LastCheck

LastCheck is a self-hosted, programmable security middleware designed to be the final line of defense for on-chain transactions. In an era where "blind signing" and sophisticated wallet drainers are rampant, LastCheck provides a sovereign, AI-augmented co-signing agent that acts as a mandatory gatekeeper. Unlike retail wallet protections that offer generic warnings, LastCheck is a "Sovereign Firewall" that you host yourself, ensuring that your security logic and transaction data never leave your private infrastructure.

The project is built on a three-layer defense architecture:

1. The Logic Layer: Users define transaction boundaries using human-readable YAML or natural language (e.g., "Only allow Uniswap swaps under $500"). These rules are transformed into executable code that evaluates every proposed transaction.
2. The Intelligence Layer: A local AI core analyzes transaction call data, simulates execution to detect hidden malicious outcomes (emulation), and identifies patterns like address poisoning or "dust" attacks that static rules might miss.
3. The Enforcement Layer: Utilizing Safe (Gnosis), LastCheck is designed to function as a mandatory co-signer. No transaction can be finalized on-chain without the agent’s cryptographic approval, effectively turning your wallet into a programmable multisig.

By integrating a Telegram/Signal-based "Human-in-the-Loop" workflow, LastCheck ensures that if the AI has any doubt, the final "Yes" always comes from you. It is the ultimate guardian for both human users and the next generation of autonomous AI agents.

LastCheck was built with a focus on privacy, modularity, and the "Agentic Era" stack. The core of the implementation is a custom Model Context Protocol (MCP) server that acts as the bridge between the blockchain and the AI.

The Nitty-Gritty Details:

• Agentic Intelligence via OpenClaw: We chose to integrate with a self-hosted OpenClaw instance rather than a centralized LLM API. This ensures that sensitive transaction data and private security rules remain within the user's controlled environment. The MCP server provides the AI with the necessary "context"—the user's YAML rules, transaction history, and current chain state—to make informed security decisions.
• The MCP Server Architecture: The MCP server is the "brain" of the operation. It exposes tools that allow an AI agent to read transaction proposals, simulate them using Tenderly/Phalcon APIs, and compare the results against the user's pre-defined rule set.
• Safe & Zodiac Integration: For on-chain enforcement, we utilized the Safe (formerly Gnosis Safe) framework. We leveraged Zodiac modules to create a programmable "co-signer" logic. While the full on-chain enforcement of every rule is a massive undertaking, our hackathon implementation focuses on the Agentic Decision Layer—the logic that determines whether the agent should provide its signature to the multisig.
• The Telegram Gateway: We built a custom bot that acts as the communication channel. When the MCP server flags a transaction as "Suspicious," it triggers a Telegram notification with a simple "Allow/Reject" interface, bringing the human back into the loop for critical decisions.

One particularly notable hack was how we handled the YAML-to-Logic transformation. We used an LLM to pre-process human-readable intent into a structured JSON schema that the MCP server could evaluate in real-time without needing a full compiler. This allows users to "talk" to their firewall to update their security settings on the fly. By prioritizing an MCP-first approach, we’ve made LastCheck compatible with any modern AI agent, effectively building a "Security Brain" that can be plugged into any agentic workflow.