To address the failure of threat detection in smart contracts caused by increasingly sophisticated bytecode obfuscation and cross-chain platform heterogeneity, this paper proposes a robust, platform-agnostic static analysis framework. Methodologically, it integrates opcode semantics with control-flow graph (CFG) modeling to construct an obfuscation-resilient graph neural network (GNN) detector; it further introduces a unified intermediate representation layer supporting multiple runtimes, including EVM and WASM. Key contributions are: (1) the first CFG-GNN co-modeling approach for obfuscation-resistant malicious behavior identification, significantly improving detection rates for phishing and vulnerability exploitation; and (2) the first open-source detection architecture balancing high accuracy, scalability, and cross-platform compatibility. Experiments demonstrate an F1-score of 92.3% on mainstream obfuscated samples and an average cross-chain detection accuracy exceeding 89%.

Smart contracts have transformed decentralized finance by enabling programmable, trustless transactions. However, their widespread adoption and growing financial significance have attracted persistent and sophisticated threats, such as phishing campaigns and contract-level exploits. Traditional transaction-based threat detection methods often expose sensitive user data and interactions, raising privacy and security concerns. In response, static bytecode analysis has emerged as a proactive mitigation strategy, identifying malicious contracts before they execute harmful actions.Building on this approach, we introduced PhishingHook, the first machine-learning-based framework for detecting phishing activities in smart contracts via static bytecode and opcode analysis, achieving approximately 90% detection accuracy. Nevertheless, two pressing challenges remain: (1) the increasing use of sophisticated bytecode obfuscation techniques designed to evade static analysis, and (2) the heterogeneity of blockchain environments requiring platform-agnostic solutions.This paper presents a vision for ScamDetect (Smart Contract Agnostic Malware Detector), a robust, modular, and platform-agnostic framework for smart contract malware detection. Over the next 2.5 years, ScamDetect will evolve in two stages: first, by tackling obfuscated Ethereum Virtual Machine (EVM) bytecode through graph neural network (GNN) analysis of control flow graphs (CFGs), leveraging GNNs' ability to capture complex structural patterns beyond opcode sequences; and second, by generalizing detection capabilities to emerging runtimes such as WASM. ScamDetect aims to enable proactive, scalable security for the future of decentralized ecosystems.