This study addresses critical security risks in DeFi staking contracts arising from exploitable logical flaws that enable reward manipulation or duplicate claims. It presents the first systematic characterization of six distinct categories of such staking logic vulnerabilities and introduces SSR, a novel static analysis tool powered by large language models (LLMs). SSR achieves high-precision automated detection by integrating semantic features with traditional static analysis techniques. Evaluated on a real-world dataset, SSR attains a precision of 92.31%, recall of 87.92%, and an F1-score of 88.85%. A large-scale scan of 15,992 smart contracts revealed that 3,557 (22.24%) contain at least one of the defined vulnerability types, demonstrating the method’s effectiveness and practical relevance in identifying widespread security weaknesses in DeFi protocols.

Decentralized Finance (DeFi) staking is one of the most prominent applications within the DeFi ecosystem, where DeFi projects enable users to stake tokens on the platform and reward participants with additional tokens. However, logical defects in DeFi staking could enable attackers to claim unwarranted rewards by manipulating reward amounts, repeatedly claiming rewards, or engaging in other malicious actions. To mitigate these threats, we conducted the first study focused on defining and detecting logical defects in DeFi staking. Through the analysis of 64 security incidents and 144 audit reports, we identified six distinct types of logical defects, each accompanied by detailed descriptions and code examples. Building on this empirical research, we developed SSR (Safeguarding Staking Reward), a static analysis tool designed to detect logical defects in DeFi staking contracts. SSR utilizes a large language model (LLM) to extract fundamental information about staking logic and constructs a DeFi staking model. It then identifies logical defects by analyzing the model and the associated semantic features. We constructed a ground truth dataset based on known security incidents and audit reports to evaluate the effectiveness of SSR. The results indicate that SSR achieves an overall precision of 92.31%, a recall of 87.92%, and an F1-score of 88.85%. Additionally, to assess the prevalence of logical defects in real-world smart contracts, we compiled a large-scale dataset of 15,992 DeFi staking contracts. SSR detected that 3,557 (22.24%) of these contracts contained at least one logical defect.