This study addresses three critical challenges in the NFT ecosystem: ambiguous smart contract semantics, opaque interaction mechanisms, and unclear correlations between fraudulent tokens and underlying contract behaviors. Leveraging nearly 100 million Ethereum transactions, we integrate bytecode static analysis, semantic clustering, and interaction graph modeling. Our empirical analysis reveals, for the first time, a significant bytecode convergence phenomenon among scam NFT contracts and identifies two distinctive high-risk transaction patterns: multi-hop proxy calls and anomalous jumps to marketplace contracts. We further discover low semantic diversity across the ecosystem and identify proxy contracts and dominant marketplaces as critical interaction hubs. Based on these findings, we propose actionable risk-control strategies—deployable pre-deployment and enforceable in real time on-chain—that jointly leverage contract semantics and interaction topology. This work establishes the first empirically grounded framework for NFT security governance rooted in semantic and structural contract analysis.

The NFT ecosystem represents an interconnected, decentralized environment that encompasses the creation, distribution, and trading of Non-Fungible Tokens (NFTs), where key actors, such as marketplaces, sellers, and buyers, utilize smart contracts to facilitate secure, transparent, and trustless transactions. Scam tokens are deliberately created to mislead users and facilitate financial exploitation, posing significant risks in the NFT ecosystem. Prior work has explored the NFT ecosystem from various perspectives, including security challenges, actor behaviors, and risks from scams and wash trading, leaving a gap in understanding the semantics and interactions of smart contracts during transactions, and how the risks associated with scam tokens manifest in relation to the semantics and interactions of contracts. To bridge this gap, we conducted a large-scale empirical study on smart contract semantics and interactions in the NFT ecosystem, using a curated dataset of nearly 100 million transactions across 20 million blocks on Ethereum. We observe a limited semantic diversity among smart contracts in the NFT ecosystem, dominated by proxy, token, and DeFi contracts. Marketplace and proxy registry contracts are the most frequently involved in smart contract interactions during transactions, engaging with a broad spectrum of contracts in the ecosystem. Token contracts exhibit bytecode-level diversity, whereas scam tokens exhibit bytecode convergence. Certain interaction patterns between smart contracts are common to both risky and non-risky transactions, while others are predominantly associated with risky transactions. Based on our findings, we provide recommendations to mitigate risks in the blockchain ecosystem, and outline future research directions.