Threat Intelligence Engine
This engine pulls in security data from across the Web3 ecosystem. It processes reports of known threats, ranks them by credibility and risk, and lets the ProtectAI system act on that intelligence in real time. Itβs like a central brain that keeps track of known malicious actors and indicators.
1. External Sources The Threat Intelligence Engine collects data from a mix of public and private sources:
Chainalysis feeds for flagged addresses and behavior patterns
GitHub threat lists that track new scam contracts, attack scripts, and common exploit code
CVEs (Common Vulnerabilities and Exposures) focused on smart contract vulnerabilities, EVM bugs, and L2 protocol weaknesses
Community and partner submissions, including flagged addresses from wallet providers and blockchain security firms
All incoming data is normalized into a standard schema for consistency.
2. Internal Scoring Model ProtectAI doesn't just store raw data. It processes each input and assigns a threat score using three main categories:
Reputation Score Based on how often an address has shown up in threat reports and how old those reports are.
Behavior Score Based on observed on-chain behavior: gas spiking, failed transfers, blacklisted token interactions, or reentrancy patterns.
Community Signal Score Derived from ProtectAI user flags, developer comments, and voting weight of each submission.
The total threat score is updated continuously. Contracts or wallets above a certain threshold are flagged across the platform.
3. Query Interface The Threat Intelligence Engine offers a searchable interface, both for internal use and third-party tools.
Search by address: Returns a full risk report including threat score, history, and reason for flag.
Search by transaction hash: Surfaces behavioral context, including abnormal gas usage or execution patterns.
Search by contract name: Matches against known scam templates or reused bytecode patterns.
This data powers in-app warnings, browser alerts, and predictive models inside the AI engine.
Last updated