> For the complete documentation index, see [llms.txt](https://protectai.gitbook.io/protectai/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://protectai.gitbook.io/protectai/introduction/core-features.md).

# Core Features

ProtectAI is an advanced Web3 security engine designed to operate silently but powerfully in the background, securing your activity in real time. From blocking phishing domains to decoding contract risks, every feature is built to anticipate threats before they become losses. Whether you're a DeFi explorer, NFT collector, or seasoned investor, ProtectAI keeps your assets one step ahead of danger.

<figure><img src="/files/L3fyqVH91tKgc3778CfT" alt=""><figcaption></figcaption></figure>

### **1. Phishing Protection**

Phishing attacks are among the most common and damaging threats in Web3. With one click, a user can be tricked into handing over seed phrases or signing malicious approvals. ProtectAI prevents this by proactively scanning URLs and site behaviors before you even interact with them.

**How it works:**

* A real-time blacklist sourced from community reports, threat intelligence platforms, and honeypot traps is constantly updated.
* Every clicked link or connected dApp domain is compared against this list within milliseconds.
* If a match is found or if a domain exhibits suspicious behavior (like typosquatting or forced wallet connection), ProtectAI blocks the session and alerts the user instantly.

**Advanced Techniques Used:**

| Feature                   | Description                                                                   |
| ------------------------- | ----------------------------------------------------------------------------- |
| Domain Reputation Scoring | Assigns a dynamic score based on history, SSL certs, WHOIS, and web behavior  |
| Fuzzy Matching Algorithms | Detects deceptive domain names (e.g., `app-uniswap.org` vs `app.uniswap.org`) |
| Contextual Alerts         | Warns users why a site is risky — phishing, fake UI, credential bait, etc.    |
| Passive Monitoring Layer  | Even if no action is taken, the engine silently logs interaction risk data    |

**User Benefit:** You never have to guess whether a site is legitimate. If it’s questionable, ProtectAI stops you cold.

***

### **2. Smart Contract Analysis**

Contracts are the backbone of Web3—but not all are created equal. Many malicious contracts look harmless on the surface. ProtectAI breaks them down before you interact, saving you from stealth drains or approval traps.

**Deep Contract Intelligence Includes:**

* **Static Code Analysis:** Breaks down the bytecode and source (if verified), checking for known malicious patterns or dangerous libraries.
* **Permission Flagging:** Highlights admin-only functions, unrestricted minting, or self-destruct capabilities.
* **External Call Tracing:** Identifies contracts that pass control to other contracts, often used in multi-step exploits.
* **Constructor Behavior Review:** Flags contracts with hidden logic deployed during initialization, which is often unreviewed by users.

**User Benefit:** Before signing anything, you know what’s under the hood—no more blind trust in unknown contracts.

***

### **3. Token Risk Analysis**

Absolutely. Here's a fully rewritten version of **Feature 3: Token Risk Analysis**, now with richer explanations and no table — just a clean, technical, and user-centric narrative that flows naturally:

***

#### **3. Token Risk Analysis**

A token might look like just another digital asset, but under the surface, it could be engineered to drain your funds or lock your wallet. ProtectAI helps you see the difference—before you ever hit "Buy."

This feature scans the token contract in depth, analyzing not just the source code (if verified) but the deployed bytecode itself. The goal is to uncover hidden mechanics that aren’t visible on the usual token pages or even on most block explorers.

For example, ProtectAI checks whether the token creator has retained minting privileges. If the owner can mint unlimited tokens at any time, your holdings can be diluted without warning. It also verifies whether the liquidity is actually locked or burned—or still controlled by a deployer wallet that could pull the plug at any moment.

Many scam tokens also hide trapdoors like transfer taxes (which silently deduct a percentage every time tokens are moved), blacklist functions (which prevent selected users from selling), or honeypot logic (which allows buying but permanently blocks selling). These red flags are precisely the kind of tricks ProtectAI is designed to detect and expose.

**User Benefit:** You don’t have to rely on guesswork or community rumors. With ProtectAI, every token comes with its full security profile, so you can trade with eyes wide open.

***

### **4. Transaction Simulation**

Transactions on-chain are irreversible. One wrong signature, and assets can vanish. ProtectAI prevents this by showing you what will happen—before it happens.

**How Simulation Works:**

* Mimics the full transaction execution locally, without actually signing or broadcasting.
* Shows all asset movements, balance changes, and contract interactions.
* Flags gas inefficiencies, failed function calls, or malicious approvals.

**Details You’ll See:**

* **Post-Transaction Wallet Balance:** Predict your token and ETH balance after execution.
* **Contract Interactions:** List of called functions, decoded with parameters.
* **Token Transfers:** Shows incoming/outgoing transfers by token address and amount.
* **Approval Risks:** Warns if you're granting unlimited approval to unknown contracts.

***

### **5. Risk Detection Engine**

ProtectAI doesn’t just react—it predicts. Using a live behavioral analysis layer, it constantly monitors on-chain patterns to identify subtle indicators of emerging threats.

**Core Risk Metrics Tracked:**

* **Anomalous Transaction Spikes:** Detects if a contract suddenly sees a high failure rate.
* **Permission Changes:** Flags contracts whose admin access or upgrade paths are altered mid-flight.
* **Liquidity Drain Behavior:** Notifies users when a project begins rapidly removing liquidity.
* **Address Clustering:** Detects known scam networks operating under new aliases.

**Behavioral Model Snapshot:**

| Signal                       | Detection Logic                   | Response Type         |
| ---------------------------- | --------------------------------- | --------------------- |
| High Revert Rate Spike       | 300% increase in failed calls     | Contract flagged      |
| New Wallet Mint Spike        | 1,200 wallets mint in 10 min      | Token rate-limited    |
| Re-entrancy Pattern Detected | Multiple recursive internal calls | Alert user + simulate |
| Ownership Renounced Mid-use  | Admin role dropped post presale   | Flagged as suspicious |

**User Benefit:** You stay ahead of the trend. Instead of reacting to what already happened, you get warned about what’s likely coming.

***

### **6. Active Threat Detection**

Security in Web3 moves fast—and threats don’t wait. ProtectAI is designed to listen constantly across both the blockchain and the wider security community.

**Threat Sources Monitored:**

* GitHub exploit repositories and proof-of-concept releases
* Telegram and Discord attack coordination chatter
* Contract deployment trends across Ethereum, BSC, and Layer 2s
* API feeds from security firms and open-source trackers

**Threat Lifecycle Response:**

1. **Ingest:** Collects metadata and hash signatures of suspected contracts
2. **Classify:** Uses ML models and manual tagging to assess severity
3. **Broadcast:** Notifies users in-app and through optional channels (Telegram, Email, Slack)
4. **Guide:** Offers contextual mitigation tips—e.g., “Revoke access,” “Avoid contract X,” “Token flagged”

**Threat Alert Example:**

> “A malicious contract (`0xAbc…123`) mimicking a USDT airdrop has been flagged across 3 networks. It requests unlimited approval but contains a silent token drain logic. Avoid interacting. Revoke any previous allowances.”

**User Benefit:** You’re informed before the wider community reacts. Instant updates, not postmortems.

***

### **Built to Work in Real Time**

Each of these tools isn’t a standalone app—it’s part of a deeply integrated engine optimized for performance, clarity, and safety. The backend fuses static analysis, machine learning, transaction tracing, and real-time API feeds into a single, fast-reacting layer of protection.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://protectai.gitbook.io/protectai/introduction/core-features.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.