Feature-based blockchain smart ponzi scheme contract identification method and system
By extracting the opcodes and graph structure features of smart contracts through natural language processing and the XGBoost algorithm, and combining them with the LightGBM classifier, the accuracy and efficiency issues of smart Ponzi scheme contract detection are solved, enabling early identification and efficient screening.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- SOUTH CHINA UNIV OF TECH
- Filing Date
- 2023-10-31
- Publication Date
- 2026-07-14
AI Technical Summary
Existing intelligent Ponzi scheme contract detection technologies suffer from insufficient detection performance and lag, especially for contracts with no trading volume or whose opcodes are easily interfered with.
Natural language processing techniques are used to extract opcode features, the XGBoost algorithm is used to filter key features, a control flow graph is generated and combined with the LightGBM classifier to build a smart contract recognition model, and the opcode and graph structure features are integrated for detection.
It improves the accuracy and efficiency of detecting smart Ponzi scheme contracts, enabling effective identification of Ponzi scheme contracts in early deployment and reducing false positives and false negatives.
Smart Images

Figure CN117648690B_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of blockchain anomaly monitoring technology, and more specifically, to a method and system for identifying XGBoost-LightGBM blockchain smart Ponzi scheme contracts based on improved features. Background Technology
[0002] Decentralized Finance (DeFi) is a key application of Web3 technology, employing blockchain and smart contract technology to build a decentralized financial system. Smart contracts are a crucial component of DeFi. Smart contracts are program code running on the blockchain, automatically executing the terms of the agreement without third-party intervention. Once deployed on the chain, they cannot be tampered with, and all smart contracts are publicly visible. While the innovation of smart contracts has brought many opportunities to DeFi, it also carries certain risks.
[0003] With the development of blockchain technology, Ponzi schemes have begun to appear in the form of smart contracts. This type of blockchain-based Ponzi scheme is called a smart Ponzi scheme, and the corresponding smart contract is called a smart Ponzi scheme contract.
[0004] Timely and effective detection of intelligent Ponzi schemes is crucial. While various machine learning-based methods for detecting intelligent Ponzi schemes exist, current research remains insufficient. First, most current research relies on contract account characteristics. However, account characteristics are only effectively formed when a Ponzi contract has a certain trading volume. A large proportion of Ponzi contracts have no trading activity, negatively impacting anomaly detection. Scam publishers often issue multiple scams, but few contracts survive. Second, most detection models utilize the opcode frequency characteristics of contracts, which are easily manipulated by contract publishers (e.g., by adding useless opcodes). Some detection techniques extract features from bytecode, but with updates to the Solidity language, bytecode changes can render these features ineffective. In summary, current detection techniques still suffer from insufficient detection performance and latency issues. Summary of the Invention
[0005] The purpose of this invention is to overcome the shortcomings and deficiencies of the existing technology and provide a feature-based blockchain smart Ponzi scheme contract identification method and system. It uses natural language processing technology to extract opcode features, uses a gradient boosting algorithm based on decision trees to obtain key opcode features, generates a control flow graph to extract graph structure features, uses key opcode features in combination with graph structure features to obtain more comprehensive features, and integrates the identification model of the LightGBM classifier to improve detection accuracy.
[0006] To achieve the above objectives, the technical solution adopted by the present invention is as follows:
[0007] A method for identifying feature-based blockchain smart Ponzi scheme contracts includes the following steps:
[0008] Obtain the smart contract data to be identified on the Ethereum blockchain platform;
[0009] Based on the bytecode of the smart contract, the opcode is extracted by disassembly, and the opcode features are extracted using natural language processing technology.
[0010] Based on opcode features, the XGBoost feature extraction model is used to filter out key opcode features of smart contracts.
[0011] Based on the smart contract opcodes, a control flow graph is generated using the call relationships of the smart contract opcodes, and the graph structure features corresponding to the smart contract are extracted.
[0012] Using the key features of smart contract opcodes and graph structure features as samples, the LightGBM classification model is used to iteratively train the smart contract recognition model.
[0013] By inputting the key features of the smart contract's opcode and graph structure into the smart contract recognition model, the identification result of the smart Ponzi scheme contract corresponding to the smart contract is obtained.
[0014] Preferably, the acquired smart contract data includes: bytecode of smart Ponzi scheme contracts running on the Ethereum blockchain platform, and bytecode of secure smart contracts running on the Ethereum blockchain platform.
[0015] Preferably, the bytecode of the smart contract is obtained from the Ethereum blockchain platform via an API interface based on the address of the smart contract.
[0016] Preferably, the opcode is extracted by disassembly, specifically as follows:
[0017] By disassembling, the bytecode of the smart Ponzi scheme contract and the bytecode of the secure smart contract are converted into the opcodes of the smart Ponzi scheme contract and the opcodes of the secure smart contract, respectively.
[0018] Preferably, the opcode features extracted using natural language processing techniques include: three-dimensional bag-of-words model features and three-dimensional word frequency-inverse document frequency features.
[0019] Preferably, the key feature extraction of the opcode is as follows:
[0020] By using a gradient boosting algorithm based on decision trees, feature importance indices are obtained. By setting importance thresholds, noisy features are eliminated, and key opcode features are selected.
[0021] Preferably, a control flow graph is generated, specifically as follows:
[0022] Analyze the semantics of smart contract opcode instructions, and use the start and end of opcodes and jump semantics to generate basic blocks and directed edges to generate a smart contract control flow graph.
[0023] Preferably, the graph structure features include: control flow graph basic block features, subgraph structure association features, graph edit distance features, and data standardization features.
[0024] Preferably, the training process includes:
[0025] Based on the key features of smart contract opcodes and graph structure features, feature data samples are constructed and divided into training set and test set.
[0026] The SMOTE sampling algorithm is used to oversample the training set to adjust the ratio of positive to negative samples in the training set.
[0027] The XGBoost-LightGBM detection model is trained using the adjusted training set samples to obtain a trained smart contract recognition model.
[0028] A feature-based blockchain smart Ponzi scheme contract identification system, employing the aforementioned feature-based blockchain smart Ponzi scheme contract identification method, includes:
[0029] The smart contract acquisition module is used to acquire smart contract data to be identified on the Ethereum blockchain platform;
[0030] The opcode conversion module is used to convert smart contract bytecode into opcodes through disassembly processing.
[0031] The opcode feature extraction module is used to extract opcode features using natural language processing techniques.
[0032] The opcode key feature processing module is used to obtain the key features of the smart contract's opcode based on the opcode features using a gradient boosting algorithm based on decision trees.
[0033] The graph structure feature extraction module is used to generate a control flow graph based on the opcode of the smart contract, extract the basic block features, subgraph structure association features, graph edit distance features, and data standardization features of the control flow graph, and merge them to form the graph structure features of the smart contract.
[0034] The smart contract recognition module takes key opcode features and graph structure features as input to the smart contract recognition model, uses the LightGBM classification model for classification calculation, and obtains the smart Ponzi scheme contract recognition result corresponding to the smart contract.
[0035] The abnormal contract warning module is used to issue a warning message when a smart contract is identified as a smart Ponzi scheme contract.
[0036] Compared with the prior art, the present invention has the following advantages and beneficial effects:
[0037] 1. This invention utilizes multi-dimensional natural language processing algorithms to extract opcode features, thereby obtaining more comprehensive multi-dimensional features of smart contracts.
[0038] 2. This invention utilizes the XGBoost algorithm to perform key feature filtering on opcode features, eliminating noisy features and improving both detection accuracy and efficiency.
[0039] 3. This invention innovatively utilizes the graph editing distance algorithm to extract opcode control flow graph features, and uses multi-dimensional graph structure features to compensate for the shortcomings of detection using only opcode features.
[0040] 4. This invention proposes an improved model for detecting Ethereum Ponzi schemes. It can extract features for detection in the early deployment of contracts. Extensive experiments on large-scale datasets show that the method of this invention is superior to existing methods. Attached Figure Description
[0041] Figure 1 This is a flowchart of a feature-based blockchain smart Ponzi scheme contract identification method.
[0042] Figure 2 This is a schematic diagram of a feature-based blockchain smart Ponzi scheme contract identification method.
[0043] Figure 3 This is a schematic diagram of the control flow graph transformation.
[0044] Figure 4 This is a structural diagram of a feature-based blockchain smart Ponzi scheme contract identification system. Detailed Implementation
[0045] The present invention, based on the feature-based blockchain smart Ponzi scheme contract identification method and system, will be further described below with reference to the accompanying drawings and specific embodiments.
[0046] Please see Figure 1 and Figure 2 This invention discloses a method for identifying feature-based blockchain smart Ponzi scheme contracts, specifically including the following steps:
[0047] S1: Obtain the smart contract data to be identified on the Ethereum blockchain platform.
[0048] S2: Based on the bytecode of the smart contract, extract the opcode through disassembly and use natural language processing technology to extract opcode features.
[0049] S3: Based on opcode features, the XGBoost feature extraction model is used to filter out the key opcode features of smart contracts.
[0050] S4: Based on the smart contract opcodes, generate a control flow graph using the call relationships of the smart contract opcodes, and extract the graph structure features corresponding to the smart contract.
[0051] S5: Using the key features of the smart contract's opcode and graph structure features as samples, the LightGBM classification model is used to iteratively train the smart contract recognition model.
[0052] S6: Input the key features of the smart contract's opcode and graph structure features into the smart contract recognition model to obtain the smart Ponzi scheme contract recognition result corresponding to the smart contract.
[0053] Specifically, in step S1, the smart contract data obtained includes: the bytecode of the smart Ponzi scheme contract running on the Ethereum blockchain platform, and the bytecode of the secure smart contract running on the Ethereum blockchain platform. The bytecode of the smart contract is obtained from the Ethereum blockchain platform via an API interface based on the smart contract's address.
[0054] In this embodiment, tagged smart contract data is obtained, including multiple smart contract addresses such as Ponzi scheme contracts and their corresponding tags. Based on the smart contract address, the smart contract bytecode is obtained from the Ethereum blockchain platform through the API interface.
[0055] Specifically, in step S2, the opcode is extracted through disassembly. This involves converting the bytecode of the smart Ponzi scheme contract and the bytecode of the secure smart contract into opcodes for the smart Ponzi scheme contract and the secure smart contract, respectively, through disassembly. The opcode features extracted using natural language processing techniques include: three-dimensional bag-of-words model features and three-dimensional term frequency-inverse document frequency features.
[0056] In this embodiment, the smart contract bytecode is disassembled using a disassembler, and natural language processing technology is used to generate three-dimensional bag-of-words model features and three-dimensional word frequency-inverse document frequency features, totaling 14,088 features.
[0057] Specifically, in step S3, the key feature extraction of the opcode is as follows: by using a gradient boosting algorithm based on decision trees, the feature importance index is obtained, and by setting an importance threshold, noisy features are eliminated, and key features of the opcode are selected.
[0058] Gradient Boosting Decision Tree (GBDT) is an additive model based on the boosting ensemble concept. During training, it uses a forward distribution algorithm for greedy learning, learning a new CART tree in each iteration to fit the residuals between the predictions of the previous t-1 trees and the true values of the training samples. This invention utilizes XGBoost for feature importance analysis, reducing feature dimensionality and cleaning up noisy features. In this embodiment, the 14088-dimensional features obtained using natural language processing techniques are reduced to 100-dimensional features.
[0059] Specifically, in step S4, generating the control flow graph involves: analyzing the semantics of smart contract opcode instructions, and using the start and end points and jump semantics of the opcodes to generate basic blocks and directed edges to create the smart contract control flow graph. Graph structure features include: control flow graph basic block features, subgraph structure association features, graph edit distance features, and data standardization features.
[0060] In this embodiment, the semantics of smart contract opcode instructions are analyzed, as shown in Table 1, EVM instruction classification. Basic blocks and directed edges are generated using the start and end semantics and jump semantics of the opcodes to produce the smart contract control flow graph. The generated control flow graph is shown below. Figure 3 As shown. The Ethereum Virtual Machine (EVM) is a stack-based virtual machine that executes a series of bytecode instructions based on specific environment data to modify the system state.
[0061] Table 1 EVM Instruction Classification
[0062]
[0063] A control flow graph is a representation of program code that shows all the paths a program will traverse during execution. A control flow graph is a directed graph G = (N, E) with basic blocks as nodes, where N is the set of nodes representing basic blocks in the program, and E is the set of edges between basic blocks.
[0064] Based on the control flow graph of the smart contract, graph structure features are generated. Basic block features of the control flow graph include the number of control flow graph blocks, and subgraph structure association features include the number of control flow graph edges. Graph edit distance features and data standardization features include maximum similarity measure, average graph edit distance measure, and average similarity. Maximum similarity measure refers to the maximum similarity value between the current contract and all collected Ponzi scheme contracts; average graph edit distance measure refers to the average graph edit distance between the current contract and all collected Ponzi scheme contracts; and average similarity refers to the average similarity between the current contract and all collected Ponzi scheme contracts.
[0065] Specifically, in step S5, the training process includes:
[0066] Based on the key features of smart contract opcodes and graph structure features, feature data samples are constructed and divided into training set and test set.
[0067] The SMOTE sampling algorithm is used to oversample the training set to adjust the ratio of positive to negative samples in the training set.
[0068] The XGBoost-LightGBM detection model is trained using the adjusted training set samples to obtain a trained smart contract recognition model.
[0069] SMOTE is a comprehensive sampling algorithm for artificially synthesized data, used to address the problem of imbalanced data classes. This invention utilizes SMOTE to oversample the training set data to balance the ratio of positive to negative samples.
[0070] In this embodiment, the processed opcode key features and graph structure features are stored in a CSV file as feature data samples. The feature data samples are then divided into training and test sets in an 8:2 ratio. To address the imbalance problem, this invention utilizes the SMOTE comprehensive sampling algorithm to comprehensively sample the training set data. The training set is then used as the data input source and fed into the LightGBM classification model for training.
[0071] LightGBM (Light Gradient Boosting Machine) is a framework for implementing the GBDT algorithm. It supports highly efficient parallel training and offers advantages such as faster training speed, lower memory consumption, better accuracy, and distributed support for rapid processing of massive amounts of data. This invention uses extracted combined features as input to LightGBM for training and prediction.
[0072] After the smart contract recognition model is trained, it is evaluated using a test set. This invention uses three commonly used performance metrics—precision, recall, and F1 score—to evaluate the smart contract recognition model.
[0073] ;
[0074] ;
[0075] ;
[0076] In this context, TP indicates that the identification model classifies smart contracts of the normal contract category as normal contracts; FP indicates that the identification model classifies smart contracts of the fraudulent contract category as normal contracts; and FN indicates that the identification model classifies smart contracts of the normal contract category as fraudulent contracts.
[0077] The training and testing datasets consisted of 270 Ponzi scheme contracts and 3000 secure smart contracts, with a positive to negative sample ratio of 1:11. During model training, the hardware platform was an AMD Ryzen 7 5800H CPU, a Radeon Graphics GPU, and 32GB of memory. This invention uses commonly used machine learning parameters, setting the node learning rate to 0.6, the maximum depth to 5, the leaf tree size to 32, and 5-fold cross-validation.
[0078] Experimental results show that the proposed method achieves high accuracy and high recall. The model results are: Precision 98%, Recall 88%, and F1 score 93%. The detection results demonstrate both high accuracy and high recall. To verify the effectiveness of the proposed method for Ponzi scheme detection, different methods were compared. The detection tools compared all used conventional features. Models were trained and tested on the same dataset using different detection methods, and the results were compared. The final experimental results are shown in Table 2.
[0079] Table 2 Detection results using different methods
[0080]
[0081] As shown in Table 2, the model of this invention can achieve higher precision while maintaining recall. Comparison reveals that many methods have low recall rates, indicating that other methods miss more Ponzi schemes during detection, which is quite detrimental to regulation. The method of this invention is effective in solving Ponzi scheme detection; it is not only effective against Ponzi scheme contracts but also against honeypot contracts, coin mixing contracts, and so on.
[0082] Please see Figure 4 The present invention also discloses a feature-based blockchain smart Ponzi scheme contract identification system, specifically including:
[0083] The smart contract acquisition module is used to acquire smart contract data to be identified on the Ethereum blockchain platform;
[0084] The opcode conversion module is used to convert smart contract bytecode into opcodes through disassembly processing.
[0085] The opcode feature extraction module is used to extract opcode features using natural language processing techniques.
[0086] The opcode key feature processing module is used to obtain the key features of the smart contract's opcode based on the opcode features using a gradient boosting algorithm based on decision trees.
[0087] The graph structure feature extraction module is used to generate a control flow graph based on the opcode of the smart contract, extract the basic block features, subgraph structure association features, graph edit distance features, and data standardization features of the control flow graph, and merge them to form the graph structure features of the smart contract.
[0088] The smart contract recognition module takes key opcode features and graph structure features as input to the smart contract recognition model, uses the LightGBM classification model for classification calculation, and obtains the smart Ponzi scheme contract recognition result corresponding to the smart contract.
[0089] The abnormal contract warning module is used to issue a warning message when a smart contract is identified as a smart Ponzi scheme contract.
[0090] The feature-based blockchain smart Ponzi scheme contract identification system of the present invention can execute the feature-based blockchain smart Ponzi scheme contract identification method of the present invention, and can execute any combination of implementation steps of the method embodiment, and has the corresponding functions and beneficial effects of the method.
[0091] Although the invention has been described in the context of functional modules, it should be understood that, unless otherwise stated, one or more of the functions and / or features may be integrated into a single physical device and / or software module, or one or more functions and / or features may be implemented in a separate physical device or software module. It is also understood that a detailed discussion of the actual implementation of each module is unnecessary for understanding the invention. Rather, given the properties, functions, and internal relationships of the various functional modules in the system disclosed herein, the actual implementation of the module will be understood within the scope of conventional art for an engineer. Therefore, those skilled in the art can implement the invention set forth in the claims using ordinary techniques without excessive experimentation. It is also understood that the specific concepts disclosed are merely illustrative and not intended to limit the scope of the invention, which is determined by the full scope of the appended claims and their equivalents.
[0092] If a function is implemented as a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of this invention, or the part that contributes to the prior art, or a part of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods of the various embodiments of this invention. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.
[0093] More specific examples (a non-exhaustive list) of computer-readable media include: electrical connections (electronic devices) having one or more wires, portable computer disk drives (magnetic devices), random access memory (RAM), read-only memory (ROM), erasable and editable read-only memory (EPROM or flash memory), fiber optic devices, and portable optical disc read-only memory (CDROM). Furthermore, computer-readable media can even be paper or other suitable media on which programs can be printed, because programs can be obtained electronically, for example, by optically scanning the paper or other medium, followed by editing, interpreting, or otherwise processing as necessary, and then stored in computer memory.
[0094] Various parts of this invention can be implemented using hardware, software, firmware, or a combination thereof. In the above embodiments, multiple steps or methods can be implemented using software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, it can be implemented using any of the following techniques known in the art, or a combination thereof: discrete logic circuits having logic gates for implementing logical functions on data signals; application-specific integrated circuits (ASICs) having suitable combinational logic gates; programmable gate arrays (PGAs); field-programmable gate arrays (FPGAs); etc.
[0095] In summary, the present invention has the following advantages and beneficial effects:
[0096] 1. This invention utilizes multi-dimensional natural language processing algorithms to extract opcode features, thereby obtaining more comprehensive multi-dimensional features of smart contracts.
[0097] 2. This invention utilizes the XGBoost algorithm to perform key feature filtering on opcode features, eliminating noisy features and improving both detection accuracy and efficiency.
[0098] 3. This invention innovatively utilizes the graph editing distance algorithm to extract opcode control flow graph features, and uses multi-dimensional graph structure features to compensate for the shortcomings of detection using only opcode features.
[0099] 4. This invention proposes an improved model for detecting Ethereum Ponzi schemes. It can extract features for detection in the early deployment of contracts. Extensive experiments on large-scale datasets show that the method of this invention is superior to existing methods.
[0100] The above description is a detailed description of the preferred embodiments of the present invention. However, the embodiments are not intended to limit the scope of the patent application of the present invention. All equivalent changes or modifications made under the technical spirit disclosed in the present invention should fall within the patent scope covered by the present invention.
Claims
1. A method for identifying feature-based blockchain smart Ponzi scheme contracts, characterized in that, Includes the following steps: Obtain the smart contract data to be identified on the Ethereum blockchain platform; Based on the bytecode of the smart contract, the opcode is extracted by disassembly, and the opcode features are extracted using natural language processing technology. Based on opcode features, the XGBoost feature extraction model was used to screen out the key opcode features for identifying smart Ponzi scheme contracts. Based on the smart contract opcodes, a control flow graph is generated using the call relationships of the smart contract opcodes, and the graph structure features corresponding to the smart contract are extracted. Using the key features of smart contract opcodes and graph structure features as samples, the LightGBM classification model is used to iteratively train the smart contract recognition model. By inputting the key features of the opcode and the graph structure features of the smart contract into the smart contract recognition model, the recognition result of the smart Ponzi scheme contract corresponding to the smart contract is obtained. Extract opcode control flow graph features using the graph edit distance algorithm; Graph edit distance features and data standardization features include maximum similarity measure, average graph edit distance measure, and average similarity; maximum similarity measure refers to the maximum similarity value between the current contract and all collected Ponzi scheme contracts, average graph edit distance measure refers to the average graph edit distance between the current contract and all collected Ponzi scheme contracts, and average similarity refers to the average similarity between the current contract and all collected Ponzi scheme contracts.
2. The method for identifying feature-based blockchain smart Ponzi scheme contracts according to claim 1, characterized in that, The acquired smart contract data includes: bytecode of smart Ponzi scheme contracts running on the Ethereum blockchain platform, and bytecode of secure smart contracts running on the Ethereum blockchain platform.
3. The method for identifying feature-based blockchain smart Ponzi scheme contracts according to claim 1, characterized in that, The bytecode of a smart contract is obtained from the Ethereum blockchain platform via an API interface based on the smart contract's address.
4. The method for identifying feature-based blockchain smart Ponzi scheme contracts according to claim 1, characterized in that, The opcodes are extracted through disassembly, specifically: By disassembling, the bytecode of the smart Ponzi scheme contract and the bytecode of the secure smart contract are converted into the opcodes of the smart Ponzi scheme contract and the opcodes of the secure smart contract, respectively.
5. The method for identifying feature-based blockchain smart Ponzi scheme contracts according to claim 1, characterized in that, The opcode features extracted using natural language processing techniques include: three-dimensional bag-of-words model features and three-dimensional word frequency-inverse document frequency features.
6. The method for identifying feature-based blockchain smart Ponzi scheme contracts according to claim 1, characterized in that, Key feature extraction of opcodes, specifically: By using a gradient boosting algorithm based on decision trees, feature importance indices are obtained. By setting importance thresholds, noisy features are eliminated, and key opcode features are selected.
7. The method for identifying feature-based blockchain smart Ponzi scheme contracts according to claim 1, characterized in that, Generate the control flow graph, specifically: Analyze the semantics of smart contract opcode instructions, and use the start and end of opcodes and jump semantics to generate basic blocks and directed edges to generate a smart contract control flow graph.
8. The method for identifying feature-based blockchain smart Ponzi scheme contracts according to claim 1, characterized in that, Graph structure features include: control flow graph basic block features, subgraph structure association features, graph edit distance features, and data standardization features.
9. The method for identifying feature-based blockchain smart Ponzi scheme contracts according to claim 1, characterized in that, The training process includes: Based on the key features of smart contract opcodes and graph structure features, feature data samples are constructed and divided into training set and test set. The SMOTE sampling algorithm is used to oversample the training set to adjust the ratio of positive to negative samples in the training set. The XGBoost-LightGBM detection model is trained using the adjusted training set samples to obtain a trained smart contract recognition model.
10. A feature-based blockchain smart Ponzi scheme contract identification system, employing the feature-based blockchain smart Ponzi scheme contract identification method according to any one of claims 1 to 9, characterized in that, include: The smart contract acquisition module is used to acquire smart contract data to be identified on the Ethereum blockchain platform; The opcode conversion module is used to convert smart contract bytecode into opcodes through disassembly processing. The opcode feature extraction module is used to extract opcode features using natural language processing technology. The opcode key feature processing module is used to obtain the key features of the smart contract's opcode based on the opcode features using a gradient boosting algorithm based on decision trees. The graph structure feature extraction module is used to generate a control flow graph based on the opcode of the smart contract, extract the basic block features, subgraph structure association features, graph edit distance features, and data standardization features of the control flow graph, and merge them to form the graph structure features of the smart contract. The smart contract recognition module takes key opcode features and graph structure features as input to the smart contract recognition model, uses the LightGBM classification model for classification calculation, and obtains the smart Ponzi scheme contract recognition result corresponding to the smart contract. The abnormal contract warning module is used to issue a warning message when a smart contract is identified as a smart Ponzi scheme contract.