AI-Powered Smart Contract Auditing Tool for Cardano

[Proposal setup] Proposal title

Please provide your proposal title

AI-Powered Smart Contract Auditing Tool for Cardano

[Proposal Summary] Budget Information

Enter the amount of funding you are requesting in ADA

70000

[Proposal Summary] Time

Please specify how many months you expect your project to last

7

[Proposal Summary] Translation Information

Please indicate if your proposal has been auto-translated

No

Original Language

en

[Proposal Summary] Problem Statement

What is the problem you want to solve?

Billions of dollars have been lost on blockchains due to smart contract exploits, and design flaws. In Q2 2025 alone, over $800M was stolen from DeFi protocols through vulnerabilities (Certik).

[Proposal Summary] Supporting Documentation

Supporting links

• https://www.chainalysis.com/wp-content/uploads/2025/03/the-2025-crypto-crime-report-release.pdf
,
• https://www.certik.com/resources/blog/hack3d-the-web3-security-quarterly-report-q2-h1-2025

[Proposal Summary] Project Dependencies

Does your project have any dependencies on other organizations, technical or otherwise?

Yes

Describe any dependencies or write 'No dependencies'

AI Models that are going to be trained for smart contract auditing.

[Proposal Summary] Project Open Source

Will your project's outputs be fully open source?

Yes

License and Additional Information

The solution will be open-sourced (MIT License), hosted on GitHub, and built with community engagement to ensure transparency and adaptability.

[Theme Selection] Theme

Please choose the most relevant theme and tag related to the outcomes of your proposal

Security

[Campaign Category] Category Questions

Mention your open source license and describe your open source license rationale.

The solution will be open-sourced (MIT License), hosted on GitHub, and built with community engagement to ensure transparency and adaptability. Anyone who wants to contribute to the project can create an issue and pull request on GitHub.

How do you make sure your source code is accessible to the public from project start, and people are informed?

We will make the souce code available for everyone by hosting it on GitHub. Beside that we will use different social media mechanism to inform everyone the progress and features the tool is building or finished integrating.

How will you provide high quality documentation?

We will provide a high quality documentation by following the standard documentation writing methods. And we will also iterate and update on the documentation if the features included on the tool are not already on the documentation.

[Your Project and Solution] Solution

Please describe your proposed solution and how it addresses the problem

Our AI-powered auditing platform will combine static analysis, dynamic execution tracing, and AI reasoning frameworks to deliver high-accuracy vulnerability detection and performance optimization. Inspired by recent research such as SmartAuditFlow (2025), our approach leverages a Plan-Execute AI framework with Retrieval-Augmented Generation (RAG) to minimize hallucinations and false positives.

Core Features:

1. Automated Vulnerability Detection

• Identify common issues such as reentrancy, integer overflows, logic errors, access control flaws.
• Flag anti-patterns in Plutus contracts.

1. Optimization & Efficiency Suggestions

• Highlight inefficient code patterns.
• Recommend optimizations to reduce resource usage and transaction costs.

1. Real-Time Feedback for Developers

• Integrate into developer workflows (VSCode plugin, CLI tool, or web interface).
• Provide immediate insights during development, not just post-deployment.

1. Developer Education & Reports

• Explain vulnerabilities in plain language.
• Offer secure coding recommendations.
• Generate audit reports for projects to share with their communities.

1. Open Source & Community Driven

• Source code under MIT License.
• Public GitHub repository with issue tracking and contribution guidelines.
• Active collaboration with Cardano dev community.

[Your Project and Solution] Impact

Please define the positive impact your project will have on the wider Cardano community

• Stronger Security → Fewer exploits, reduced losses, and greater trust in Cardano dApps.
• Faster Development → Developers spend less time debugging security issues.
• Lower Costs → Democratizes security by making audits accessible for small teams.
• Ecosystem Growth → A secure, developer-friendly Cardano will attract more projects, users, and investors.

[Your Project and Solution] Capabilities & Feasibility

What is your capability to deliver your project with high levels of trust and accountability? How do you intend to validate if your approach is feasible?

• Plutus & Cardano Development (Haskell, on-chain/off-chain code).
• AI/ML Research (NLP, code analysis, vulnerability detection).
• Blockchain Security (experience with audits, vulnerability classification).
• Product Development & Community Engagement (open source management, developer education).

We will also collaborate with Cardano developer groups and security researchers to validate results and improve effectiveness.

[Milestones] Project Milestones

Milestone Title

Architecture & research

Milestone Outputs

We will begin by designing the system architecture and conducting deep research on model design and dataset preparation. This includes collecting high-quality datasets of smart contracts, both secure and vulnerable, and curating them for AI model training. At this stage, we will also prepare detailed documentation of the overall approach, establish coding standards, and set up the GitHub repository for public collaboration. This milestone ensures a strong foundation for all later stages

Acceptance Criteria

This milestone will be accepted when a complete system design document is prepared, datasets are curated and structured in a usable form for training, and a GitHub repository is publicly available with initial commits, readme files, and contribution guidelines that allow others to review and participate.

Evidence of Completion

The evidence will include finalized architecture documentation, structured datasets in a repository or dataset store, and a publicly available GitHub repository showing commits, initial project structure, readme files, and contribution instructions.

Delivery Month

1

Cost

5000

Progress

10 %

Milestone Title

AI model development

Milestone Outputs

This phase focuses on creating and training the AI/ML model to detect vulnerabilities in Plutus smart contracts. The model will be trained using real exploit datasets and simulated vulnerabilities, allowing it to identify flaws such as reentrancy, integer overflows, and access control issues. We will also integrate it with test contracts to validate accuracy and usability.

Acceptance Criteria

The milestone will be accepted once the trained AI model demonstrates accurate detection of vulnerabilities in Plutus contracts during testing, successfully flags a range of known flaws, and integrates with a test environment that developers can run sample audits on without major errors.

Evidence of Completion

Evidence will consist of test reports highlighting the model’s detection rates, performance metrics such as precision and recall, and GitHub commits with the trained model, test scripts, and integration documentation proving that the system runs as intended.

Delivery Month

2

Cost

30000

Progress

40 %

Milestone Title

A web interface

Milestone Outputs

We will develop a web-based interface and a CLI tool to make the auditor accessible. These tools will allow developers to upload or input contracts and receive immediate audit feedback. We will also integrate an optimization engine that recommends improvements to reduce transaction costs and strengthen contract security.

Acceptance Criteria

This milestone will be accepted once the web interface and CLI tool are operational, allowing users to upload or input Plutus contracts and receive reliable vulnerability detection results alongside optimization suggestions. The system must function without major errors and be easy to use.

Evidence of Completion

Evidence will include a deployed and accessible website, a working CLI package with clear installation instructions, and test cases or demo videos showing successful contract analysis with both vulnerabilities flagged and optimizations recommended.

Delivery Month

1

Cost

10000

Progress

20 %

Milestone Title

Refine the Model using users feedback

Milestone Outputs

We will conduct pilot audits with 2–3 real Cardano projects and gather developer feedback through surveys, workshops, and hands-on sessions. This feedback will guide the refinement of the AI models and improvements to documentation. The aim is to align the tool with actual developer needs and ensure community-driven improvements.

Acceptance Criteria

This milestone will be accepted when developer feedback has been formally collected and documented from at least two pilot projects, and the AI model has been refined to address the identified shortcomings. Updated documentation must also reflect these changes to ensure transparency.

Evidence of Completion

Evidence will consist of workshop and survey reports, feedback summaries, updated AI model versions with changelogs describing refinements, and improved documentation that reflects developer input and adjustments made.

Delivery Month

2

Cost

15000

Progress

20 %

Milestone Title

Public launch

Milestone Outputs

The final milestone will focus on publicly releasing the tool under the MIT License. This includes publishing final documentation, audit case studies, and pilot project reports. We will also organize outreach through developer communities and Cardano ecosystem channels to drive adoption and encourage contributions.

Acceptance Criteria

This milestone will be accepted once the tool is officially released on GitHub with the MIT License, comprehensive documentation is publicly available, final case studies from pilot projects are published, and announcements are made through Cardano developer channels to confirm launch.

Evidence of Completion

Evidence will include the public GitHub repository with complete code and license, final case studies and reports in PDF or online format, official launch announcements across Cardano forums, and fully accessible documentation for developers.

Delivery Month

1

Cost

10000

Progress

10 %

[Final Pitch] Budget & Costs

Please provide a cost breakdown of the proposed work and resources

AI Model Development & Training → ₳25,000

Smart Contract Security Research → ₳10,000

Frontend & Backend Development → ₳15,000

Pilot Testing & Case Studies → ₳10,000

Documentation, Community Outreach, Workshops → ₳10,000

Total = ₳70,000

[Final Pitch] Value for Money

How does the cost of the project represent value for the Cardano ecosystem?

The requested ₳70,000 provides exceptional value to the Cardano ecosystem because it delivers a critical piece of infrastructure: an open-source AI-powered smart contract auditing and optimization tool that can be used by all developers, present and future, at no cost.

Why this represents strong value:

1. One-time Investment, Long-term Utility

• Unlike traditional audits, which must be repeated for each project and cost $10,000–$100,000 per audit, this tool will be reusable across the ecosystem, saving developers and projects millions of dollars over time.

1. Open-Source and Community Driven

• By releasing the tool under the MIT license, the ecosystem avoids vendor lock-in and benefits from continuous improvement through community contributions, workshops, and shared knowledge.

1. Ecosystem-wide Impact

• Every project that launches on Cardano benefits from stronger security and faster development cycles. This raises the baseline trust level for users, investors, and developers, multiplying the ecosystem’s value far beyond the original investment.

1. Cost Efficiency vs. Alternatives

• Manual audits are not scalable and are often inaccessible for startups. For the cost of fewer than 10 traditional audits, Catalyst funds a tool that can audit thousands of contracts.

1. Risk Reduction = Ecosystem Growth

• Exploits not only harm individual projects but damage Cardano’s reputation as a whole. By preventing even one major exploit, the tool will already have repaid the Catalyst investment many times over.

[Required Acknowledgements] Consent & Confirmation

Terms and Conditions:

Yes