Using chatbots to write smart contracts could lead to security vulnerabilities.
ChatGPT has been used to write everything from college applications to wedding speeches .
Now, a growing number of blockchain developers are using AI chatbots to help write smart contracts, but relying on them too much could pose major security risks.
With the right prompt, ChatGPT can create a simple Ethereum smart contract by drawing on pre-existing examples.
For instance, when prompted to create an ERC-20 token called “CCN token” with the symbol “CCN” and an initial supply of 25,000, ChatGPT came up with a basic but functional Solidity contract and step-by-step instructions on how to deploy it.
Even without a background in Ethereum programming, AI tools like ChatGPT have made it easier than ever to write contracts and mint tokens. However, this has raised concerns among security experts.
In comments published in Coin Telegraph, Kang Li, CertiK Chief Security Officer, warned that the ease with which smart contracts can be created using AI tools risks creating a flood of shoddy code.
“ChatGPT will enable a bunch of people that have never had all this training to jump in, they can start right now and I start to worry about morphological design problems buried in there,” he said.
When it comes to security, Li observed that AI-coded contracts could create major vulnerabilities. “You write something and ChatGPT helps you build it but because of all these design flaws it may fail miserably when attackers start coming,” he said.
Ultimately, AI tools have already revolutionized the way programmers write, test, and analyze their code. But the technology is best used to enhance efficiency and can’t replace an education in the fundamentals of computer science.
Away from ChatGPT, AI assistants like GitHub’s Copilot have been specifically developed with software developers in mind.
Such tools usually integrate into popular code editors, often incorporating auto-complete style suggestions to help developers write code more efficiently and features to identify potential bugs and mistakes.
SettleMint, a low-code blockchain platform, introduced an ‘AI Genie ‘ to assist crypto developers in creating and testing smart contracts, automatically detecting and eliminating vulnerabilities.