Obfuscation as an Effective Signal for Prioritizing Cross-Chain Smart Contract Audits: Large-Scale Measurement and Risk Profiling

• URL: http://arxiv.org/abs/2601.17356v2
• Date: Fri, 30 Jan 2026 05:43:21 GMT
• Title: Obfuscation as an Effective Signal for Prioritizing Cross-Chain Smart Contract Audits: Large-Scale Measurement and Risk Profiling
• Authors: Yao Zhao, Zhang Sheng, Shengchen Duan, Shen Wang, Daoyuan Wu, Zhiyuan Wan,
• Abstract summary: HOBFNET is a fast surrogate of OBFPROBE, enabling million-scale cross-chain scoring.<n>We observe systematic score drift, motivating within-chain percentile queues.<n>Cross-chain reuse is tail-enriched and directionally biased from smaller to larger ecosystems.
• Score: 42.77773046319942
• License: http://creativecommons.org/licenses/by-nc-sa/4.0/
• Abstract: Obfuscation raises the interpretation cost of smart-contract auditing, yet its signals are hard to transfer across chains. We present HOBFNET, a fast surrogate of OBFPROBE, enabling million-scale cross-chain scoring. The model aligns with tool outputs on Ethereum (PCC 0.9158, MAPE 8.20 percent) and achieves 8-9 ms per contract, yielding a 2.3k-5.2k times speedup. Across BSC, Polygon, and Avalanche, we observe systematic score drift, motivating within-chain percentile queues (p99 as the main queue, p99.9 as an emergency queue). The high-score tail is characterized by rare selectors, external-call enrichment, and low signature density, supporting secondary triage. Cross-chain reuse is tail-enriched and directionally biased from smaller to larger ecosystems. On two publicly alignable cross-chain spillover cases, both fall into the p99 queue, indicating real-world hit value. We deliver a two-tier audit queue and a cross-chain linkage workflow for practical security operations.

Related papers

• One Signature, Multiple Payments: Demystifying and Detecting Signature Replay Vulnerabilities in Smart Contracts [56.94148977064169]
  lacking checks on signature usage conditions can lead to repeated verifications, increasing the risk of permission abuse and threatening contract assets.<n>We define this issue as the Signature Replay Vulnerability (SRV)<n>From 1,419 audit reports across 37 blockchain security companies, we identified 108 with detailed SRV descriptions and classified five types of SRVs.
  arXiv  Detail & Related papers  (2025-11-12T09:17:13Z)
• Clustering Deposit and Withdrawal Activity in Tornado Cash: A Cross-Chain Analysis [0.9503773054285557]
  Tornado Cash is a decentralised mixer that uses cryptographic techniques to sever the on-chain trail between depositors and withdrawers.<n>This paper introduces three clusterings-(i) address-reuse, (ii) transactional-linkage, and (iii) a novel first-in-first-out (FIFO) temporal-matching rule.<n>Our analysis shows that 5.1 - 12.6% of withdrawals can already be traced to their originating deposits through address reuse and transactional linkages.
  arXiv  Detail & Related papers  (2025-10-10T14:42:24Z)
• vAttention: Verified Sparse Attention [100.98210818821688]
  vAttention is a practical sparse attention mechanism with user-specified $(epsilon, delta)$ guarantees on approximation accuracy (thus, verified)<n>We show that vAttention significantly improves the quality of sparse attention across datasets.<n>It can be deployed in reasoning scenarios to achieve fast decoding without compromising model quality.
  arXiv  Detail & Related papers  (2025-10-07T08:46:08Z)
• dParallel: Learnable Parallel Decoding for dLLMs [77.24184219948337]
  Diffusion large language models (dLLMs) offer parallel token prediction and lower inference latency.<n>Existing open-source models still require nearly token-length decoding steps to ensure performance.<n>We introduce dParallel, a simple and effective method that unlocks the inherent parallelism of dLLMs for fast sampling.
  arXiv  Detail & Related papers  (2025-09-30T16:32:52Z)
• V-ZOR: Enabling Verifiable Cross-Blockchain Communication via Quantum-Driven ZKP Oracle Relays [0.42164623134161255]
  Cross-chain bridges and oracles represent some of the most vulnerable components of decentralized systems.<n>We propose V-ZOR, a verifiable oracle relay that integrates zero-knowledge, quantum-grade proofs, and cross-chain restaking.
  arXiv  Detail & Related papers  (2025-09-13T22:34:59Z)
• Zaptos: Towards Optimal Blockchain Latency [52.30047458198369]
  We introduce Zaptos, a parallel pipelined architecture designed to minimize end-to-end latency.<n>Zaptos achieves a throughput of 20,000 transactions per second with sub-second latency.
  arXiv  Detail & Related papers  (2025-01-18T00:22:22Z)
• MAP the Blockchain World: A Trustless and Scalable Blockchain Interoperability Protocol for Cross-chain Applications [18.33587076597966]
  interoperability protocols enable cross-chain asset transfers or data retrievals between isolated chains. Existing protocols either face severe scalability issues due to high on-chain and off-chain costs, or suffer from trust concerns because of centralized designs. We propose textttMAP, a trustless blockchain interoperability protocol that relays cross-chain transactions across heterogeneous chains with high scalability.
  arXiv  Detail & Related papers  (2024-11-01T07:43:11Z)
• The Latency Price of Threshold Cryptosystem in Blockchains [52.359230560289745]
  We study the interplay between threshold cryptography and a class of blockchains that use Byzantine-fault tolerant (BFT) consensus protocols.<n>Our measurements from the Aptos mainnet show that the optimistic approach reduces latency overhead by 71%.
  arXiv  Detail & Related papers  (2024-07-16T20:53:04Z)
• SmartAxe: Detecting Cross-Chain Vulnerabilities in Bridge Smart Contracts via Fine-Grained Static Analysis [28.420618636956924]
  Cross-chain bridge is a decentralized application for asset exchange across different blockchain platforms. There are a number of recent security incidents with heavy financial losses caused by vulnerabilities in bridge smart contracts. We propose SmartAxe, a new framework to identify vulnerabilities in cross-chain bridge smart contracts.
  arXiv  Detail & Related papers  (2024-06-23T03:25:27Z)
• Fully Automated Selfish Mining Analysis in Efficient Proof Systems Blockchains [5.864854777864723]
  We study selfish mining attacks in longest-chain blockchains like Bitcoin, but where the proof of work is replaced with efficient proof systems. We propose a novel selfish mining attack that aims to maximize expected relative revenue of the adversary. We present a formal analysis procedure which computes an $epsilon$-tight lower bound on the optimal expected relative revenue in the MDP.
  arXiv  Detail & Related papers  (2024-05-07T15:44:39Z)
• Training-Free Long-Context Scaling of Large Language Models [114.53296002607993]
  We propose Dual Chunk Attention, which enables Llama2 70B to support context windows of more than 100k tokens without continual training. By decomposing the attention for long sequences into chunk-based modules, DCA manages to effectively capture the relative positional information of tokens.
  arXiv  Detail & Related papers  (2024-02-27T12:39:23Z)
• Tokenization and the Noiseless Channel [71.25796813073399]
  Good tokenizers lead to emphefficient channel usage, where the channel is the means by which some input is conveyed to the model. In machine translation, we find that across multiple tokenizers, the R'enyi entropy with $alpha = 2.5$ has a very strong correlation with textscBleu: $0.78$ in comparison to just $-0.32$ for compressed length.
  arXiv  Detail & Related papers  (2023-06-29T10:32:09Z)
• Leveraging Machine Learning for Multichain DeFi Fraud Detection [5.213509776274283]
  We present a framework for extracting features from different chains, including the largest one, and it is evaluated over an extensive dataset. Different Machine Learning methods were employed, such as XGBoost and a Neural Network for identifying fraud accounts detection interacting with DeFi. We demonstrate that the introduction of novel DeFi-related features, significantly improves the evaluation results.
  arXiv  Detail & Related papers  (2023-05-17T15:48:21Z)
• Blockchain Large Language Models [65.7726590159576]
  This paper presents a dynamic, real-time approach to detecting anomalous blockchain transactions. The proposed tool, BlockGPT, generates tracing representations of blockchain activity and trains from scratch a large language model to act as a real-time Intrusion Detection System.
  arXiv  Detail & Related papers  (2023-04-25T11:56:18Z)
• ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning [80.85273827468063]
  Existing machine learning-based vulnerability detection methods are limited and only inspect whether the smart contract is vulnerable. We propose ESCORT, the first Deep Neural Network (DNN)-based vulnerability detection framework for smart contracts. We show that ESCORT achieves an average F1-score of 95% on six vulnerability types and the detection time is 0.02 seconds per contract.
  arXiv  Detail & Related papers  (2021-03-23T15:04:44Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.