Stellar Community Fund

By Almanax

Almanax

SCF #26

$50.0K

Legacy v5.0 Activation Award

Awarded

Almanax is an automated security auditor that leverages AI to find and fix vulnerabilities in smart contracts.

Products & Services

Almanax is an AI-powered tool designed for automating the auditing process of smart contracts before they are deployed on Stellar. It aims to make the auditing process faster, more affordable, and continuous, thereby enhancing the security of smart contracts by identifying and fixing vulnerabilities to prevent exploitation by hackers.

Problems Solved: Due to their immutability, smart contracts need to go through security audits before being deployed on mainnet to ensure there aren’t bugs or vulnerabilities in the code. Traditional security audits have incredibly high costs (even up to $200k+) and lengthy processes (top auditors have long waitlists) associated with them, making them inaccessible for many projects. Inefficiencies and ineffectiveness of manual audits, which often fail to prevent breaches even when conducted.

How It Solves Them: Utilizes large language models (LLMs) and other AI algorithms trained on a vast repository of smart contract audits and known vulnerabilities to automate the audit process. Delivers audit outcomes within seconds, reducing the time and cost associated with traditional audits. Offers a subscription model for continuous monitoring to identify new vulnerabilities or security events as they emerge, moving beyond the point-in-time limitation of conventional audits.

Target Audience: Stellar/Soroban developers and companies looking to deploy smart contracts on Stellar.

Benefits: Significantly reduces the costs of audits, making security more accessible for a wider range of projects. Shortens the wait times for audits from months to seconds, facilitating faster development and deployment of projects. Transforms the auditing process from a snapshot in time to a continuous monitoring solution, enhancing ongoing security assurance.

How It Works and Its Use of Stellar/Soroban: Almanax’s general functionalities include collecting and structuring Stellar/Soroban specific data from various sources, including publicly available Soroban audits and known vulnerabilities databases. Using this data to train an LLM and other AI algorithms, which are then fine-tuned to identify vulnerabilities in Soroban smart contracts and generate audit reports with recommended fixes specific to Soroban. The process involves detecting vulnerabilities, explaining their nature, proposing solutions, and evaluating the effectiveness of these solutions through a feedback loop.