|
|
--- |
|
|
license: mit |
|
|
language: |
|
|
- en |
|
|
base_model: |
|
|
- Qwen/Qwen3-4B-Instruct-2507 |
|
|
tags: |
|
|
- solidity |
|
|
- smart_contract |
|
|
- web3 |
|
|
- solidityscan |
|
|
- credshields |
|
|
--- |
|
|
# Solidity-CodeGen-v0.1 |
|
|
Solidity-CodeGen-v0.1 is a fine-tuned LLM specialized for generating Solidity smart contracts with modern OpenZeppelin patterns. It works best when paired with the OpenZeppelin Contracts MCP (Model Context Protocol) to produce canonical ERC and Governor implementations. |
|
|
|
|
|
- Base: Qwen3 (tuned for Solidity codegen) |
|
|
- Context length: Served via vLLM (up to 32k with server) |
|
|
- Recommended: Use with OpenZeppelin MCP locally for highest-quality results |
|
|
|
|
|
## Why Solidity-CodeGen-v0.1? |
|
|
|
|
|
Traditional LLMs often produce generic code that may contain security vulnerabilities or deviate from best practices. Solidity-CodeGen-v0.1 is different—it's a domain-expert model trained specifically for smart contract development. Instead of generating random code snippets, it creates structured templates using OpenZeppelin-compliant logic and predictable design patterns when paired with OpenZeppelin MCP. |
|
|
|
|
|
Every generated contract follows OZ v5 conventions, ensuring: |
|
|
- **Canonical ERC implementations** (ERC20, ERC721, ERC1155) |
|
|
- **Consistent inheritance patterns** |
|
|
- **Reproducible function behavior** |
|
|
- **Built-in security considerations** |
|
|
|
|
|
<p align="center"> |
|
|
<a href="https://solidityscan.com/" target="_blank"> |
|
|
<img src="https://cdn-uploads.huggingface.co/production/uploads/685934bed73d6881647be295/CL6wjrU6gKYv3_Itc4iAO.png" alt="SolidityScan CredShields Banner" width="75%"> |
|
|
</a> |
|
|
</p> |
|
|
|
|
|
The model is inspired by [SolidityScan's Web3HackHub](https://solidityscan.com/web3hackhub)—a comprehensive database tracking blockchain security incidents since 2011—and **[OWASP Smart Contract Top 10](https://scs.owasp.org/sctop10/)**. |
|
|
The OWASP Smart Contract Security Project plays a critical role in shaping secure development practices across the Web3 ecosystem. It serves as a foundational framework that educates developers on the most prevalent and high-impact vulnerabilities affecting smart contracts. |
|
|
The model adheres to OpenZeppelin-compliant patterns and aims to align with OWASP best practices. |
|
|
|
|
|
## Complete Security Workflow |
|
|
|
|
|
While Solidity-CodeGen-v0.1 generates secure code foundations, comprehensive security requires additional validation. [SolidityScan](https://solidityscan.com) provides the perfect complement—an AI-powered smart contract scanner that identifies vulnerabilities and security risks in your code. |
|
|
|
|
|
**Together, they create a complete security pipeline:** |
|
|
1. **Generate** contract templates with Solidity-CodeGen-v0.1 |
|
|
2. **Scan** for vulnerabilities with SolidityScan's advanced analysis |
|
|
3. **Deploy** with confidence, knowing your contracts meet industry standards |
|
|
|
|
|
[Explore SolidityScan](https://solidityscan.com) to discover how AI-powered scanning can enhance your smart contract security workflow. |
|
|
|
|
|
--- |
|
|
|
|
|
## How to Load |
|
|
Transformers: |
|
|
``` |
|
|
from transformers import AutoTokenizer, AutoModelForCausalLM |
|
|
tok = AutoTokenizer.from_pretrained("credshields/Solidity-CodeGen-v0.1") |
|
|
model = AutoModelForCausalLM.from_pretrained("credshields/Solidity-CodeGen-v0.1", torch_dtype="auto", device_map="auto") |
|
|
``` |
|
|
|
|
|
vLLM: |
|
|
```vllm serve YOUR_ORG/Solidity-CodeGen-v0.1 --dtype auto --port 8005``` |
|
|
|
|
|
|
|
|
## Recommended: Use OpenZeppelin MCP (Locally) |
|
|
For best results, run the official OpenZeppelin Contracts MCP locally and route ERC20/721/1155 and Governor requests through it. |
|
|
- GitHub: https://github.com/OpenZeppelin/openzeppelin-mcp |
|
|
- NPM: https://www.npmjs.com/package/@openzeppelin/contracts-mcp |
|
|
|
|
|
|
|
|
This model card does not include MCP files; use the official OZ MCP project locally. |
|
|
|
|
|
## Prompting Guide (No MCP) |
|
|
When MCP is unavailable, use structured prompts: |
|
|
|
|
|
- Start with: |
|
|
``` |
|
|
- “Generate only Solidity code in a single ``` |
|
|
- “Solidity: ^0.8.27 and OpenZeppelin v5 imports only (@openzeppelin/contracts/...).” |
|
|
- Specify contract type, features, and constraints. |
|
|
``` |
|
|
|
|
|
Example (ERC20 minimal, mintable): |
|
|
``` |
|
|
Generate only Solidity code in a single ``` |
|
|
Solidity: ^0.8.27, OpenZeppelin v5 imports only. |
|
|
Contract: ERC20 token |
|
|
Name: TestToken |
|
|
Symbol: TEST |
|
|
Features: Ownable, mint(address,uint256) onlyOwner |
|
|
Constraints: |
|
|
Imports: ERC20, Ownable |
|
|
constructor(address initialOwner) and Ownable(initialOwner) |
|
|
No burn, no pause, no permit |
|
|
``` |
|
|
|
|
|
## Quality and Limitations |
|
|
- With MCP: ERC20/721/1155 and Governor scaffolds are canonical; custom templates are solid but require review. |
|
|
- Without MCP: Basic patterns work with structured prompts; complex protocols require expert review. |
|
|
- Always test and audit generated code before production. |
|
|
|
|
|
## Files Included |
|
|
- Model weights and tokenizer |
|
|
- Optional requirements files for Transformers/vLLM |
|
|
- No MCP/server code included; use official OZ MCP locally. |
|
|
|
|
|
## License |
|
|
- Model weights: see LICENSE. |
|
|
- Generated code: user responsibility; OpenZeppelin Contracts are MIT-licensed. |
|
|
|
|
|
## Note |
|
|
Note: This preview focuses on tailored scaffolds for common patterns and may omit end‑to‑end features; treat outputs as starting points to be completed, validated, and audited and hence Solidity-CodeGen-v0.1 is not a substitute for human review, formal verification, or security audits. |
