Submitted:
10 April 2026
Posted:
10 April 2026
You are already at the latest version
Abstract
Keywords:
1. Introduction
2. Background and Related Work
2.1. The Transition to Smart Contract DevSecOps
2.2. Security vs. Performance Trade-offs in CI/CD
2.3. The Gap: Economic and Execution Optimization
3. Threat Modeling and DeFi Attack Vectors
3.1. Traditional Smart Contract Vulnerabilities
3.2. The Flash Loan Mechanism
3.3. Price Manipulation and AMM Exploits
3.4. Non-Price Flash Loan Attacks
3.5. Implications for CI/CD Testing

4. Architecture of the Proposed Framework
4.1. Data Flow Between Framework Components
4.2. Workflow of the Proposed Framework
4.3. Module 1: The Pre-Execution AI-Driven Security Gate
4.3.1. Semantic Embedding Extraction via CodeBERT
4.3.2. Hybrid Structural and Sequential Feature Engineering
4.4. Module 2: The Test-Suite Reduction Engine
| Algorithm 1: Pattern-Based Test Suite Reduction |
|
4.5. Module 3: Gas-Aware Dynamic Execution
5. Mathematical Formulation and Evolutionary Mechanics of Gas-Aware Resource Allocation
5.1. The Multi-Objective Optimization Problem
5.2. Evolutionary Mechanics: NSGA-II in CI/CD
| Algorithm 2: Gas-Aware Optimization (NSGA-II) |
|
5.3. Hyperparameter Configuration for Web3 Optimization
5.4. Computational Complexity Analysis
6. Cross-Chain Adaptability: Layer 2 (L2) Scaling and Gas Economics
6.1. The Volatility of L1 Gas Economics
6.2. The Layer-2 (L2) Paradigm Shift
6.3. Adapting the CI/CD Pipeline for L2 Rollups
7. Experimental Results
7.1. Experimental Setup
7.2. Baseline CI/CD Pipeline
7.3. Optimized CI/CD Framework
7.4. Performance Comparison
7.5. Performance Improvement Analysis
| Performance Metric | Improvement |
|---|---|
| Gas Consumption Reduction | 92.95% |
| Execution Time Reduction | 92.56% |
| Fault Detection Retention | 97.8% of baseline |
7.6. Result Visualization
7.7. Feasibility of Advanced Vulnerability Localization
7.8. Post-Deployment Anomaly Detection Viability
8. Practical Deployment Scenario
9. Threats to Validity
10. Limitations and Future Work
11. Conclusions
References
- Guruprakash etal. A Framework for Platform-Agnostic Blockchain and IoT Based Insurance System. IEEE Access 2024, vol. 12, 64079–64102. [CrossRef]
- Reyes, A.; Jimeno, M.; Villanueva-Polanco, R. Continuous and Secure Integration Framework for Smart Contracts. Sensors 2023, vol. 23(no. 1), 541. [Google Scholar] [CrossRef] [PubMed]
- Chattopadhyay, B. C. Secure DevOps in Cloud-Native Systems: Integrating Cyber Intelligence, Blockchain, and AI for Zero-Trust Enterprise Applications. International Journal of Multidisciplinary Research in Science, Engineering, Technology & Management 2025. [Google Scholar]
- Saleh, S. M.; Madhavji, N.; Steinbacher, J. Towards a Blockchain-Based CI/CD Framework to Enhance Security in Cloud Environments. In University of Western Ontario & IBM Canada Lab; 2024. [Google Scholar]
- Dinh, N.; Hoang, V. T.; Van, B. N.; Huong, T. H.; Hong, H. D. T.; Trung, H. N.; Trung, K. T. Enhancing Smart Contract Security Through DevSecOps: An Adaptive Approach for Vulnerability Detection. IEEE Access 2025, vol. 13, 159454–159485. [Google Scholar] [CrossRef]
- Alkhazi, B.; Alipour, A. Multi-objective test selection of smart contract and blockchain applications. PeerJ Computer Science 2023, vol. 9, e1587. [Google Scholar] [CrossRef] [PubMed]
- Górski, T. The k+1 Symmetric Test Pattern for Smart Contracts. Symmetry 2022, vol. 14(no. 8), 1686. [Google Scholar] [CrossRef]
- Górski, T. Pattern-Based Test Suite Reduction Method for Smart Contracts. Applied Sciences vol. 15(no. 2), 620, 2025. [CrossRef]
- Poonacha, R. K. Integration of Security Vulnerability Tools and Kubernetes Deployment to Obtain an Enhanced CI/CD Pipeline for a Blockchain Based Decentralized Application (DApp). MSc Research Project, 2024; National College of Ireland. [Google Scholar]
- Nasar, M. Optimizing Software Quality through Integrated Approaches: Combining Test Case Prioritization, Defect Prediction, and Resource Allocation. International Journal of Scientific Development and Research (IJSDR) 2025, vol. 10(no. 7). [Google Scholar] [CrossRef]
- Gai, Y.; Zhou, L.; Qin, K.; Song, D.; Gervais, A. Blockchain Large Language Models. arXiv 2023, arXiv:2304.12749. [Google Scholar] [PubMed]
- Gandhi, S. T. AI-Driven Smart Contract Security: A Deep Learning Approach to Vulnerability Detection. International Journal of Advanced Research in Computer Science & Technology (IJARCST) 2025, vol. 8(no. 1). [Google Scholar]
- Shou, C.; Ke, Y.; Yang, Y.; Su, Q.; Dadosh, O.; Elis, A.; Lee, W. BACKRUNNER: Mitigating Smart Contract Attacks in the Real World. arXiv 2024, arXiv:2409.06213. [Google Scholar] [CrossRef]
- Akoshile, A. A.; Jogunola, O.; Hammoudeh, M.; Dargahi, T. A Comparative Analysis of Hybrid Deep Learning Models for Reentrancy Vulnerability Detection in Ethereum Smart Contracts. In Proceedings of the 8th International Conference on Future Networks & Distributed Systems (ICFNDS ’24), 2024; ACM. [Google Scholar]
- Jiang, B.; Liu, Y.; Chan, W. K. ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection. In Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering (ASE ’18), 2018; pp. 259–269. [Google Scholar]
- Eshghie, M.; Artho, C.; Gurov, D. Dynamic Vulnerability Detection on Smart Contracts Using Machine Learning. In Proceedings of the 25th International Conference on Evaluation and Assessment in Software Engineering (EASE ’21), 2021; pp. 305–312. [Google Scholar]
- Qian, P.; Cao, R.; Liu, Z.; Li, W.; Li, M.; Zhang, L.; Xu, Y.; Chen, J.; He, Q. Empirical Review of Smart Contract and DeFi Security: Vulnerability Detection and Automated Repair. arXiv 2023, arXiv:2309.02391. [Google Scholar] [CrossRef]
- Alhaidari, A.; Palanisamy, B.; Krishnamurthy, P. Protecting DeFi Platforms against Non-Price Flash Loan Attacks. In Proceedings of the Fifteenth ACM Conference on Data and Application Security and Privacy (CODASPY ’25), 2025. [Google Scholar]
- Wu, K. W. Strengthening DeFi Security: A Static Analysis Approach to Flash Loan Vulnerabilities. arXiv 2025, arXiv:2411.01230v2. [Google Scholar]
- Shan, J. Design and Application of Global Energy Trade Cross Border E-commerce Optimization Model. EAI Endorsed Transactions on Energy Web 2024, vol. 11. [Google Scholar] [CrossRef]
- Guler, N. Smart allocation and sizing of fast charging stations: a metaheuristic solution. International Journal of Sustainable Energy 2024, vol. 43(no. 1). [Google Scholar] [CrossRef]
- Kang, M. Research on Prediction Model and Optimization of Enterprise Material Procurement Management Based on Global Linkage. International Journal of Computational Intelligence Systems 2025, vol. 18(no. 242). [Google Scholar] [CrossRef]
- Javed, F.; Mangues-Bafalluy, J. Performance Analysis, Lessons Learned and Practical Advice for a 6G Inter-Provider DApp on the Ethereum Blockchain. In Computer Networks; Elsevier, 2025. [Google Scholar]
- Bahurmuz, A. S.; Alyoubi, H. A. Temporal Analysis of Ethereum Blockchain Trends in Transaction Fees and Block Density Over Time. Journal of Current Research in Blockchain 2025, vol. 2(no. 4), 258–273. [Google Scholar] [CrossRef]
- Wu, J.; Cai, Y. The Paradox of AI Knowledge: A Blockchain-Based Approach to Decentralized Governance in Chinese New Media Industry. Future Internet 2025, vol. 17(no. 479). [Google Scholar] [CrossRef]




| Pipeline Configuration | Gas Consumption | Time (ms) | FDR |
|---|---|---|---|
| Baseline CI/CD Pipeline | 2,315,392 | 21,418 | 0.90 |
| Proposed Optimized Framework (Avg. of 10 Runs) | 163,299 | 1,592 | 0.88 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2026 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).