I made a 🦊 wallet plugin that:

1. Decodes your calldata
2. Uses that decoded data as input to an AI
3. Which then searches the web to see if the transaction has anything "fishy" about it.

Here is an example where you'd be sending money to the ByBit hackers, but it catches it!

Web3 development & security
🛡️ Cyfrin 
🦅 CodeHawks
🟪 Solodit
🎓 Updraft

I think most threat intel products can get a major upgrade with AI now (looking at you 
@blockaid_
, feel free to hit me up with product ideas/feedback).

The project is currently in beta, but you can find all the code here.

What's EXTRA crazy about the example in the video, is how obscure it is.

The transaction we call is `supply` on the aave protocol. But the simulated hacked website stuffs some bad calldata in there. The `onBehalfOf` address is swapped with the ByBit attacker!

To find this, the AI searches the web, and figures out by your calldata, chain, and address that the user is probably trying to call `supply` for themselves.

Knowing this is the user's intent, the AI can pretty easily figure out what the calldata should be doing.

Catching poisoning is really great. Hot mobile wallets are exactly the ones where a lot of lazy habits are employed

I was able to do a lot of MVPs where this tool flags the bad transactions, but most threat intel products do not, like:

- address poisoning
- nested calldata stuffing
- sending money to known hackers
- etc

The key is that AI is able to tell what your "intent" is.

I like baking /goodbread and building apps on web3 protocols. DevRel @ ENS Labs

Whoops, thanks 

https://github.com/patrickalphac/wise-signer-snap