Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Semantic Sleuth: Identifying Ponzi Contracts via Large Language Models

Cong Wu, Jing Chen, Ziwei Wang, Ruichao Liang, Ruiying Du

TL;DR

PonziSleuth introduces the first LLM-driven method for detecting Ponzi smart contracts without labeled data. It fuses zero-shot chain-of-thought prompting with static taint analysis and automated code slicing to semantically understand contract logic and identify Ponzi patterns. Across benchmark and real-world datasets, PonziSleuth achieves high balanced accuracy (approximately 93–96%) across multiple LLM backends and successfully detects new Ponzi contracts with minimal false positives, while maintaining practical efficiency (~5.5 seconds per contract at a small cost). The approach demonstrates robust generalization to unseen contracts and supports real-time monitoring, marking a significant step forward in blockchain security for DeFi and Web3.

Abstract

Smart contracts, self-executing agreements directly encoded in code, are fundamental to blockchain technology, especially in decentralized finance (DeFi) and Web3. However, the rise of Ponzi schemes in smart contracts poses significant risks, leading to substantial financial losses and eroding trust in blockchain systems. Existing detection methods, such as PonziGuard, depend on large amounts of labeled data and struggle to identify unseen Ponzi schemes, limiting their reliability and generalizability. In contrast, we introduce PonziSleuth, the first LLM-driven approach for detecting Ponzi smart contracts, which requires no labeled training data. PonziSleuth utilizes advanced language understanding capabilities of LLMs to analyze smart contract source code through a novel two-step zero-shot chain-of-thought prompting technique. Our extensive evaluation on benchmark datasets and real-world contracts demonstrates that PonziSleuth delivers comparable, and often superior, performance without the extensive data requirements, achieving a balanced detection accuracy of 96.06% with GPT-3.5-turbo, 93.91% with LLAMA3, and 94.27% with Mistral. In real-world detection, PonziSleuth successfully identified 15 new Ponzi schemes from 4,597 contracts verified by Etherscan in March 2024, with a false negative rate of 0% and a false positive rate of 0.29%. These results highlight PonziSleuth's capability to detect diverse and novel Ponzi schemes, marking a significant advancement in leveraging LLMs for enhancing blockchain security and mitigating financial scams.

Semantic Sleuth: Identifying Ponzi Contracts via Large Language Models

TL;DR

PonziSleuth introduces the first LLM-driven method for detecting Ponzi smart contracts without labeled data. It fuses zero-shot chain-of-thought prompting with static taint analysis and automated code slicing to semantically understand contract logic and identify Ponzi patterns. Across benchmark and real-world datasets, PonziSleuth achieves high balanced accuracy (approximately 93–96%) across multiple LLM backends and successfully detects new Ponzi contracts with minimal false positives, while maintaining practical efficiency (~5.5 seconds per contract at a small cost). The approach demonstrates robust generalization to unseen contracts and supports real-time monitoring, marking a significant step forward in blockchain security for DeFi and Web3.

Abstract

Smart contracts, self-executing agreements directly encoded in code, are fundamental to blockchain technology, especially in decentralized finance (DeFi) and Web3. However, the rise of Ponzi schemes in smart contracts poses significant risks, leading to substantial financial losses and eroding trust in blockchain systems. Existing detection methods, such as PonziGuard, depend on large amounts of labeled data and struggle to identify unseen Ponzi schemes, limiting their reliability and generalizability. In contrast, we introduce PonziSleuth, the first LLM-driven approach for detecting Ponzi smart contracts, which requires no labeled training data. PonziSleuth utilizes advanced language understanding capabilities of LLMs to analyze smart contract source code through a novel two-step zero-shot chain-of-thought prompting technique. Our extensive evaluation on benchmark datasets and real-world contracts demonstrates that PonziSleuth delivers comparable, and often superior, performance without the extensive data requirements, achieving a balanced detection accuracy of 96.06% with GPT-3.5-turbo, 93.91% with LLAMA3, and 94.27% with Mistral. In real-world detection, PonziSleuth successfully identified 15 new Ponzi schemes from 4,597 contracts verified by Etherscan in March 2024, with a false negative rate of 0% and a false positive rate of 0.29%. These results highlight PonziSleuth's capability to detect diverse and novel Ponzi schemes, marking a significant advancement in leveraging LLMs for enhancing blockchain security and mitigating financial scams.

Paper Structure

This paper contains 22 sections, 7 equations, 8 figures, 10 tables, 1 algorithm.

Table of Contents

  1. Introduction
  2. Background
  3. Overview
  4. Threat Model
  5. Overview of PonziSleuth
  6. Design of PonziSleuth
  7. AST and IR Generation
  8. Taint Analysis and Slicing
  9. LLM-Driven Ponzi Detection
  10. Implementation Details
  11. Performance Evaluation
  12. Experimental Setup
  13. RQ1. Overall Performance of PonziSleuth
  14. RQ2. Comparing with Existing Methods
  15. RQ3: Ablation Study
  16. ...and 7 more sections

Figures (8)

  • Figure 1: Illustration of payout mechanism in Ponzi contract
  • Figure 2: Workflow of PonziSleuth
  • Figure 3: Example of contract 0x2a...1e9's taint propagation graph
  • Figure 4: Example of understanding contracts
  • Figure 5: Example of analyzing taint propagation graph
  • ...and 3 more figures