Zarqaa — زرقاء

Zarqaa (زرقاء) is a transaction-time security intelligence layer for Web3. Named after Zarqaa al-Yamama — an ancient Arabian seer who could spot armies hidden miles away — the tool gives users the same foresight over DeFi transactions before they sign.

When you submit a transaction intent ("swap 1 ETH for USDC on Uniswap V3") or a submitted tx hash, Zarqaa resolves the full execution path and runs an 8-stage analysis pipeline on every contract the transaction will touch: source verification, proxy detection, ownership mapping (EOA vs multisig vs DAO), audit freshness vs upgrade recency, live exploit feed cross-referencing (Rekt DB, post-mortems), and MEV sandwich risk scoring. Each contract leg gets its own verdict — Green / Amber / Red / Unverified — and the weakest leg drives the overall route verdict.

The core invariant: silence is never safe. Every unresolvable component emits UNKNOWN + a reason code. Nothing is silently skipped or assumed green.

There are two interfaces: a web scanner (Next.js) where anyone can paste a tx hash or describe an intent and get a full visual security report in seconds, and an AI agent integration (OpenClaw) where Zarqaa acts as an autonomous pre-transaction safety gate — the agent cannot execute any on-chain action without first routing through Zarqaa and receiving a Green verdict. Amber pauses execution and asks the user. Red blocks entirely until the user types "confirm".

Core engine — Rust/Axum. The Zarqaa Gateway (zarqaa-core/) is built in Rust using Axum. It exposes three endpoints: POST /analyze (tx hash), POST /analyze-intent (pre-sign), and POST /mcp (MCP JSON-RPC for the mesh). The analysis pipeline runs concurrently per contract leg using Tokio — RPC calls, Etherscan source lookups, and known-infra matching all run in parallel. The LLM is only used for one thing: parsing free-text intent into a target contract address and calldata. Everything else — proxy detection, ownership mapping, MEV scoring, exploit matching — is deterministic.

LLM provider — OpenAI-compatible abstraction. Rather than locking to Anthropic, the gateway uses a generic LlmConfig { api_key, api_url, model } struct threaded through the adapter stack. Any OpenAI-compatible provider works out of the box: OpenRouter, Groq, OpenAI direct. We use OpenRouter in production to access claude-sonnet-4-5 without managing multiple keys.

P2P mesh — AXL (gensyn-ai). AXL is a Yggdrasil-based encrypted overlay mesh included as a git submodule. We run two nodes: Node A lives alongside the Zarqaa service; Node B lives alongside the OpenClaw agent. We contribute only two config files and a POST /mcp endpoint on the Rust gateway. AXL handles everything else — key derivation, overlay routing, TLS over the Yggdrasil IPv6 overlay. The interesting constraint we hit: AXL's DialPeerConnection connects to a remote peer's overlay IPv6 at the local node's tcp_port. This means both nodes must share the same tcp_port value (7100), even though they're on the same machine. It works because each node binds its TLS listener to its own unique Yggdrasil-derived IPv6, so there's no actual port conflict — just a non-obvious config invariant we found by reading the dial.go source.

MCP routing. AXL ships an integrations/mcp_routing/mcp_router.py that acts as a service registry on Node A. After startup, start.sh registers the Zarqaa gateway: POST /register {"service":"zarqa","endpoint":"http://127.0.0.1:8080/mcp"}. From that point, any AXL node that knows Node A's public key can call POST http://localhost:9012/mcp/{nodeA_peer_id}/zarqa and the call traverses the mesh, hits the MCP router, and lands at the Rust /mcp endpoint — all over an encrypted Yggdrasil tunnel.

AI agent integration — OpenClaw + safety_guard.py. OpenClaw is a self-hosted AI agent framework. We wired Zarqaa in via a workspace skill (SKILL.md) and safety_guard.py — a zero-dependency Python script that POSTs through the AXL mesh and exits with code 0 (Green), 1 (Amber), or 2 (Red). The agent reads the SKILL.md gate logic and calls the script before any transaction. The mesh path means the agent never needs a direct network path to the Zarqaa service — it only knows Node A's public key.

Web scanner — Next.js. The app/ directory is a Next.js app with two thin API proxy routes (/api/analyze, /api/analyze-intent) that forward to the Rust gateway and return the response directly. The frontend renders per-leg verdict cards, a flight-path visualization, intent resolution details, and conditional MEV exposure warnings (only shown for intent-based scans with medium or high risk, with explicit mempool-context framing rather than a hard alarm).