Smart contracts, self-executing agreements directly encoded in code, are fundamental to blockchain technology, especially in decentralized finance (DeFi) and Web3. However, the rise of Ponzi schemes in smart contracts poses significant risks, leading to substantial financial losses and eroding trust in blockchain systems. Existing detection methods, such as PonziGuard, depend on large amounts of labeled data and struggle to identify unseen Ponzi schemes, limiting their reliability and generalizability. In contrast, we introduce PonziSleuth, the first LLM-driven approach for detecting Ponzi smart contracts, which requires no labeled training data. PonziSleuth utilizes advanced language understanding capabilities of LLMs to analyze smart contract source code through a novel two-step zero-shot chain-of-thought prompting technique. Our extensive evaluation on benchmark datasets and real-world contracts demonstrates that PonziSleuth delivers comparable, and often superior, performance without the extensive data requirements, achieving a balanced detection accuracy of 96.06% with GPT-3.5-turbo, 93.91% with LLAMA3, and 94.27% with Mistral. In real-world detection, PonziSleuth successfully identified 15 new Ponzi schemes from 4,597 contracts verified by Etherscan in March 2024, with a false negative rate of 0% and a false positive rate of 0.29%. These results highlight PonziSleuth's capability to detect diverse and novel Ponzi schemes, marking a significant advancement in leveraging LLMs for enhancing blockchain security and mitigating financial scams.

翻译：智能合约作为直接编码于代码中的自执行协议，是区块链技术（尤其是去中心化金融（DeFi）和Web3）的基石。然而，智能合约中庞氏骗局的兴起带来了重大风险，导致巨额财务损失并侵蚀了人们对区块链系统的信任。现有检测方法（如PonziGuard）依赖于大量标注数据，且难以识别未见过的庞氏骗局，限制了其可靠性与泛化能力。相比之下，我们提出了PonziSleuth——首个基于大语言模型（LLM）的庞氏智能合约检测方法，该方法无需任何标注训练数据。PonziSleuth利用LLM先进的语言理解能力，通过一种新颖的两步零样本思维链提示技术来分析智能合约源代码。我们在基准数据集和真实世界合约上进行的大量评估表明，PonziSleuth无需大量数据需求即可实现相当甚至更优的性能：使用GPT-3.5-turbo时达到96.06%的均衡检测准确率，使用LLAMA3时为93.91%，使用Mistral时为94.27%。在真实世界检测中，PonziSleuth成功地从2024年3月Etherscan验证的4,597份合约中识别出15个新的庞氏骗局，其漏报率为0%，误报率为0.29%。这些结果凸显了PonziSleuth检测多样化和新型庞氏骗局的能力，标志着在利用LLM增强区块链安全性和遏制金融诈骗方面取得了重要进展。