ShieldAi
๐ก๏ธ ShieldAI โ AI Agent Security Layer
$45M+ lost to AI agent exploits in Q1 2026. ShieldAI is the fix.
ShieldAI is the first multi-layer runtime security platform for autonomous AI agents operating in crypto and DeFi environments.
Unlike code auditors (pre-deployment) or wallets (custody), ShieldAI enforces security at runtime โ while the agent is executing.
๐จ The Problem
In Q1 2026, over $45M was lost to AI agent exploits:
- Step Finance โ $27.3M drained via compromised AI agent permissions
- Resolv Labs โ $25M+ via AWS KMS key compromise affecting AI-managed funds
- OpenClaw โ $250K lost due to AI parsing error exploited by attackers
- 250,000+ daily active AI agents on-chain (โ400% YoY)
Traditional security tools were built for deterministic code. They donโt understand semantic intent, canโt detect prompt injection, and have no concept of behavioral drift in an AI agent context.
ShieldAI was built specifically for this gap.
โ The Solution โ 13 Security Layers
| Layer | Name | Function | Threat Covered |
|---|---|---|---|
| L0 | MCP Gateway | Intercepts all MCP tool calls before execution | Data exfiltration, unknown servers, tool poisoning |
| L1 | Input Firewall | Scans all external data entering the agent | Prompt injection, hidden text, unicode spoofing |
| L2 | Memory Protection | Cryptographic hash chain for agent memory | Memory poisoning, rule injection, history tampering |
| L3 | Intent Checker | Claude API semantic analysis of agent actions | Scope creep, behavioral inconsistency, social engineering |
| L4 | TX Guardian | Pre-chain transaction simulation and validation | Wallet drainers, honeypots, scam addresses |
| L5 | Agent Watchdog | Behavioral baseline + anomaly detection | Behavioral drift, burst attacks, off-hours activity |
| L6 | Human Gate | Hardware-attested biometric authorization | High-value transactions ($10K+), critical operations |
| L7 | Rate Limiter | Per-agent transaction rate enforcement | Flood attacks, rapid drain attempts |
| L8 | Whitelist Engine | Dynamic counterparty whitelisting | Unauthorized recipients, new addresses |
| L9 | Freeze Circuit | Emergency agent freeze mechanism | Active exploits, anomalous behavior patterns |
| L10 | SpendGuard | On-chain spend limit enforcement (Solidity) | Overspend, daily limit breaches |
| L11 | EU AI Act Logger | Compliance logging for Articles 9,13,14,15,17,72 | Regulatory non-compliance, audit failures |
| L12 | Audit Trail | Immutable on-chain event log | Tamper attempts, accountability gaps |
๐ฎ Interactive Demos
Every layer has a live browser demo โ no installation required:
| Layer | Demo | Description |
|---|---|---|
| L0 MCP Gateway | โ Demo | Intercept and inspect MCP tool calls in real-time |
| L1 Input Firewall | โ Demo | Test 13 prompt injection detection patterns |
| L2 Memory Protection | โ Demo | Simulate memory poisoning attacks and defenses |
| L3 Intent Checker | โ Demo | AI-powered semantic intent analysis (live Claude API) |
| L4 TX Guardian | โ Demo | Simulate transaction validation and drainer detection |
| L5 Agent Watchdog | โ Demo | Behavioral anomaly scoring and auto-freeze |
| L6 Human Gate | โ Demo | Mobile biometric authorization flow |
| L7 Rate Limiter | โ Demo | Real-time rate limiting simulation |
| L8 Whitelist Engine | โ Demo | Dynamic whitelist management |
| L9 Freeze Circuit | โ Demo | Emergency freeze and recovery flow |
| L10 SpendGuard | โ Demo | On-chain spend limit enforcement |
| L11 EU AI Act | โ Demo | Compliance report generator |
| L12 Audit Trail | โ Demo | Immutable on-chain audit log |
๐ Deployments
| Contract | Network | Address | Explorer |
|---|---|---|---|
| SpendGuard.sol | Mantle Sepolia Testnet | 0x7f875B92c772C48281a901C4BF32b53d6329fadC |
View โ |
| SpendGuard.sol | Arbitrum One (Mainnet) | 0xE03C389DF391549E44c2aa807576c9eE2956C2d8 |
View โ |
๐ฆ SDK
npm install @shieldai-xyz/sdk
import { ShieldAI } from '@shieldai-xyz/sdk';
const shield = new ShieldAI({
contractAddress: '0x7f875B92c772C48281a901C4BF32b53d6329fadC',
network: 'mantle-sepolia'
});
const result = await shield.checkSpend({
agent: agentAddress,
amount: transactionAmount,
token: 'USDC'
});
if (!result.allowed) {
console.log('Blocked:', result.reason);
}
โ๏ธ EU AI Act Compliance
ShieldAIโs L11 EU AI Act Logger is our primary differentiator โ no direct competitors exist in this space.
Covers Articles: 9 ยท 13 ยท 14 ยท 15 ยท 17 ยท 72
๐ Competitive Positioning
| ย | ShieldAI | Claw Wallet | Octane |
|---|---|---|---|
| Runtime monitoring | โ | โ | โ |
| Spend enforcement on-chain | โ | โ ๏ธ custody only | โ |
| EU AI Act compliance | โ | โ | โ |
| 13-layer architecture | โ | โ | โ |
| Code auditing | โ | โ | โ |
๐ Links
- Dashboard: shield-xyz-lab.github.io/ShieldAi/dashboard.html
- Twitter/X: @ShieldAI2026
- npm SDK: @shieldai-xyz/sdk
- Donate: Giveth โ
๐ License
MIT โ Built by ShieldAI Lab