Loading...
LoadingLoading...
LoadingTen specialist AI agents, Opus synthesis, and a 3-agent Opus Cipher adversarial swarm. Parallel 3-lens RALPH on every audit. Transparent scoring, on-chain verification. Every audit is reproducible and independently verifiable.
This hash identifies the current prompt version. It is included in the promptTemplateHash field of every on-chain EAS attestation. If we change our prompts, this hash changes, and you can see exactly when in the version history below.
This hash will be attested on-chain with the next audit report.
Measured against documented real-world exploits. Agents receive only raw source code with zero hints. Results graded against post-mortem ground truth.
Tier 1 exploits detected across all blind test cases
Security findings confirmed actionable
Informational findings vs. total output (lower is better)
Each specialist agent focuses on a distinct vulnerability class. Click to expand and see exactly what each agent looks for.
3 adversarial agents (alpha for reentrancy depth, beta for economic exploits, general for cross-domain coverage) re-audit every specialist finding through a "what did they miss" lens. Multi-iteration RALPH loops with independent peer review. Always Opus regardless of tier -- the quality floor on both standard and deep audits.
Our agents are informed by documented exploit patterns from real-world security incidents.
Measures vulnerability risk from reentrancy, access control, economic, upgrade, and compliance findings.
Measures gas optimization and code efficiency. Does not affect security risk assessment.
Each target starts at 10. Findings subtract from this based on severity, weighted by confidence. Caps prevent any single severity tier from dominating.
| Severity | Per Finding |
|---|
Every scored finding includes an exploitability value from 1.0 to 10.0. It combines the finding's scope class (how direct the attack path is) with confidence (how sure the synthesis agent is). It is shown on each finding in the report and drives the sort order of the Exploit Analysis section.
base = SCOPE_CLASS_BASE[finding.scopeClass] exploitability = clamp(base * (0.5 + confidence * 0.5), 1.0, 10.0)
| Scope class | Base | Meaning |
|---|---|---|
| direct_vulnerability | 9 | Attacker can trigger with a single transaction, no special preconditions |
| implementation_gap | 7 | Contract missing a protection it should implement (TWAP, staleness check, reentrancy guard) |
| design_assumption | 4 | Depends on trusting external system behavior (oracle accuracy, bridge liveness) |
| third_party_risk | 3 | Vulnerability in external dependency or library |
| extreme_condition | 2 | Exploitable only under unlikely conditions (mass validator collusion, 99.9th percentile) |
| centralization_note | 1 | Admin/privileged role capability without a specific exploit path |
Findings are gated by demonstrated exploit feasibility against the analyzed contract. Observations that describe accepted blockchain behavior, consensus-layer issues, or infeasible preconditions are excluded from scored findings.
When we update our agent prompts, the composite hash changes. Every on-chain attestation references the hash that was active at audit time, so you can verify which prompt version produced any given audit.
| Version | Composite Hash | Date | Changes |
|---|---|---|---|
| v1.6 | 0x08c910e9...ee9029 | May 1, 2026 | Merge session/forge-poc-quality: audit-engine 1.6.0 cipher-as-attacker |
| v1.5 | 0xd9c1daa3...f7dd5c | Apr 17, 2026 | Pipeline wiring: synthesis gets full static analysis + red team framing |
| v1.4 | 0x47dc765c...079128 | Apr 17, 2026 | Attacker mindset overhaul: reframe all specialists as exploit hunters |
| v1.3 | 0xa6ab9d0b...f98cec | Apr 17, 2026 | Gap analysis fixes: math specialist, guard enumeration, array extension, integration behaviors |
Automated audits are powerful but not omniscient. Understanding what we cannot detect is part of honest security.
Every audit is tagged with the composite hash of the prompt templates used by all agents. This hash uniquely identifies the exact instructions each agent followed during the audit.
When an audit completes, we compute a SHA-256 hash of all agent prompt templates. This hash is stored with the audit report and visible on the report page.
Any change to agent prompts produces a new hash. The version history below shows exactly when prompts changed and what was updated.
Each audit's hash is attested on-chain via EAS on Base L2, creating a tamper-proof on-chain record.
EAS is deployed on Base at predeploy addresses (part of the OP Stack). Attestations cost less than $0.01 each and are indexed by EASScan. No custom smart contracts are needed. Reports with on-chain attestation display a "Verified on Base" badge.
Every audit is produced by the methodology described above.
Patterns extracted from real exploits, audit findings, and post-mortem analyses of documented security incidents.
Relevant patterns matched to each specialist agent based on contract type and vulnerability category.
Pattern quality scores update from scan results. Effective patterns are promoted, noisy patterns are demoted.
Each target starts at 10. Findings subtract from this based on severity, weighted by confidence. Caps prevent any single severity tier from dominating.
| Severity | Per Finding | Max Total |
|---|---|---|
| Critical | -2.5 | -7.5 |
| High | -1.0 | -4.0 |
| Medium | -0.3 | -1.5 |
| Low | -0.1 | -0.5 |
| Informational | 0 | 0 |
| Max Total |
|---|
| High | -0.5 | -2.0 |
| Medium | -0.2 | -1.0 |
| Low | -0.1 | -0.5 |
| Informational | 0 | 0 |
implementation_gap with 0.8 confidence: base = 7, adjusted = 7 * (0.5 + 0.4) = 7 * 0.9 = 6.3 / 10.| v1.2 |
0xfe5bd789...767959 |
| Apr 17, 2026 |
| LLM judge SDK fix, anti-downplay prompts, C4+Sherlock KB ingestion parsers |
| v1.1 | 0x4da5826c...bec410 | Apr 17, 2026 | EVMBench V2 engine: prompt expansion, static analysis, RAG knowledge base, scoring alignment |
| v1.0 | 0x7ab30f1d...2b4538 | Apr 16, 2026 | Merge session/vdm-gap-fill: 9 specialists + cipher_general + EVMBench submission infra |
| v1.4 | 0xb10d81c4...6c4b42 | Apr 16, 2026 | Auto-sync from CI (prompts.ts or schemas.ts changed) |
| v1.3 | 0xe7da7228...1ca35e | Apr 15, 2026 | Auto-sync from CI (prompts.ts or schemas.ts changed) |
| v1.2 | 0x38c257d5...07781f | Apr 11, 2026 | Scoring V2: scope classification, noise suppression, file citation enforcement |
| v1.1 | 0x4ad2a49c...fedf83 | Apr 5, 2026 | Added false positive suppression rules (zero-address, unchecked internals, centralization). Added matchedPatternName to finding output. Added vulnerability pattern injection. |
| v1.0 | 9fb1952f31...ae54e7 | Mar 24, 2026 | Initial specialist prompts |