Authority Paths
Identify which roles can move funds, change rules, pause flows, or alter critical dependencies.
Sagitta Defense Review
Know what breaks before it breaks you.
Defense reviews for protocols, treasuries, and on-chain systems - powered by Sagitta Continuity Engine.
We work from public contract data and project-submitted context, so reviews can start without keys, custody access, NDAs, or integration delays.
No keys requiredUses public dataNo custody accessNo signing authority
Powered by a production Case Library tracking CVE, De.Fi REKT, GitHub Advisories, and CISA KEV sources.
No private keys. No custody access. No transaction signing.
Live incident context440 critical incidents tracked by SCE
vm2 NodeVM `nesting: true` bypasses `require: fa... / GitHub Advisories / May 8 / CASE-2026-0508-0165•Apache MINA vulnerable to Deserialization of Unt... / GitHub Advisories / May 8 / CASE-2026-0508-0158•Hugging Face smolagents: Unsafe deserialization... / GitHub Advisories / May 8 / CASE-2026-0508-0156•ExecuTorch integer overflow vulnerability / GitHub Advisories / May 8 / CASE-2026-0508-0151•ExecuTorch heap buffer overflow vulnerability / GitHub Advisories / May 8 / CASE-2026-0508-0150•ExecuTorch out-of-bounds access vulnerability / GitHub Advisories / May 8 / CASE-2026-0508-0149•ExecuTorch integer overflow vulnerability / GitHub Advisories / May 8 / CASE-2026-0508-0147•ExecuTorch vulnerable to Heap-based Buffer Overf... / GitHub Advisories / May 8 / CASE-2026-0508-0146•
What the Defense Review covers
Treasury Controls
Review spending rules, withdrawal paths, reserve controls, and custody assumptions.
Oracle & Price Risk
Check price feeds, stale-data handling, fallback behavior, and manipulation exposure.
Governance / Timelocks
Review quorum rules, signer rotation, timelocks, and upgrade authority.
Keeper & Liveness
Check automation, retry paths, and what happens when required services stop.
Emergency Procedures
Review pause, recovery, escalation, and incident response readiness.
Defense Review vs. Smart Contract Audit
Audits review code. Defense Reviews map whether the system can survive control failure.
Area
Smart Contract Audit
Defense Review
Primary focus
Smart Contract AuditCode correctness and exploit paths
Defense ReviewAuthority, continuity, and control readiness
Best timing
Smart Contract AuditWhen contracts are near final
Defense ReviewBefore mainnet, before capital scales, or before major treasury growth
What gets reviewed
Smart Contract AuditSource code, implementation, invariants
Defense ReviewAdmin roles, treasury rules, oracle dependencies, governance/timelocks, keeper/liveness, emergency procedures
Output
Smart Contract AuditVulnerabilities and remediation notes
Defense ReviewMapped control paths, evidence checklist, relevant incident patterns, verification coverage, and next actions
Relationship
Smart Contract AuditEssential security review
Defense ReviewComplements audit work; does not replace it
Built on Sagitta Continuity Engine
Defense is the client-facing service. Sagitta Continuity Engine is the intelligence layer behind it.
Sagitta Continuity Engine is the intelligence layer behind the review: a live case library, control-path scanner, incident-pattern matcher, and verification workflow.
Project Map
Collect contract addresses and system context.
Control Path Scan
Find roles that can change rules, move funds, or pause flows.
Incident Pattern Match
Compare the system against known failure patterns.
Evidence Request
Ask for policies, signer details, and supporting proof.
Readiness Review
Evaluate controls and identify gaps.
Updated Defense Report
Deliver an actionable report with findings and next steps.
Why trust Sagitta Defense?
Production Case Library
Sagitta Continuity Engine tracks live security records across CVE, De.Fi REKT, GitHub Advisories, and CISA KEV sources.
Sample Review Available
Review the demo Defense Review PDF before requesting your own.
Built by cybersecurity and systems architecture experts
Sagitta Defense combines security judgment and software architecture experience to find control risks before they become continuity failures.
Public research coming next
Sagitta Defense will publish incident teardowns focused on authority failure, treasury exposure, oracle dependency, governance posture, and continuity response.
Research notes coming soon
Sample Defense Review
See a demo Pre-Launch Defense Review before requesting your own.
Defense Review PDFDemo
This sample is a demo report using Sagitta Protocol testnet deployment. It shows report structure, authority mapping, evidence status, and next actions. It is not a verified client result.
5 mapped assets29 control checks5 threat families0 keys required
- Mapped assets and control paths
- Relevant incident patterns and risk summary
- Evidence status and missing controls
- Verification coverage
- Findings, severity, and next actions
- Executive summary for stakeholders
Sagitta Defense Review
A protocol survival review before the emergency.
Starter Defense Review
$3,000
Flat fee - One-time
What you receive
- Public-data review
- Mapped assets and control gaps
- Evidence checklist
- Structured PDF report
- Follow-up update after evidence submission
What you provide
- Contract addresses
- Deployment chain
- Project context
- Known admin / multisig / timelock details
- Optional policy or runbook evidence
Typical starter review timeline
What happens after you submit
Day 0
Submit project context
Contract addresses, deployment chain, and known admin or owner roles.
Days 1-3
Review begins
Sagitta Continuity Engine maps assets, control paths, incident patterns, and missing evidence.
Days 3-5
Draft findings
Initial findings and evidence requests are prepared.
Day 7
Defense Review delivered
You receive the structured PDF report and next-action checklist.
Optional follow-up
Evidence update
Submit supporting proof and receive an updated verification view.
What we need from you
Most teams can prepare the starter intake in about 15 minutes.
- Contract addresses
- Deployment chain
- Project context
- Known admin / owner paths
- Multisig or timelock details, if available
- Oracle, treasury, keeper, or governance notes
- Optional policies, runbooks, or public docs
Sagitta Defense does not request private keys, custody access, signing authority, seed phrases, or transaction approval rights.
Frequently asked questions
Is this a smart contract audit?
No. Sagitta Defense complements audits; it does not replace them. Audits review code and exploit paths. A Defense Review looks at whether the system can keep operating through control failures, dependency issues, and emergency events.
Do you need access to our keys or wallets?
No. Never. Sagitta Defense does not request private keys, seed phrases, custody access, signing authority, or transaction approval rights.
What do we need to provide?
Contract addresses, deployment chain, project context, and known admin, multisig, timelock, oracle, treasury, keeper, or governance details. Optional evidence can include policies, proposals, runbooks, or public documentation.
Is this useful before mainnet?
Yes. Pre-launch is a strong use case because roles, timelocks, multisigs, oracle fallbacks, treasury rules, and emergency procedures are easier to improve before capital scales.
Which chains are supported?
Active now: EVM and Ethereum-compatible deployments where public contract data, explorer data, or project-submitted details are available. Coverage targets include Ethereum, Base, Arbitrum, Optimism, Polygon, Avalanche C-Chain, BNB Chain, and Moonbeam. Expansion targets include Solana, AO / Arweave, ICP, Cosmos, bridges, and oracle networks through future adapters.
What do we receive?
A structured report with mapped assets, control gaps, relevant incident patterns, evidence status, severity framing, and next actions. After evidence is submitted, Sagitta Continuity Engine can generate an updated verification view.
Does Sagitta Defense certify that our protocol is safe?
No. Sagitta Defense does not guarantee safety or certify that a protocol cannot fail. The review identifies visible continuity risks, missing evidence, and control gaps so teams can improve readiness.
Who is this for?
Protocol teams, DAOs, DeFi systems, treasury-heavy projects, infrastructure teams, grant programs, and ecosystem foundations that need a clearer view of authority, treasury, oracle, dependency, and emergency risk.
Ready for a Defense Review?
Map control gaps and continuity risks before capital scales.