Zaevlad | Solidity, Audit & LLM

It changes the business model too. Devs no longer need to spend on traffic acquisition via websites. Write a plugin, reach the wallet's built-in audience.

ERC-7579 standardizes plugins for cross-wallet compatibility. EIP-7702 lets regular EOAs temporarily act as smart wallets. This breaks address fragmentation, enabling single identity across chains.

Have you heard abour Wallet-centric Web3? Here is a brief info, if you have not... 👇

Funny to see auditors who were strictly against AI, and who used to make jokes about other auditors using it for auditing, now launching their own AI agents to scan smart contracts and boasting about it...

@patrickd_de Do you think that local AI agents and models can solve that issue?

@RightNowIn It does bother me a bit to see devs and auditors sign NDAs with projects but then proceed to send the entire codebase off to the AI cloud without much of a thought...

Smart contract auditors should pay attention to Copilot on GitHub. In the top right corner of any repository page, there’s a Copilot icon that opens a chat scoped to that specific repo. You can ask direct questions about the project’s architecture and codebase.

This makes it much easier to study the protocol’s evolution: track shifts in invariants, business logic, and access control. Instead of manually reviewing dozens of diffs, you get a faster way to understand how and why the code became what it is today.

The key advantage for auditors is access to commit history. You can ask when a function’s logic changed, in which commit a validation was added, why a module was rewritten, and what files were affected by specific changes.

@aviggiano Depends on what you are looking for... That opensandbox is a good one: github.com/alibaba/OpenSa…

Can anyone share openclaw security best practices? A friend asked