Audit Solana programs
before they ship.
Tree-sitter AST parsing, LLM-powered confirmation, semantic graph mining, adversarial account synthesis, and automated remediation. 15 vulnerability classes. V2 engine.
Pipeline
V2: 6-phase AST-native analysis
tree-sitter Parse
~12s
Sink-first Candidates
~1s
LLM Confirm/Reject
~3m
PoC Validation
~30s
Advisory Gen
~2s
Patch + PR
~5s
Vulnerability Classes
15 detectors
Missing signer check
Missing owner check
PDA derivation mistakes
Arbitrary CPI target
Type confusion / account substitution
Reinitialization / double-init
Close-then-revive
Unchecked realloc / stale memory
Integer overflow/underflow
State machine violations
Remaining accounts injection
Oracle validation failures
Token account mismatch
Post-CPI stale reads
Duplicate account injection
Semantic Graphs
program structure analysis
Authority Flow
Signer propagation paths
Token Flow
SPL token account edges
State Machine
State transition graph
PDA Graph
Derived address mapping