diff --git a/buzzbd/SKILL.md b/buzzbd/SKILL.md new file mode 100644 index 00000000..b26ed705 --- /dev/null +++ b/buzzbd/SKILL.md @@ -0,0 +1,224 @@ +--- +name: buzzbd-token-intelligence +description: Accesses BuzzBD token scoring, swarm simulation intelligence, and CEX listing qualification through either x402 micropayments or API key auth. +--- + +# BuzzBD Token Intelligence Skill + +Use this skill when an agent needs cross-chain token scoring, 10,000-agent swarm simulation results, or CEX listing qualification data. + +## Base URL + +- `BUZZBD_BASE_URL`: `https://api.buzzbd.ai` +- Use this origin for runtime requests and discovery docs (`/.well-known/agent.json`, `/.well-known/x402.json`, `/llms.txt`). + +## Access Model + +- Use x402 or API key for monetized requests. +- Prefer Bankr wallet tooling when available. +- Support vanilla x402 clients as a first-class fallback. +- Include `x-buzzbd-api-key` when available; runtime requests can be authorized via either x402 payment handling or API key auth. +- If using Bankr signing (`/agent/sign`), provide a Bankr API key via `X-API-Key` with Agent API access enabled and signing permissions. + +## Platform Stats + +| Metric | Value | +|--------|-------| +| Tokens Tracked | 363 | +| Intel Sources | 31 | +| Chains Covered | 19 | +| Swarm Agents | 10,000 (standard: 1,000) | +| Monte Carlo | 26ms per 100K iterations | +| Smart Contracts | 4 Base mainnet + 1 Solana mainnet | +| Agent Identity | ERC-8004: ETH #25045, Base #17483, Avalanche #18709 | + +## Core Endpoints + +- `GET /api/v1/score-token?address={addr}&chain={chain}` — 11-factor composite score (0-100) +- `GET /api/v1/pipeline/tokens` — full pipeline with scores, stages, and classification +- `GET /api/v1/mirofish/token/{address}/latest` — latest swarm simulation result +- `GET /api/v1/mirofish/stats` — aggregate simulation statistics +- `GET /api/v1/simulate` — Monte Carlo simulation (1000x100 iterations, 26ms) +- `POST /api/v1/mirofish/store` — submit simulation results (authenticated) + +## Scoring System (11 Factors, 100 Points) + +| Factor | Weight | Source | +|--------|--------|--------| +| Market Cap | 15% | DexScreener, CoinGecko | +| Liquidity Depth | 20% | DexScreener, HeyAnon MCP | +| 24h Volume | 10% | DexScreener | +| Social Presence | 10% | DexScreener .info.socials, CoinGecko | +| Token Age | 5% | DexScreener | +| Team Transparency | 5% | CoinGecko, manual verification | +| FDV Gap Penalty | -15% | DexScreener (FDV vs MCap ratio) | +| Honeypot Detection | -20% | DexScreener buy/sell tax analysis | +| Ghost Token Filter | -10% | Zero volume + zero holder detection | +| Security Audit | 10% | CoinGecko, contract verification | +| Stablecoin Exclusion | filter | Automatic exclusion from scoring | + +### Score Actions + +| Score | Category | Action | +|-------|----------|--------| +| 85-100 | HOT | Immediate BD outreach — CEX listing candidate | +| 70-84 | WARM | Priority queue — monitor for listing window | +| 50-69 | WATCH | Check back 48h — improvement possible | +| 0-49 | SKIP | Does not meet minimum criteria | + +**Calibration note:** 0 out of 363 tokens currently clear the 85-point HOT threshold. The engine is honest by design — it catches what manual audits miss. + +## MiroFish Swarm Simulation + +10,000-agent hybrid swarm intelligence engine: + +| Component | Count | Method | +|-----------|-------|--------| +| LLM Agents | 400 (10K) / 200 (1K) | Ollama qwen3:8b, individual reasoning | +| Heuristic Agents | 9,600 (10K) / 800 (1K) | JS rule-based, deterministic | +| Clusters | 5 | degen, whale, institutional, community, market_dynamics | +| Rounds | 10-20 | Sequential with social feed propagation | +| Wave Architecture | 4 x 2,500 | Each wave inherits prior social feed | + +**Validated result:** Nasdog (SOL) — 0.669 consensus after 20 rounds. Institutional cluster held skeptical at 0.440 while degen cluster pushed to 0.85. Emergence, not programmed. + +## Smart Contracts (On-Chain Verification) + +| Chain | Contract | Purpose | +|-------|----------|---------| +| Base | 0xbf81316266dBB79947c358e2eAAc6F338Fa388Fb | ScoreStorage | +| Base | 0xF09bB39c9591F1745dDB2F8Aa990e1e0e68F9B28 | BuzzRegistry | +| Base | 0xE234C46ecF4A0439D2FE16C0868B5C405E7e7505 | ListingEscrow | +| Base | 0x9dD4e8158C6fB0a32663E6A4eFF0fC79B304F387 | RevenueShare | +| Solana | EUQoSgsGZzipuayB8AnZHXUMRtLwwy5SuRi4YgFXiogd | ScoreStorage (PDA) | + +## x402 API Call Checklist + +1. Send request to BuzzBD endpoint without payment headers. +2. If response is `402`, parse `PAYMENT-REQUIRED`. +3. Sign payment and retry with `PAYMENT-SIGNATURE`. +4. On success, parse `PAYMENT-RESPONSE`. +5. Apply retry/backoff rules for `429` and transient `5xx`. + +## Concrete TypeScript Example (x402 Client Wrapper) + +```ts +import { x402Client, wrapFetchWithPayment } from "@x402/fetch"; +import { ExactEvmScheme } from "@x402/evm/exact/client"; +import { privateKeyToAccount } from "viem/accounts"; + +const baseUrl = process.env.BUZZBD_BASE_URL ?? "https://api.buzzbd.ai"; +const evmPrivateKey = process.env.EVM_PRIVATE_KEY as `0x${string}`; + +const signer = privateKeyToAccount(evmPrivateKey); + +const client = new x402Client(); +client.register("eip155:*", new ExactEvmScheme(signer)); + +const fetchWithPayment = wrapFetchWithPayment(fetch, client); + +// Score a token +const scoreRes = await fetchWithPayment( + `${baseUrl}/api/v1/score-token?address=7GCihgDB8fe6KNjn2MYtkzZcRjQy3t9GHdC8uHYmW2hr&chain=solana`, + { method: "GET", headers: { "Content-Type": "application/json" } } +); + +if (!scoreRes.ok) { + throw new Error(`request_failed:${scoreRes.status}:${await scoreRes.text()}`); +} + +const data = await scoreRes.json(); +console.log("score:", data.composite_score, "category:", data.category); + +// Get swarm simulation result +const simRes = await fetchWithPayment( + `${baseUrl}/api/v1/mirofish/token/7GCihgDB8fe6KNjn2MYtkzZcRjQy3t9GHdC8uHYmW2hr/latest`, + { method: "GET" } +); + +const sim = await simRes.json(); +console.log("consensus:", sim.final_belief, "agents:", sim.agent_count); +``` + +## Bankr-Compatible Signer Adapter + +```ts +import { x402Client, wrapFetchWithPayment } from "@x402/fetch"; +import { ExactEvmScheme } from "@x402/evm/exact/client"; + +async function createBankrSigner(apiKey: string) { + const meRes = await fetch("https://api.bankr.bot/agent/me", { + headers: { "X-API-Key": apiKey } + }); + if (!meRes.ok) throw new Error(`bankr_me_failed:${meRes.status}`); + const me = await meRes.json(); + const address = me.walletAddress as `0x${string}`; + + return { + address, + async signTypedData(payload: unknown): Promise<`0x${string}`> { + const signRes = await fetch("https://api.bankr.bot/agent/sign", { + method: "POST", + headers: { + "Content-Type": "application/json", + "X-API-Key": apiKey + }, + body: JSON.stringify({ + signatureType: "eth_signTypedData_v4", + typedData: payload + }) + }); + if (!signRes.ok) throw new Error(`bankr_sign_failed:${signRes.status}`); + const signed = await signRes.json(); + return signed.signature as `0x${string}`; + } + }; +} + +const bankrSigner = await createBankrSigner(process.env.BANKR_API_KEY!); +const client = new x402Client(); +client.register("eip155:*", new ExactEvmScheme(bankrSigner as never)); + +const fetchWithPayment = wrapFetchWithPayment(fetch, client); +const res = await fetchWithPayment( + `${process.env.BUZZBD_BASE_URL}/api/v1/score-token?address=0x...&chain=base`, + { method: "GET" } +); +``` + +Use the private-key signer path by default. Use the Bankr adapter when your runtime only has Bankr API signing access. + +## Session Spending Cap + +Recommended: set a session spending cap of **$1.00 USDC** for exploratory use. Token scoring queries cost $0.05 each; simulation results cost $0.25. A $1 cap covers 20 score lookups or 4 simulation pulls. + +## Code Review / Safety Notes + +- All scoring data is read-only — no state mutations on external contracts. +- x402 payments settle on Base (USDC). Verify contract address before signing. +- Monte Carlo simulations run server-side; no client-side compute required. +- Swarm simulation results include cluster-level belief breakdowns for auditability. +- On-chain score verification: compare API score against Base ScoreStorage contract. + +## Supported Chains + +Solana, Ethereum, BSC, Base, Arbitrum, XRPL, Avalanche, Polygon, Fantom, Optimism, Cronos, zkSync, Linea, Scroll, Mantle, Blast, Mode, Sei, NEAR. + +## Intelligence Sources (31) + +DexScreener, CoinGecko, HeyAnon MCP, Hyperliquid, JingSwap, AIBTC MCP, Stacks Explorer, Phantom MCP, Financial Datasets MCP, and 22 additional cross-chain data feeds. + +## References + +- Token scoring methodology: `references/token-scoring.md` +- CEX listing process: `references/listing-process.md` + +## About + +Buzz is the autonomous BD agent for SolCex Exchange — the world's first Zero-Human Exchange Listing Company. Running 24/7 on Hetzner CPX62 (16 vCPU, 32GB RAM). + +- **Site:** [buzzbd.ai](https://buzzbd.ai) +- **GitHub:** [buzzbysolcex/buzz-bd-agent](https://github.com/buzzbysolcex/buzz-bd-agent) +- **Twitter:** [@BuzzBySolCex](https://x.com/BuzzBySolCex) +- **Payments:** x402 protocol (USDC on Base) +- **Identity:** ERC-8004 registered on ETH, Base, Avalanche diff --git a/buzzbd/references/listing-process.md b/buzzbd/references/listing-process.md new file mode 100644 index 00000000..eb81ef8e --- /dev/null +++ b/buzzbd/references/listing-process.md @@ -0,0 +1,73 @@ +# SolCex Listing Process + +## Overview + +SolCex Exchange is a Solana-native centralized exchange focused on emerging token listings. BuzzBD handles the business development pipeline — from token discovery to outreach. + +## Listing Requirements + +### Minimum Criteria + +| Requirement | Threshold | +|-------------|-----------| +| Liquidity | $100K+ | +| 24h Volume | $100K+ | +| Holders | 500+ | +| Chain | Solana, Ethereum, or BSC | +| NOT on major CEX | Not listed on Binance, Coinbase, OKX, Bybit | +| Team contactable | At least one verified communication channel | +| BuzzBD Score | 70+ (Qualified) | + +### Listing Fees + +| Chain | Fee | Rationale | +|-------|-----|-----------| +| Solana | $5,000 USDC | Home chain — standard rate | +| Ethereum | $7,500 USDC | Cross-chain premium — higher integration cost | +| BSC | $7,500 USDC | Cross-chain premium — higher integration cost | + +## Pipeline Stages + +``` +DISCOVER → SCORE → VERIFY → OUTREACH → NEGOTIATE → LIST +``` + +### 1. Discover +Buzz scans DexScreener, AIXBT, and KOL sources for emerging tokens meeting minimum metrics. + +### 2. Score +100-point scoring system applied. See references/token-scoring.md for full methodology. + +### 3. Verify +Before outreach, every token must pass: +- ✅ Contract address confirmed on chain explorer +- ✅ Pair address matches DexScreener URL +- ✅ Token age verified from pair creation date +- ✅ Liquidity cross-checked across sources +- ✅ NOT already on major CEXs +- ✅ Social links working and active +- ✅ Team or community is contactable + +### 4. Outreach +Buzz drafts personalized outreach emails. All outreach requires human approval (Ogie) before sending. + +### 5. Negotiate +SolCex team handles listing terms, technical integration requirements, and timeline. + +### 6. List +Token goes live on SolCex Exchange. + +## Outreach Channels + +| Priority | Channel | Notes | +|----------|---------|-------| +| 1 | Email | Professional, trackable, preferred | +| 2 | Twitter DM | Quick, informal, good for initial contact | +| 3 | Telegram | Community-focused projects | +| 4 | Discord | Dev-focused projects | + +## Contact + +- **Email:** buzzbysolcex@gmail.com +- **Twitter:** [@BuzzBySolCex](https://x.com/BuzzBySolCex) +- **GitHub:** [buzzbysolcex/buzz-bd-agent](https://github.com/buzzbysolcex/buzz-bd-agent) diff --git a/buzzbd/references/token-scoring.md b/buzzbd/references/token-scoring.md new file mode 100644 index 00000000..99aa7226 --- /dev/null +++ b/buzzbd/references/token-scoring.md @@ -0,0 +1,126 @@ +# Token Scoring Methodology + +## Overview + +BuzzBD's 100-point scoring system evaluates tokens across 6 weighted factors with catalyst adjustments. The system is designed to identify tokens with genuine CEX listing potential while filtering out high-risk or low-quality projects. + +## Base Scoring (100 points) + +### Market Cap (20 points) + +| Range | Points | Rationale | +|-------|--------|-----------| +| >$10M | 20 | Established project with proven market interest | +| $5M-$10M | 16 | Strong mid-cap with growth potential | +| $1M-$10M | 12 | Meets minimum CEX threshold | +| $500K-$1M | 8 | Borderline — monitor for growth | +| <$500K | 4 | Too early for CEX listing | + +### Liquidity (25 points) + +Liquidity is weighted highest because it directly impacts listing viability. CEXs need sufficient DEX liquidity for price discovery and arbitrage. + +| Range | Points | Rationale | +|-------|--------|-----------| +| >$500K | 25 | Excellent — supports CEX trading pairs | +| $200K-$500K | 20 | Good — adequate for initial listing | +| $100K-$200K | 15 | Minimum viable for small CEX | +| $50K-$100K | 8 | Below threshold — high risk | +| <$50K | 3 | Insufficient for CEX listing | + +**Hard minimum:** $100K liquidity required for pipeline inclusion. + +### 24h Volume (20 points) + +| Range | Points | Rationale | +|-------|--------|-----------| +| >$1M | 20 | High demand — active trading | +| $500K-$1M | 16 | Strong volume for listing size | +| $100K-$500K | 12 | Adequate activity | +| $50K-$100K | 6 | Low but present | +| <$50K | 2 | Insufficient market interest | + +### Social Metrics (15 points) + +| Presence | Points | Criteria | +|----------|--------|----------| +| All platforms | 15 | Twitter + Telegram + Discord + Website active | +| 2+ platforms | 10 | At least two active community channels | +| 1 platform | 5 | Single channel presence | +| None | 0 | No community = no listing | + +### Token Age (10 points) + +| Age | Points | Rationale | +|-----|--------|-----------| +| >90 days | 10 | Survived initial volatility | +| 30-90 days | 7 | Building track record | +| 7-30 days | 4 | New but established | +| <7 days | 2 | Too new — wait and monitor | + +### Team Transparency (10 points) + +| Level | Points | Criteria | +|-------|--------|---------| +| Doxxed + active | 10 | Team publicly known, regular updates | +| Partially doxxed | 7 | Some team members known | +| Anonymous + active | 4 | Anonymous but responsive | +| Anonymous + silent | 1 | High risk | + +## Catalyst Adjustments + +Catalysts modify the base score based on real-world events and signals. + +### Positive Catalysts + +| Catalyst | Bonus | Detection Source | +|----------|-------|-----------------| +| Hackathon win | +10 | Manual / news | +| Mainnet launch | +10 | DexScreener / Twitter | +| Major partnership | +10 | News / social | +| CEX listing elsewhere | +8 | CoinGecko / CMC | +| Audit completed | +8 | Audit reports | +| AIXBT + DexScreener cross-match | +5 | Multi-source | +| x402 whale alert confirmed | +5 | Einstein AI | +| KOL accumulation signal | +5 | leak.me | +| Bullish KOL sentiment | +3 | leak.me | + +### Negative Catalysts + +| Catalyst | Penalty | Detection Source | +|----------|---------|-----------------| +| Delisting risk | -15 | News / social | +| Exploit history | -15 | Security reports | +| Rugpull association | -15 | Community reports | +| Team controversy | -10 | Social / news | +| Smart contract vulnerability | -10 | Audit / reports | +| KOL risk flag | -10 | leak.me | +| Already on major CEXs | -5 | CoinGecko | + +## Score Interpretation + +| Range | Tag | Recommended Action | +|-------|-----|-------------------| +| 85-100 | 🔥 HOT | Immediate outreach — top priority | +| 70-84 | ✅ Qualified | Add to pipeline — standard outreach | +| 50-69 | 👀 Watch | Monitor for 48h — may improve | +| 0-49 | ❌ Skip | Do not pursue | + +## Cross-Reference Rules + +1. **Multi-source confirmation required** — No token qualifies on a single data source +2. **Contract address verification** — Always verify by address, never by name alone +3. **Liquidity floor** — Hard minimum of $100K regardless of other factors +4. **CEX check** — Already on Binance/Coinbase/OKX/Bybit = lower priority +5. **Chain filter** — Only Solana, Ethereum, BSC qualify for SolCex listing + +## Special Flags + +| Flag | Meaning | +|------|---------| +| `[HIGH CONVICTION]` | Appears on both AIXBT AND DexScreener trending | +| `[WHALE ALERT]` | Einstein AI confirmed whale activity | +| `[BREAKING]` | Gloria AI breaking news catalyst | +| `[KOL SIGNAL]` | leak.me smart money tracking detected | +| `[VERIFIED]` | Full data verification complete | +| `[REVENUE SIGNAL]` | ETH/BSC token with score 80+ (cross-chain premium fee) | diff --git a/buzzbd/scripts/buzzbd.sh b/buzzbd/scripts/buzzbd.sh new file mode 100644 index 00000000..8faca7ee --- /dev/null +++ b/buzzbd/scripts/buzzbd.sh @@ -0,0 +1,328 @@ +#!/bin/sh +# BuzzBD Token Intelligence Script +# Usage: buzzbd.sh +# Commands: score, qualify, report, chains + +set -e + +DEXSCREENER_API="https://api.dexscreener.com/tokens/v1" + +# Colors +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +CYAN='\033[0;36m' +NC='\033[0m' + +usage() { + echo "🐝 BuzzBD Token Intelligence" + echo "" + echo "Usage: buzzbd.sh [args]" + echo "" + echo "Commands:" + echo " score
Score a token (0-100)" + echo " qualify
Quick qualification check" + echo " report
Full intelligence report" + echo " chains List supported chains" + echo "" + echo "Chains: solana, ethereum, bsc" + echo "" + echo "Example:" + echo " buzzbd.sh score 7GCihgDB8fe6KNjn2MYtkzZcRjQy3t9GHdC8uHYmW2hr solana" +} + +list_chains() { + echo "🐝 BuzzBD Supported Chains" + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━" + echo " solana | \$5,000 USDC | Primary" + echo " ethereum | \$7,500 USDC | Cross-chain premium" + echo " bsc | \$7,500 USDC | Cross-chain premium" + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━" +} + +fetch_token() { + ADDRESS="$1" + CHAIN="$2" + + # Map chain names to DexScreener chain IDs + case "$CHAIN" in + solana|sol) DS_CHAIN="solana" ;; + ethereum|eth) DS_CHAIN="ethereum" ;; + bsc|bnb) DS_CHAIN="bsc" ;; + *) echo "❌ Unsupported chain: $CHAIN"; exit 1 ;; + esac + + # Fetch from DexScreener + RESPONSE=$(curl -s "${DEXSCREENER_API}/${DS_CHAIN}/${ADDRESS}") + + if echo "$RESPONSE" | grep -q '"pairs":\[\]' 2>/dev/null || echo "$RESPONSE" | grep -q '"pairs":null' 2>/dev/null; then + echo "❌ Token not found on DexScreener for chain: $CHAIN" + echo " Address: $ADDRESS" + echo " Verify the contract address and chain are correct." + exit 1 + fi + + echo "$RESPONSE" +} + +score_token() { + ADDRESS="$1" + CHAIN="$2" + + DATA=$(fetch_token "$ADDRESS" "$CHAIN") + + # Extract metrics from first pair (highest liquidity) + MCAP=$(echo "$DATA" | python3 -c " +import sys, json +d = json.load(sys.stdin) +pairs = d if isinstance(d, list) else d.get('pairs', d.get('pair', [])) +if isinstance(pairs, list) and len(pairs) > 0: + p = pairs[0] + print(p.get('marketCap', p.get('fdv', 0)) or 0) +else: + print(0) +" 2>/dev/null || echo "0") + + LIQUIDITY=$(echo "$DATA" | python3 -c " +import sys, json +d = json.load(sys.stdin) +pairs = d if isinstance(d, list) else d.get('pairs', d.get('pair', [])) +if isinstance(pairs, list) and len(pairs) > 0: + p = pairs[0] + liq = p.get('liquidity', {}) + print(liq.get('usd', 0) if isinstance(liq, dict) else 0) +else: + print(0) +" 2>/dev/null || echo "0") + + VOLUME=$(echo "$DATA" | python3 -c " +import sys, json +d = json.load(sys.stdin) +pairs = d if isinstance(d, list) else d.get('pairs', d.get('pair', [])) +if isinstance(pairs, list) and len(pairs) > 0: + p = pairs[0] + vol = p.get('volume', {}) + print(vol.get('h24', 0) if isinstance(vol, dict) else 0) +else: + print(0) +" 2>/dev/null || echo "0") + + TOKEN_NAME=$(echo "$DATA" | python3 -c " +import sys, json +d = json.load(sys.stdin) +pairs = d if isinstance(d, list) else d.get('pairs', d.get('pair', [])) +if isinstance(pairs, list) and len(pairs) > 0: + bt = pairs[0].get('baseToken', {}) + print(bt.get('name', 'Unknown')) +else: + print('Unknown') +" 2>/dev/null || echo "Unknown") + + TOKEN_SYMBOL=$(echo "$DATA" | python3 -c " +import sys, json +d = json.load(sys.stdin) +pairs = d if isinstance(d, list) else d.get('pairs', d.get('pair', [])) +if isinstance(pairs, list) and len(pairs) > 0: + bt = pairs[0].get('baseToken', {}) + print(bt.get('symbol', '???')) +else: + print('???') +" 2>/dev/null || echo "???") + + # Calculate score + SCORE=$(python3 -c " +mcap = float('${MCAP}') +liq = float('${LIQUIDITY}') +vol = float('${VOLUME}') + +score = 0 + +# Market Cap (20 pts) +if mcap > 10000000: score += 20 +elif mcap > 5000000: score += 16 +elif mcap > 1000000: score += 12 +elif mcap > 500000: score += 8 +else: score += 4 + +# Liquidity (25 pts) +if liq > 500000: score += 25 +elif liq > 200000: score += 20 +elif liq > 100000: score += 15 +elif liq > 50000: score += 8 +else: score += 3 + +# Volume (20 pts) +if vol > 1000000: score += 20 +elif vol > 500000: score += 16 +elif vol > 100000: score += 12 +elif vol > 50000: score += 6 +else: score += 2 + +# Social/Age/Team estimated at midrange (35 pts) +# Full scoring requires manual verification +score += 17 + +print(score) +" 2>/dev/null || echo "0") + + # Determine category + if [ "$SCORE" -ge 85 ]; then + CATEGORY="HOT" + EMOJI="🔥" + elif [ "$SCORE" -ge 70 ]; then + CATEGORY="Qualified" + EMOJI="✅" + elif [ "$SCORE" -ge 50 ]; then + CATEGORY="Watch" + EMOJI="👀" + else + CATEGORY="Skip" + EMOJI="❌" + fi + + # Listing fee + case "$CHAIN" in + solana|sol) FEE="5,000" ;; + *) FEE="7,500" ;; + esac + + echo "$SCORE|$CATEGORY|$EMOJI|$TOKEN_NAME|$TOKEN_SYMBOL|$MCAP|$LIQUIDITY|$VOLUME|$FEE" +} + +cmd_score() { + ADDRESS="$1" + CHAIN="$2" + RESULT=$(score_token "$ADDRESS" "$CHAIN") + + SCORE=$(echo "$RESULT" | cut -d'|' -f1) + CATEGORY=$(echo "$RESULT" | cut -d'|' -f2) + EMOJI=$(echo "$RESULT" | cut -d'|' -f3) + NAME=$(echo "$RESULT" | cut -d'|' -f4) + SYMBOL=$(echo "$RESULT" | cut -d'|' -f5) + + echo "🐝 BuzzBD Score: ${NAME} (${SYMBOL})" + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━" + echo " Score: ${SCORE}/100 ${EMOJI} ${CATEGORY}" + echo " Chain: ${CHAIN}" + echo " Address: ${ADDRESS}" + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━" + echo "" + echo "Note: Social metrics, token age, and team transparency" + echo "require manual verification for full accuracy." +} + +cmd_qualify() { + ADDRESS="$1" + CHAIN="$2" + RESULT=$(score_token "$ADDRESS" "$CHAIN") + + SCORE=$(echo "$RESULT" | cut -d'|' -f1) + CATEGORY=$(echo "$RESULT" | cut -d'|' -f2) + LIQUIDITY=$(echo "$RESULT" | cut -d'|' -f7) + NAME=$(echo "$RESULT" | cut -d'|' -f4) + FEE=$(echo "$RESULT" | cut -d'|' -f9) + + LIQ_OK=$(python3 -c "print('YES' if float('${LIQUIDITY}') >= 100000 else 'NO')") + + echo "🐝 BuzzBD Qualification: ${NAME}" + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" + if [ "$SCORE" -ge 70 ] && [ "$LIQ_OK" = "YES" ]; then + echo " ✅ QUALIFIED for SolCex listing" + echo " Score: ${SCORE}/100" + echo " Listing fee: \$${FEE} USDC" + echo " Contact: buzzbysolcex@gmail.com" + else + echo " ❌ NOT QUALIFIED" + echo " Score: ${SCORE}/100 (need 70+)" + echo " Liquidity check: ${LIQ_OK} (need \$100K+)" + fi + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" +} + +cmd_report() { + ADDRESS="$1" + CHAIN="$2" + RESULT=$(score_token "$ADDRESS" "$CHAIN") + + SCORE=$(echo "$RESULT" | cut -d'|' -f1) + CATEGORY=$(echo "$RESULT" | cut -d'|' -f2) + EMOJI=$(echo "$RESULT" | cut -d'|' -f3) + NAME=$(echo "$RESULT" | cut -d'|' -f4) + SYMBOL=$(echo "$RESULT" | cut -d'|' -f5) + MCAP=$(echo "$RESULT" | cut -d'|' -f6) + LIQUIDITY=$(echo "$RESULT" | cut -d'|' -f7) + VOLUME=$(echo "$RESULT" | cut -d'|' -f8) + FEE=$(echo "$RESULT" | cut -d'|' -f9) + + MCAP_FMT=$(python3 -c "print(f'\${float(\"${MCAP}\"):,.0f}')") + LIQ_FMT=$(python3 -c "print(f'\${float(\"${LIQUIDITY}\"):,.0f}')") + VOL_FMT=$(python3 -c "print(f'\${float(\"${VOLUME}\"):,.0f}')") + + echo "🐝 BUZZBD INTELLIGENCE REPORT" + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" + echo "" + echo "Token: ${NAME} (${SYMBOL})" + echo "Chain: ${CHAIN}" + echo "Contract: ${ADDRESS}" + echo "Score: ${SCORE}/100 — ${EMOJI} ${CATEGORY}" + echo "" + echo "📊 BASE METRICS" + echo " Market Cap: ${MCAP_FMT}" + echo " Liquidity: ${LIQ_FMT}" + echo " 24h Volume: ${VOL_FMT}" + echo "" + echo "📡 INTELLIGENCE SIGNALS" + echo " DexScreener: ✅ Data available" + echo " AIXBT Momentum: ⏳ Requires separate check" + echo " KOL Activity: ⏳ Requires separate check" + echo "" + echo "🎯 LISTING ASSESSMENT" + if [ "$SCORE" -ge 70 ]; then + echo " Qualification: ✅ QUALIFIED" + echo " Listing Fee: \$${FEE} USDC" + else + echo " Qualification: ❌ NOT QUALIFIED (score ${SCORE}, need 70+)" + fi + echo "" + echo "📋 NEXT STEPS" + if [ "$SCORE" -ge 85 ]; then + echo " → Immediate outreach recommended" + echo " → Contact: buzzbysolcex@gmail.com" + elif [ "$SCORE" -ge 70 ]; then + echo " → Added to priority queue" + echo " → Contact: buzzbysolcex@gmail.com" + elif [ "$SCORE" -ge 50 ]; then + echo " → Monitor for 48h — may improve" + else + echo " → Does not meet criteria at this time" + fi + echo "" + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" + echo "BuzzBD by SolCex Exchange" + echo "https://github.com/buzzbysolcex/buzz-bd-agent" +} + +# Main +case "${1:-}" in + score) + [ -z "${2:-}" ] && { echo "❌ Missing contract address"; usage; exit 1; } + [ -z "${3:-}" ] && { echo "❌ Missing chain"; usage; exit 1; } + cmd_score "$2" "$3" + ;; + qualify) + [ -z "${2:-}" ] && { echo "❌ Missing contract address"; usage; exit 1; } + [ -z "${3:-}" ] && { echo "❌ Missing chain"; usage; exit 1; } + cmd_qualify "$2" "$3" + ;; + report) + [ -z "${2:-}" ] && { echo "❌ Missing contract address"; usage; exit 1; } + [ -z "${3:-}" ] && { echo "❌ Missing chain"; usage; exit 1; } + cmd_report "$2" "$3" + ;; + chains) + list_chains + ;; + *) + usage + ;; +esac diff --git a/buzzshield/security-audit/SKILL.md b/buzzshield/security-audit/SKILL.md new file mode 100644 index 00000000..a56a5046 --- /dev/null +++ b/buzzshield/security-audit/SKILL.md @@ -0,0 +1,72 @@ +--- +name: buzzshield-security-audit +description: Scan smart contracts for vulnerabilities before interacting. 68 sub-patterns across 10 attack classes, built from $583M+ in real exploit forensics. EVM + Solana + Move + Cairo. +--- + +# BuzzShield V6 — Autonomous Smart Contract Security Audit + +Scan any smart contract for vulnerabilities before you interact with it. 68 sub-patterns across 10 attack classes, built from $583M+ in real exploit forensics. + +## Capabilities + +- **Quick Check (H.2c):** Paste a contract address — get an instant uninitialized-admin vulnerability scan across EVM chains (Ethereum, Base, Arbitrum, Optimism, BSC) and Solana +- **Deep Audit:** 12-phase analysis covering reentrancy, oracle manipulation, signature replay, capability injection, parser differentials, and C memory safety +- **Pattern Matching:** 68 sub-patterns derived from real exploits: Ekubo $1.4M (B.8), Wasabi $5.5M (H.2d), Kelp $293M (H.1), Drift $285M (H), Grok $174K (G.1), and more +- **Adversarial Verification:** LLM-powered skeptic layer that challenges every finding to eliminate false positives +- **Pre-Trade Security Gate:** Scan tokens before swapping — catch rug pulls, honeypots, and malicious callbacks before they drain your wallet + +## Attack Classes + +| Class | Name | Sub-Patterns | Notable Exploit | +| ----- | -------------------- | ------------ | -------------------------- | +| A | Validation Asymmetry | 12 | Multiple DeFi protocols | +| B | Identity Trust | 8 | Ekubo $1.4M | +| C | Operation Ordering | 4 | Race condition exploits | +| D | Reentrancy | 2 | Sharwa $33K | +| E | Oracle/Price Feed | 2 | Sharwa price manipulation | +| F | Signature Replay | 5 | Cross-chain replay attacks | +| G | Capability Injection | 3 | Grok $174K | +| H | Off-Chain Trust | 8 | Kelp $293M, Wasabi $5.5M | +| I | Parser Differential | 4 | Firedancer HTTP | +| J | C Memory Safety | 10 | CVE-2026-0300 PAN-OS | + +## Usage Examples + +"scan this contract 0xABC... on Base for vulnerabilities" +"is this token safe to buy? check 0xDEF... on Ethereum" +"run a deep audit on this Solana program BNS48..." +"check if this contract has an uninitialized admin bug" +"what attack patterns does BuzzShield detect?" + +## How It Works + +1. **Fetch** — Pull verified source from block explorer or decompile bytecode +2. **Invariant Scan** — Match against 68 sub-patterns (Pattern A through J) +3. **H.2c Hunt** — Specifically check for uninitialized admin/owner storage +4. **B.8 Hunt** — Check for callback payer trust violations +5. **Skeptic Review** — Adversarial LLM challenges each finding +6. **Risk Score** — SAFE / LOW / MEDIUM / HIGH / CRITICAL with evidence + +## Live Product + +- **Web UI:** https://shield.buzzbd.ai +- **API:** https://api.buzzbd.ai/api/v1/buzzshield/scan +- **x402 Endpoint:** Pay-per-scan via USDC on Base (coming soon) + +## Architecture + +Powered by Pashov Audit Group's open-source solidity-auditor v2 and x-ray v1 (MIT licensed), extended with BuzzShield's proprietary pattern catalog and adversarial verification layers. Built by Buzz BD Agent (SolCex Exchange) running Claude Opus 4.7 24/7. + +## Requirements + +- No API key needed for basic scans via shield.buzzbd.ai +- x402 micropayment (USDC on Base) for API access (coming soon) +- Supports: Solidity, Vyper, Rust (Solana), Move, Cairo + +## About + +Built by Ogie (SolCex Exchange) — a chef who codes through conversation. No formal CS background, built entirely through conversational AI. Competing in Colosseum Frontier Hackathon (Agent #3734). + +- GitHub: https://github.com/buzzbysolcex/buzz-bd-agent +- Twitter: @BuzzBySolCex +- Live: https://shield.buzzbd.ai diff --git a/buzzshield/security-audit/references/pattern-catalog.md b/buzzshield/security-audit/references/pattern-catalog.md new file mode 100644 index 00000000..43bbc90a --- /dev/null +++ b/buzzshield/security-audit/references/pattern-catalog.md @@ -0,0 +1,160 @@ +# BuzzShield V6 — Full Pattern Catalog + +68 sub-patterns across 10 attack classes (A–J). Each pattern is grounded in a real exploit or audit-confirmed vulnerability. Total exploit value covered by ground-truth patterns: **$583M+** across 10 incidents. + +## Ground-Truth Exploit Table + +| ID | Incident | Loss | Pattern | Layer | +| --------------- | -------------------------------------------------------- | ---------------------- | ------- | ------------------------------------ | +| KELP-LZ-001 | Kelp DAO LayerZero V2 single-DVN collapse | $293M | H.1 | Off-chain trust (DVN) | +| DRIFT-H-001 | Drift Protocol off-chain settlement gap | $285M | H | Off-chain trust | +| WASABI-H2D-001 | Wasabi malicious-strategy injection | $5.5M | H.2d | Off-chain trust (untrusted strategy) | +| EKUBO-B8-001 | Ekubo callback payer trust violation | $1.4M | B.8 | Identity trust (callback) | +| GROK-BANKR-001 | Grok / Bankr capability-injection (NFT-gated capability) | $174K | G.1 | Capability injection | +| LBP-PROTOCOL | LBP launcher access-control gap | $145K | A | Validation asymmetry | +| SHARWA-E1-001 | Sharwa spot-oracle manipulation | $33K (compound) | E.1 | Oracle/price feed | +| SHARWA-D2-001 | Sharwa NFT-callback reentrancy | (compound w/E.1) | D.2 | Reentrancy | +| DABE-H2C-001 | DABE whitehat — uninitialized admin slot | $0 (caught pre-deploy) | H.2c | Off-chain trust (admin init) | +| CVE-2026-0300 | PAN-OS authentication portal overflow | n/a (CVE only) | J.4b | C memory safety | +| FIREDANCER-HTTP | Firedancer HTTP parser differential | n/a (research) | I | Parser differential | + +--- + +## Class A — Validation Asymmetry (12 sub-patterns) + +Two functions read or mutate the same state but apply different validation. Attacker reaches the protected outcome through the less-validated path. + +- A.0 baseline guard mismatch +- A.1 sender vs recipient inversion +- A.2 amount-bound vs unbounded path +- A.3 admin-vs-user check skip +- A.4 init vs reinit guard absence +- A.5 paired-function asymmetry (validator-only vs full check) +- A.6 view path bypass to mutating outcome +- A.7 batch path with per-item check missing +- A.8 modifier-only on `external`, missing on `public` +- A.9 fee-path skip on emergency exit +- A.10 timelock bypass via aux entry +- A.11 visibility-asymmetric guard (private function lacks check that public sister-function has) + +LBP Protocol fell to a Class A gap: the launcher exposed a privileged path through an under-validated pair-creation entry. + +## Class B — Identity Trust (8 sub-patterns) + +Function trusts an identity claim from a caller, payer, or callback that it has not actually verified. + +- B.1 msg.sender impersonation (proxy/delegate context) +- B.2 spoofed `tx.origin` +- B.3 trusted-address bypass via reorg +- B.4 EIP-1271 isValidSignature spoofing +- B.5 ERC-2771 forwarder context injection +- B.6 cross-domain `caller` trust +- B.7 ECDSA signer recovery error vs revert +- B.8 **callback payer trust violation** — callback function trusts the address it was called by to be the legitimate payer when nothing in the call path proves it (Ekubo $1.4M) + +## Class C — Operation Ordering (4 sub-patterns) + +Expensive or state-changing op runs before a cheap or invariant check that should gate it. + +- C.1 transfer before balance check +- C.2 approve before allowance reset +- C.3 storage write before access-control check +- C.4 fee deduction before slippage guard + +## Class D — Reentrancy (2 sub-patterns) + +State mutation after an external call where the call target can re-enter and observe stale state. + +- D.1 classic CEI violation +- D.2 **NFT receive-callback reentrancy** — `onERC721Received` / `onERC1155Received` allows attacker to re-enter while accounting is mid-flight (Sharwa) + +## Class E — Oracle / Price Feed (2 sub-patterns) + +Price feed staleness, manipulation surface, or single-source dependency. + +- E.0 stale price (`<` vs `<=` operator on `updatedAt`) +- E.1 **spot-oracle manipulation** — protocol reads spot price from a low-liquidity pair the attacker can move (Sharwa, compound with D.2) + +## Class F — Signature Replay (5 sub-patterns) + +Signed message can be replayed across chains, contracts, nonces, or deadlines. + +- F.1 missing chainId in EIP-712 domain separator +- F.2 missing contract address in domain separator +- F.3 missing nonce +- F.4 missing deadline / expiry +- F.5 cross-token signature replay (same digest, different ERC-20) + +## Class G — Capability Injection (3 sub-patterns) + +A capability (write power, role, fee exemption) is conferred by holding an artifact (NFT, token, balance) the attacker can transiently acquire. + +- G.0 token-gated `onlyHolder` with no time-binding +- G.1 **NFT-gated capability injection** — capability survives transfer; attacker grabs NFT, exercises, returns (Grok $174K) +- G.2 asset-receive hook escalation (ERC-721 / ERC-1155 receive triggers role grant) + +## Class H — Off-Chain Trust (8 sub-patterns) + +Protocol relies on off-chain or single-verifier truth where defense-in-depth is missing. + +- H.1 **single-DVN configuration** — LayerZero V2 ULN with `requiredDVNCount=1, optionalDVNCount=0` collapses to single signer (Kelp $293M) +- H.2a durable nonce reuse across off-chain settlement +- H.2b MMR / merkle root staleness +- H.2c **uninitialized admin slot** — proxy or beacon admin slot never written, attacker writes first (DABE whitehat) +- H.2d **malicious strategy injection** — vault accepts strategy address from untrusted setter (Wasabi $5.5M) +- H.3 oracle vs sequencer-uptime feed mismatch (L2) +- H.4 keeper-permissioned with no liveness check +- H.5 cross-chain message replay across forks + +## Class I — Parser Differential (4 sub-patterns) + +Two parsers in the same call path interpret the same input differently. + +- I.1 HTTP boundary differential (Firedancer) +- I.2 RLP vs SSZ disagreement (consensus vs execution) +- I.3 EIP-712 typed-data ambiguity (struct hash collision) +- I.4 ABI vs JSON-RPC encoding mismatch + +## Class J — C Memory Safety (10 sub-patterns) + +Native code in the validator/RPC stack contains memory-safety bugs that surface as DoS or RCE. + +- J.1 stack overflow (recursion bound missing) +- J.2 heap-use-after-free +- J.3 integer underflow leading to oversized alloc +- J.4a string-format injection +- J.4b **authentication portal overflow** — fixed-size buffer for auth field (CVE-2026-0300, PAN-OS) +- J.5 double-free on error path +- J.6 race condition on shared buffer +- J.7 unchecked `memcpy` length +- J.8 off-by-one in bounds check +- J.9 missing null-terminator on string ingest +- J.10 alignment / strict-aliasing violation + +--- + +## Pattern Detection Methodology + +1. **Layer 1 deep analyzer (12 phases):** inventory → entry points → state mutations → paired-function analysis → operation ordering → reentrancy → oracle → access control → signatures → capability injection → off-chain trust → economic invariants +2. **Layer 1b Semgrep:** AST scan with smart-contracts + security-audit + trailofbits packs +3. **Layer 2 Pashov:** solidity-auditor v2 drain patterns +4. **Layer 4 Skeptic:** adversarial false-positive eliminator with 15 hard-exclusion rules pre-filter, then qwen3 / Anthropic adversarial pass; CRITICAL findings cannot be REJECTed by LLM alone (asymmetric cost) +5. **Layer 5 Z3:** SMT path satisfiability per Pattern A–H +6. **Layer 6 Invariants:** Pattern A–J + ground-truths preloaded as priors +7. **Layer 7 Reporter:** platform-specific submission with AI/LLM mention auto-sanitized to "custom static analysis tooling" +8. **Layer 8 Amplifier:** fingerprint extraction + cross-protocol propagation grep +9. **Layer 9 Feedback:** outcome tracking, pattern-weight recalibration + +Skipping any layer is a violation of operational discipline. The pipeline runs in 20–30 minutes per target. + +--- + +## References + +- Source pipeline: `/home/claude-code/.tmp-build/v6/buzzshield-v6-pipeline.js` +- Ground-truth ledger: `/data/buzz/persistent/reports/intelligence/exploit-ground-truth.json` +- Methodology rule: `.claude/rules/audit-methodology-v2.md` +- Frontier hackathon submission: https://buzzbd.ai/frontier +- Live audits archive: `/data/buzz/persistent/reports/` + +Last updated: 2026-05-07 diff --git a/buzzshield/security-audit/references/quick-check-guide.md b/buzzshield/security-audit/references/quick-check-guide.md new file mode 100644 index 00000000..5d7649c7 --- /dev/null +++ b/buzzshield/security-audit/references/quick-check-guide.md @@ -0,0 +1,87 @@ +# BuzzShield V6 — Quick Check Usage Guide + +A practical guide to running pre-trade security scans, interpreting results, and respecting the limits of any pre-flight scanner. + +## How to Run a Pre-Trade Scan + +### EVM (Ethereum, Base, Arbitrum, Optimism, BSC) + +Web UI: + +``` +https://shield.buzzbd.ai +``` + +Paste the contract address. Pick the chain. Hit scan. The Quick Check (H.2c) returns in seconds; Deep Audit takes 20–30 minutes. + +API (read-only, no auth): + +```bash +curl -X POST https://api.buzzbd.ai/api/v1/buzzshield/scan \ + -H "Content-Type: application/json" \ + -d '{"address":"0xABCDEF...", "chain":"base", "depth":"quick"}' +``` + +Set `"depth":"deep"` for the full 12-phase analyzer. Deep audits queue and return a `scanId` you can poll. + +### Solana + +```bash +curl -X POST https://api.buzzbd.ai/api/v1/buzzshield/scan \ + -H "Content-Type: application/json" \ + -d '{"address":"BNS48CGg...Zn9A", "chain":"solana", "depth":"quick"}' +``` + +For native programs the scanner pulls the IDL and binary, decompiles when source isn't published, and matches against Pattern A–H Solana variants (mostly G.x capability injection and B.x identity trust on Anchor accounts). + +### What you can ask in conversation + +``` +"scan 0xABC... on base" +"is BNS48...Zn9A safe to swap into?" +"check 0xDEF... for uninitialized admin" +"deep audit 0xGHI... on arbitrum" +``` + +## Risk Levels + +| Level | Meaning | What to do | +| ------------ | --------------------------------------------------------------------------------- | ------------------------------------------------------------------- | +| **SAFE** | No known patterns matched. No high-confidence findings. | Standard caution still applies — SAFE is not insurance. | +| **LOW** | Minor anti-patterns flagged, no exploit path identified. | Proceed with normal due diligence. | +| **MEDIUM** | Plausible vulnerability detected, no working PoC. | Scan with `depth=deep`. Don't size up until reviewed. | +| **HIGH** | High-confidence vulnerability with sketched exploit path. Skeptic layer accepted. | Do not interact with significant size. Wait for fix or move on. | +| **CRITICAL** | Exploit path verified, asymmetric cost in Skeptic met. | **Do not interact.** Report to the project team if it's a live bug. | + +CRITICAL findings cannot be REJECTed by LLM review alone — they always escalate. HIGH requires Skeptic confidence ≥ 0.97 to be REJECTed (asymmetric cost: a real bug costs more than a noisy ACCEPT). + +## Limitations + +- **Source code required for full coverage.** Verified-on-explorer contracts get the deepest analysis. Unverified bytecode falls back to symbolic execution + heuristic, which catches less. +- **Anti-patterns are not exploits.** A pattern match means _this looks like a class of bug we've seen before_ — it does not always mean an attacker can drain funds today. Pre-trade scans are triage, not guarantees. +- **Off-chain trust patterns (Class H) need protocol context.** A single-DVN finding on a canonical bridge config might be intentional; the same config on a brand-new project is a red flag. The scanner reports the finding; humans (or follow-up audits) judge intent. +- **Capability injection (Class G) hides in upgrade paths.** A safe deployed contract today can become a Grok-class G.1 victim tomorrow if an upgrade adds an NFT-gated capability. Re-scan after every proxy upgrade. +- **Solana programs without IDL get a degraded scan.** Reach out and we'll prioritise IDL fetch via Anchor explorer. +- **No financial advice.** A SAFE result is not a buy recommendation; a CRITICAL is not a short setup. Use scans to avoid unforced losses, not to size positions. + +## Disclaimers + +- BuzzShield reports observations, not legal opinions. Findings are not endorsements or condemnations of any project, team, or token. +- Free public scans are best-effort; we make no SLA on response time. +- API access via x402 micropayment (USDC on Base) ships with explicit SLOs once available. +- Known false positives are tracked publicly in the Layer 9 feedback ledger; submit a counter-finding via the API and we'll recalibrate Skeptic. +- Built by an autonomous agent (Buzz, running Claude Opus 4.7) and verified by human review on CRITICAL findings before public posting. + +## When to escalate to a Deep Audit + +- Token TVL > $1M and you're sizing > 1% of TVL +- Contract was deployed in the last 7 days (speedrunner window) +- Contract was upgraded in the last 24 hours (Watchman window — re-scan) +- Quick Check returned MEDIUM or HIGH +- The protocol fits the high-bounty target profile (complex, innovative, under-audited) + +Deep audits run all 9 layers (inventory, semgrep, Pashov, Skeptic, Z3, Pentest, Reporter, Amplifier, Feedback) and produce a submission-ready Markdown report. + +--- + +Last updated: 2026-05-07