To address the challenge of security auditing for source-code-unavailable smart contracts, this paper proposes an event-driven vulnerability identification framework. It first parses on-chain transaction logs to extract fine-grained event sequences; then leverages large language models (LLMs) for semantic understanding and chain-of-thought (CoT) reasoning; finally, it incorporates a causal pattern-matching mechanism to dynamically correlate observed contract behaviors with known attack patterns. This work pioneers an “event-trajectory + LLM” collaborative paradigm for source-code-agnostic vulnerability detection, enabling precise vulnerability localization without access to source code. Experimental evaluation demonstrates substantial improvements in detection accuracy and interpretability across representative vulnerabilities—including reentrancy, integer overflow, and access-control flaws—outperforming existing black-box approaches. The framework establishes a novel, practical pathway for automated, explainable on-chain smart contract security auditing.

With the advance application of blockchain technology in various fields, ensuring the security and stability of smart contracts has emerged as a critical challenge. Current security analysis methodologies in vulnerability detection can be categorized into static analysis and dynamic analysis methods.However, these existing traditional vulnerability detection methods predominantly rely on analyzing original contract code, not all smart contracts provide accessible code.We present ETrace, a novel event-driven vulnerability detection framework for smart contracts, which uniquely identifies potential vulnerabilities through LLM-powered trace analysis without requiring source code access. By extracting fine-grained event sequences from transaction logs, the framework leverages Large Language Models (LLMs) as adaptive semantic interpreters to reconstruct event analysis through chain-of-thought reasoning. ETrace implements pattern-matching to establish causal links between transaction behavior patterns and known attack behaviors. Furthermore, we validate the effectiveness of ETrace through preliminary experimental results.