The online crypto community has discovered a new artificial intelligence (AI)-based chatbot that can either be used to warn developers about vulnerabilities in smart contracts or teach hackers how to exploit them.
ChatGPT, a chatbot tool developed by AI research firm OpenAI, was released on November 30 and was designed to interact “conversatively” and answer follow-up questions and even admit mistakes, according to the company.
However, some Twitter users have realized that the bot could potentially be used for both good and evil, as it can be called upon to uncover loopholes in smart contracts.
Stephen Tong, co-founder of smart contract testing firm Zellic, asked ChatGPT to help find an exploit by providing some smart contract code.
omg wtf pic.twitter.com/I2hE0e5ppq
— cts (@gf_256) December 1, 2022
The bot responded by noting that the contract had a reentrancy vulnerability that could allow an exploiter to repeatedly withdraw funds from the contract, and provided an example of how to fix the issue.
This similar type of exploit was used by decentralized finance (DeFi) platform attacker Fei Protocol in May, who made off with $80 million.
Others have shared results from the chatbot after prompting it with vulnerable smart contracts. Twitter user devtooligan shared a screenshot of ChatGPT containing the exact code needed to fix a Solidity smart contract vulnerability, commenting, “We’ll all be out of work.”
omg seriously overwhelmed
We will all be unemployed pic.twitter.com/iwjjOTPDLY
— devtooligan (@devtooligan) December 1, 2022
With the tool, Twitter users have already started joking that they can now start businesses Security check easily by using the bot to test for vulnerabilities in smart contracts.
I’m excited to announce that I’m moving up the ranks for my new smart contract consultancy.
I’ll just throw ChatGPT to fuzz your code. https://t.co/gSFyABd9M6— Eddie (⬅️,) (@0x_eddie) December 1, 2022
Cointelegraph tested ChatGPT and found that it can also create a sample smart contract from a simple language prompt, generating code that appears to offer staking rewards for Ethereum-based non-fungible tokens (NFTs).
ChatGPT Solidity smart contract example for NFT staking rewards from a simple command prompt. Image: Cointelegraph.
Despite the chatbot’s ability to test smart contract functionality, it wasn’t designed solely for that purpose, and many on Twitter have done so recommended Some of the smart contracts it generates have issues.
The tool can also provide different answers depending on how prompted it is, so it’s not perfect.
Related: Secret Network fixes network vulnerability after white hat disclosure
OpenAI CEO Sam Altman tweeted that the tool was “an early demo” and is “very much a research version”.
He opined that “voice interfaces are going to be a big deal” and tools like ChatGPT will “soon” be able to answer questions and offer advice, with later iterations completing tasks or even discovering new knowledge.