DeFi & Blockchain Protocol Security
Protocol risk is system risk. DeFi failures are often cross-component: contract logic, oracle assumptions, bridge trust, and governance timing. This workflow keeps agent actions narrow and auditable while humans own final protocol decisions.
What this workflow covers
- Upgrade diff review for proxy and immutable deployments.
- Oracle and scope guardrails for manipulation-resistant execution.
- Bridge and multisig emergency runbooks for containment.
Eligibility profile
A finding is eligible when:
- The impacted contracts/configs are known and versioned.
- A fork-test or simulation harness can validate behavior.
- Emergency actions are pre-approved in runbook policy.
- Agent changes are reviewable as code/config, not ad-hoc operator chat.
Recipe catalog
- Smart-contract upgrade diff risk review
- DeFi oracle manipulation guardrails
- Bridge & multisig emergency response
Guardrails
- Chain-specific simulation required before merge.
- Invariant tests for solvency, collateralization, and pause logic.
- Timelock and signer-threshold constraints cannot be weakened by agent.
- Any unverifiable assumption triggers
TRIAGE.mdand stop.
Not in scope
- Autonomous governance voting with production keys.
- New protocol feature design.
- Economic parameter tuning without risk committee sign-off.
Python remediation tool
Python remediation tool
DeFi and Blockchain Protocol Security
Plan remediation for smart contracts, protocol upgrades, bridges, oracles, governance, multisig, and blockchain-specific controls.
Custom command
python scripts/security_recipes_remediation_suite.py defiFindingDomain toolRecipes + optional LLMPR handoff or TRIAGE.md
Inputs
- contract finding or audit note
- chain, contract, bridge, oracle, or governance context
- test suite and simulation path
- upgrade and timelock policy
Allowed actions
- plan code-level contract remediation and invariant tests
- require simulation before upgrade
- separate governance proposal from code patch
- document timelock and signer requirements
Stop conditions
- remediation requires emergency pause, upgrade execution, or signer action
- economic assumptions are disputed
- contract ownership or upgradeability is unclear
- simulation path is missing
Evidence output
- contract address or source path
- audit rule and exploit class
- unit, fuzz, invariant, or fork simulation result
- governance and timelock notes
Enterprise adapters and example command
BlockchainFoundry, Hardhat, Tenderly, OpenZeppelin Defender, Chainlink, The Graph
SecuritySlither, Mythril, Echidna, Scribble, Certora, Halmos
GovernanceSafe, Tally, Snapshot, timelock controllers
TicketingJira, Linear, incident response platforms
python scripts/security_recipes_remediation_suite.py defi \
--finding finding.json \
--recipes-source public/api/recipes.json \
--tooling github,snyk,jira,servicenow \
--llm-mode prompt \
--output out/defi-packet.json