This work addresses the limitations of existing smart contract security auditing methods, which often lack precise vulnerability severity assessment and actionable repair suggestions, while large-model-based approaches incur prohibitive computational costs. To overcome these challenges, the authors propose a decoupled end-to-end auditing framework that decomposes the task into four modules: detection, explanation, severity classification, and repair. Leveraging lightweight open-source large language models with 0.6B–4B parameters, the framework integrates Rank-Stabilized LoRA, knowledge distillation, and a custom Chain-of-Verification response aggregation strategy. This approach achieves a vulnerability detection accuracy of 98.25% and an explanation alignment score of 0.4375, outperforming mainstream code large language models ranging from 7B to 34B parameters, all while significantly reducing computational overhead. The study also uncovers a central bias phenomenon in severity assessment.

Smart contracts face critical security challenges that require thorough auditing in decentralized web services. While Large Language Models (LLMs) have shown promise in automated vulnerability detection, existing approaches lack severity evaluations with actionable remediation and demand unnecessarily massive computational overhead. In this study, we introduce an efficient end-to-end smart contract security audit framework utilizing lightweight, highly optimized open-source LLMs (0.6B-4B parameters). Our framework decouples comprehensive audit tasks into four interconnected components: vulnerability detection, explanation, severity classification, and remediation recommendation. To maintain high accuracy without massive parameters, we implement Rank-Stabilized Low-Rank Adapters (rsLoRA), knowledge distillation, and a custom Chain-of-Verification (CoVe) aggregation strategy to systematically screen and consolidate multiple draft responses from the model into a highly accurate audit report. Experimental results demonstrate that our lightweight pipeline consistently outperforms state-of-the-art open-source coder dense LLMs (7B to 34B parameters), achieving 98.25% accuracy in vulnerability detection and an alignment score of 0.4375 in generative explanation tasks. Furthermore, our extensive ablation studies empirically validate the superiority of our decoupled audit processes over unified prompting and uncover a novel severity centrality bias, establishing a critical benchmark for future research in LLM-assisted auditing.