Stop unsafe execution before the wallet signs.
Centaurion is a pre-execution firewall for autonomous wallets. It proves whether an unsigned transaction matches the agent's stated mission and the owner's policy before funds can move.
- Input
- Intent + unsigned transaction
- Decision
- ALLOW · WARN · BLOCK
- Authorization
- 60-second Safety Receipt
How preflight works
One request crosses four explicit security boundaries.
- 01
Declare the mission
The agent submits a structured intent, the unsigned EVM transaction, and the wallet owner's policy.
- 02
Decode and simulate
Centaurion resolves the calldata and simulates the transaction to observe transfers, calls, approvals, and state changes.
- 03
Compare intent with effects
Deterministic rules check what the agent requested against what the transaction would actually do.
- 04
Enforce before signing
Unsafe execution is blocked. A matching transaction receives a short-lived, transaction-bound Safety Receipt.
What the feature checks
The decision is evidence-backed and deterministic, not a model-generated opinion.
Asset limits
Native value, token outflows, minimum output, and unexpected transfers.
Destinations
Router targets, recipients, spenders, and every contract touched by execution.
Dangerous behavior
Delegatecalls, contract creation, self-destructs, and administrative operations.
Authority changes
Admin events and sensitive proxy storage writes that could transfer control.
Evidence quality
Simulation chain, trace capability, state block, freshness, and revert status.
Transaction binding
Exact calldata, structured intent, policy, effects, signer, expiry, and nonce.
Decisions and risk index
Findings determine the verdict first; severity weights produce the display score.
No findings. A receipt may be issued.
Review is required before execution.
At least one blocking rule was violated.
low 5 + medium 14 + high 28 + critical 38The score is a severity index, not a probability of loss.What the demo simulates
Both scenarios present the same swap-shaped calldata with very different effects.
- Spends exactly 100 USDC
- Returns 0.035 WETH
- Sends output to the user wallet
- Touches only allowlisted contracts
- Drains 1,000 USDC
- Sends WETH to an attacker
- Executes a forbidden delegatecall
- Writes the attacker into the admin slot
The dashboard uses deterministic server fixtures so the demonstration is repeatable. It does not broadcast a transaction or move funds. The production API can be configured with live simulation providers.
Safety Receipt
An ALLOW decision is useful only if it cannot be reused for a different transaction.
The receipt binds chain, sender, target, value, calldata, intent, policy, effects, simulation state, signer, expiry, and nonce. Change one byte and verification fails.
Service surface
The console uses fixture endpoints; agents submit real inputs through these services.
POST /v1/inspectFree calldata decoding and advisory warnings.FREEPOST /v1/preflightSimulation, policy enforcement, and Safety Receipt.x402GET /v1/chainsChain catalog and available simulation evidence.PUBLICSee the signing boundary in action.
Run both scenarios and compare declared intent with simulated execution.