Skip to main content

​
The Problem

Autonomous AI agents are being deployed to move money on-chain. They trade, rebalance portfolios, execute DeFi strategies, and bridge assets β€” often without human review in the hot path. Current guardrails focus on destinations:
  • Is this smart contract approved?
  • Is this wallet allowed?
  • Is this dApp on the allowlist?
But approved destination β‰  safe outcome.
What current systems miss. Between the moment an agent plans a transaction and the moment it lands on-chain, the world moves. Price shifts. Liquidity dries up. Pending state invalidates earlier assumptions. The agent had intent. The chain had a different reality.
Generic simulation tells you whether a transaction reverts. It does not tell you:
  • Whether slippage exceeded your threshold
  • Whether price impact was within acceptable bounds
  • Whether the actual token amounts match what the agent expected
  • Whether the route exposed you to sandwich risk
That gap is fatal for autonomous trading systems.

​
The Oracle Problem

The core issue is an oracle problem of intent: the agent knows what it wants to happen, but has no deterministic way to verify what will happen against current chain state β€” before committing.

Blind Trust

Agents must either trust the chain state blindly or halt execution entirely. No middle ground.

External Risk Controls

Risk controls live outside the execution path β€” they can’t intervene before value moves.

Opaque Reverts

Revert bytes don’t help agent frameworks recover gracefully. No structured diagnostics.

Post-Hoc Validation

Economic outcomes are validated after the fact, if at all. By then the damage is done.

​
How Sudont Solves This

Sudont is a deterministic execution firewall. It sits as a sidecar proxy between the agent and the chain. Every transaction must pass through The Diamond β€” a four-node architecture:

Normalize Intent

The Cortex extracts what the agent is actually trying to do. The Constitution provides the policy framework. No LLMs β€” pure deterministic parsing.

Simulate Physics

The Cage computes the exact economic outcome using revm (EVM) or LiteSVM (SVM) against current chain state. Real execution, not heuristics.

Enforce Policy

The Judge compares the simulation outcome against Constitution rules. Slippage, price impact, allowlists, approval limits β€” all checked deterministically.

Return Verdict

ALLOW with an EIP-191 signed attestation, DENY with structured reason codes, or INTERROGATE to teach the agent to self-correct.
The result is a system that evaluates outcomes, not just destinations.

​
Shield, Not Sword

Sudont’s MVP is the Shield: an execution firewall that protects agents from acting on stale or adversarial state. It is not a strategy optimizer or route searcher.
The Shield includes:
CratePurpose
sudont-constitutionPolicy definition and enforcement
sudont-cortexIntent normalization from raw transactions
sudont-cageDeterministic EVM simulation via revm
sudont-cage-svmSVM simulation via LiteSVM
sudont-judgeVerdict engine with structured diagnostics
@sudont/sdkTypeScript SDK for client consumption
Sudont exposes standard JSON-RPC compatibility plus Sudont-specific diagnosis methods:
MethodPurpose
sudont_getCapabilitiesList supported chains and protocols
sudont_diagnoseRawTransactionFull diagnosis of a signed transaction
sudont_diagnoseCallDiagnose an unsigned call
sudont_getPolicySnapshotRead current Constitution rules
Blocked transactions return structured error payloads with stable reason codes: SUDONT_SLIPPAGE_EXCEEDED, SUDONT_PRICE_IMPACT_EXCEEDED, SUDONT_POLICY_DENY, and more.

The Diamond Architecture

Learn how Constitution, Cortex, Cage, and Judge form a deterministic four-node pipeline.

SDK Quickstart

Install @sudont/sdk and make your first firewall call in minutes.