Detecting DeFi securities violations from token smart contract code  

作　　者：Arianna Trozze Bennett Kleinberg Toby Davies 

机构地区：[1]Department of Computer Science,University College London,Gower Street WC1E 6EA,London,UK [2]Department of Security and Crime Science,University College London,35 Tavistock Square,WC1H 9EZ,London,UK [3]Department of Methodology&Statistics,Tilburg University,Warandelaan 2,5037,AB,Tilburg,Netherlands [4]School of Law,The Liberty Building,University of Leeds,LS29JT,Leeds,UK

出　　处：《Financial Innovation》2024年第1期2644-2678,共35页金融创新(英文)

基　　金：funded by the UK EPSRC grant EP/S022503/1 that supports the Centre for Doctoral Training in Cybersecurity at UCL.

摘　　要：Decentralized Finance(DeFi)is a system of financial products and services built and delivered through smart contracts on various blockchains.In recent years,DeFi has gained popularity and market capitalization.However,it has also been connected to crime,particularly various types of securities violations.The lack of Know Your Customer requirements in DeFi poses challenges for governments trying to mitigate potential offenses.This study aims to determine whether this problem is suited to a machine learning approach,namely,whether we can identify DeFi projects potentially engaging in securities violations based on their tokens’smart contract code.We adapted prior works on detecting specific types of securities violations across Ethereum by building classifiers based on features extracted from DeFi projects’tokens’smart contract code(specifically,opcode-based features).Our final model was a random forest model that achieved an 80%F-1 score against a baseline of 50%.Notably,we further explored the code-based features that are the most important to our model’s performance in more detail by analyzing tokens’Solidity code and conducting cosine similarity analyses.We found that one element of the code that our opcode-based features can capture is the implementation of the SafeMath library,although this does not account for the entirety of our features.Another contribution of our study is a new dataset,comprising(a)a verified ground truth dataset for tokens involved in securities violations and(b)a set of legitimate tokens from a reputable DeFi aggregator.This paper further discusses the potential use of a model like ours by prosecutors in enforcement efforts and connects it to a wider legal context.

关 键 词：DeFi Decentralized finance Ethereum FRAUD Cryptocurrency Machine learning Securities law 

分 类 号：TP3[自动化与计算机技术—计算机科学与技术]