# Data Processing of Test Data

In [24]:
# import
import pandas as pd
import os
import json
import random

# importing in contracts from CRPWarner

path_groundTruth_excel = '../test-contracts/RugPull/dataset/groundTruth/groundTruth.xlsx'
df_groundTruth = pd.read_excel(path_groundTruth_excel, engine='openpyxl')

list_groundTruth_address = df_groundTruth['address'].tolist()
print('Number of groundTruth addresses: ', len(list_groundTruth_address))

# Specify folder paths
path_hex_folder = '../test-contracts/RugPull/dataset/groundTruth/hex'
path_sol_folder = '../test-contracts/RugPull/dataset/groundTruth/sol'

# Get all filenames in the folders without extensions
list_filenames_hex = [os.path.splitext(f)[0] for f in os.listdir(path_hex_folder) if os.path.isfile(os.path.join(path_hex_folder, f))]
list_filenames_sol = [os.path.splitext(f)[0] for f in os.listdir(path_sol_folder) if os.path.isfile(os.path.join(path_sol_folder, f))]


# Find missing hex and sol files
def get_missing_addresses(ground_truth_addresses, existing_hex_files, existing_sol_files):
    missing_hex_files = []
    missing_sol_files = []
    for address in ground_truth_addresses:
        if address not in existing_hex_files:
            missing_hex_files.append(address)
        if address not in existing_sol_files:
            missing_sol_files.append(address)
    return missing_hex_files, missing_sol_files


list_hex_lack, list_sol_lack = get_missing_addresses(
    list_groundTruth_address, list_filenames_hex, list_filenames_sol)
print(
    f"Missing Addresses are: \n hex:{list_hex_lack}, \n sol: {list_sol_lack}")
print('The number of missing addresses: hex: ', len(
    list_hex_lack), '; sol: ', len(list_sol_lack))

Number of groundTruth addresses:  67
Missing Addresses are: 
 hex:[], 
 sol: []
The number of missing addresses: hex:  0 ; sol:  0


# GPT 4-O

In [5]:
# Define the smart contract code to be audited (example contract code snippet)
smart_contract_code = """
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

contract ExampleToken {
    string public name = "ExampleToken";
    string public symbol = "EXT";
    uint8 public decimals = 18;
    uint256 public totalSupply;
    address public owner;

    mapping(address => uint256) public balanceOf;
    mapping(address => mapping(address => uint256)) public allowance;

    event Transfer(address indexed from, address indexed to, uint256 value);
    event Approval(address indexed owner, address indexed spender, uint256 value);

    constructor(uint256 _initialSupply) {
        owner = msg.sender;
        totalSupply = _initialSupply * (10 ** uint256(decimals));
        balanceOf[owner] = totalSupply;
        emit Transfer(address(0), owner, totalSupply);
    }

    function transfer(address _to, uint256 _value) public returns (bool success) {
        require(balanceOf[msg.sender] >= _value, "Insufficient balance");
        balanceOf[msg.sender] -= _value;
        balanceOf[_to] += _value;
        emit Transfer(msg.sender, _to, _value);
        return true;
    }

    function approve(address _spender, uint256 _value) public returns (bool success) {
        allowance[msg.sender][_spender] = _value;
        emit Approval(msg.sender, _spender, _value);
        return true;
    }

    function transferFrom(address _from, address _to, uint256 _value) public returns (bool success) {
        require(_value <= balanceOf[_from], "Insufficient balance");
        require(_value <= allowance[_from][msg.sender], "Allowance exceeded");
        balanceOf[_from] -= _value;
        balanceOf[_to] += _value;
        allowance[_from][msg.sender] -= _value;
        emit Transfer(_from, _to, _value);
        return true;
    }
}
"""

In [7]:
# Import necessary libraries
from openai import ChatCompletion, OpenAI
import json
import openai



## Set the API key
client = OpenAI(api_key="your_api_key_here")

# Define the prompt
prompt = f"""
You are an AI model specialized in auditing smart contracts for potential vulnerabilities, particularly rug pull scenarios. Your task is to analyze the provided smart contract and identify any code patterns or logic flaws that could allow the contract creators to execute a rug pull.

A rug pull is a type of exit scam where the developers of a cryptocurrency project suddenly withdraw all funds from the liquidity pool, leaving investors with worthless tokens. Common indicators of rug pull vulnerabilities include, but are not limited to:

- Centralized control over contract functions.
- The ability to mint or burn tokens without restrictions.
- Unverified external contracts or dependencies.
- Lack of time locks on critical functions.
- Absence of multi-signature requirements for sensitive operations.

Given the following smart contract's code, highlight the specific lines or sections that might be exploited for a rug pull. Provide detailed explanations for each identified vulnerability and suggest possible mitigations or improvements to enhance the contract's security.

Smart Contract Code:
{smart_contract_code}
"""

# Make the API call
response = client.chat.ChatCompletion.create(
    model="gpt-4",
    messages=[
        {"role": "system", "content": "You are a smart contract auditor, skilled in identifying vulnerabilities in smart contract code, "},
        {"role": "user", "content": prompt}
    ],
    temperature=0.7,
    max_tokens=1500
)

# Print the response (audit report)
response_text = response.choices[0].message['content']
print(response_text)

# Optionally, save the response to a file
with open("audit_report.txt", "w") as file:
    file.write(response_text)

AttributeError: 'Chat' object has no attribute 'ChatCompletion'