Skip to content

PonziDetection/SmartPonzi

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
dataset
dataset
 
 
tools
tools
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Towards Effective Detection of Ponzi schemes on Ethereum with Contract Runtime Behavior Graph

PonziGuard is an efficient Ponzi scheme detection approach based on contract runtime information and graph neural networks.

Experiments on Gound-Truth Dataset

We conducted experiments on a Gound-Truth Dataset and prove that PonziGuard is effective.

Experiments in real-world scenarios

We also conducted a preliminary experiment to verify the performance of PonziGuard in real-world scenarios.Using PonziGuard we have found 805 Ponzi contracts on Ethereum Mainnet in approximately 14,000,000 blocks, which have resulted in an estimated economic loss of 281,700 Ether or approximately $500 million USD. We also found 0-day Ponzi schemes in the recently deployed 10,000 smart contracts.

Tool

The code provided in ./tools serves as a simple pipeline of PonziGuard.

The complete code will be open-sourced after the conference is hold.

Require

Solidity Compiler

#install solc-select
pip install solc-select
#install solc
solc-select install [solc-version]
#switch the solc version 
solc-select use [solc-version]

Golang v1.16.6 or later

mkdir ~/go && cd ~/go
wget https://dl.google.com/go/go1.16.6.linux-amd64.tar.gz
tar -C /usr/local -zxvf  go1.16.6.linux-amd64.tar.gz
vim /etc/profile
# add export GOROOT=/usr/local/go, export PATH=$PATH:$GOROOT/bin
source /etc/profile

slither

python3 -m pip install slither-analyzer

Prepare your pretrained Doc2vec model in ./tools/PonziGuard/CRBG/model/yourModel

Run

Build the source of the instrumented Geth

cd ./tools/PonziGuard/geth_detect
make geth

Run the instrumented Geth

geth --identity "TestNode2" --rpc -rpcaddr "0.0.0.0"  --rpcport "8545" --rpccorsdomain "*" --port "30303" --nodiscover  --rpcapi "db,eth,net,web3,miner,net,personal,net,txpool,admin"  --networkid 1900   --datadir "./private_data" --nat "any"   --unlock 0 --password "./private_data/pwd.txt"  --mine --allow-insecure-unlock --rpc.allow-unprotected-txs

Run the Geth console

cd private_data
geth attach ipc:geth.ipc

Deploy under-tested smart contracts in the private chain and generate transaction sequences to invoke the contracts.

cd Transaction_Generator/SourceCode
python3 deploy --path '/yourContractPath'

You can replay the historical transactions in Geth console.

debug.traceBlockBynumber("BlockNumber")

Taint Engine in ./tools/PonziGuard/taint_engine will marks and tracks the propagation paths of sensitive data in contracts and construct Contract Runtime Behavior Graph in ./tools/PonziGuard/CRBG.

The output of raw graphs is in ./tools/PonziGuard/CRBG/CRBG_output_onehot, to complete the CRBG construction, run:

cd ./tools/PonziGuard/CRBG
python  CRBG_process.py

The CRBG output is in ./tools/PonziGuard/CRBG/CRBG_output.

Notice

Some paths in the project need to be changed to match your own execution environment.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages