Empowering the Smart Contract Developer: Mamori, the ML-Powered Automated Value Extraction System

The promise of blockchain technology has always critically relied on the ability of users to engage in value transactions within “trustless” environments. The word “trustless,” a term of art in the industry, signifies the important distinction between traditional ecosystems of value exchange that rely on “trusted” intermediaries who demonstrate agency over decision-making and crypto ecosystems that rely on no such agency relationships but rather on mathematical certainties that underlie their algorithmic protocols. 

However, the term “trustless” is, of course, a fiction. There is and must be trust in blockchain ecosystems for there to be eventual sustained and at-scale adoption. Critically, this trust resides in the functionality and security of the smart contracts that govern these ecosystems. 

At BCAP, we believe increasing innovation around smart contract safety and security will be fundamental to large scale adoption of crypto.  

In 2023, over $2.4 billion in losses were recorded across 751 incidents, with over 700 of these incidents resulting from technical and economic exploitations of smart contracts. Despite the countless benefits that censorship resistance and immutability give to protocols that are built using smart contracts, these characteristics also make it much harder to build hack-resistant protocols and applications. 

This has led to the current state of the art where teams spend millions of dollars on manual human audits on their smart contracts in order to gain confidence that they are deployed bug-free. This is an expensive, time intensive, and imperfect process. The primary limitation of this process is that it focuses on identifying “technical risks” involving exploits of vulnerabilities in code and infrastructure while remaining largely ineffective at combating “economic risks” arising from exploits that manipulate the economic design of protocols. These exploits often occur via multi-function calls and smart contract state manipulation. The ability to enhance smart contract security to account for economic vulnerabilities is critical for the next era of our industry’s evolution. 

This is why we are investing in Andy M. Lee, the founder of Mamori, a machine learning-enabled value extraction system focused on identifying Zero-day exploits. 

Mamori is developing a substantial innovation on the current state of the art through the creation of an algorithm that adapts situationally to extract value from any blockchain-based software. This enables identification of vulnerabilities without any prior knowledge of exploit methodologies, i.e., seeking out potential vulnerabilities in “unknown unknowns” rather than “known unknowns.” 

Andy has been conducting cutting edge research in causal inference and optimization in economics as well as machine learning at the University of Hong Kong. His expertise in optimization is what led him to the idea of Mamori, where he realized that both smart contract hacks and MEV could be formed as a general optimization problem. 

Andy and the Mamori team are building towards a future where smart contract engineers have better tools for gaining confidence about the correctness and robustness of the protocols that they are launching.