Sentinel_Ts_Rust_Sdk
AI risk and credit layer SDK for Stellar DeFi
Created on 27th January 2026
•
Sentinel_Ts_Rust_Sdk
AI risk and credit layer SDK for Stellar DeFi
The problem Sentinel_Ts_Rust_Sdk solves
🔍 The Problem Sentinel Solves
Modern blockchain smart contracts operate in isolation—they can only see on-chain state, not who is behind a wallet or how it behaves over time. This creates critical gaps:
-
No Fraud Awareness
Protocols cannot distinguish real users from scammers, bots, or exploiters. -
Sybil Attacks Are Cheap
Anyone can spin up thousands of wallets with no reputation cost. -
Under-Collateralized DeFi Is Unsafe
Without a trust or credit signal, DeFi must rely on heavy collateral, killing capital efficiency. -
No On-Chain Enforcement of Risk
Even if risk is detected off-chain, contracts have no native way to enforce it securely.
In short: smart contracts are blind, naive, and easily exploited.
Sentinel fixes this by bringing verifiable, AI-driven risk intelligence on-chain.
🛠️ What People Can Use Sentinel For
Sentinel works in two complementary ways:
1️⃣ As an SDK for developers & protocols
2️⃣ As a Web Dashboard for users, teams, and auditors
🧩 1. For Developers & Protocols (SDK Integration)
You can install the Sentinel SDK directly into your smart contracts or backend.
What Sentinel Enables
- ✅ Real-time wallet risk scoring (0–100)
- ✅ Fraud & bot detection before execution
- ✅ On-chain enforcement via Soroban (
Allow / Limit / Freeze
) - ✅ Under-collateralized lending with confidence
- ✅ Sybil-resistant access control
How It Makes Things Safer & Easier
- No need to build your own fraud engine
- No custom ML pipelines required
- No trust assumptions — risk data is cryptographically signed
- Simple contract call:
check_permission(wallet)
📦 Install & Integrate
JavaScript / TypeScript
npm install @miraculous65/sentinel-risk-sdk
Soroban / Rust
sentinel-contract-sdk-miraculous65 = "0.1.0"
📌 Result:
Your protocol gains AI-grade security with smart-contract-level enforcement.
🌐 2. For Users, Teams & Analysts (Web Dashboard)
Anyone can visit the Sentinel web app and analyze a Stellar wallet instantly.
What You Can Do on the Website
- 🔍 Enter a wallet address
- 📊 View real-time risk score & behavior breakdown
- 🧠 Understand why a wallet is flagged
- 🛡️ Verify signed Proof of Risk
- 📈 Visualize transaction history & patterns
Who This Is For
- DeFi teams auditing users
- Security researchers
- DAOs doing reputation checks
- Lenders assessing borrowers
- Hackathon judges & demos
🚀 No installation required — just check the score.
🔑 Why Sentinel Is Different
- AI + Blockchain, not just analytics
- Off-chain intelligence, on-chain enforcement
- SDK-first, protocol-native design
- Trust minimized via cryptographic oracle proofs
Sentinel doesn’t just analyze risk — it makes risk enforceable on-chain.
Challenges I ran into
🚧 Challenges I Ran Into
1️⃣ Bridging Off-Chain AI with On-Chain Trust (The Core Challenge)
Problem:
Smart contracts on Stellar (Soroban) cannot natively trust or verify off-chain ML outputs. Early versions of Sentinel had a trust gap—anyone could theoretically submit a fake risk score to the contract.
How I Solved It:
I designed Sentinel as an attested SDK, not just a contract.
- Introduced a cryptographic oracle layer that signs each risk score using Ed25519.
- Implemented on-chain signature verification in the Soroban SDK (
crypto.rs
). - The contract now rejects any risk update not signed by the trusted oracle public key.
✅ Result:
Developers integrating the SDK can trust that every
check_permission()
result is backed by verifiable AI computation.2️⃣ Soroban Signature Verification Gotchas
Problem:
Ed25519 verification in Soroban was tricky:
- Incorrect message hashing formats caused valid signatures to fail.
- Serialization mismatches between Python (oracle) and Rust (contract) led to silent verification errors.
How I Solved It:
- Standardized the exact byte layout of the signed payload (wallet + score + timestamp).
- Wrote a minimal reproducible test to compare:
- Python-signed message bytes
- Rust-verified message bytes
- Refactored the contract to verify raw bytes instead of structured objects.
✅ Result:
A deterministic, cross-language signing pipeline that works reliably for both:
- SDK users (on-chain)
- Web dashboard users (off-chain preview)
3️⃣ Making an SDK That Other Contracts Can Actually Use
Problem:
Initially, Sentinel worked only as a standalone contract. Integrating it into other Soroban contracts felt clunky and non-idiomatic.
How I Solved It:
- Refactored Sentinel into a true SDK-style contract:
- Clean
check_permission(wallet)
API - Enum-based return values (
Allow | Limit | Freeze
)
- Clean
- Published the contract bindings to Crates.io so devs can import it like a library.
- Mirrored the same logic in the JavaScript SDK for frontend + backend integrations.
✅ Result:
Developers can now:
- Install the SDK and enforce risk checks inside their own contracts
- OR use the website to instantly analyze a wallet before allowing user actions
4️⃣ Real-Time UX vs Heavy Blockchain & ML Latency
Problem:
Fetching Horizon data + ML inference + oracle signing introduced noticeable delays, hurting UX on the web dashboard.
How I Solved It:
- Split the pipeline into async micro-services:
- Horizon Analyzer
- ML Engine
- Oracle Signer
- Added a real-time progress visualization in the web UI so users can see:
Fetching → Analyzing → Signing → Verified
- Cached recent wallet analyses to speed up repeated checks.
✅ Result:
The system feels fast and transparent—even though heavy computation is happening behind the scenes.
5️⃣ Balancing Security with Hackathon Practicality
Problem:
A fully decentralized oracle network was ideal—but unrealistic within hackathon constraints.
How I Solved It:
- Shipped with a single trusted oracle (secure + simple).
- Designed the contract to be oracle-agnostic, making it easy to:
- Swap in multiple signers
- Add quorum-based verification later
✅ Result:
Sentinel is production-architected, not a throwaway prototype.
🧠 Key Takeaway
The hardest part wasn’t ML or smart contracts alone—it was making AI trustless enough for on-chain enforcement while keeping developer integration simple via an SDK and accessible via a web interface.
That balance is what Sentinel ultimately solves.
