Alpha

sentinelryanwaits/sentinel

Continuous asset-safety audits for Stacks contracts

GitHubDemo ↗

Problem
A paid audit is a snapshot; the contract stays live for years after.
Scan
Paste a live SP… contract, get flagged surface back in seconds.
Audit
Five subagents, one dimension each, adversarially verified before anything ships.
Reproduce
Confirmed findings replay in an isolated, airgapped Clarity VM — no mainnet.
Monitor
Human-gated alerts after the audit. Sentinel routes intent, never acts on-chain.
The Problem

Audits Are a Snapshot. Exploits Aren't.

A paid audit catches what's true the day it ships — the contract stays live for years after. Monitoring products alert on anomalies, but rarely prove the anomaly is an actual exploit, so teams learn to tune the noise out.

Start Here

Scan

Paste a live SP…/ST… contract at runsentinel.app. Sentinel fetches the real on-chain source over secondlayer and flags value-transfer, admin, and access-control surface — in seconds, no full run yet.

Terminal
# runsentinel.app — paste any Stacks contract
Resolving contract on Stacks...
3 value-transfer functions
2 admin-gated entrypoints
1 unchecked authorized-contracts call
The Deep Tier

Five Subagents, Adversarially Verified

Continue past the scan into the full audit. Five subagents each own a dimension — access control, reentrancy, share accounting, interest math, flashloan economics — then a verifier adversarially checks every finding before it ships.

Terminal
agent/
agent.ts # orchestrator, Opus 4.8
subagents/
auditor-access-control.ts
auditor-reentrancy.ts
auditor-share-accounting.ts
auditor-interest-math.ts
auditor-flashloan-economics.ts
verifier.ts # adversarial pass on every finding
Prove It, Don't Just Flag It

Sandbox Reproduction

A finding isn't done until it's reproduced. Sentinel replays the exploit path in an isolated Clarity VM — Docker, deny-all network, zero egress — so a confirmed vuln is deterministic, not a guess.

Terminal
bun run sandbox:build # docker build, network: none
bun run sandbox:run # 15/15 assertions pass, no mainnet, no network
One authorized-contracts call drives total-assets to 0 — 50,001,000 sats stay locked, reproduced with zero network access.

After the Audit

Monitoring, Human-Gated

Confirmed findings don't end the engagement — Sentinel keeps watching the same surface and routes intent to your team. A correlation is never treated as a confirmed exploit, and Sentinel never acts on-chain itself.

Terminal
CRITICAL socialize-debt forces unbounded LP loss v0-vault-sbtc · fn socialize-debt
bug · PoC green 4d ago
MEDIUM Treasury executes whatever governance passes ccd002-treasury-mia · fn execute
centralization 3d ago
Get Started

Scan, Audit, or Watch

Free scan of any live contract, no login. The full audit and continuous monitoring are the product — pricing is public.

Scan
open https://runsentinel.app
Full audit
bun run audit
Self-host sandbox
bun run sandbox:build
bun run sandbox:run