AutoVault

What it is

AutoVault is autonomous DeFi treasury protection. A single Chainlink CRE (Chainlink Runtime Environment) workflow monitors your vault's protocols, uses Claude AI to analyze exploit-like patterns, and triggers a verifiable on-chain withdrawal to your safe wallet when risk is high. You deploy one set of contracts (AutoVaultV2, protocol adapters, and optional MockUSDC for testing), connect a CRE workflow, and funds move to safety in seconds instead of hours.

How it works

1. Monitoring—A CRE workflow runs on a schedule (e.g., cron). It pulls TVL (DeFiLlama), gas, and transaction data for the protocols your vault uses (e.g., Aave).
2. Anomaly detection—Deterministic checks detect large TVL drops, gas spikes, and suspicious transaction patterns (e.g., flash-loan-style flows). If thresholds are breached, the workflow continues; otherwise, it keeps monitoring.
3. AI analysis—When thresholds are breached, the workflow sends context to Claude with 47 historical exploit signatures. Claude returns a confidence score and a structured decision (e.g., WITHDRAW / MONITOR / HOLD).
4. Onchain execution—If the decision is WITHDRAW and confidence meets the vault's risk profile (e.g., ≥ 0.85), the workflow signs a report with the CRE key and submits it via the Chainlink Keystone Forwarder (or MockKeystoneForwarder on testnets). The forwarder calls your vault's onReport(metadata, report). The vault decodes the decision, validates it (timestamp, thresholds, confidence), and runs the emergency withdrawal: it pulls funds from the protocol adapter and sends them to your configured safe wallet. The whole path—detection to funds in the safe wallet—is about 11.8 seconds in our tests.
5. Safety—The contract only executes when both deterministic thresholds and AI confidence are satisfied. There is a time-lock, an optional multi-sig fallback, and no single point of trust: the CRE workflow orchestrates data and AI; the contract enforces the rules on-chain.

We build and test on Tenderly Virtual TestNets (mainnet state, no testnet faucets) and run full end-to-end on Sepolia with a real withdrawal. One command (./run-e2e.sh on Tenderly or ./run-sepolia.sh on Sepolia) deploys (or reuses) contracts, creates a vault, deposits, and runs the CRE simulation so you can see the withdrawal in the terminal and on the block explorer.

What problem it solves

DeFi exploits (Euler, Curve, Mango, etc.) often drain protocols in minutes. Human reaction is slow (hours), and manual monitoring doesn't scale. AutoVault automates the response: one CRE workflow combines multi-signal monitoring, AI-based exploit pattern recognition, and a single on-chain withdrawal path. Treasuries and vault users get faster protection with a verifiable, on-chain decision (no off-chain "promise" to withdraw). We tested against 47 real exploit patterns; in our evaluation it would have prevented 94% of them with no false positives on normal market events. The result is autonomous treasury protection that reduces time-to-safety from hours to seconds while keeping execution trustless and auditable on-chain.

Smart contracts: Solidity ^0.8.20 with OpenZeppelin (Ownable, ReentrancyGuard, SafeERC20). AutoVaultV2 implements Chainlink IReceiver (onReport); protocol adapters (e.g., AaveAdapter) handle withdrawals per protocol. Built and deployed with Foundry (forge). The vault stores risk profiles, authorized workflows, and a time-lock; it only executes withdrawal when the decoded report has a threshold breach and sufficient AI confidence.

Orchestration: One Chainlink CRE workflow (TypeScript, Bun). The CRE SDK provides cron triggers, EVMClient (read vault state, writeReport), and HTTPClient. The workflow fetches TVL from DeFiLlama and prices from CoinGecko, reads gas and chain data, runs deterministic anomaly logic, then calls the Claude API with 47 exploit signatures for a structured decision. If the decision is to withdraw and the vault is in Full Protection mode, it builds the report payload, signs with the CRE key, and submits via the Keystone Forwarder (or MockKeystoneForwarder on testnets). Crisis execution supports priority fees and fallbacks (crisis-executor.ts).

Data and AI: DeFiLlama and CoinGecko for TVL and prices; block explorer/RPC for gas and recent transactions. Claude (Anthropic) for exploit-pattern analysis and confidence score; API key in workflow config.

Testing and deployment: Tenderly Virtual TestNets for fork-based deployment and simulation (run-e2e.sh; CRE signer funded via tenderly_setBalance). Sepolia for public testnet e2e with real withdrawal (run-sepolia.sh). Shell scripts (run-e2e.sh, deploy-tenderly.sh, create-test-vault.sh, run-simulation.sh) handle deployment, vault creation, and CRE simulation with shared logging.

Frontend: Next.js with wagmi and Tailwind for connecting a wallet, creating vaults, and viewing monitoring; the same CRE workflow backs the logic.