ArkheionX LOCAL REVIEW INFRASTRUCTURE Source

Roadmap

Public roadmap without false maturity.

ArkheionX is being built as local-first review infrastructure for smart contract security. This roadmap describes direction, not guaranteed delivery dates.

Current public state

Source-first and public-safe.

The public repository is intended to expose a clean source branch, official website source, documentation, and a source install path. Binary releases are not published yet.

Near-term

Distribution and docs hardening

  • Finalize public source package validation.
  • Validate the source installer on a fresh machine.
  • Keep the official website and docs in the public repository.
  • Improve CLI documentation and troubleshooting paths.
  • Harden fixture benchmark and snapshot drift documentation.
v4 direction

Review workspace maturity

  • Stronger review workspace structure.
  • More explicit protocol-surface output format.
  • Research memory (v4.1): an agent brief, a hypothesis log, and a case-study generator for AI-assisted review.
  • Blind Spot Intelligence (v5): prioritize high-impact surfaces with weak review evidence, map criticality potential, and generate counterfactual research prompts and a research pack.
  • Evidence Graph + Interaction Matrix (v6): classify the evidence on every high-impact surface and map the dangerous interactions that still lack tests. An evidence state is not a vulnerability claim; interaction priority is not severity.
  • Scope-Aware Orchestration + Evidence Judge (v7): turn audit scope into review lanes, task packs, evidence requirements, and report filters so AI-assisted security review starts from rules and evidence instead of vague prompts. A scope task is not a finding; a report candidate is not final triage.
  • Better fixture benchmark reporting.
  • Cleaner install and update experience.
  • Preparation for future binary release pipeline.
Deferred

After source install is reliable

  • Hosted dashboard.
  • Prebuilt binary release artifacts.
  • Package registry distribution.
  • Signed checksums and versioned release channels.
  • Optional integrations with external analysis tools.
Non-goals

What ArkheionX should not claim

  • Automatic vulnerability confirmation.
  • Replacing auditors or security researchers.
  • Assigning final severity.
  • Submitting bounty reports automatically.
  • Running live-chain actions by default.

Boundary

No date promises. No audit promises.

Roadmap items are directional. ArkheionX does not claim to confirm vulnerabilities, prove protocol safety, or stand in for human review.