Skip to content

jevinjojo/Solguard

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

🛡️ SolGuard

Zero-Trust AI-Powered DevSecOps for Web3 Automated CI/CD security pipeline that audits Solidity Pull Requests with multi-model AI consensus and deploys with ephemeral, single-use private keys.

License: Apache 2.0 Go Version Foundry Status


🎥 Live Demo

The full pipeline in action — broken into 4 short clips so you can jump straight to what matters.

1️⃣ Vulnerable PR — Blocked by AI Consensus

A reentrancy bug is introduced. SolGuard's AST diff isolates the changed function, the AI consensus engine flags it as High severity, and the PR is auto-blocked with an inline explanation. Merge button locked.

Vulnerable.PR.Blocked.mp4

2️⃣ Safe PR — Approved Automatically

A CEI-pattern fix is submitted. The same pipeline runs, AI consensus returns pass=true, the green check appears, and the PR becomes mergeable. Zero human review required for safe code.

Safe.PR.Approved.mp4

3️⃣ Merge → Ephemeral Deploy + Sweep

On merge, SolGuard generates a fresh AES-256-GCM-encrypted wallet, JIT-funds it, deploys to Sepolia via Foundry, verifies on Etherscan, and sweeps remaining ETH back to cold storage — all in under 30 seconds. The deploy key never touches disk.

Secure.Auto-Deploy.mp4

Live on-chain proof: 📜 Contract: 0x4144a335895ec1f9727ccc9cf501424b0ad59f8b 🔑 Ephemeral deployer (used once, swept clean): 0x5Cceed560f09bd3109889d76027Dbff74408b52f


4️⃣ Benchmark — SolGuard vs Slither

Live comparison run on a labeled subset of the SmartBugs/SWC corpus. SolGuard's consensus engine achieves F1 = 1.00 vs Slither's 0.67 by eliminating false positives while catching semantic bugs Slither misses.

Benchmark.Comparison.mp4


🚀 The Problem & The Solution

The Problem

  1. Static analyzers are noisy. Tools like Slither lack semantic understanding, producing false positives on safe code while missing intent-based bugs (access control flaws, business logic errors).
  2. CI/CD private keys are a treasury risk. Storing deployment keys in GitHub Secrets or environment variables creates a single point of failure. One compromised runner = full project drain.

The SolGuard Solution

  1. AI Consensus Engine. SolGuard parses the Solidity AST, identifies exactly which functions changed, and routes them to an ensemble of LLMs (Gemini 2.5 Flash + Groq Llama 3.3 70B + optional Ollama). A vulnerability is only flagged when models reach consensus, eliminating noise.
  2. Ephemeral Key Architecture. On merge, SolGuard generates a fresh AES-256-GCM-encrypted wallet in memory, funds it Just-In-Time with exact gas, deploys, verifies on Etherscan, and mathematically sweeps remaining ETH back to cold storage. The deploy key never touches disk and never lives past one transaction.

✨ Key Features

Feature Description
🔐 PR Gatekeeper Pushing code spawns an isolated Docker sandbox running forge build + Slither. Failures auto-block the PR.
🌳 AST Diffing + Redis Cache Hashes individual function ASTs. Unchanged code hits the cache (♻️ CACHE HIT!), saving latency and LLM tokens.
🤖 Multi-Model AI Consensus Gemini, Groq, and Ollama vote on each finding. Configurable quorum thresholds.
📜 Policy-as-Code Customizable audit-policy.yaml defines pass/fail rules per severity.
🔑 Ephemeral Deployments One-shot wallets, AES-256-GCM at rest, JIT funded, auto-swept. Zero hardcoded keys.
📊 SQLite Audit Trail Every deployment cryptographically logged for compliance and post-mortem.
🔌 Air-Gapped Mode Drop-in Ollama support for enterprises requiring zero data egress.

📊 Benchmark Results

Evaluated against a curated subset of the SmartBugs / SWC dataset:

Contract Ground Truth Slither Gemini Groq Consensus
reentrancy_simple.sol Vulnerable ✅ Blocked
etherstore.sol Vulnerable ✅ Blocked
unprotected_owner.sol Vulnerable ❌ Missed ✅ Blocked
safe_bank.sol Safe ❌ False Positive ✅ Approved

Consensus Engine F1 Score: 1.00  ·  Precision: 1.00  ·  Recall: 1.00

The consensus model caught a semantic access-control bug Slither missed, and cleared a false positive Slither flagged. Run the benchmark yourself with go run ./cmd/bench.


🏗️ Architecture

sequenceDiagram
    participant Dev as Developer
    participant GH as GitHub
    participant SG as SolGuard (Go)
    participant Docker as Sandbox
    participant AI as AI Consensus
    participant Eth as Sepolia

    %% Audit Phase
    Dev->>GH: Opens Pull Request
    GH->>SG: Webhook (PR opened)
    SG->>Docker: Clone, forge build, slither, extract AST
    Docker-->>SG: AST diffs + Slither JSON
    SG->>AI: Route changed functions to LLMs
    AI-->>SG: Consensus verdict (strict JSON)
    SG->>GH: Markdown audit report + commit status

    %% Deploy Phase
    Dev->>GH: Merges PR to main
    GH->>SG: Webhook (push to main)
    SG->>SG: Generate ephemeral key, AES-256-GCM encrypt
    SG->>Eth: Fund key (0.01 ETH JIT)
    SG->>Docker: forge script --broadcast --verify
    Docker->>Eth: Deploy contract
    SG->>SG: Persist record to SQLite audit trail
    SG->>Eth: Sweep remaining ETH back to master
    SG->>GH: Post verified Etherscan link
Loading

⚡ Quickstart

Prerequisites

  • Go 1.21+
  • Docker
  • Redis (local or remote)
  • ngrok (for local webhook testing)
  • Foundry (for the target deploy repo)
  • Funded Sepolia wallet (~0.05 ETH for testing)

Installation

git clone https://github.com/jevinjojo/solguard.git
cd solguard/backend

# Configure environment
cp .env.example .env
# Edit .env with your API keys, RPC URL, and master wallet

# Build the sandbox image
docker build -t solguard-sandbox -f sandbox/Dockerfile .

# Install Go dependencies
go mod tidy

# Run the server
go run .

Connect to GitHub

  1. Expose your local server: ngrok http 8080
  2. In your target repo: Settings → Webhooks → Add webhook
    • Payload URL: https://<your-ngrok>.ngrok-free.dev/webhook
    • Content type: application/json
    • Secret: matches WEBHOOK_SECRET in your .env
    • Events: Pull requests, Pushes
  3. Open a PR with a vulnerable Solidity file → watch SolGuard analyze it in real time.

Run the Benchmark

go run ./cmd/bench
# Outputs Markdown comparison table to stdout + writes results to SQLite

📁 Project Structure

solguard/
├── backend/
│   ├── main.go              # HTTP server + webhook router
│   ├── pipeline.go          # Audit + deploy orchestrator
│   ├── ast_parser.go        # Solidity AST diffing + hashing
│   ├── llm_manager.go       # Multi-LLM consensus engine
│   ├── policy.go            # Policy-as-code evaluator
│   ├── ephemeral.go         # One-shot wallet generator + sweeper
│   ├── encryption.go        # AES-256-GCM at rest
│   ├── deployer.go          # Forge script + Etherscan verifier
│   ├── database.go          # SQLite audit trail
│   ├── reporter.go          # GitHub PR comments + commit status
│   ├── config.go            # Env loading + secret redaction
│   ├── sandbox/Dockerfile   # Foundry + Slither container
│   ├── cmd/bench/           # Benchmark harness
│   └── bench_dataset/       # SmartBugs-style labeled corpus
├── docs/                    # Architecture notes & V2 backlog
├── README.md
├── SECURITY.md
└── LICENSE

🔒 Security Posture (TL;DR)

  • Sandbox isolation. Untrusted PR code runs only inside an ephemeral Docker container — never on the host.
  • Secret redaction. All API keys and wallet strings pass through a .Redacted() interface before reaching log/slog. Logs are publishable.
  • Ephemeral keys. Deploy keys live for ~30 seconds, encrypted in memory with AES-256-GCM, and are never written to disk.
  • Auto-sweep. Leftover gas is returned to cold storage immediately post-deploy. No stranded funds.
  • Cryptographic audit trail. Every deployment is recorded in SQLite with on-chain transaction hashes as immutable secondary evidence.

Full threat model in SECURITY.md.


🛠️ Tech Stack

Layer Tools
Backend Go 1.21, go-chi/chi, log/slog
Blockchain go-ethereum, Foundry (forge, solc), Slither
AI / LLMs Google Gemini 2.5 Flash, Groq Llama 3.3 70B, Ollama (deepseek-coder)
Data Redis (AST cache), SQLite3 (audit trail)
Infra Docker, GitHub Webhooks, ngrok

🗺️ Roadmap

  • Mainnet deployment support with multi-sig hand-off
  • Hardware-key (HSM) integration for the master wallet
  • GitHub App distribution (vs. webhook-per-repo)
  • Web dashboard for audit trail visualization
  • Custom rule packs per organization

See docs/V2_BACKLOG.md for the full backlog.


🤝 Contributing

Contributions are welcome. Please open an issue first to discuss any major changes.

For security vulnerabilities, do not open a public issue. See SECURITY.md for responsible disclosure.


📄 License

Apache License 2.0 — see LICENSE.


👤 Author

Built by Jevin Jojo.


SolGuard ensures that vulnerable code never reaches main, and private keys never reach the cloud.

About

AI-powered DevSecOps pipeline for Solidity. Multi-model AI consensus audits every PR and blocks unsafe code, then auto-deploys approved contracts using single-use, ephemeral keys that never touch disk.

Resources

License

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors