RAXC

RAXC is a deterministic exploit execution and verification framework for smart contract security built as an agent-based system on 0G Compute and 0G Storage. It transforms vulnerability analysis into a replayable, graph-based execution model where smart contract behavior is simulated as an attack VM. Instead of heuristic-only detection, RAXC constructs deterministic attack graphs, simulates real-world exploit paths (such as reentrancy and state manipulation), and verifies outcomes through consistency checks and cryptographic attestations.

The system integrates multiple security tools through a unified ToolRegistry, then converts their outputs into a structured execution graph representing detection, pattern matching, vulnerability confirmation, attack execution, and state transition. Every simulation step is linked to a graph node, making the entire exploit path reproducible and auditable.

RAXC uses 0G Compute for deterministic reasoning and simulation execution, and 0G Storage for persistent memory and replay data, enabling fully verifiable security analysis. The final output is a cryptographically verifiable report containing replay IDs, execution trace hashes, and risk scoring from a single authoritative decision engine.

This makes RAXC not just a scanner, but a verifiable security reasoning engine for smart contracts.

RAXC is built as a multi-layer agent security system combining Rust, Solidity, and 0G infrastructure (0G Compute + 0G Storage). The architecture is split into three core components: an on-chain credit vault, a Rust-based API gateway, and a deterministic agent execution engine.

On-chain, we use an ERC4626 RaxcCreditVault smart contract to manage user deposits in USDC, convert them into analysis credits, and enforce pay-per-analysis execution. The contract also handles payment verification, usage tracking, and replay protection via paymentId state management.

The backend API is built in Rust using Axum, where each request first verifies on-chain payment status via ethers-rs, then gates execution through the vault contract. Only after verification does the system trigger the agent pipeline.

The RAXC agent framework runs on 0G Compute, where deterministic reasoning is performed through a structured pipeline: ToolRegistry → Graph Construction Engine → Attack Simulation Engine → Consistency Engine → Confidence Engine → Final Decision Engine. Every vulnerability is transformed into a graph-based execution flow, allowing replayable attack simulation.

0G Storage is used to persist generated reports, execution traces, and replay metadata, making every analysis verifiable and reproducible. The system outputs markdown security reports with cryptographic attestation (replay ID + trace hash).

A key “hacky but powerful” design choice is treating smart contract vulnerabilities as executable graphs instead of static patterns. This allows us to simulate real attacker behavior (including reentrancy loops) inside a deterministic VM-like model, making RAXC closer to an “exploit execution engine” than a traditional analyzer.