ArkheionX LOCAL REVIEW INFRASTRUCTURE Source

Local-first · Solidity & DeFi

Local-first security research workflow for Solidity and DeFi repos.

Arkheionx turns scope, value flow, protocol behavior, invariants, and local evidence into focused review lanes before report writing.

No RPC. No live-chain scanning. No auto-submit. Human review required.

Read docs View GitHub 
arkheionx review . --scope-file scope.md

The problem

Large Solidity repositories are easy to review randomly.

Arkheionx gives the review a structure before anyone writes a finding: what is in scope, where value moves, which assumptions matter, and what local evidence is still missing.

Workflow

One repository becomes a structured review.

  1. 01

    Scope

    Start from the actual review rules.

  2. 02

    Value flow

    Map where assets enter, move, and exit.

  3. 03

    Protocol behavior

    Capture the promises the system appears to rely on.

  4. 04

    Review lanes

    Prioritize where a human should inspect first.

  5. 05

    Evidence tasks

    Turn hypotheses into local tests with kill conditions.

  6. 06

    Evidence judge

    Check whether local proof actually supports the claim.

  7. 07

    Report filter

    Block weak, out-of-scope, or under-proven candidates.

One command

Build a local review pack.

The review command writes a local review pack with Markdown for humans and JSON for tools. 

arkheionx review . --scope-file scope.md --out .arkheionx/review

Add a protocol lens for a protocol-aware deep dive:

arkheionx review . --scope-file scope.md --lens fixed-credit-market --out .arkheionx/review

Install from source:

curl -fsSL https://arkheionx.dev/install.sh | bash

Outputs

What the review pack contains.

Scope map

What is in and out of scope, read from the scope note.

Value-flow map

Where assets enter, move, and exit the system.

Interaction map

How contracts and roles touch each other.

Review lanes

A prioritized order for a human to inspect.

Evidence tasks

Local test ideas, each with a kill condition.

Protocol model

Behavior promises captured as review context.

Invariants

The economic conditions expected to hold.

Evidence rubric

How to grade whether a test proves its task.

Report filter

A gate for weak or out-of-scope candidates.

Agent input

A model-agnostic brief for AI-assisted review.

Safety boundary

Arkheionx does not decide whether something is a vulnerability.

It helps structure review evidence before a human makes that call. It does not confirm vulnerabilities, and it does not assign final severity.

Planning, not verdicts

Review lanes are not findings.

Local-first

No RPC or live-chain scanning by default.

Evidence-first

Candidates need local proof before report writing.

Human review required

Arkheionx does not submit reports or assign final severity.

Start with one local review pack.

Read the docs Open GitHub 
arkheionx review . --scope-file scope.md