I made a 🦊 wallet plugin that:

1. Decodes your calldata
2. Uses that decoded data as input to an AI
3. Which then searches the web to see if the transaction has anything "fishy" about it.

Here is an example where you'd be sending money to the ByBit hackers, but it catches it!

Web3 development & security
🛡️ Cyfrin 
🦅 CodeHawks
🟪 Solodit
🎓 Updraft

I think most threat intel products can get a major upgrade with AI now (looking at you 
@blockaid_
, feel free to hit me up with product ideas/feedback).

The project is currently in beta, but you can find all the code here.

I was able to do a lot of MVPs where this tool flags the bad transactions, but most threat intel products do not, like:

- address poisoning
- nested calldata stuffing
- sending money to known hackers
- etc

The key is that AI is able to tell what your "intent" is.

What's EXTRA crazy about the example in the video, is how obscure it is.

The transaction we call is `supply` on the aave protocol. But the simulated hacked website stuffs some bad calldata in there. The `onBehalfOf` address is swapped with the ByBit attacker!

To find this, the AI searches the web, and figures out by your calldata, chain, and address that the user is probably trying to call `supply` for themselves.

Knowing this is the user's intent, the AI can pretty easily figure out what the calldata should be doing.

I’ll have to show you some of the cool testing we did.

Ok that's cool, but llms does not understand most of the innovative use cases

ie separate setTokenUri and mint in the mint mechanism and they go mad at you 😅

expect tons of fake positives and the example can be effortlessly done without AI, just filtering with a blacklist (and the scammers do not reuse wallets xd)

could be more useful downloading the contract bytecode, search the function signature and audit it in the wild instead just analyze calldata being sent ?!