SYSTEM: ONLINE

RISK_SCORE: 0.00

ANALYZED: 1,337

STATUS: ACTIVE

AEGIS

Pre-execution risk analysis for EVM transactions. Deterministic, verifiable, and trustless security for Web3.

EXPLORE USE CASES

SCROLL

SECURITY SCANNER ACTIVE

AEGIS Protocol scans every transaction before execution, just like a TSA security checkpoint. Our advanced risk analysis engine examines transaction traces in real-time, identifying potential threats, vulnerabilities, and suspicious patterns before they can cause harm.

HOW AEGIS WORKS

Comprehensive risk analysis before transaction execution

CORE TECHNOLOGY

Deterministic Risk Analysis

AEGIS analyzes EVM transactions before execution, providing deterministic risk scores based on verifiable rules. Every analysis produces the same result for the same input, ensuring consistency and trust.

🔒

Deterministic

Same input always produces the same risk score, enabling verifiable analysis.

📊

Real-time

Analyze transactions in milliseconds before they execute on-chain.

🔍

Comprehensive

Multiple risk rules covering upgradeable contracts, reentrancy, and more.

EVIDENCE & VERIFICATION

Cryptographically Signed Evidence

Every risk analysis generates cryptographically signed evidence bundles. These bundles can be verified independently, providing proof of risk assessment without requiring trust in the analyzer.

✍️

Signed Evidence

Each analysis result is cryptographically signed for verification.

📦

Evidence Bundles

Complete analysis data packaged in verifiable JSON bundles.

🔐

Canonical JSON

Deterministic JSON serialization ensures consistent hashing.

                
{

  "traceHash": "0xabc123...",

  "signature": "0xdef456...",

  "riskScore": { "total": 750 },

  "triggeredRules": [...]

}

RISK DETECTION

Comprehensive Risk Rules

AEGIS implements multiple risk detection rules that identify potential security issues, suspicious patterns, and high-risk transaction types.

⚠️

Upgradeable Proxy

Detects interactions with upgradeable proxy contracts that could be exploited.

🔄

Reentrancy Risk

Identifies potential reentrancy vulnerabilities in transaction flows.

📈

Context Prior Risk

Tracks historical risk events to identify suspicious patterns over time.

🎯

Custom Rules

Extensible rule system for adding domain-specific risk detection.

DEVELOPER EXPERIENCE

Simple API, Powerful Results

Integrate AEGIS into wallets, dapps, or backend services with a clean, simple API. Get risk verdicts in milliseconds with minimal configuration.

🌐

HTTP API

RESTful endpoints for /analyze and /verdict with JSON responses.

💻

TypeScript SDK

Full TypeScript support with type-safe interfaces and async/await.

🔌

Browser Extension

Chrome/Brave extension for real-time transaction analysis in wallets.

                
const verdict = await getVerdict({

  normalizedTrace: txTrace,

  useContext: true

});

// Returns: { allow, score, severity, message, topRules }

ADVANCED FEATURES

Trust Graph & Replay

AEGIS maintains a trust graph of addresses and contracts, enabling sophisticated risk analysis based on historical interactions and reputation. Replay capabilities allow verification of past analyses.

🕸️

Trust Graph

Network analysis of address relationships and trust scores.

▶️

Replay System

Verify past analyses by replaying transactions with stored evidence.

💾

Persistent Storage

Evidence stored for audit trails and historical risk tracking.

TRUST BEFORE EXECUTION

AEGIS stands as the final checkpoint before your transaction reaches the blockchain. Every operation is scanned, analyzed, and verified—ensuring that only safe, legitimate transactions proceed.

Deterministic. Verifiable. Trustless. Our protocol provides cryptographic proof of risk assessment, giving you complete transparency and control over your Web3 interactions.

In a world where one wrong transaction can mean everything, AEGIS is your shield.

Wallet Protection

Integrate AEGIS into wallet applications to warn users before they sign potentially risky transactions. Real-time risk analysis prevents users from falling victim to scams and exploits.

Pre-transaction risk warnings
Visual risk indicators in UI
Block high-risk transactions (optional)
Educational risk explanations
Historical risk tracking per address

Dapp Security

Dapps can integrate AEGIS to analyze transactions before submission, providing users with transparent risk information and building trust through proactive security measures.

Pre-submission transaction analysis
Risk transparency for users
Integration with MetaMask and other wallets
Custom risk thresholds per dapp
Audit trail for compliance

Backend Services

Backend services can use AEGIS to screen transactions, filter out high-risk operations, and maintain compliance records. Perfect for exchanges, bridges, and DeFi protocols.

Transaction screening API
Automated risk filtering
Compliance and audit logging
Batch transaction analysis
Custom rule configuration

Regulatory Compliance

Financial institutions and regulated entities can use AEGIS to demonstrate due diligence in transaction risk assessment, with cryptographically verifiable evidence bundles.

Verifiable risk assessment records
Cryptographic proof of analysis
Immutable audit trails
Regulatory reporting support
Third-party verification capability

Insurance & Risk Management

Insurance providers and risk management platforms can leverage AEGIS to assess transaction risk for underwriting, pricing, and claims analysis in Web3 insurance products.

Risk-based pricing models
Claims verification and analysis
Historical risk pattern analysis
Portfolio risk assessment
Automated underwriting support

Developer Tools

Developers building smart contracts and dapps can use AEGIS during development and testing to identify potential security issues before deployment.

Pre-deployment risk analysis
CI/CD integration
Test suite risk validation
Security best practices guidance
Contract interaction analysis

TECHNICAL ARCHITECTURE

Built for performance, security, and scalability

Deterministic Analysis

Every analysis is deterministic: the same transaction trace always produces the same risk score. This enables verification, caching, and trustless operation.

Canonical JSON serialization
Deterministic trace hashing
Reproducible rule execution
No external dependencies in core logic

Evidence System

Cryptographically signed evidence bundles provide verifiable proof of risk analysis. Anyone can verify an analysis result without trusting the analyzer.

ECDSA signature verification
Canonical JSON for hashing
Complete analysis data in bundles
Third-party verification support

Rule Engine

Extensible rule system allows adding custom risk detection logic. Rules are composable, testable, and independently verifiable.

Modular rule architecture
Rule composition and chaining
Configurable rule weights
Test harness for regression testing

Normalization Layer

Unified normalization layer converts various transaction formats (raw transactions, execution traces, fixtures) into a standard NormalizedTrace format.

Multiple input format support
Automatic BigInt handling
Trace hash computation
Type-safe TypeScript interfaces

Persistent Storage

Evidence and risk history stored persistently for context-based analysis, audit trails, and historical risk pattern detection.

File-based persistent store
Evidence record management
Context prior risk tracking
Test isolation support

API & Integration

Clean, simple API for integration into wallets, dapps, and backend services. HTTP server, TypeScript SDK, and browser extension support.

Fastify HTTP server
TypeScript SDK with full types
Chrome/Brave extension
CORS support for browser clients

AEGIS ROADMAP

Our comprehensive development and growth plan

Q1 2026

FOUNDATION & CORE PROTOCOL

✅ Core risk analysis engine implementation
✅ Deterministic trace normalization system
✅ Evidence bundle generation and signing
✅ Initial risk rule set (upgradeable proxy, reentrancy, context prior risk)
✅ TypeScript SDK with clean API
✅ HTTP server with /analyze and /verdict endpoints
✅ Browser extension (Chrome/Brave MV3)
✅ Regression test harness
✅ CLI tools for analysis and validation

Q2 2026

EXPANSION & INTEGRATION

🔄 Extended risk rule library (20+ rules)
🔄 Trust graph implementation with network analysis
🔄 Replay system for historical verification
🔄 Multi-chain support (Ethereum, Polygon, Arbitrum, Optimism)
🔄 Wallet integrations (MetaMask, WalletConnect, Coinbase Wallet)
🔄 Dapp SDK with React hooks
🔄 Real-time risk monitoring dashboard
🔄 API rate limiting and authentication
🔄 Cloud deployment infrastructure

Q3 2026

ADVANCED FEATURES & ECOSYSTEM

⏳ Machine learning risk pattern detection
⏳ Decentralized analyzer network
⏳ Governance token and DAO structure
⏳ Staking mechanism for validators
⏳ Cross-chain risk analysis
⏳ Advanced trust scoring algorithms
⏳ Mobile SDK (iOS/Android)
⏳ Enterprise API with SLA guarantees
⏳ Insurance integration partnerships

Q4 2026

SCALE & ADOPTION

⏳ Mainnet launch and public beta
⏳ Major exchange integrations
⏳ DeFi protocol partnerships
⏳ Regulatory compliance certifications
⏳ Open source community governance
⏳ Developer grant program
⏳ Security audit and bug bounty program
⏳ Global marketing and adoption campaigns
⏳ Enterprise sales and partnerships

2025+

FUTURE VISION

🔮 AI-powered risk prediction models
🔮 Zero-knowledge proof integration for privacy
🔮 Layer 2 and rollup optimizations
🔮 Global risk intelligence network
🔮 Real-time threat intelligence feeds
🔮 Automated response and mitigation systems
🔮 Cross-protocol risk correlation
🔮 Quantum-resistant cryptography
🔮 Web3 security standard establishment

ACCESS CLASSIFIED

PLAYER DOES NOT HAVE ACCESS

HOW TO INTEGRATE AEGIS

Comprehensive integration guide for developers

1. INSTALLATION

              
npm install @aegis-protocol/core

# or

yarn add @aegis-protocol/core

2. BASIC USAGE (TypeScript SDK)

              
import { analyzeTransaction, getVerdict } from '@aegis-protocol/core';

import { normalizeInputToTrace } from '@aegis-protocol/core';

// Normalize your transaction data

const normalizedTrace = normalizeInputToTrace({

  transaction: rawTx,

  execution: executionTrace,

  metadata: { chainId: 1 }

});

// Get a verdict (simplified response)

const verdict = await getVerdict({

  normalizedTrace,

  useContext: true

});

// verdict = { allow, score, severity, message, topRules }

if (!verdict.allow) {

  console.warn('High risk transaction:', verdict.message);

}

3. HTTP API INTEGRATION

Start the AEGIS server:

              
npm run serve

# Server runs on http://127.0.0.1:8787

Make API calls:

              
// POST /verdict

const response = await fetch('http://127.0.0.1:8787/verdict', {

  method: 'POST',

  headers: { 'Content-Type': 'application/json' },

  body: JSON.stringify({

    normalizedTrace: traceData,

    useContext: true

  })

});

const verdict = await response.json();

// { allow: false, score: 750, severity: 'high', message: '...', topRules: [...] }

4. WALLET INTEGRATION

Install the browser extension or integrate directly:

              
// Intercept transaction requests

const originalRequest = window.ethereum.request;

window.ethereum.request = async (args) => {

  if (args.method === 'eth_sendTransaction') {

    // Analyze transaction

    const verdict = await getVerdict({

      normalizedTrace: normalizeTransaction(args.params[0]),

      useContext: true

    });

    if (!verdict.allow) {

      const proceed = confirm(

        `⚠️ ${verdict.message}\n\nProceed anyway?`

      );

      if (!proceed) return null;

    }

  }

  return originalRequest(args);

};

5. DAPP INTEGRATION

Add AEGIS to your dapp's transaction flow:

              
import { getVerdict } from '@aegis-protocol/core';

async function handleTransaction(tx) {

  // Normalize transaction

  const trace = normalizeInputToTrace({

    transaction: tx,

    execution: await simulateTransaction(tx),

    metadata: { chainId: 1 }

  });

  // Get verdict

  const verdict = await getVerdict({ normalizedTrace: trace });

  // Display risk banner

  if (verdict.score > 0) {

    showRiskBanner(verdict);

  }

  // Proceed with transaction

  return await sendTransaction(tx);

}

6. BACKEND SERVICE INTEGRATION

              
// Node.js/Express example

const express = require('express');

const { getVerdict } = require('@aegis-protocol/core');

const app = express();

app.use(express.json());

app.post('/api/check-transaction', async (req, res) => {

  const { transaction, execution } = req.body;

  const trace = normalizeInputToTrace({ transaction, execution });

  const verdict = await getVerdict({ normalizedTrace: trace });

  res.json(verdict);

});

7. STATELESS MODE

For environments without persistent storage:

              
// Disable context-based analysis

const verdict = await getVerdict({

  normalizedTrace: trace,

  useContext: false // Stateless mode

});

// Or via environment variable

process.env.AEGIS_DISABLE_CONTEXT = '1';

8. CUSTOM RISK RULES

              
import { registerRule } from '@aegis-protocol/core';

registerRule({

  ruleId: 'custom_rule',

  check: (trace) => {

    // Your custom risk logic

    return {

      triggered: condition,

      severity: 'high',

      explanation: 'Custom risk detected',

      evidence: {}

    };

  },

  weight: 100

});

AEGIS BROWSER EXTENSION

Real-time transaction risk analysis directly in your browser

🔌 OVERVIEW

The AEGIS Browser Extension provides pre-execution risk infrastructure for on-chain transactions. It intercepts transaction requests from wallet providers (MetaMask, WalletConnect, etc.) and displays real-time risk assessments before you sign.

⚡

Real-Time Analysis

Analyzes transactions in milliseconds before execution

🛡️

Non-Custodial

Read-only operation, cannot sign transactions or move funds

🔍

Deterministic

Same transaction produces the same risk score every time

✅

Verifiable

Cryptographically signed evidence bundles for verification

📦 INSTALLATION

Build the Extension

First, build the extension from source:

                    
npm run build:extension

# This compiles TypeScript files to JavaScript

Start AEGIS Server

The extension requires the local AEGIS server to be running:

                    
npm run serve

# Server runs on http://127.0.0.1:8787

Load Extension in Chrome/Brave

Open chrome://extensions/ (or brave://extensions/)
Enable "Developer mode" (toggle in top-right)
Click "Load unpacked"
Select the extension folder from the AEGIS Protocol directory

⚙️ HOW IT WORKS

🌐

1. Transaction Interception

The extension injects a script into web pages that wraps window.ethereum.request. When a dapp calls eth_sendTransaction or eth_sendRawTransaction, the extension intercepts the request.

→

📡

2. Analysis Request

The content script sends the transaction data to the background service worker, which forwards it to the local AEGIS server at http://127.0.0.1:8787/verdict.

→

🔬

3. Risk Analysis

AEGIS analyzes the transaction using deterministic risk rules, checking for upgradeable proxies, reentrancy risks, and context-based prior risk events.

→

📊

4. Verdict Display

A verdict banner appears on the page showing the risk score, severity level, and top triggered rules. The original transaction request continues normally.

✨ FEATURES

📋 Risk Score Display

Shows a numerical risk score (0-1000+) with color-coded severity levels (safe, elevated, high, critical)

📝 Top Rules

Displays the top 3 triggered risk rules with explanations

🎨 Visual Banner

Non-intrusive banner overlay in the top-right corner of the page

⏱️ Auto-Dismiss

Safe transactions automatically dismiss after 30 seconds

🔒 Privacy-First

All analysis happens locally - no data sent to external servers

🔄 Context-Aware

Tracks historical risk events for pattern detection across transactions

🏗️ ARCHITECTURE

The extension uses Chrome Manifest V3 and consists of:

injected.js

Runs in the page context, wraps window.ethereum.request to intercept transactions

contentScript.js

Injected into web pages, bridges communication between injected script and background worker

background.js

Service worker that communicates with the local AEGIS HTTP server

popup.html/js

Extension popup UI (currently shows stored analysis results)

🧪 TESTING & REFINEMENT

The extension is currently in active development. To test it:

Start the AEGIS server:
npm run serve
Load the extension in Chrome/Brave (see Installation steps above)
Visit a dapp that uses MetaMask or another wallet provider
Initiate a transaction - the extension will intercept it and display a verdict banner
Check the console for detailed logs and analysis results

📌 Current Status

The extension currently creates a minimal normalized trace stub from transaction parameters. For full analysis, you'll need to provide execution traces. The extension is designed to be extended with more sophisticated transaction simulation in the future.

💻 CODE EXAMPLE

How the extension intercepts transactions:

              
// injected.js - Wraps window.ethereum.request

const originalRequest = ethereum.request.bind(ethereum);

ethereum.request = async function (args) {

  if (args.method === 'eth_sendTransaction') {

    // Build normalized trace stub

    const normalizedTrace = {

      transaction: { from, to, value, data, ... },

      execution: { steps: [], gasUsed: "0" },

      metadata: { chainId, timestamp, ... }

    };

    // Send to content script

    window.postMessage({

      source: 'AEGIS_INJECTED',

      type: 'AEGIS_TX_PROPOSED',

      normalizedTrace

    }, '*');

  }

  return originalRequest(args);

};

🎮 LIVE TEST SIMULATION

Test the AEGIS extension in real-time! Connect a wallet and send a test transaction to see the risk analysis banner appear with glitch art styling.

⚠️ WALLET NOT CONNECTED

💡 Instructions:

Make sure AEGIS extension is loaded in Chrome/Brave
Click "CONNECT WALLET" (uses MetaMask if available)
Click "SEND 0.01 ETH" to trigger a transaction
Watch for the AEGIS verdict banner in the top-right corner!

🚀 FUTURE IMPROVEMENTS

✅ Transaction execution trace simulation for more accurate analysis
✅ Enhanced popup UI with detailed risk breakdown
✅ User preferences for risk thresholds and blocking behavior
✅ Historical transaction log and risk tracking
✅ Integration with popular wallet providers
✅ Multi-chain support (Ethereum, Polygon, Arbitrum, etc.)
✅ Evidence bundle export and verification

AEGIS PROTOCOL WHITEPAPER

Technical specification and protocol design

1. EXECUTIVE SUMMARY

AEGIS Protocol is a pre-execution risk analysis system for EVM transactions that provides deterministic, verifiable, and trustless security for Web3. By analyzing transactions before they execute on-chain, AEGIS enables wallets, dapps, and backend services to warn users about potentially risky operations, prevent scams, and maintain compliance records.

The protocol is built on three core principles: Determinism (same input always produces the same output), Verifiability (cryptographically signed evidence bundles), and Trustlessness (no reliance on centralized services).

2. ARCHITECTURE OVERVIEW

2.1 Core Components

Normalization Layer: Converts various transaction formats into a standardized NormalizedTrace format
Risk Analysis Engine: Executes risk rules against normalized traces
Evidence System: Generates cryptographically signed evidence bundles
Rule Engine: Modular, extensible risk detection rules
Persistent Storage: Stores evidence for context-based analysis
API Layer: HTTP server, TypeScript SDK, and browser extension

2.2 Data Flow

Transaction data (raw transaction, execution trace, metadata) is received
Normalization layer converts to NormalizedTrace format
Trace hash is computed using canonical JSON serialization
Risk rules are executed against the normalized trace
Risk score is calculated from triggered rules
Evidence bundle is generated and cryptographically signed
Verdict is returned to the client (allow/deny, score, severity, message)

3. DETERMINISTIC ANALYSIS

AEGIS ensures determinism through canonical JSON serialization. All BigInt values are converted to strings, and object keys are sorted before hashing. This guarantees that the same transaction trace always produces the same trace hash and risk score.

              
// Canonical JSON ensures determinism

function canonicalize(value) {

  return JSON.stringify(

    sortKeys(value),

    (_key, val) => typeof val === 'bigint' ? val.toString() : val

  );

}

// Trace hash is deterministic

const traceHash = keccak256(canonicalize(normalizedTrace));

4. EVIDENCE SYSTEM

Every risk analysis generates an evidence bundle containing the complete analysis result, including the normalized trace, risk score, triggered rules, and cryptographic signature. Evidence bundles can be verified independently without trusting the analyzer.

4.1 Evidence Bundle Structure

              
{

  "traceHash": "0x...",

  "normalizedTrace": { ... },

  "riskScore": { "total": 750, "breakdown": [...] },

  "triggeredRules": [

    {

      "ruleId": "upgradeable_proxy",

      "severity": "high",

      "explanation": "...",

      "evidence": {}

    }

  ],

  "signature": "0x...",

  "timestamp": 1234567890

}

4.2 Signature Verification

Evidence bundles are signed using ECDSA with the analyzer's private key. The signature covers the canonical JSON representation of the evidence bundle (excluding the signature field itself). Anyone can verify the signature using the analyzer's public key.

5. RISK RULES

AEGIS implements a modular rule system where each rule is independently executable and verifiable. Rules can be composed, weighted, and extended with custom logic.

5.1 Built-in Rules

upgradeable_proxy: Detects interactions with upgradeable proxy contracts
reentrancy_risk: Identifies potential reentrancy vulnerabilities
context_prior_risk: Tracks historical risk events for pattern detection

5.2 Rule Structure

              
interface RiskRule {

  ruleId: string;

  check: (trace: NormalizedTrace) => RuleResult;

  weight: number;

}

interface RuleResult {

  ruleId: string;

  triggered: boolean;

  severity: 'info' | 'low' | 'elevated' | 'high' | 'critical';

  explanation: string;

  evidence: Record<string, any>;

}

6. RISK SCORING

Risk scores are calculated by summing the weights of all triggered rules, adjusted by severity multipliers. The final score determines the verdict (allow/deny) and severity level.

              
// Severity multipliers

const multipliers = {

  info: 0.1,

  low: 0.5,

  elevated: 1.0,

  high: 2.0,

  critical: 5.0

};

// Score calculation

const score = triggeredRules.reduce((sum, rule) => {

  return sum + (rule.weight * multipliers[rule.severity]);

}, 0);

7. API SPECIFICATION

7.1 Verdict Endpoint

POST /verdict

Request body:

              
{

  "normalizedTrace": { ... },

  "useContext": true

}

Response:

              
{

  "traceHash": "0x...",

  "score": 750,

  "severity": "high",

  "allow": false,

  "message": "High risk transaction detected",

  "topRules": [ ... ]

}

8. SECURITY CONSIDERATIONS

Private Key Management: Analyzers must securely store private keys for signing evidence bundles
Input Validation: All inputs are validated and normalized before processing
Rate Limiting: API endpoints should implement rate limiting to prevent abuse
Context Isolation: Stateless mode available for environments without persistent storage
Verification: Evidence bundles can be verified independently without trusting the analyzer

9. FUTURE DEVELOPMENTS

Multi-chain support and cross-chain risk analysis
Decentralized analyzer network with staking
Machine learning risk pattern detection
Zero-knowledge proof integration for privacy
Advanced trust graph and network analysis
Real-time threat intelligence feeds