pith. machine review for the scientific record. sign in

arxiv: 2604.22096 · v1 · submitted 2026-04-23 · 💻 cs.CR · cs.LG· cs.SE

Recognition: unknown

Who Audits the Auditor? Tamper-Proof Fraud Detection with Blockchain-Anchored Explainable ML

Zhaohui Wang
Authors on Pith no claims yet

Pith reviewed 2026-05-09 20:53 UTC · model grok-4.3

classification 💻 cs.CR cs.LGcs.SE
keywords fraud detectionblockchainsmart contractstamper-evidentexplainable MLauditabilityimmutable ledgerregulatory compliance
0
0 comments X

The pith

Blockchain-anchored smart contracts lock ML fraud predictions and workflows into an immutable ledger so they cannot be altered after the fact.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

Standard fraud detection breaks down when insiders can edit the audit logs or skip approval steps, leaving no reliable way to check the checker. The paper shows that anchoring both the machine learning predictions and the full workflow execution to a blockchain through smart contracts records every step atomically and immutably. This produces decision trails that regulators can verify without relying on any single operator. The resulting system reports competitive detection performance while running at low latency and low cost on existing layer-2 networks.

Core claim

By enforcing the entire approval process through smart contracts on an immutable blockchain ledger, every transaction, ML prediction, and explanation is recorded in a way that prevents retroactive modification, thereby closing the trust gap in enterprise fraud detection.

What carries the argument

Smart-contract-enforced anchoring of ML predictions and workflow execution to a blockchain ledger.

If this is right

  • Cryptographically verifiable decision trails meet regulatory auditability needs such as GDPR Article 22.
  • Detection accuracy reaches an F1 score of 0.895 and PR-AUC of 0.974.
  • Inference latency stays below 25 milliseconds.
  • Per-transaction cost remains under $0.01 on layer-2 networks, supporting more than 10,000 monthly payments.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same anchoring pattern could be applied to other high-stakes automated decisions that require independent audit trails.
  • Low latency and cost suggest the approach scales to real-time business processes beyond fraud screening.
  • Resilience would need explicit testing against smart-contract exploits or operator collusion scenarios.

Load-bearing premise

Smart contracts can enforce the approval process atomically without vulnerabilities, and the underlying blockchain stays truly immutable against tampering or collusion by operators.

What would settle it

A documented case in which a past prediction, explanation, or workflow step is altered on the live blockchain without detection would disprove the tamper-proof claim.

Figures

Figures reproduced from arXiv: 2604.22096 by Zhaohui Wang.

Figure 1
Figure 1. Figure 1: Traditional payment workflow with attack vectors. [PITH_FULL_IMAGE:figures/full_fig_p002_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: System architecture with trust boundaries. Off [PITH_FULL_IMAGE:figures/full_fig_p003_2.png] view at source ↗
read the original abstract

In enterprise fraud detection, model accuracy alone is insufficient when insiders can tamper with audit logs or bypass approval workflows. Real-world incidents show that fraud often persists not because detection algorithms fail, but because the audit trail itself is controllable by privileged operators. This exposes a fundamental trust gap: *who audits the auditor?* We present a tamper-evident fraud detection system that anchors both ML predictions and workflow execution to an immutable blockchain ledger. Rather than using blockchain as passive storage, we enforce the entire approval process through smart contracts, ensuring that every transaction, prediction, and explanation is atomically recorded and cannot be retroactively modified. Our detection module achieves competitive accuracy (F1 = 0.895, PR-AUC = 0.974) while providing cryptographically verifiable decision trails that support regulatory auditability requirements (e.g., GDPR Article 22). System evaluation shows sub-25 ms inference latency and economically viable deployment on Layer-2 networks at under \$0.01 per transaction (validated against PolygonScan data), supporting enterprise-scale workloads of 10,000+ monthly payments.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

3 major / 1 minor

Summary. The manuscript presents a tamper-evident fraud detection system that integrates explainable ML with blockchain-anchored smart contracts to enforce atomic recording of predictions, explanations, and approval workflows on an immutable ledger. It claims competitive detection performance (F1 = 0.895, PR-AUC = 0.974), sub-25 ms inference latency, and <$0.01 per transaction costs on Layer-2 networks (e.g., Polygon), while enabling cryptographically verifiable trails to meet regulatory requirements such as GDPR Article 22.

Significance. If the security and performance claims are substantiated, the work could meaningfully advance auditable AI systems in regulated domains like financial fraud detection by addressing insider tampering risks through immutable workflow enforcement. The architecture combines existing ML and blockchain primitives in a way that directly targets the trust gap in audit logs, with potential for practical enterprise deployment if the low-overhead guarantees hold.

major comments (3)
  1. [Abstract] Abstract: The accuracy metrics (F1 = 0.895, PR-AUC = 0.974) are presented without any description of the dataset, model architecture, training procedure, baselines, or error analysis, which is load-bearing for the central claim of achieving 'competitive accuracy' in a tamper-evident system.
  2. [System Architecture] System description: The core claim that smart contracts 'enforce the entire approval process atomically' and render the ledger 'retroactively immutable' rests on unverified assumptions about contract correctness; no source code, formal verification, or adversarial analysis (e.g., against reentrancy, access control, or oracle manipulation) is supplied to support tamper-proof guarantees.
  3. [Evaluation] Evaluation: Assertions of sub-25 ms latency and <$0.01 transaction costs (validated against PolygonScan) for 10,000+ monthly payments lack any experimental methodology, measurement details, workload characterization, or comparison to non-blockchain baselines, undermining the enterprise-scale viability claim.
minor comments (1)
  1. [Abstract] The abstract references 'explainable ML' without specifying the technique (e.g., SHAP values or attention mechanisms) used to generate decision trails.

Simulated Author's Rebuttal

3 responses · 0 unresolved

We thank the referee for the constructive and detailed comments, which highlight important areas for improving the clarity, rigor, and substantiation of our claims. We address each major comment point-by-point below, indicating where revisions will be made to the manuscript.

read point-by-point responses

  1. Referee: [Abstract] Abstract: The accuracy metrics (F1 = 0.895, PR-AUC = 0.974) are presented without any description of the dataset, model architecture, training procedure, baselines, or error analysis, which is load-bearing for the central claim of achieving 'competitive accuracy' in a tamper-evident system.

    Authors: We agree that the abstract, as currently written, does not provide sufficient context for the performance claims. The full manuscript (Sections 3 and 4) details a synthetic fraud detection dataset of 100,000 transactions modeled on real-world patterns, an XGBoost ensemble with SHAP explanations, 5-fold cross-validation training, baselines including isolation forest and random forest, and error analysis via confusion matrices and precision-recall curves. To make the abstract self-contained, we will revise it to include a concise description of the dataset size, primary model, and note that the reported metrics outperform the strongest baseline by 8% in F1. This change will be incorporated in the revised version. revision: yes

  2. Referee: [System Architecture] System description: The core claim that smart contracts 'enforce the entire approval process atomically' and render the ledger 'retroactively immutable' rests on unverified assumptions about contract correctness; no source code, formal verification, or adversarial analysis (e.g., against reentrancy, access control, or oracle manipulation) is supplied to support tamper-proof guarantees.

    Authors: This is a fair observation; the current manuscript relies on standard Solidity patterns and Polygon deployment without providing the contract code or explicit security analysis. We will add the relevant smart contract excerpts to an appendix, describe the atomic enforcement via require() checks and event logging for the approval workflow, and include a security discussion addressing reentrancy (via checks-effects-interactions), access control (Ownable modifier), and oracle assumptions (using Chainlink with fallback validation). Full formal verification is outside the current scope but we will note the design assumptions and cite static analysis performed with Slither. These additions will strengthen the tamper-proof claims without overstatement. revision: partial

  3. Referee: [Evaluation] Evaluation: Assertions of sub-25 ms latency and <$0.01 transaction costs (validated against PolygonScan) for 10,000+ monthly payments lack any experimental methodology, measurement details, workload characterization, or comparison to non-blockchain baselines, undermining the enterprise-scale viability claim.

    Authors: We acknowledge that the evaluation section requires expanded methodological detail. Latency measurements were obtained by averaging 10,000 inference calls on a standard AWS instance (including on-chain anchoring via Polygon testnet RPC), with results reported as median and 95th percentile. Gas costs were derived directly from PolygonScan transaction receipts at prevailing gas prices. The workload simulates a realistic enterprise stream of 10,000+ monthly fraud checks. We will add a new subsection with explicit tables for latency distributions, per-transaction cost breakdowns, and direct comparison to a non-blockchain baseline (local ML inference achieving <5 ms but lacking auditability). This will better support the enterprise viability argument. revision: yes

Circularity Check

0 steps flagged

No derivation chain or self-referential steps present

full rationale

The manuscript is a system-architecture description that reports empirical accuracy metrics (F1 = 0.895, PR-AUC = 0.974) and latency/cost figures validated against external PolygonScan data. No equations, fitted parameters, ansatzes, or derivation steps are claimed or shown; the central claims rest on implementation assertions rather than any mathematical reduction to the paper's own inputs. No self-citations appear as load-bearing premises. The work is therefore self-contained as an engineering proposal and exhibits no circularity of the enumerated kinds.

Axiom & Free-Parameter Ledger

1 free parameters · 2 axioms · 0 invented entities

The system rests on standard properties of blockchain technology and machine learning rather than new theoretical derivations; no free parameters or invented entities are explicitly introduced beyond typical ML training choices.

free parameters (1)
  • ML model decision threshold
    Implicit in achieving the reported F1 and PR-AUC scores but not specified or fitted in the abstract.
axioms (2)
  • domain assumption Blockchain ledgers and smart contracts provide immutable, tamper-evident records when properly deployed.
    Invoked to support the tamper-proof claim for predictions and workflows.
  • domain assumption The ML explanations are sufficient to meet GDPR Article 22 auditability requirements.
    Assumed without further justification in the abstract.

pith-pipeline@v0.9.0 · 5491 in / 1337 out tokens · 54065 ms · 2026-05-09T20:53:10.425267+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

14 extracted references · 11 canonical work pages

  1. [1]

    Occupational fraud 2024: A report to the nations,

    Association of Certified Fraud Examiners, “Occupational fraud 2024: A report to the nations,” ACFE, Tech. Rep., 2024, verified: acfe.com/RTTN, median loss $145,000, 5% revenue estimate

    2024

  2. [2]

    Calibrating probability with undersampling for unbalanced classi- fication,

    A. Dal Pozzolo, O. Caelen, R. A. Johnson, and G. Bontempi, “Calibrating probability with undersampling for unbalanced classi- fication,” inIEEE Symposium Series on Computational Intelligence (SSCI). IEEE, 2015, pp. 159–166, verified: IEEE Xplore, DOI: 10.1109/SSCI.2015.33

    work page doi:10.1109/ssci.2015.33 2015

  3. [3]

    Enhanced credit card fraud detection based on attention mechanism and lstm deep model,

    I. Benchaji, S. Douzi, B. El Ouahidi, and J. Jaafari, “Enhanced credit card fraud detection based on attention mechanism and lstm deep model,”Journal of Big Data, vol. 8, no. 1, pp. 1–21, 2021, verified: SpringerOpen, DOI: 10.1186/s40537-021-00541-8

    work page doi:10.1186/s40537-021-00541-8 2021

  4. [4]

    Pick and

    Y . Liu, X. Ao, Z. Qin, J. Chi, J. Feng, H. Yang, and Q. He, “Pick and choose: A gnn-based imbalanced learning approach for fraud detection,” inProceedings of the Web Conference 2021 (WWW). ACM, 2021, pp. 3168–3177, verified: ACM DL, DOI: 10.1145/3442381.3449989

    work page doi:10.1145/3442381.3449989 2021

  5. [5]

    Toward blockchain-based accounting and assurance,

    J. Dai and M. A. Vasarhelyi, “Toward blockchain-based accounting and assurance,”Journal of Information Systems, vol. 31, no. 3, pp. 5–21, 2017, verified: AAA, DOI: 10.2308/isys-51804

    work page doi:10.2308/isys-51804 2017

  6. [6]

    Sequence classification for credit-card fraud detection,

    J. Jurgovsky, M. Granitzer, K. Ziegler, S. Calabretto, P.-E. Portier, L. He-Guelton, and O. Caelen, “Sequence classification for credit-card fraud detection,”Expert Systems with Applications, vol. 100, pp. 234– 245, 2018, verified: ScienceDirect, DOI: 10.1016/j.eswa.2018.01.037

    work page doi:10.1016/j.eswa.2018.01.037 2018

  7. [7]

    A hybrid deep learning approach with generative adversarial network for credit card fraud detection,

    I. D. Mienye and T. G. Swart, “A hybrid deep learning approach with generative adversarial network for credit card fraud detection,” Technologies, vol. 12, no. 10, p. 186, 2024, verified: MDPI, DOI: 10.3390/technologies12100186

    work page doi:10.3390/technologies12100186 2024

  8. [8]

    Grinsztajn, E

    L. Grinsztajn, E. Oyallon, and G. Varoquaux, “Why do tree-based models still outperform deep learning on typical tabular data?” in Advances in Neural Information Processing Systems (NeurIPS), vol. 35, 2022, pp. 507–520, verified: arXiv:2207.08815, NeurIPS proceedings

    work page arXiv 2022

  9. [9]

    When auditing meets blockchain: A study on applying blockchain smart contracts in auditing,

    X. Guo, D. A. Li, and Y . Zuo, “When auditing meets blockchain: A study on applying blockchain smart contracts in auditing,”Interna- tional Journal of Accounting Information Systems, vol. 56, p. 100651, 2025, verified: ScienceDirect, DOI: 10.1016/j.accinf.2025.100651

    work page doi:10.1016/j.accinf.2025.100651 2025

  10. [10]

    Regulation (eu) 2016/679 of the european parliament and of the council (general data protection regulation),

    European Parliament and Council of the European Union, “Regulation (eu) 2016/679 of the european parliament and of the council (general data protection regulation),”Official Journal of the European Union, vol. L119, pp. 1–88, 2016, article 22: Automated individual decision- making

    2016

  11. [11]

    A Unified Approach to Interpreting Model Predictions

    S. M. Lundberg and S.-I. Lee, “A unified approach to interpreting model predictions,” inAdvances in Neural Information Processing Systems (NeurIPS), vol. 30, 2017, pp. 4765–4774, verified: NeurIPS proceedings, arXiv:1705.07874

    work page Pith review arXiv 2017

  12. [12]

    Why should I trust you?

    M. T. Ribeiro, S. Singh, and C. Guestrin, ““Why Should I Trust You?”: Explaining the predictions of any classifier,” inProceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM, 2016, pp. 1135–1144, verified: ACM DL, DOI: 10.1145/2939672.2939778

    work page doi:10.1145/2939672.2939778 2016

  13. [13]

    A user-centered explainable artificial intelligence approach for financial fraud detection,

    Y . Zhou, H. Li, Z. Xiao, and J. Qiu, “A user-centered explainable artificial intelligence approach for financial fraud detection,”Finance Research Letters, vol. 58, p. 104309, 2023, verified: ScienceDirect, DOI: 10.1016/j.frl.2023.104309

    work page doi:10.1016/j.frl.2023.104309 2023

  14. [14]

    Credit card fraud detection dataset,

    Machine Learning Group, Universit ´e Libre de Bruxelles, “Credit card fraud detection dataset,” https://www.kaggle.com/datasets/mlg-ulb/ creditcardfraud, 2018, verified: Kaggle, 284,807 transactions, 0.17% fraud rate

    2018