Product overview
Clawditor turns an EVM contract address into an actionable safety verdict. It operates at three depths — Check, Scan, and Audit — and layers monitoring (watchlist, alerts, portfolio) and rich token intelligence on top. Everything is reachable from the web dashboard, and the deeper tiers are also exposed to other developers and autonomous agents over paid HTTP (x402) and the A2A protocol.
Supported chains: Ethereum (1) and Base (8453) for full scanning and
auditing; Solana addresses resolve in the explorer for read-only token
lookups.
The three depths
| Tier | What it answers | Source of truth | Cost |
|---|---|---|---|
| Check | "Is this contract sketchy at the bytecode/source level?" | Verified source + bytecode heuristics, V4-hook decoding, proxy detection | Free |
| Scan | "Is this token safe to trade/hold right now?" | Check + holders, LP locks, distribution, bundled wallets, social | Free for gating-token holders; otherwise pay-per-call |
| Audit | "Is this project trustworthy, in full context?" | Scan of the target and every sibling the deployer shipped, deployer funding/origin, a source-level security review, and prior-audit history — synthesized by Claude into one graded report | Paid (USDC) |
Each tier is a superset of the one above it. A Check is fast and bytecode-only; a Scan adds the on-chain economic picture; an Audit adds project context, a source-level review against a deep security knowledge base, and a conversational follow-up channel.
Check
A bytecode/source-level pass on any contract address — not just tokens.
Surfaces verification status, proxy/upgradeability, ownership classification
(EOA / contract / multisig / timelock), and the source-pattern heuristics
(unrestricted mint, fee setters, pausability, blacklists, hidden upgrade paths,
Uniswap V4 hook permission bits decoded from the address). Results persist with
kind="contract" so the UI can offer "see the full token scan."
Scan
The full token analysis. On top of the Check signals it pulls:
- Distribution & holders — total holders and top-1/10/25/50 concentration, with locker/contract tags. Concentration is computed from the true balance-sorted holder list so the percentages match the explorer.
- Liquidity — LP positions and lock status across indexed Uniswap pools.
- Bundle map — clusters of holders that were funded from the same source, exposing coordinated pre-buys / insider allocations.
- Social — Farcaster and X mentions for the token.
It produces a 0–100 score, a letter grade (A–F), a categorized flag list, and a one-line Claude verdict. See Scoring, Heuristics, and V4 hooks for the engine internals.
Audit
A project-level review produced asynchronously by the Clawditor agent worker. For a target contract it assembles:
- the target's full Scan,
- a Scan of every sibling contract the deployer shipped on that chain,
- the deployer's funding history & origin (CEX / bridge / P2P attribution) and activity profile (first activity, deployment cadence, totals),
- the target's verified source, and
- a routed security knowledge base (see below),
- plus prior Clawditor audits of the same contract or its siblings.
Claude synthesizes all of it into one graded report with a verdict, a
## Contract security review section of severity-tagged source-level findings,
a sibling table, a deployer/funding section, and clickable follow-up
recommendations. The report streams live as it's written (SSE), and users
can ask paid follow-up questions that stay grounded in the report and the
knowledge base.
The audit knowledge base
The auditor doesn't reason from scratch. It ships with @clawditor/knowledge,
a vendored security knowledge base mirroring the evm-audit-* checklists — 19
specialized domains plus a master index, ~500+ items: weird ERC20 behaviors,
precision/rounding math, proxies & upgrades, oracles, AMM / Uniswap V4 hooks,
signatures & permit, governance, bridges, ERC4626 vaults, account abstraction,
flash loans, NFTs, inline assembly, DoS, and L2/alt-chain quirks.
For each audit the worker detects which domains apply (from the source patterns and scanner flags), injects the relevant checklists plus the contract source into the prompt, and grades findings on a fixed severity scale (Critical/High/Medium/Low/Info). Prior audits of the same contract or the deployer's siblings are recalled so verdicts stay consistent over time. See Agent for the engine details.
Monitoring
- Watchlist — track tokens; the alerting derivation watches them.
- Alerts — notifications when a watched token's grade drops or a new critical flag appears.
- Portfolio — safety overview across a connected wallet's holdings.
Token intelligence (detail pages)
Every token has a detail page consolidating: the holder donut and concentration tranches, the bundle map, deployer history and funding timeline, related contracts (owner / staking / implementation / constants graph), a Dexscreener price chart, social mentions, and any audits that reference the token.
How to access it
| Surface | Who it's for | Auth |
|---|---|---|
| Web dashboard | Humans | Connect wallet + Sign-In with Ethereum; free if you hold the gating token, otherwise pay-per-action in USDC |
| REST API | App developers | Gating-token session or x402 USDC payment (API reference) |
x402 agent (/ask) | Developers & autonomous agents | Pay-per-call USDC, no account (Using the agent) |
| A2A + ERC-8004 | Other agents hiring Clawditor | A2A JSON-RPC, paid via x402, discoverable via AgentCard (Agent-to-agent) |
If you're building on Clawditor, start with the integration guide. For the architecture, see Architecture.