TRL4 PoC | BRAVE1 Cybersecurity Track | Deadline: 30.04.2026
-blue){kind=icon}
AuditorSEC is a security auditing platform for Web3/dApp smart contracts, built on top of Audityzer. It provides:
- 🔍 Automated vulnerability scanning via Slither + Foundry (Optimism, EVM chains)
- 📄 PDF audit reports with MinIO-backed storage and presigned URLs
- 🧠 AI-powered analysis (GPT-4) for log interpretation and anomaly detection
- 🌐 Multi-chain support: Optimism, Ethereum, Polygon (UHIP-2A schema)
- 🇺🇦 BRAVE1 / DIANA compliant: dual-use security tooling for Ukrainian defense sector
# API (FastAPI)
curl -X POST https://audityzer.onrender.com/api/v1/audit \
-H "Content-Type: application/json" \
-d '{"project_name": "MyDeFiProtocol", "log_text": "transfer(0x..., 1000000)"}'
# Health check
curl https://audityzer.onrender.com/health
The most advanced open-source Web3 security testing toolkit Smart contract auditing · AI vulnerability detection · Post-Quantum Cryptography · Defense-grade compliance
Live Demo · HF Spaces · BRAVE1 PoC · Documentation
Audityzer is a production-grade, AI-enhanced Web3 security testing platform built for DeFi protocols, smart contract auditors, and defense-adjacent cybersecurity teams.
Built under the AuditorSEC initiative, it combines:
- AI-powered vulnerability detection with Playwright-based browser automation
- Post-Quantum Cryptography (PQC) readiness — ML-KEM-768, ML-DSA-87, hybrid X25519+PQC
- Multi-tenant Kubernetes deployment on DigitalOcean (fra1) with ArgoCD GitOps
- NATS JetStream event bus for real-time security telemetry
- BRAVE1 defense PoC — Bakhmach cybersecurity overlay, TRL-4→TRL-6
- NIS2 / DORA compliance framework with automated audit trails
Audityzer Platform
├── AI Security Engine # Playwright + OpenAI + custom SARIF scanner
├── Smart Contract Scanner # Slither, Mythril, Echidna, Foundry fuzz
├── PQC Module # ML-KEM-768, ML-DSA-87, hybrid TLS
├── Multi-tenant API # FastAPI + PostgreSQL RLS + Cloudflare Hyperdrive
├── NATS JetStream Bus # Real-time event streaming (3 topics)
├── K8s Orchestration # DigitalOcean fra1, ArgoCD, Prometheus/Grafana
├── Defense Branch # BRAVE1 SPRINT-BAK-COR-001, drone cybersecurity
└── Compliance Layer # NIS2 Art.20/21/23, DORA, SOC/MDR
- 20+ vulnerability detection algorithms (reentrancy, flash loans, access control, oracle manipulation, MEV)
- Cross-chain support: Ethereum, Solana, Optimism L2, Arbitrum, BSC
- AI-powered SARIF report generation with severity scoring
- OWASP / NIST CSF / SCA / DAST / SAST pipelines
- Web3 wallet integration: MetaMask, WalletConnect, Coinbase Wallet
- Kubernetes (DigitalOcean neuralinfra-k8s, fra1) + ArgoCD GitOps
- GitHub Actions CI/CD with CodeQL, Semgrep, dependency audit
- Multi-tenant PostgreSQL with Row Level Security (RLS)
- Apache SeaTunnel CDC sync + NATS JetStream streaming
- Cloudflare DNS / Workers / Hyperdrive connection pooling
- Telegram bot ecosystem:
audityzerbot,AuditorSECAlertBot,audityzeralertsbot
- ML-KEM-768 (CRYSTALS-Kyber) key encapsulation
- ML-DSA-87 (CRYSTALS-Dilithium) digital signatures
- Hybrid X25519 + PQC for backwards-compatible TLS
- NIS2-aligned crypto-agility policy engine
- IoT edge PQC (ESP32/RPi) via BRAVE1 defense track
- NIS2 Directive (EU 2022/2555) — Art. 20 management, Art. 21 risk/crypto, Art. 23 incident reporting
- DORA-aligned incident response workflows
- ForestESG governance layer — ESG risk scoring, resource tracking
- SOC/MDR telemetry with Grafana + ClickHouse dashboards
- UHIP-2A justice/compliance integration
# Install
npm install audityzer
# Run security scan
npx audityzer scan --target https://your-protocol.com --mode advanced
# Docker
docker run -p 3000:3000 audityzer/platform:latest
# Helm (K8s)
helm install audityzer ./charts/audityzer -n audityzer
helm install nats nats/nats -n audityzer --set nats.jetstream.enabled=true| Service | Status | URL |
|---|---|---|
| Main Platform | Production | audityzer.com |
| Grafana Dashboard | Live | bbbhhai.com |
| HF Demo Space | Running | audityzer-demo |
| BRAVE1 Risk Assistant | Running | brave1-risk-assistant |
| K8s Cluster | fra1 DO | neuralinfra-k8s |
| Load Balancer | Active | 129.212.254.79 |
- BRAVE1 — Cybersecurity track, 8,000,000 UAH, 2026 (SPRINT-BAK-COR-001 Bakhmach PoC)
- Diia.City — R&D grant matching, innovation track 2026
- USF Startup EDGE — 2026 program
- Horizon Europe — Civic-Tech / Quantum-Safe Governance track
- EU4UA / WNISEF — Defense-adjacent technology
We welcome contributions! See CONTRIBUTING.md for guidelines.
git clone https://github.com/romanchaa997/Audityzer
cd Audityzer
npm install
npm run devBuilt in Ukraine with love and resilience. Bakhmach, Chernihiv Oblast — AuditorSEC Initiative 2024-2026
Last Updated: April 2026
| Site | Status | Issue | Fix |
|---|---|---|---|
| auditorsec.com | ❌ Error 525 | Cloudflare SSL handshake failed | Generate Origin CA cert via Terraform |
| audityzer.io | ❌ NXDOMAIN | Domain not in Cloudflare | Add domain to Cloudflare, configure DNS |
| romanchaa997.github.io/Audityzer | ✅ Active | — | GitHub Pages (fallback) |
-
Fix auditorsec.com SSL (Error 525)
- Generate Cloudflare Origin CA certificate
- Install cert on origin server
- Workflow:
.github/workflows/origin-ca-monitor.yml
-
Fix audityzer.io DNS (NXDOMAIN)
- Add
audityzer.ioto Cloudflare account manually - Run workflow:
.github/workflows/add-audityzer-io-dns.yml - Adds: 4x GitHub Pages A records + CNAME www
- Add
-
Monitoring & Alerts
- UptimeRobot + Telegram + ClickUp integration
- n8n workflow:
.github/n8n/uptimerobot-telegram-clickup.json - Workflow:
.github/workflows/uptimerobot-telegram-clickup.yml
See docs/SECRETS_SETUP.md for full setup guide.
| Secret | Purpose |
|---|---|
CLOUDFLARE_API_TOKEN |
Cloudflare DNS + Zone management |
CLOUDFLARE_ZONE_ID |
auditorsec.com zone ID |
TELEGRAM_BOT_TOKEN |
Downtime alert notifications |
TELEGRAM_CHAT_ID |
Target Telegram chat |
UPTIMEROBOT_API_KEY |
UptimeRobot monitor management |
