Assay proves whether a contract is exploitable on a fork, signs a verdict your agent gates execution on, and revokes it within a block when the contract changes.
Session keys scope what an agent may do. They don't check whether the target is safe. That gap is where agents get drained — one interaction, irreversible, no chargeback.
A signed verdict, backed by an on-fork exploit proof, kept true by a monitor.
Fork the chain and attempt the drain. A verdict is a proof, not a guess — or a clean pass with the sites shown safe.
An EIP-712 attestation bound to the exact contract, its code hash, and the block — with a short TTL.
Your wallet allows the action only with a fresh verdict. A monitor revokes within a block when the contract changes.
Every claim below is reproducible.
Discovers the vulnerability and writes a passing on-fork exploit — not a static heuristic.
Reproduced a canonical, third-party reentrancy it never authored, from only the source.
Zero false positives on a safe contract byte-identical in shape to a vulnerable one. It reasons; it doesn't pattern-match.
Proxy upgrade slips past code-hash pinning; the monitor catches it and the agent's next transaction is auto-blocked.
Assay installs as an ERC-4337 session-key policy (ERC-7579) or a Safe guard. A UserOp validates only with both the session key's signature and a fresh Assay verdict for its target — enforced before execution.
This is authorization, not monitoring. Runtime security watches the protocol and reacts. Assay authorizes the agent before it acts.
Design partners get a testnet integration and a co-published safety track record. Free during the pilot.
hello@getassay.xyz