AI-powered smart contract security auditor with verifiable on-chain attestations.
💸 Every day, millions of dollars are lost to rug pulls, honeypots, and exploitable smart contracts. Users have no fast, trustworthy way to verify whether a token is safe before interacting with it. Professional audits cost $50k–$500k and take weeks.
⚡ 0G Shield changes this. Paste any Solidity contract → get an instant AI security analysis → receive a permanent, verifiable on-chain attestation that anyone can query and trust.
📜 Submit Solidity source code
│
▼
🔍 Bytecode Verification
Fetches deployed bytecode from 0G Chain
and compares against submitted source
│
▼
🤖 AI Security Analysis
Powered by 0G Compute Network
• Rug pull pattern detection
• Vulnerability scanning
• Access control analysis
• Security scoring (0–100)
│
┌────────┴────────┐
▼ ▼
💾 0G Storage ⛓️ 0G Chain
Full report On-chain
persisted attestation
⏱️ Paste code. Get a score. Attest on-chain. Under 60 seconds.
Hidden mint functions, blacklist/whitelist abuse, adjustable sell taxes (owner sets to 99%), honeypot mechanics (buy but can't sell), fake renounce ownership, liquidity removal without timelocks, pause abuse, max-wallet bypass for the deployer.
Reentrancy attacks, unchecked external calls, delegatecall to untrusted contracts, tx.origin authorization, flash loan vectors, oracle manipulation, timestamp dependence.
Centralization risks, missing modifiers on sensitive functions, unprotected initializers, missing event emissions for state changes.
When a deployed contract address is provided, 0G Shield fetches the on-chain bytecode via eth_getCode on 0G Chain and compares it against the compiled source — proving the code being audited is actually what's running on-chain. Audits are tagged with a verification level: ✅ Verified,
0G Shield is built natively on the 0G stack, using three core components in a tightly integrated pipeline:
The OGShield smart contract deployed on 0G Chain serves as a permanent, queryable registry of security attestations. Each attestation records:
- 📊 Security score (0–100)
⚠️ Risk levels (rug pull, vulnerability, access control)- 🔐 Verification level (bytecode match status)
- 🗂️ Report storage hash (pointer to full report on 0G Storage)
- 📍 Audited contract address
- 📝 Findings summary
🌐 Any protocol, DEX, or user can call getAttestation(codeHash) or getScore(codeHash) to check a contract's security status — enabling composable trust. A DEX could require a minimum Shield score before listing a token. A launchpad could auto-scan every new deployment.
Security analysis is powered by qwen-2.5-7b-instruct running on 0G's decentralized GPU marketplace via the OpenAI-compatible inference API. The model receives structured prompts with comprehensive vulnerability and rug pull detection criteria, returning JSON-formatted findings with severity ratings, descriptions, and remediation guidance.
Full audit reports (source code, findings, scores, verification proofs) are stored as JSON files on 0G's decentralized storage network using the TypeScript SDK. The merkle root hash is recorded in the on-chain attestation, creating an immutable link between the on-chain score and the detailed off-chain report. Reports are retrievable via StorageScan.
- 📋 Paste a Solidity contract (or click "Load sketchy token example" for a built-in rug pull)
- 🔍 Optionally provide a deployed address to enable bytecode verification against 0G Chain
- 🤖 Click "Run Security Audit" — the AI scans and scores in seconds
- 👛 Connect your wallet (auto-prompts to add 0G Galileo Testnet)
- ⛓️ Click "Attest On-Chain" — sign the tx and watch it land on 0G Explorer
- 🔄 Click "New Audit" to test a clean contract for contrast
🎯 Two built-in examples ship with the app — a sketchy token (mint abuse, blacklist, adjustable fees, reentrancy) and a safe token (standard OpenZeppelin ERC-20). Demo both side-by-side to show the score swing from red to green.
🎯 Today: Instant AI security scans for individual contracts with on-chain attestations.
🔮 Next: A protocol-level security layer for the 0G ecosystem —
- 🏦 DEXs query Shield scores before listing tokens
- 🚀 Launchpads auto-scan every deployment
- 👛 Wallets display security badges before users interact with contracts
- 🔌 API access for protocols to integrate audit-on-deploy pipelines
- 💰 Revenue model: free basic scans, paid attestations and API access in 0G tokens
🛡️ Every new contract deployed on 0G Chain gets a security score. Shield becomes the trust infrastructure for the entire ecosystem.
- ⛓️ Smart Contracts: Solidity 0.8.24 + Hardhat, deployed on 0G Galileo Testnet (Chain ID: 16602)
- 🤖 AI Engine: 0G Compute Network (
qwen-2.5-7b-instruct) with local pattern-matching fallback - 💾 Storage: 0G Storage TS SDK for decentralized report persistence
- 🎨 Frontend: Next.js 16 + Tailwind CSS + shadcn/ui
- 👛 Wallet: RainbowKit + wagmi + viem
- 🔭 Explorers: 0G Chain Explorer · 0G Storage Explorer
📖 Want to run it locally? See DEPLOY.md.