contract ad- existence of guardians. Thus, it is hard for members to dress G is at risk from CREATE2,, we first construct its classify whether these functions are potentially backdoors or Contract Creation Chain (CCC). For each contract C in i designated for guardians to protect the governance process. CCC(G), we check whether the contract can self-destruct 7 using the SELFDESTRUCT opcode to erase its own code. However, a potential attacker could conceal the opcode within a different contract and indirectly execute it using the DELEGATECALLtodestroytheoriginalcontract.Hence, if a contract contains the opcode SELFDESTRUCT or DELEGATECALL, we infer that it can destruct itself. Subsequently,inordertocheckwhethercontractC iscreated i byCREATE2,wetracetheopcodesusedduringthecontract deployment transaction. If the CREATE2 opcode is used Fig. 6: The Compound governance documentation provides to create C , we deem that C is created by CREATE2. i i DAO members with guidance on how to vote for proposals. We adopt Tenderly API [63] to access the executed opcodes from the deployment transaction of contract C . Finally, if we i Voting Power. The documentation should clearly explain how determine that contract C was created by CREATE2 and i voting power is calculated and distributed among members, that all preceding contracts in the chain can self-destruct, we as voting power determines the weight of a member’s vote. conclude that contract C is under the threat of CREATE2. i Failing to explain voting power could discourage member Result. We identified one DAO from Tally, associ- participation in voting or, conversely, enable a member to ac- ated with the governance contract 0xfba...b6, which was cumulate excessive voting power, potentially allowing him to created using the CREATE2 opcode and utilizes the arbitrarily control the result of voting. 4) Minority Protection. DELEGATECALL opcode to interface with external con- The documentation should explicitly state if it includes any tracts. Notably, contracts deployed via CREATE2 can be provisions for protecting the minority rights of its members. destroyed by developers and redeployed at the same address. This is crucial because minority members may need to raise After analyzing the governance contract, we find that the disputes against specific decisions, particularly in situations vulnerability might have been introduced accidentally by the where a single member controls the majority of voting power. developer. The governance contract includes an internal func- 5) Governance Process Guide. A detailed guide to the gover- tion, functionDelegateCall, which allows external contracts nanceprocessisnecessaryformembers.Forinstance,thestep- to be called with a DELEGATECALL. Thus, a passed pro- by-stepinstructionsforsubmittingproposalsandcastingvotes. posal containing the SELFDESTRUCT opcode can lead to the 6) Appointment of Guardian. The appointment of a guardian contract’s destruction. This would then allow the developer is crucial to alleviating security concerns among members. to redeploy the governance contract using CREATE2 and Given the significant privileges the guardian holds, such as CREATE.Whilethisissuecouldbeunintentional,wecannot controlling the privilege functions in the governance contract, ignore the possibility that a malicious DAO developer could their role should be disclosed in the documentation. exploit it to execute an attack. Considering most of the members are not able to reliably Answer to RQ1: Among the 3,348 DAOs analyzed, we and accurately extract information from the on-chain DAO found that 176 could potentially be manipulated by devel- contractcode,it’svitalthattheDAOpresentsthisinformation opers, and one DAO’s governance contract code logic can inthetransparent,publiclyaccessibledocument.Forexample, be directly altered by its developer. This indicates that not as illustrated in Figure 6, the Compound DAO offers compre- allcurrentlyactiveDAOscanbetrustedtoachieveimpartial hensive documentation, guiding members on how to engage decentralized governance. in governance effectively. The absence of such transparency may erode members’ trust, thereby discouraging their active participation in DAO governance. VI. DOESDAOOFFERSUFFICIENTGOVERNANCEPROCESS Approach. However, simply adopting basic text searching DOCUMENTATIONFORTHEIRMEMBERS?(RQ2) to check rule satisfaction might introduce false positives, as The documentation is expected to provide a comprehensive some documentation may only include keywords as headings overview of the DAO, detailing the governance process and withoutactualcontent.Forexample,aDAOfromAragononly how members can interact with it. Given that the DAO Model mentions, ”Governance Proposal This is the last step of the Law[34],asreferencedinSectionII-C,istheonlyharmonized Governance process and is the only one that is binding.” In regulatory framework prescribing specific rules for DAO doc- such instances, a basic text search for ”Governance process” umentation and its participants [64], we thoroughly reviewed could result in a false positive. To address this issue, we the DAO Model Law and extracted all relevant requirements employ ChatGPT [65] as a question-answering system to de- concerning DAO documentation, which we summarized into terminewhetherthesixrulesaretrulypresentintheDAOdoc- six key rules. 1) Member Participation. The documentation umentation. Based on recent studies [66][67][68][69], Chat- should provide guidelines on how blockchain users can be- GPToutperformsexistingLargeLanguageModels(LLMs)in comeDAOmembersandparticipateingovernance,aswellas question-answering tasks. Additionally, it demonstrates supe- the participation rights in the governance process. 2) Member rior robustness in question comprehension when compared to Exit. Apart from participating in DAO, the documentation state-of-the-art question-answering systems. should also describe the steps a member needs to follow to Querying a Large Language Model (LLM) with a single exit the DAO, whether in a voluntary or involuntary way. 3) complex question can lead to incorrect responses [70]. A 8 Fig. 7: The abbreviated question chain to query whether Fig.8:AnexampleofqueryingChatGPTwithachainofques- the 6 rules are mentioned in the documentation. Each arrow tions to check the Rule1 Member Participation is mentioned. represents a Yes response from ChatGPT. We remove the cross-verify query for clarity. TABLE III: Evaluation of checking whether the rule is men- TABLE IV: Number of Documentation Satisfying Each Rule tioned in the documentation. DAOType Rule1 Rule2 Rule3 Rule4 Rule5 Rule6 ChatGPT[65] Claude[71] RuleName XDAO 10 1 12 0 7 1 Recall Precision F1-score Recall Precision F1-score Aragon 9 2 9 0 14 4 MemberParticipation 0.69 0.95 0.80 0.74 0.95 0.83 Tally 21 2 17 0 17 6 MemberExit 0.00 0.00 0.00 0.00 0.00 0.00 DAOhaus 1 0 0 1 1 0 VotingPower 0.81 0.87 0.84 0.78 0.48 0.59 DAOstack 4 0 3 0 2 0 MinorityProtection 1.00 1.00 1.00 1.00 0.50 0.66 Self-developed 3 0 3 0 3 2 GovernanceProcessGuide 0.68 0.90 0.77 0.92 0.80 0.86 AppointmentofGuardian 0.89 1.00 0.94 0.89 0.73 0.80 Total 48 5 44 1 44 13 related study [29] suggests that the Chain of Thought (CoT) we also evaluated another LLM, Claude [71], for comparison. reasoning method improves LLM comprehension of complex The results show that Claude can achieve recall rates similar questions.Therefore,weadoptpromptoptimizationbybreak- to or even higher than ChatGPT for these queries, suggesting ingdownthedocumentationrulesintoaseriesofintermediate that both LLMs provide sufficiently accurate results. How- questions.AsshowninFigure8,tocheckRule1(i.e.,Member ever, Claude produced more false positives than ChatGPT. Participation), we ask three questions: Does the DAO support This higher false positive rate may be due to differences in governance?, Who can become a member of the DAO?, and training data or the possibility that Claude requires a different Canmembersparticipateingovernance?.Ifallthreequestions promptstructurecomparedtoChatGPT.Asaresult,wechose areconfirmedinthedocumentation,weconcludethattherule ChatGPT to measure the integrity of DAO documentation. is satisfied. For all six rules, we address them with a series The results of each DAO’s documentation and how they of detailed questions derived from the DAO Model Law and alignwiththerulessetbytheDAOModelLawareillustrated merge similar queries to form a question chain, as depicted in in Table IV. Our findings reveal that none of the DAO Figure 7. We utilize the ChatGPT model gpt-3.5-turbo-16k- documentation fully complies with all six rules. We found 0613forclassification.Thepromptforeachqueryisshownin that only five DAOs mentioned Rule 2, Member Exit, in thefirstboxofFigure8.Tocross-verifytheresults,weusethe their documentation. Further analysis of the DAO Model Law followingprompttorechecktheresult:”Yourtaskistocheckif suggeststhatthisrulefunctionsmoreasacompliancestandard thesentencecontentismentionedinthedocument.Hereisthe rather than a practical guideline for DAOs. In practice, the sentence: [REASON]. Your answer format should be: Result: removal of all tokens belonging to a member is typically Yes/No. The document is provided below: [DOCUMENT].” consideredthedefaultmethodformemberexitfromtheDAO. If the two results are inconsistent, we rerun both questions. As for Rule 4, Minority Protection, only one DAO, which If the inconsistency persists, we set the final result as ”No.” belongstoDAOhaus,mentioneditinitsdocumentation.Upon If the document exceeds the token limit, we partition it into furtheranalysisoftheDAOhaus[6]platform,wefoundthatit segments of 12,000 tokens each, with an overlap of 2,000 integrates the rage quit procedure into its governance model, tokens between segments. The detailed question chain for ensuring protection for members with less voting power. checking each rule is provided in Appendix C. To evaluate the concept that well-documented DAOs en- Result. To evaluate the effectiveness of ChatGPT, we courage greater member participation in the governance pro- randomly selected 100 documentation samples and manually cess, we compare the number of documentation provided by analyzedwhethereachsatisfiedthespecifiedrules.Theresults DAOs with their corresponding proposal and voting statistics, arepresentedinTableIII.ThefindingsdemonstratethatChat- as shown in Figure 9 and Figure 10. The results indicate GPT, when used with the Chain of Thought (CoT) reasoning that DAOs with better documentation see significantly higher method, performs well in determining whether a certain rule engagement. Specifically, the average number of proposals is mentioned in the documentation. In addition to ChatGPT, drops from 34 to 9, and the average number of voting 9 Fig. 11: The example of Tornado cash governance attack. The contract 0xc503...752d contains proposal code. The attacker usestheCREATE2toreplacetheoriginalcodewithmalicious Fig. 9: The number distribution of DAO proposal numbers code before the proposal executed. based on the number of rules satisfied by their documentation logicwithinthetargetaddress.Apartfrombeingopen-source, the code logic in the target address must also be immutable. As discussed in Section V-C, the EVM opcode CREATE2 allows arbitrary change to the code logic inside the target address while maintaining the same address. If the proposal codelacksimmutability,anattackercanarbitrarilymodifythe code even after the proposal has been approved. For instance, in the Tornado Cash Governance Attack [13], as illustrated in Figure 11, the attacker first used the CREATE2 opcode to deployacontractwiththeaddress0x7dc8...353d.Thiscontract then deployed another contract, using the CREATE opcode, Fig. 10: The number distribution of DAO voting numbers with the address 0xc503...752d, which contained a normal basedonthenumberofrulessatisfiedbytheirdocumentation. version of the proposal code. Once the proposal passed but beforeitsexecution,theattackerinvokedtheSELFDESTRUCT participants declines from 3,342 to just 33 in DAOs without opcodetodestroyboth0x7dc8...353d and0xc503...752d.Sub- documentation. sequently, the attacker redeployed a contract at 0x7dc8...353d Answer to RQ2: Although only 71 out of 3,348 DAOs using CREATE2 with the same creation code, ensuring the provide documentation for their members, and none offer redeployed contract retained the same address. Finally, the complete documentation, more comprehensive documenta- attackerusedthisredeployedcontracttoredeploytheproposal tion significantly helps members actively participate in the code contract at 0xc503...752d, this time containing malicious DAO governance process. code. Approach. To assess whether the target address in the proposal code is open-source, we follow the approach used in VII. DOESPROPOSALENSURECONSISTENCYBETWEEN the previous study [72]. We use APIs provided by blockchain DESCRIPTIONSANDCODE?(RQ3) scanners to check if the source code has been verified. We Proposal has become a primary target for attackers because use the same method used in Section V-C to check the target the proposal’s creator can control its actions. This allows addressisunderthethreatoftheopcodeCREATE2.Weskip attackerstoembedmaliciouscodewithinproposals,aimingto the target address that belongs to the governance contract, as eithergaincontrolovertheDAOortransferitsassets.Inrecent it has been evaluated in Section V-C. years, numerous governance attacks on DAOs have resulted Result. The results of the immutability of the proposal in the loss of millions of dollars [9], [10], [11], [12], [13], code are shown in Table V. We discover that more than 90% [14], [15], [16], [17], [18]. To investigate the security issues (54,108) of the target address in the proposal code are open- in proposals, we first verify the immutability of the proposal source. This suggests that the majority of proposals maintain code by ensuring that the target address in the proposal the clarity of their proposal codes. Among the 5,571 closed- is open-source and was not created using the CREATE2 source contracts, we identify 32 addresses that have been opcode. Next, we check the consistency between the proposal used by members, as indicated by more than 500 transactions descriptionandthecodebyverifyingthatallactionsspecified associated with these specific addresses. This implies that in the code are clearly mentioned in the proposal description. some members place their trust in these contracts despite the noticeable lack of transparency. Regarding CREATE2, A. Immutability of Proposal Code although we do find some target addresses created in the Toassesstheimmutabilityoftheproposalcode,weanalyze CREATE2chains,theycannotdestructthemselvesandthus the target address within the proposal. The target address are not at risk of being mutated. However, the attacker can refers to the contract to be called in the proposal code. It inserttheSELFDESTRUCT orDELEGATECALLinto should be open-source so that members can examine the code thetargetaddress’scodetomakethispotentialthreatfeasible. 10 TABLEV:Resultoftheimmutabilityoftargetaddresswithin proposal code. DAOType Open-source Close-source ByCREATE2 CanSELFDESTRUCT XDAO 28,802 784 8 0 Aragon 17,943 3,080 2 0 Tally 7,384 1,615 97 0 DAOhaus 1,749 78 3 0 DAOstack 2,419 0 0 0 Self-developed 1,382 14 0 0 Total 59,679 5,571 110 0 Fig. 13: Example of extracting the description intention from the proposal description. Sentence identification. We apply the NLTK [73] to split the proposal description into individual sentences. In order to Fig.12:ThemaliciousproposalintheYAMgovernanceattack identifycode-relatedsentencesthatdescribethecode,weusea deceived members with the description from previous pro- fine-tunedBERT[74]forthesentenceclassificationtask.Due posal,claimingitwouldreturnrewardstotheDAO.However, to the absence of a dataset for code-related sentences in DAO theactualcodewastotakecontrolofthegovernancecontract. proposals, we created a dataset comprising 2,200 sentences randomlyextractedfromproposals.Weselect2,000sentences B. Consistency between Description and Code fromthisdatasettofine-tunetheBERTmodel.Theremaining 200sentencesareusedtoevaluatetheperformanceofthefind- The proposal description must fully detail all aspects of tuned BERT. We manually annotate each sentence to indicate the proposal code to ensure that members are well-informed. whether it describes the proposal code. The evaluation of Otherwise, attackers may hide malicious code within an sentence identification is shown in Appendix D. otherwise normal proposal description. For instance, during Intentionextraction.Toextractthedescriptionintentionfrom the YAM DAO governance attack on July 9, 2022 [9], the code-related sentences, we first use Spacy [75] to generate attacker submitted a proposal (as shown in Figure 12) with a a syntactic dependency parse tree and assign part-of-speech description copied from a previous proposal, falsely claiming (PoS) tags to each token within the sentence. The action is to return rewards to the DAO. In reality, the code transferred identified by the token that is labeled as Root in the PoS ownershipofthegovernancecontracttotheattacker,resulting tag. Its lemma either exists in our verb list1, or it aligns with in a loss of 3.1 million dollars once the proposal was passed. synonyms of words within our verb list, as determined by the Approach. To verify the consistency between the proposal synonyms database [76]. Additionally, the token that has a description and code, we first extract the description inten- direct object (dobj) relationship with the Root token is also tion from the proposal description and the code action from identified in the action. The target object is identified by the proposal code. We then check whether the description tokens that have a compound relationship with the action intention and code action are consistent. The description tokens. Lastly, the parameter is identified by the rest tokens intention—identified as (action, target object, parameter)—is with PoS tags such as NOUN, NUM, PROPN, or X. As derived from the proposal description, outlining the functions shown in Figure 13, the action is highlighted in the blue intended to be called or not called in the proposal code. The box, the target object in the yellow box, and the parameter code action is extracted from the proposal code, which shows in the green box. We also identify whether the description the actual functions to be executed. intention originates from negative or positive sentences. To 1) Description Intention Extractor: The description inten- identify these negative sentences, we utilize the BERT to tionisrepresentedasatuple(action,targetobject,parameter). determine whether the code-related sentence is positive or Theactionreferstothefunctionnametobeperformedbythe negative. When extracting from these negative sentences, we proposal code (e.g., transfer, update, approve), target object assign a Negative tag to the description intention. is the target of the function call, and parameter denotes the 2) Code Action Extractor: The code action extractor’s detailed parameters used by the action. We adopt a two-step purpose is to extract the proposal code and enrich its content, process to extract the description intention from the proposal resulting in the code action as illustrated in Table VI. Given description. First, We identify all the code-related sentences that the proposal code is in bytecode format, verifying its that describe the function calls in the proposal code. After consistencywiththedescriptionintentioncouldresultinfalse that, we extract the description intention from these code- negatives. For instance, in Figure 14, the proposal description related sentences based on their grammatical structures. The outlinesitsobjectastransferofARENAtokens.Itischalleng- example procedure of the description intention extractor is ing to determine if the code matches the description directly shown in Figure 13. The sentence in the red box is identified from the bytecode. To address this, we transform the proposal as code-related. Subsequently, during the intention extraction, code into code action to add natural language information. the code-related sentence undergoes parsing to form the cor- Since the proposal code only contains the target address, responding semantic dependency parse tree. The description intention is then extracted based on the part-of-speech tags 1https://drive.google.com/file/d/1I1mPkZMohjC8vINL9JvJSoN8SoymDT and syntactic dependencies in the parse tree. RO 11 TABLE VII: Evaluation results for Inconsistency Detector. Incomplete Type Precision Recall F-1 Incomplete Code Action Function 0.81 0.87 0.84 Incomplete Code Action Parameter 0.83 0.88 0.85 and Action from the description intention. Then, we use the Sentence-BERT model [79] to encode the corresponding sets into semantic vectors. We calculate the cosine similarity betweenthesevectors.Ifthesemanticsimilarityscoreexceeds the threshold, we conclude that the function is mentioned in the description, as the description conveys a similar semantic meaning. The threshold value is set at 0.75, following the official examples from Sentence-BERT [80]. Fig. 14: The example illustrating the extraction and enhance- Incomplete parameter. For this type of inconsistency, we ver- ment of proposal code into code action. ify that every Function Parameter listed in the code action is TABLE VI: Component of code action. describedintheParametersectionofthedescriptionintention. Weassessparametersofthefollowingtypes:address,number, Name Explanation and byte, as well as their corresponding lists. For the address Target Address Contract address to be called type, we first retrieve its name using the method described Target Address symbol Contract address name in natural language Value Value to transfer in the information enhancement section. If we can extract the Function Signature 4 bytes of function ID name, we check whether it appears in the Parameter section Function Name Function name in natural language of the description intention. If the name is not found, we Function Parameter Parameter of the function directly verify whether the address, in hexadecimal format, value, function signature, and calldata from the proposal is mentioned. For the number type, we check if the number code, the rest part of code action needs to be enhanced based is present in the description intention. If the target contract on these data. The target address symbol can be determined is an ERC-20, we adjust the value by dividing it by its by checking the contract address in the public name tag or decimals, following the ERC-20 standard [81]. For the byte the function named symbol() in the contract. To determine the type,sinceitcanrepresenttextinhexadecimalform,wecheck functionname,weattempttofinditeitherfromthecontract whether both the original content and its decoded text appear ABI[77]ofthetargetaddressorfromtheEthereumSignature in the description intention. we determine that the parameter Database [78]. We obtain the contract ABI from the source is incomplete if is not mentioned in the description intention. codeofthetargetaddressviablockchainscanner.Ifthetarget Incorrect proposal. The incorrect proposal is determined by address is closed-source, we turn to the Ethereum Signature identifyingwhetherafunctioninthecodeactionismentioned Database [78]—the largest database mapping function signa- byadescriptionintentiontaggedasNegative.Weusethesame turebacktofunctionname—forqueryingthefunctionname. methodappliedindetectingincompletefunctionsbychecking Once the function name is extracted, we can decode the whether the semantic similarity between the function in the calldata into function parameter, due to the function name code action and the description intention (tagged as Negative containing the sequence and types of each parameter. If we by Intention extraction) exceeds the threshold. are unable to locate the information, we will leave it empty. To evaluate the performance of our Inconsistency Detector, 3) Inconsistency Detector: We determine 5 types of incon- we randomly selected 1,500 functions, containing 3,122 pa- sistency between the description intention and code action. rameters. We manually labeled the results for each function Lack of description intention. We extract the code action and parameter. The evaluation results are shown in Table VII. from the proposal code, but if we are unable to find any For incomplete functions, the detector achieved a precision corresponding description intention, we classify the proposal of 0.81 and a recall of 0.87. False positives occurred be- as lacking description intention. Specifically, if we fail to cause BERT struggled to correctly interpret the relationships extract the description intention from the proposal description between words with similar semantic meanings, particularly or if the description is missing altogether, we determine that whendescriptionscontainedonlyafewnouns.Falsenegatives the proposal lacks description intention. arose due to differences in word meanings between the real Lackof codeaction.Weextractthedescriptionintentionfrom world and the blockchain context. For incomplete parameters, theproposaldescriptionbutfailtofindanycorrespondingcode we achieved a precision of 0.83 and a recall of 0.88. False action. We check whether the proposal contains the proposal positives were caused when proposal descriptions used URLs code. If it does not, we determine the lack of code action. todescribefunctionparameters,whilefalsenegativesoccurred Incomplete function. In this type of inconsistency, the func- due to misleading parameter names. tion present in the code action is not mentioned in the Result. The results of the 5 types of inconsistency are description intention. To address this, we compare the se- shown in Table VIII. We excluded proposals from platform mantic similarity between the code action and the description XDAO and the self-developed MakerDAO, as these 2 types intention. We first extract the Target Address Symbol and of DAOs do not support proposals that include descriptions. Function Name from the code action, and the Target Object Instead, they require members to submit code directly to the

12 TABLE VIII: Result of consistency between description and VIII. DISCUSSION code.ThedescriptionintentionisshortforDI andcodeaction A. Threat to Validity is short for CA. Complete DAO data. We have employed the following ConsistencyType Aragon Tally DAOhaus DAOstack Self-developed Total method to collect a comprehensive DAO dataset. First, we Normal 968 1,328 12 671 39 3,018 LackofDI 18,581 2,401 698 29 333 22,042 collect DAO data from various sources, including previous LackofCA 893 38 0 1,453 0 2,384 Incomplete 581 5,232 1,117 266 1,072 8,268 studies[36],[26],aswellasfromwell-knownindustrydataset –Function 659 7,010 1,130 212 504 9,515 DeepDAO [8]. Second, we expand our collection to include –Parameter 17,166 23,451 3,065 375 1,450 45,507 Incorrect 0 0 0 0 0 0 DAOsfromEthereumand8otherpopularblockchains.Third, Proposal 21,023 8,999 1,827 2,419 1,250 35,518 Function 20,273 25,184 3,175 616 2,614 51,862 we gather data from both websites and blockchains to ensure Parameter 30,424 33,951 3,513 745 2,803 71,436 the data completeness. As a result, our dataset, comprising over 3,000 DAOs, 200 websites, and 65,000 proposals, is the most comprehensive DAO dataset to date. The findings TABLE IX: Classification of the collected real-world gover- derived from this dataset can be considered representative of nance attack incidents. The description intention is short for the entire DAO ecosystem. However, there may still be some DI and code action is short for CA. self-developedDAOsorplatformsthatwerenotcaptured.Our Incidents Date AttackResult ExpectLost ProposalConsistency approachcanbeappliedtosuchDAOsoncetheyprovidetheir TrueSeigniorageDollar[14] Mar2021 Successed $16K LackofDI governance contract address and documentation website. Yuan[17] Sep2021 Successed $250K LackofDI Venus[86] Sep2021 Successed $250K LackofDI DAOs from non-EVM-compatible chains. According to BuildFinance[16] Feb2022 Successed $470K LackofDI FortressProtocol[12] May2022 Successed $3M IncompleteParameter statistics from DefiLlama [91], EVM-compatible chains cur- Beanstalk[18] Apr2022 Successed $182M IncompleteFunction Audius[11] Jul2022 Successed $1.1M LackofDI rentlydominatetheblockchainecosystem,accountingforover YAM[9] Jul2022 Blocked $2.1M IncompleteFunction SwerveFinance[87] Mar2023 Successed $1.3M LackofDI 85% of the Total Value Locked (TVL) across all blockchains. TornadoCash[13] May2023 Successed $2M CodeMutability AtlantisLoans[88] Jun2023 Successed $1M LackofDI Therefore, we primarily applied our approach to EVM- BIGCAP[90] Sep2023 Blocked $45K IncompleteFunction IndexedFinance[89] Nov2023 Blocked $158K LackofDI compatible chains. However, aside from the immutability of contracts, our approach and insights are not solely dependent on EVM-specific features. Thus, our approach can be applied to non-EVM-compatible chains as well. governance contract as a proposal, which could interfere with Off-chain governance DAOs. In off-chain governance, theaccuracyofouranalysis.Ourresultssuggestthatmembers the governance process takes place on the website, where currently do not pay sufficient attention to proposals. Of the memberssubmitproposalsandcasttheirvotes.Theexecution 35,518 proposals analyzed, 24,426 either lack a description oftheseproposalsiscarriedoutbytheDAOdevelopersrather of the proposal code or only contain a description without than being automatically triggered by smart contracts [32], correspondingcode.Furthermore,amongthe11,092proposals [33]. According to the definition of DAOs provided by that do include both a description and code, 8,268 are found Ethereum [1] and the DAO Model Law [30], DAOs must be to be incomplete, either lacking an explanation about the governed by smart contracts. Therefore, off-chain governance functions or detailed parameters in the functions. DAOs fall outside of our scope. Real-World Attack Cases Detection. To assess whether our approach is capable of detecting real-world malicious B. Limitations proposals, we have gathered reports of DAO governance Querying DAO Documentation In Section VI (RQ2), attackcasesfromthefollowingsources:Slowmist[82],Cryp- our method leverages LLM to verify whether the provided toSec [83], Rekt [84], and Twitter [85]. We total collected 11 DAO documentation aligns with the requirements outlined DAOgovernanceattackcases[17],[14],[16],[18],[11],[86], in the DAO model laws. However, due to current token [9], [12], [87], [13], [88], [89], [90]. Upon examining these limitations in LLMs, large documents must be divided into malicious proposals with our approach, we identified all 13 smaller segments, and full-length rule descriptions with de- proposals as 8 malicious proposals due to lack of description tailed explanations from the DAO model laws cannot be intention, 3 proposals due to incomplete function, 2 proposals directlyutilized.Toaddressthesechallenges,weintegrateCoT with incomplete parameter, and 1 proposal is subjected to reasoningtoenhancetheperformanceofLLMs.Despitethese mutability of proposal code. efforts, advancements in LLMs that support larger content sizes, combined with the application of prompt engineering Answer to RQ3: Although most proposal code is open- techniques,areanticipatedtoimprovetheperformofsemantic source and can be reviewed by members, approximately search. 10% (5,571) of proposal code is closed-source, making Proposal Description and Code Consistency In Section it difficult for members to scrutinize. Among the 35,518 VII-B(RQ3),ourmethodevaluatestheconsistencybetweena proposals analyzed, 32,500 (about 91%) fail to provide proposal’s description and its code by extracting the descrip- consistentdescriptionsandcorrespondingcode.Thisincon- tion intent and the code actions, then identifying 5 types of sistencyhighlightswhyattackersfrequentlytargetproposals inconsistencies. However, this approach may result in some during the governance process. loss of information from both the code and the description. To address this limitation, we could involve fine-tuning LLM 13 usingthecurrentinconsistencyresultstoimprovingtheability design principles of DAOs from off-chain voting platform to detect inconsistencies with greater accuracy. Snapshot. Liu et al.[23] focused on voting behavior in DAO governance. Dotan et al.[22] disclosed the centralized voting IX. IMPLICATIONSANDSUGGESTIONS. nature of four DAOs and explained the existing governance attack incidents. The above research primarily focused on Based on our research findings, we recommend that DAO partial aspects such as voting within the DAO governance platforms ensure all DAOs established on their platforms framework, and their datasets are limited, no larger than adhere to the principles of decentralized governance, rather 1,000 DAOs. Our methodology analyzes the security issues than allowing developers to optionally support it. Developers across both on-chain and off-chain parts of the governance should be required to disclose all privileged addresses to their framework. The security threats we studied have not been membersormandatethatallprivilegedfunctionsbecontrolled explored in previous research. by the governance contract. Additionally, they should provide Smart contracts analysis. Smart contracts have gained complete documentation to facilitate member participation in popularity for facilitating trustless code execution on the the governance process. Blockchain scanners, such as Ether- blockchain. However, with the increasing usage of smart scan, should label contracts that are deployed using the CRE- contracts, they have become targets for attacks. Numerous ATE2 opcode. In response to the observed inconsistencies in tools have been developed for the analysis of smart contracts. proposals,wesuggestthatDAOsenforceconsistencybetween Some notable examples include Mythril [98], Manticore [99], proposal descriptions and the actual code. Additionally, tools and Oyente [100]. Pied-Piper [58] proposed a hybrid analysis should be developed to automatically supplement proposal methodthatcombinesdataloganalysisanddirectedfuzzingto descriptions with any missing code and explanations. detectpotentialbackdoorthreatsinERCtokencontractsinor- dertoenhancesmartcontractsecurity.Beyondthedirectanal- X. FEATUREWORKS ysis of bytecode, binary lifter tools such as Gigahorse [101] AutomateDAOReinforcementOurmethodefficientlyand transform the bytecode into a higher-level, function-based, accurately identifies issues within the governance process. three-address representation. Our method targets the detection However, it currently lacks the capability to automatically of security issues within governance contracts and can be generate patches to address these issues. Future work could integratedwithexistingtoolstoenhancethesecurityofdApps. integratestaticanalysistechniquesandLLMtoautomatepatch Consistencybetweencodeandnaturallanguagedescrip- generationforgovernancecontracts.Thisapproachcouldalso tion. The consistency between the code and natural language beextendedtoautomaticallygeneratetherequiredDAOdocu- description has been well-studied [102], [103], [104], [105], mentation, ensuring sufficient and accurate documentation for [106], [107]. They primarily concentrate on Java code and all six rules. Additionally, the method could automate the API documentation, which are well-written and focused on completion of proposal descriptions based on the provided describing code behavior. DocCon [108] detects inconsis- proposal code, fostering a more robust and transparent DAO tencies between documentation and the corresponding code governance ecosystem. for Solidity smart contract libraries. Compared with Doccon, Governance Procee Attack Detection Our work identifies our method targets different research questions. Our natural several vulnerabilities within the DAO governance process, language description comes from proposal description, which such as privileged functions in governance contracts and lacks structured information such as tags in the comments inconsistencies between proposal descriptions and their code. or API document. Additionally, the proposal description en- Future work could leverage these identified issues to develop compasses a broader scope instead of only describing the toolsthathelpDAOdevelopersandmembersdetectmalicious code behavior. The code in our method is the bytecode, DAOs or proposals. Such tools could play a critical role in not the Solidity source code, which lacks code information preventingprevalentattacksagainstDAOs,enhancingsecurity like variable name. Furthermore, our code size is extremely and trust in decentralized governance frameworks. limited, containing only several bytes and the function call parameters rather than the full code logic. XI. RELATEDWORK DAO.RecentresearchonDAOfocusesontheDAOactivity XII. CONCLUSION analysis [20], [21], [7], [92], [93], [22], DAO definition and application [94], [95], and DAO governance method [28], In this paper, we conduct a comprehensive study of the [96], [97]. However, they do not concentrate on the security issues in the DAO governance process components. We con- aspects of DAO governance. As for empirical studies that struct the dataset contains 3,348 DAOs, 144 documentation, do focus on security within DAO governance: Feichtinger et and 65,436 proposals across 9 different blockchains. Then we al.[24] provided analysis on 21 on-chain governance DAOs, apply our novel methods to automatically identifying issues specifically focusing on the voting process within the gover- within these components. For Impartial Decentralized Gover- nance procedure. Fritsch et al.[27] focused on the distribution nance in the Governance Contract, we found that out of the of voting power among three popular DAOs: Compound, 3,348 DAOs analyzed, 176 could potentially be manipulated Uniswap, and ENS. Sharma et al.[25] analyzed the existing by developers, with one DAO’s governance contract logic centralized risk of 10 existing DAOs and the corresponding being directly alterable by its developer. This suggests that members voting behaviors. Wang et al.[26] analyzed the not all active DAOs can be trusted to maintain impartial 14 decentralized governance. For Sufficient Governance Process [22] M. Dotan, A. Yaish, H.-C. Yin, E. Tsytkin, and A. Zohar, “The Documentation, only 71 out of 3,348 DAOs provide any form vulnerablenatureofdecentralizedgovernanceindefi,”inProceedings ofthe2023WorkshoponDecentralizedFinanceandSecurity,2023. of documentation for their members, and none offer complete [23] X.Liu,“Theillusionofdemocracy?anempiricalstudyofdaogover- documentation.However,morecomprehensivedocumentation nanceandvotingbehavior,”AnEmpiricalStudyofDAOGovernance significantly enhances member participation in the DAO gov- andVotingBehavior(May8,2023),2023. [24] R. Feichtinger, R. Fritsch, Y. Vonlanthen, and R. Wattenhofer, “The ernanceprocess.Finally,forProposalConsistency,whilemost hiddenshortcomingsof(d)aos–anempiricalstudyofon-chaingover- proposal code is open-source and available for review by nance,”arXivpreprintarXiv:2302.12125,2023. members, approximately10% (5,571)of target addresswithin [25] T. Sharma, Y. Kwon, K. Pongmala, H. Wang, A. Miller, D. Song, andY.Wang,“Unpackinghowdecentralizedautonomousorganizations proposal code are closed-source, making them difficult for (daos)workinpractice,”arXivpreprintarXiv:2304.09822,2023. memberstoscrutinize.Amongthe35,518proposalsanalyzed, [26] Q.Wang,G.Yu,Y.Sai,C.Sun,L.D.Nguyen,S.Xu,andS.Chen,“An 32,500 (about 91%) fail to provide consistent descriptions empirical study on snapshot daos,” arXiv preprint arXiv:2211.15993, 2022. and corresponding code. This might explain why attackers [27] R. Fritsch, M. Mu¨ller, and R. Wattenhofer, “Analyzing voting power frequently target proposals during the governance process. in decentralized governance: Who controls daos?,” arXiv preprint arXiv:2204.01176,2022. [28] T.DursunandB.B.U¨stu¨ndag˘,“Anovelframeworkforpolicybased ACKNOWLEDGMENTS on-chaingovernanceofblockchainnetworks,”InformationProcessing &Management,2021. We would like to thank the anonymous reviewers for their [29] J. Wei, X. Wang, D. Schuurmans, M. Bosma, F. Xia, E. Chi, Q. V. insightfulcommentsandvaluablefeedback.Thisworkissup- Le, D. Zhou, et al., “Chain-of-thought prompting elicits reasoning in ported by the National Natural Science Foundation of China large language models,” Advances in Neural Information Processing Systems,2022. (No. 62372218 , No. U24A6009, No. 62172301) and Hong [30] “DAOModelLaw.”https://coala.global/daomodellaw/,2023. Kong RGC Projects (PolyU15224121, PolyU15231223). [31] “Compounddocuments.”https://docs.compound.finance/v2/,2023. [32] W.Reijers,I.Wuisman,M.Mannan,P.DeFilippi,C.Wray,V.Rae- Looi, A. Cubillos Ve´lez, and L. Orgad, “Now the code runs itself: REFERENCES On-chainandoff-chaingovernanceofblockchaintechnologies,”Topoi, 2021. [1] V.Buterinetal.,“Anext-generationsmartcontractanddecentralized [33] P. De Filippi and G. McMullen, Governance of blockchain sys- applicationplatform,”whitepaper,2014. tems: Governance of and by Distributed Infrastructure. PhD thesis, [2] “Uniswap.”https://uniswap.org/,2023. BlockchainResearchInstituteandCOALA,2018. [3] “CoinMarketCap.”https://coinmarketcap.com/view/dao/,2023. [34] “TheModelLaw.”https://uncitral.un.org/en/texts/arbitration/modellaw/ [4] “XDAO.”https://docs.xdao.app/,2023. commercial arbitration,2023. [5] “Aragon.”https://legacy-docs.aragon.org/aragon/readme,2023. [35] “Synthetify governance attack.” https://blockworks.co/news/ [6] “Daohaus.”https://daohaus.club/,2023. solana-exploit-dao-hacker,2024. [7] Y. Faqir-Rhazoui, J. Arroyo, and S. Hassan, “A comparative analysis [36] J.Arroyo,D.Davo´,E.Mart´ınez-Vicente,Y.Faqir-Rhazoui,andS.Has- of the platforms for decentralized autonomous organizations in the san,“Dao-analyzer:Exploringactivityandparticipationinblockchain ethereum blockchain,” Journal of Internet Services and Applications, organizations,” in Companion Publication of the 2022 Conference 2021. on Computer Supported Cooperative Work and Social Computing, [8] “Deepdao.”https://deepdao.io/organizations,2023. pp.193–196,2022. [9] “Yam attack analysis.” https://decrypt.co/104848/ [37] “Daostack.”https://daostack.io/,2023. yam-finance-safeguards-3-1m-treasury-governance-attack,2023. [38] “Tally.”https://www.tally.xyz/,2023. [10] “Potential curve dao attack.” https://gov.curve.fi/t/ [39] “Ethereum.”https://ethereum.org/en/,2024. the-curve-emergency-dao-has-killed-the-usdm-gauge/2307,2023. [40] “BSC.”https://www.bnbchain.org/en,2024. [11] “Audius dao attack.” https://cointelegraph.com/news/ [41] “Polygon.”https://www.polygon.com/,2024. hackerdrains-1-08m-from-audius-following-passing-of-malicious-proposal, [42] “Fantom.”https://fantom.foundation/,2024. 2023. [12] “Fortressprotocolattack.”https://rekt.news/fortress-rekt/,2023. [43] “Gnosis.”https://www.gnosis.io/,2024. [13] “Attacker hijacks Tornado Cash governance via [44] “Avalanche.”https://www.avax.network/,2024. malicious proposal.” https://cointelegraph.com/news/ [45] “Arbitrum.”https://arbitrum.io/,2024. attacker-hijacks-tornado-cash-governance-via-malicious-proposal, [46] “Cronos.”https://cronos.org/,2024. 2024. [47] “Optimism.”https://www.optimism.io/,2024. [14] “True seigniorage dollar attack.” https://twitter.com/TrueSeigniorage/ [48] “Curve.”https://curve.fi/,2023. status/1370956726489415683,2023. [49] “MakerDAO.”https://makerdao.com/en/,2023. [15] “Pride punks dao attack.” https://twitter.com/BoringSecDAO/status/ [50] “Public name tags.” https://info.etherscan.com/ 1556150989140373504,2023. public-name-tags-labels/,2023. [16] “Build Finance suffers from governance attack.” https://cryptoslate. [51] “Selenium.”https://www.selenium.dev/,2023. com/build-finance-dao-hostile-takeover-treasury-drained/,2023. [52] “Eventlogs.”https://info.etherscan.com/what-is-event-logs/,2023. [17] “Yuan.finance attack report.” https://medium.com/yuan-finance/ [53] “How to set up on-chain governance.” https://docs.openzeppelin.com/ yuan-governance-attack-update-and-migration-plan-3b5d949ab466, contracts/4.x/governance,2023. 2023. [54] “Evmcfgbuilder.”https://github.com/crytic/evm cfg builder,2023. [18] “Beanstalk Exploit — A Simplified Post- [55] J. Xu, K. Paruch, S. Cousaert, and Y. Feng, “Sok: Decentralized Mortem Analysis.” https://medium.com/coinmonks/ exchanges(dex)withautomatedmarketmaker(amm)protocols,”ACM beanstalk-exploit-a-simplified-post-mortem-analysis-92e6cdb17ace, ComputingSurveys,vol.55,no.11,pp.1–50,2023. 2023. [56] L. Zhou, X. Xiong, J. Ernstberger, S. Chaliasos, Z. Wang, Y. Wang, [19] “VPANDADAORugPull.”https://twitter.com/DeDotFiSecurity/status/ K.Qin,R.Wattenhofer,D.Song,andA.Gervais,“Sok:Decentralized 1669859985113731082,2023. finance (defi) attacks,” in 2023 IEEE Symposium on Security and [20] Y.Faqir-Rhazoui,M.-J.Ariza-Garzo´n,J.Arroyo,andS.Hassan,“Ef- Privacy(SP),pp.2444–2461,IEEE,2023. fectofthegaspricesurgesonuseractivityinthedaosoftheethereum [57] M.Fro¨wisandR.Bo¨hme,“Detectingprivilegedpartiesonethereum,” blockchain,” in Extended Abstracts of the 2021 CHI Conference on 2022. HumanFactorsinComputingSystems,2021. [58] F. Ma, M. Ren, L. Ouyang, Y. Chen, J. Zhu, T. Chen, Y. Zheng, [21] Y.ElFaqir,J.Arroyo,andS.Hassan,“Anoverviewofdecentralized X. Dai, Y. Jiang, and J. Sun, “Pied-piper: Revealing the backdoor autonomous organizations on the blockchain,” in Proceedings of the threatsinethereumerctokencontracts,”ACMTransactionsonSoftware 16thinternationalsymposiumonopencollaboration,pp.1–8,2020. EngineeringandMethodology,2023. 15 [59] “Ethereum Constantinople/St. Petersburg Upgrade [94] E. Baninemeh, S. Farshidi, and S. Jansen, “A decision model for de- Announcement.” https://blog.ethereum.org/2019/02/22/ centralizedautonomousorganizationplatformselection:Threeindustry ethereum-constantinople-st-petersburg-upgrade-announcement,2023. casestudies,”arXivpreprintarXiv:2107.14093,2021. [60] “Eip-1014: Skinny create2.” https://eips.ethereum.org/EIPS/eip-1014, [95] L.Liu,S.Zhou,H.Huang,andZ.Zheng,“Fromtechnologytosociety: 2023. An overview of blockchain-based dao,” IEEE Open Journal of the [61] M. Fro¨wis and R. Bo¨hme, “Not all code are create2 equal,” in 6th ComputerSociety,2021. WorkshoponTrustedSmartContracts(WTSC’22),2022. [96] C. Calcaterra, “On-chain governance of decentralized autonomous [62] “Proxy contracts.” https://info.etherscan.com/what-is-proxy-contract/, organizations: Blockchain organization using semada,” Available at 2023. SSRN3188374,2018. [63] “Tenderly.”https://tenderly.co/,2023. [97] X.Fan,Q.Chai,andZ.Zhong,“Multav:Amulti-chaintokenbacked [64] S. Boss, “Daos: Legal and empirical review,” Blockchain & Society voting framework for decentralized blockchain governance,” in Inter- PolicyResearchLabResearchNodes,2023. nationalConferenceonBlockchain,2020. [98] B. Mueller, “Smashing ethereum smart contracts for fun and real [65] “Chatgpt.”https://openai.com/blog/chatgpt,2023. profit,”HITBSECCONFAmsterdam,2018. [66] Y.Tan,D.Min,Y.Li,W.Li,N.Hu,Y.Chen,andG.Qi,“Evaluation [99] M. Mossberg, F. Manzano, E. Hennenfent, A. Groce, G. Grieco, of chatgpt as a question answering system for answering complex J. Feist, T. Brunson, and A. Dinaburg, “Manticore: A user-friendly questions,”arXivpreprintarXiv:2303.07992,2023. symbolic execution framework for binaries and smart contracts,” in [67] N.Bian,X.Han,L.Sun,H.Lin,Y.Lu,andB.He,“Chatgptisaknowl- 201934thIEEE/ACMInternationalConferenceonAutomatedSoftware edgeable but inexperienced solver: An investigation of commonsense Engineering(ASE),pp.1186–1189,IEEE,2019. probleminlargelanguagemodels,”arXivpreprintarXiv:2303.16421, [100] L. Luu, D.-H. Chu, H. Olickel, P. Saxena, and A. Hobor, “Making 2023. smart contracts smarter,” in Proceedings of the 2016 ACM SIGSAC [68] Q.Zhong,L.Ding,J.Liu,B.Du,andD.Tao,“Canchatgptunderstand conferenceoncomputerandcommunicationssecurity,2016. too?acomparativestudyonchatgptandfine-tunedbert,”arXivpreprint [101] N. Grech, L. Brent, B. Scholz, and Y. Smaragdakis, “Gigahorse: arXiv:2302.10198,2023. thorough, declarative decompilation of smart contracts,” in 2019 [69] R.Omar,O.Mangukiya,P.Kalnis,andE.Mansour,“Chatgptversus IEEE/ACM 41st International Conference on Software Engineering traditionalquestionansweringforknowledgegraphs:Currentstatusand (ICSE),pp.1176–1186,IEEE,2019. future directions towards knowledge graph chatbots,” arXiv preprint [102] L. Yu, X. Luo, J. Chen, H. Zhou, T. Zhang, H. Chang, and H. K. arXiv:2302.06466,2023. Leung,“Ppchecker:Towardsaccessingthetrustworthinessofandroid [70] S.Zheng,J.Huang,andK.C.-C.Chang,“Whydoeschatgptfallshort apps’ privacy policies,” IEEE Transactions on Software Engineering, inansweringquestionsfaithfully?,”arXivpreprintarXiv:2304.10513, 2018. 2023. [103] B.Andow,S.Y.Mahmud,W.Wang,J.Whitaker,W.Enck,B.Reaves, [71] “Claude.”https://claude.ai/,2023. K.Singh,andT.Xie,“{PolicyLint}:investigatinginternalprivacypol- [72] D.Das,P.Bose,N.Ruaro,C.Kruegel,andG.Vigna,“Understanding icycontradictionsongoogleplay,”in28thUSENIXsecuritysymposium securityissuesinthenftecosystem,”inProceedingsofthe2022ACM (USENIXsecurity19),2019. SIGSACConferenceonComputerandCommunicationsSecurity,2022. [104] D. Torre, S. Abualhaija, M. Sabetzadeh, L. Briand, K. Baetens, [73] S. Bird, E. Klein, and E. Loper, Natural language processing with P. Goes, and S. Forastier, “An ai-assisted approach for checking the Python: analyzing text with the natural language toolkit. ” O’Reilly completeness of privacy policies against gdpr,” in 2020 IEEE 28th Media,Inc.”,2009. InternationalRequirementsEngineeringConference(RE),2020. [74] J.Devlin,M.-W.Chang,K.Lee,andK.Toutanova,“Bert:Pre-training [105] H.ZhongandZ.Su,“Detectingapidocumentationerrors,”inProceed- ofdeepbidirectionaltransformersforlanguageunderstanding,”arXiv ings of the 2013 ACM SIGPLAN international conference on Object preprintarXiv:1810.04805,2018. orientedprogrammingsystemslanguages&applications,2013. [75] “Spacy.”https://github.com/explosion/spaCy,2023. [106] Y.Zhou,R.Gu,T.Chen,Z.Huang,S.Panichella,andH.Gall,“Ana- [76] “Synonym.”https://www.synonym.com/,2023. lyzingapisdocumentationandcodetodetectdirectivedefects,”in2017 [77] “Contract ABI Specification.” https://docs.soliditylang.org/en/v0.8.19/ IEEE/ACM 39th International Conference on Software Engineering abi-spec.html,2023. (ICSE),2017. [78] “EthereumSignatureDatabase.”https://www.4byte.directory/,2023. [107] Y. Zhou, C. Wang, X. Yan, T. Chen, S. Panichella, and H. Gall, [79] N. Reimers and I. Gurevych, “Sentence-bert: Sentence embeddings “Automaticdetectionandrepairrecommendationofdirectivedefectsin usingsiamesebert-networks,”arXivpreprintarXiv:1908.10084,2019. javaapidocumentation,”IEEETransactionsonSoftwareEngineering, [80] “Official sentence-bert examples.” https://github.com/UKPLab/ 2018. sentence-transformers/blob/master/examples/app-lications/clustering/ [108] C.Zhu,Y.Liu,X.Wu,andY.Li,“Identifyingsoliditysmartcontract fast clustering.py#L57,2023. api documentation errors,” in Proceedings of the 37th IEEE/ACM [81] “ERC-20 Token Standard.” https://eips.ethereum.org/EIPS/eip-20, InternationalConferenceonAutomatedSoftwareEngineering,2022. 2023. [82] “SlowMist.”https://www.slowmist.com/,2023. [83] “CryptoSec.”https://cryptosec.info/,2023. [84] “rekt.”https://rekt.news/,2023. [85] “Twitter.”https://twitter.com/home,2023. [86] “Venus protocol prevented hostile takeover attempt.” https://www. cryptotimes.io/venus-protocol-prevented-hostile-takeover-attempt/, 2023. [87] “Defunct swerve finance still subject of 1.3 million live Junjie Ma received the Bachelor degree in Com- governance hack.” https://www.theblock.co/post/222744/ puter Science and Technology from Northeastern defunct-swerve-finance-still-subject-of-1-3-million-live-governance-hack, University, China in 2022. He is currently working 2023. towards the Ph.D. degree under the collaborative [88] “Atlantis loans hack analysis.” https://blog.solidityscan.com/ Ph.D. program in the Department of Computer atlantis-loans-hack-analysis-7f3fb2e295e0,2023. Science and Engineering at Southern University of [89] “Indexed finance dao attack.” https://blockworks.co/news/ Science and Technology and the Department of blackmail-thwarts-90k-dao-attack,2024. ComputingatTheHongKongPolytechnicUniver- [90] “Bigcap dao attack.” https://twitter.com/BIGCAPProject/status/ sity, under the supervision of Prof. Daniel Xiapu 1697958233204490494,2024. Luo, Prof. Wang Qi, and Prof. Fengwei Zhang. [91] “Totalvaluelockedallchains.”https://defillama.com/chains,2023. His current research interests include decentralized [92] O.Rikken,M.Janssen,andZ.Kwee,“Theinsandoutsofdecentralized autonomousorganizationsandblockchainsecurity. autonomousorganizations(daos),”AvailableatSSRN3989559,2018. [93] X. Zhao, P. Ai, F. Lai, X. Luo, and J. Benitez, “Task management in decentralized autonomous organization,” Journal of Operations Management,2022. 16 Muhui Jiang obtained his Ph.D. degree in De- Yajin Zhou is a ZJU 100-Young professor (since partment of Computing from the the Hong Kong 2018), with both the College of Computer Science Polytechnic University. Before coming to PolyU, and Technology and the School of Cyber Science He received his B.Eng. in Department of Software and Technology at Zhejiang University, China. He Engineering, Tongji University in 2016. His cur- earnedhisPh.D.(2015)inComputerSciencefrom rent research interests include blockchain security, NorthCarolinaStateUniversity(Advisor:Prof.Xux- network security, system security and IoT security. ian Jiang), and then worked as a senior security More specifically, He is interested in reverse engi- researcheratQihoo360.Hehaspublishedmorethan neering,binaryanalysis,firmwarerehosting,fuzzing 40 papers, with 7500+ citations (Google Scholar). techniques,andDefisecurity. Two of his papers have been selected to the list of normalizedTop-100securitypaperssince1981.He wasrecognizedastheMostInfluentialScholarAwardHonorableMentionfor his contributions to the field of Security and Privacy (Rank 48 from 2010 - 2019,Rank6from2011-2020).HisjointteamwithCityUniversityofHong Kongwonfirstplaceinthe2019iDashcompetition(SGXTrack).Hiscurrent researchspanssoftwaresecurity,operatingsystemssecurity,hardware-assisted securityandconfidentialcomputing.Heisalsointerestedinemergingareas, e.g., security of smart contracts, decentralized finance (DeFi) security, and undergroundeconomy. Jinan Jiang obtainedhisB.A.degreeinComputer SciencefromUniversityofCalifornia,Berkeley.He iscurrentlyworkingtowardsthePh.D.degreeinthe Department of Computing, The Hong Kong Poly- technic University, under the supervision of Prof. Daniel Xiapu Luo. His current research interests include smart contract analysis and blockchain se- curity. QiWangreceivedtheB.Eng.degreefromtheUni- versityofScienceandTechnologyofChina(USTC) in2007andthePh.D.degreefromTheHongKong UniversityofScienceandTechnology(HKUST)in 2011. From October 2011 to September 2013, he wasanAlexandervonHumboldtPost-DoctoralRe- searcherwithOtto-von-GuerickeUniversityMagde- burg, Magdeburg, Germany. From October 2013 XiapuLuoisaprofessorattheDepartmentofCom- to September 2014, he was a Research Associate putingoftheHongKongPolytechnicUniversity.His with HKUST. He has been with the Department researchfocusesonBlockchainandSmartContracts of Computer Science and Engineering, Southern Security,MobileandIoTSecurity,NetworkSecurity University of Science and Technology, since 2014, where he is currently and Privacy, and Software Engineering with papers a tenured Associate Professor. His research interests include coding theory, publishedintop-tiersecurity,softwareengineering, cryptography,andcombinatorialdesigns. and networking venues. His research led to more than ten best/distinguished paper awards, including ACM CCS’24 Distinguished Paper Award, three ACM SIGSOFT Distinguished Paper Awards in ICSE’24,ISSTA’22andICSE’21,BestDeFiPapers Award 2023, Best Paper Award in INFOCOM’18, Best Research Paper Award in ISSRE’16, etc. and several awards from the industry. He received the BOCHK Science and Technology Innovation Prize (FinTech) for his contribution to blockchain security. He regularly serves in the program committeesoftopsecurityandsoftwareengineeringconferencesandreceived Top Reviewer Award from CCS’22 and Distinguished TPC member Award fromINFOCOM’23andINFOCOM’24. Fengwei Zhang receivedthePh.D.degreeincom- puter science from George Mason University. He is currently an Associate Professor with the De- partment of Computer Science and Engineering, Southern University of Science and Technology (SUSTech). His research interests include systems security, with a focus on trustworthy execution, hardware-assisted security, debugging transparency, transportationsecurity,andplausibledeniabilityen- Yufeng Hu received the Bachelor degree in math- cryption. ematics and finance from Zhejiang University, in 2020.HeiscurrentlyworkingtowardsaPhDdegree in cyberspace Security at Zhejiang University. His researchinterestsincludeblockchainsecurity,smart contractsecurity,anti-moneylaundering,andbinary security.