Existing smart contract vulnerability detection tools suffer from high false positive rates and struggle to determine whether identified vulnerabilities are genuinely exploitable and capable of causing financial loss. To address this limitation, this work proposes V2E, a novel framework that, for the first time, adopts a profit-driven approach to automatically verify exploitability. V2E generates an initial proof-of-concept (PoC) by analyzing vulnerable execution paths, integrates trigger condition validation with economic impact assessment, and employs a feedback-driven iterative refinement mechanism enhanced by large language models to improve PoC quality. Experimental evaluation on 264 manually annotated contracts demonstrates that V2E significantly outperforms existing methods in accurately determining exploitability, thereby substantially reducing the cost of manual verification.

Smart contracts are a critical component of blockchain systems. Due to the large amount of digital assets carried by smart contracts, their security is of critical importance. Although numerous tools have been developed for detecting smart contract vulnerability, their effectiveness remains limited, particularly due to the high false positives included in the reported results. Therefore, developers and auditors are often overwhelmed with manually verifying the reported issues. A fundamental reason behind this is that while a reported vulnerability satisfies specific vulnerable patterns, it may not actually be exploitable, either because the vulnerable code cannot be triggered or it does not result in any financial loss. In this paper, we propose V2E, a new framework for validating whether a reported vulnerability is truly exploitable. The core idea of V2E is to automatically generate executable Proof-of-Concept Exploit (PoC for short), and then assess if the vulnerability could be triggered and incur any real damage (i.e., causing financial loss) by the PoC. While LLMs have shown proficiency in PoC generation, achieving our task is by no means trivial. In detail, it is difficult for LLM to: (1) generate and update PoC to trigger a specific vulnerability, (2) evaluate the PoC's effectiveness to validate exploitable vulnerability. To this end, V2E automates the whole process through a novel combination of PoC generation, validation, and refinement: (1) Firstly, V2E generates targeted PoCs by analyzing potential vulnerability paths. (2) Then, V2E verifies the validity of PoCs through triggerability and profitability analysis. (3) In addition, V2E iteratively refines the generated PoC based on PoC execution feedback, therefore, increasing the chance to confirm the vulnerability. Evaluation on 264 manually labeled contracts shows that V2E outperforms the baseline approach.