Agentic Reconstruction of Blockchain ATT&CKs

• Agentic Reconstruction of Blockchain ATT&CKs is a paradigm that automates attack forensics, simulation, and taxonomy construction using agent-based systems to map blockchain vulnerabilities into structured frameworks.
• It leverages a modular architecture like TxRay, which integrates on-chain data collection, root-cause analysis, and semantic PoC generation to ensure traceable and evidence-backed results.
• Empirical results demonstrate high detection, alignment, and reproducibility rates, significantly enhancing blockchain security, benchmarking, and defense evaluation practices.

Agentic reconstruction of blockchain ATT&CKs refers to the automation of postmortem attack analysis, simulation, and taxonomy construction through agent-based systems, particularly leveraging LLMs, forensics pipelines, and modular tools. This paradigm enables precise, reproducible diagnosis and mapping of blockchain compromises into standardized ATT&CK-style frameworks and life-cycle models. The domain brings together formal exploit definitions, attack graph induction, and evidence-backed hypothesis management, culminating in executable proofs of concept and semantic assertion oracles for both validation and benchmarking (Wang et al., 1 Feb 2026, Saad et al., 2019, Das et al., 2024).

1. Formalization of Blockchain ATT&CKs

A blockchain ATT&CK refers to a structured, ATT&CK-matrix-inspired taxonomy of adversarial techniques targeting all layers of blockchain systems, ranging from peer-to-peer and consensus to application and meta-application. These frameworks capture:

• Tactics: Reconnaissance, Resource Development, Disruption, Impact (analogous to MITRE ATT&CK categories), each mapped to distinct stepwise attack classes (e.g., eclipse, self-mining, smart-contract overflow).
• Techniques: Canonical attack vectors are clearly delineated, incorporating formal specifications where feasible. For example, selfish mining revenue as a function of attacker share $\alpha$ and network behavior $\gamma$ is formalized by

$$R(\alpha, \gamma) = \frac{\alpha(1-\alpha)^2(4\alpha + \gamma(1-2\alpha)) - \alpha^3}{1 - \alpha(1 + (2-\alpha)\alpha)}$$

(Saad et al., 2019).

Layer-based decompositions further extend classical ATT&CK into network, consensus, application, and meta-application domains, enabling granular mapping of 23+ specific adversary models (e.g., P+ε attack, relay hijack, short-address exploit) (Das et al., 2024).

2. Agentic Reconstruction Methodologies

Agentic reconstruction employs autonomous (often LLM-driven) agents to ingest partial observables (transactions, hashes), hypothesize exploit paths, and recursively resolve the underlying root cause and attack chain.

TxRay System Architecture

TxRay is a canonical agentic postmortem platform:

• Orchestrator: Maintains state, allocates turn budgets, and delegates tasks.
• Tool-Calling Sub-Agents: Specialized modules:
  1. On-chain Data Collector: Harvests traces, receipts, and metadata.
  2. Root-Cause Analyzer: Expands seed transactions and reconstructs exploit DAGs $G=(V, E)$.
  3. Root-Cause Challenger: Validates coverage and evidentiary grounding.
  4. PoC Oracle Generator: Converts root-cause models into hard/soft semantic assertions.
  5. PoC Reproducer: Synthesizes forked, wallet-isolated Foundry test suites.
  6. PoC Validator: Executes reproducible tests against a strict rubric (e.g., artifact use, parameter hygiene) (Wang et al., 1 Feb 2026).

Each step is tightly coupled via a shared workspace (artifact-based versioning, JSON schemas for contract validation). Root-cause inference leverages Bayesian symbolic scoring, with all claims annotated by code-level artifacts for unambiguous traceability.

3. ACT Opportunity Model and Exploit Lifecycle Graphs

The ACT (Anyone-Can-Take) formalism defines permissionless exploit scenarios where public state and open interfaces suffice to enable multi-transaction exploit paths. Formally, at chain $c$ and block height $B$, the pre-state $\sigma_B$ gives rise to a sequence $b = (tx_1, ..., tx_k)$ such that:

• Each $tx_i$ is attacker-crafted using $σ_B$ (no private keys or insider actions), or a mempool-resident victim transaction.

• Execution of $b$ transitions $σ_B$ to $σ'$, triggering either measurable profit

$$V_{\mathrm{ref}}(σ', a) - V_{\mathrm{ref}}(σ_B, a) - \mathsf{fees}(b) > 0,$$

or a deterministic safety/liveness breach $O(σ_B, σ') = 1$, for reference asset valuation map $V_{\mathrm{ref}}$ (Wang et al., 1 Feb 2026).

TxRay encodes the exploit lifecycle as a minimal acyclic dependency graph $G=(V,E)$, enabling concise modeling of setup, trigger, and extract phases, with all edges evidentially grounded.

4. Semantic Oracles and Self-Validating PoCs

A critical feature of agentic reconstruction is encoding attack success criteria as machine-executable semantic oracles:

• Hard assertions: Invariants that must hold (e.g., total supply remains constant during exploit step).

• Soft assertions: Economic inequalities (e.g., attacker profit within 5% of on-chain measurement).

TxRay’s PoC Oracle Generator emits such oracles from validated root cause reports. Downstream, the PoC Reproducer synthesizes Foundry-based tests which orchestrate the exploit on a canonical fork, asserting oracles in each phase, and the PoC Validator executes and scores for criteria such as artifact independence and labeled roles (Wang et al., 1 Feb 2026).

5. Performance Metrics and Comparative Effectiveness

Empirical results from the DeFiHackLabs dataset (114 incidents) demonstrate:

• ACT opportunity detection: 95.6% (109/114)

• Root‑cause alignment: 96.3% (105/109) where identifiable

• End-to-end PoC reproduction: 92.11% (105/114)

• PoCEvaluator rubric quality:

  • 98.1% of PoCs avoid attacker artifacts (+24.8 pp over baseline)
  • Explicit predicate assertion (Q4): 100%
  • Elimination of “magic parameters”: 53/105 vs 14/105 baseline
• Latency: Median 40 minutes to root cause, 59 minutes to PoC
• API cost: Median $3.16 (root cause),$1.25 (PoC generation)

These results demonstrate both substantial automation gains and reproducibility/scoring improvements over prior heuristics and manual ground-truth efforts (Wang et al., 1 Feb 2026).

6. Extended ATT&CK Taxonomies and Agentic Ecosystems

The agentic reconstruction approach generalizes to the design of a blockchain ATT&CK ecosystem:

• Pattern Catalogs: Each exploit pattern (reentrancy, oracle manipulation, FAW, etc.) is modularized as a RootCause playbook.
• Lifecycle Graphs as Primitives: Lifecycle DAGs $G=(V,E)$ constitute reusable graphlets, capturing common sub-tactics and facilitating taxonomy construction (Wang et al., 1 Feb 2026, Saad et al., 2019).
• Compositional Agents: Extraction, analysis, oracle encoding, and PoC reproduction tools function as microservices in broader cross-chain security pipelines (applicable to EVM, Solana, EOS, etc.).
• Automated Benchmarking and Defense: Reproducible, oracle-verified PoCs are leveraged for on-chain IDS, incident simulation, continuous defense posture evaluation, and proactive scanner augmentation.

Layer-based and causal-matrix approaches from the literature enable precise mapping between exploit preconditions, impact surfaces, and defense vectors (Das et al., 2024, Saad et al., 2019). Directed interconnection graphs formalize how attack steps compose or amplify each other, allowing for probabilistic risk propagation and attack-chain planning.

7. Agentic Red-Team Planning and Emulation

Agent-based methods extend to simulation and threat-chain planning:

• Attack path computation: Given a terminal attack objective (e.g., double-spending, transactional censorship), agents compute backward search paths over the taxonomy’s interconnection graph, constrained by resource and feasibility metadata.
• Ranking and resource-based selection: Paths are scored by cost and risk metrics.
• Stepwise test script generation: Each step is emulated with precondition verification and attack execution. Pseudocode structures, as seen in (Das et al., 2024), formalize this emulation planning.

A plausible implication is that the agentic loop provides both forensic diagnosis and active scenario simulation capabilities, forming the basis for continuous, empirically validated blockchain ATT&CK matrices and response strategies.

---

References:

• "TxRay: Agentic Postmortem of Live Blockchain Attacks" (Wang et al., 1 Feb 2026)
• "Exploring the Attack Surface of Blockchain: A Systematic Overview" (Saad et al., 2019)
• "Analysing Attacks on Blockchain Systems in a Layer-based Approach" (Das et al., 2024)