Multi-Perspective Ensemble Auditing: From Finding Detection to Attacker Intent Reconstruction in Smart Contract Security

Automated smart contract security analysis treats each detection tool as an independent finding generator and aggregates results by union or intersection. This framing has a fundamental epistemological flaw: individual tools observe partial projections of the contract ecosystem, and no aggregation of partial projections can reconstruct the attacker's full threat model. We propose Multi-Perspective Ensemble Auditing (MPEA), a framework that reframes the auditing problem from finding detection to attacker intent reconstruction. MPEA coordinates 28 specialized tools, each acting as an observer with a distinct analytical perspective (control flow, storage layout, economic behavior, bytecode patterns, flash loan vectors, governance concentration, and 22 additional dimensions). A dedicated LLM reasoning agent — Dragon — receives all 28 reports simultaneously and applies chain-of-thought reasoning over the full cross-contract dependency graph to identify attack paths structurally invisible to any individual tool. Dragon is not the decision-maker; it is a synthesis layer that surfaces corroborated multi-hop attack paths for human review. Evaluated on Damn Vulnerable DeFi (58 vulnerabilities, 13 contract families) and 234 findings from a production audit dataset, MPEA achieves 54% false positive reduction over tool-union aggregation and detects 8 of 8 multi-hop attack paths (k≥3) that no individual tool surfaces.