ZYNC

Zync is a trustless, non-custodial DeFi automation protocol that lets users create on-chain strategy vaults with conditions, actions, and safety guardrails. Users can define automated behaviors such as stop-loss swaps, portfolio rebalancing, or yield rotation, which execute only when oracle-verified conditions are met. A permissionless network of executors, powered by the zync-executor CLI, continuously scans for executable strategies, pays gas to trigger transactions, and earns protocol rewards on successful execution. Built-in protections like max-spend limits, selector whitelisting, cooldowns, expiries, and auto-pause on failure ensure user funds remain secure even under malicious calldata. Zync transforms manual DeFi interaction into autonomous, programmable on-chain finance.

Zync is built as a modular on-chain automation system combining smart contracts, off-chain executors, and a reactive web interface. The core is a Solidity-based Strategy Vault architecture deployed on Ethereum (currently on sepolia testnet), where each user owns a dedicated vault capable of storing multiple strategies composed of oracle-driven conditions, executable actions, and strict safety guardrails such as max-spend limits, cooldowns, expiries, selector whitelisting, and auto-pause on repeated failure. Price conditions are evaluated using Chainlink oracle feeds, while execution targets include protocols like Uniswap via encoded calldata.

On the off-chain side, we developed zync-executor, a TypeScript CLI bot that continuously scans on-chain strategies, simulates executability using RPC calls, submits transactions when conditions are satisfied, pays gas, and receives protocol incentives upon successful execution, creating a permissionless keeper network.

The frontend is built with Next.js, React, TypeScript, wagmi, and viem, enabling users to deploy vaults, construct strategies (custom or prebuilt such as Uniswap swaps), manage token approvals, and fund execution balances. We also implemented dynamic ABI parsing and calldata construction entirely on the client to keep the protocol fully non-custodial.

A notable hacky but powerful design choice was enforcing safety by validating actual token balance changes instead of decoding complex router calldata, allowing universal compatibility with arbitrary DeFi contracts while maintaining strict spend limits.