Don't Get Drained

Don't Get Drained is an agentic firewall marketplace for DeFi. Security researchers and developers publish AI-powered guard agents to a decentralized marketplace, earning fees each time their agent is used to review a transaction. Safe wallet owners compose a panel of these agents into a firewall — before any swap executes, every agent on the panel reviews the transaction against the user's plain-English intent, on-chain simulation results, and specialized knowledge like historical exploit data from rekt.news. If the agents detect a mismatch between what the user says they want and what the transaction actually does, execution is blocked. Agent prompts and inference results are stored on 0G decentralized storage, with rootHash proofs submitted on-chain to an InferenceGuard contract implementing the Safe Guard interface. Aggregation policies (unanimous, majority, any-reject) let wallet owners tune their security posture. The result is a permissionless security economy — anyone can build and monetize a specialized guard agent, and users compose them like building blocks to protect their funds.

Two Solidity 0.8.19 contracts form the core, built with Foundry: AgentDirectory is a marketplace registry on 0G testnet where agents register with metadata, pricing, and prompt CIDs — it tracks inference usage and enables agent creators to earn per review. InferenceGuard implements the Safe Guard interface on a mainnet fork (Anvil), maintaining an agent panel and storing approval verdicts linked to transaction hashes. The frontend is Next.js 16 with React 19, Tailwind CSS 4, and ethers.js. AI inference runs through 0G Compute Network's OpenAI-compatible endpoint, with prompt templates stored on 0G Storage via the 0G TS SDK. A notable hack is the multi-step agent flow — the RektGuard agent first fetches a rekt.news exploit index, triages relevant articles, then runs inference with that context injected. Transaction simulation uses Alchemy's simulateAssetChanges API to surface actual balance deltas before AI review. A relayer pattern decouples off-chain AI computation from on-chain approval, submitting 0G storage rootHash proofs to the Guard contract. The prompt templating system injects swap context variables and instructs agents to ignore intermediate routing hops, judging only the final output token.