The Semantic Refinement Pattern: A Distributed Architecture for LLM-Enhanced Smart Contract Security Analysis

Static analysis tools for software security produce high volumes of findings with significant false positive rates, requiring substantial manual triage. We present the Semantic Refinement Pattern, a software architecture where traditional analysis tools execute in parallel while LLM agents provide semantic post-processing. The pattern consists of four layers: (1) a Pure Dispatcher orchestrating tool execution without domain logic over Ray actors; (2) Parallel Tool Execution over Apache Ray achieving near-linear speedup; (3) Schema Normalization unifying heterogeneous outputs; and (4) Sequential LLM Refinement where specialized agents filter, correlate, and enrich findings. We prove two formal guarantees: the Recall Preservation Theorem establishes that LLM refinement cannot reduce recall below the triage agent's false negative rate; the No Hallucination Introduction Corollary proves that under the Detection Separation Property, LLM agents cannot originate findings — every output traces to a tool. Instantiated as Zentinel-audit v4.3 with 28 parallel tools and 6 LLM agents, the system achieves 7.0× speedup, 54% false positive reduction, and F1 = 0.86 on 53 DeFi contracts. The pattern composes with GAEV (exploit verification) and MPEA (attack path reconstruction) into a complete DETECT→VERIFY→RECONSTRUCT pipeline.