AI security agent that stops wallet drainers — EIP-7702 delegations, Permit phishing, malicious approvals before your funds move. Wallet drain? Didn't happen.
Drain't is an AI security agent that stops wallet drainers — EIP-7702 delegation attacks, Permit/Permit2 phishing, and malicious contract approvals — before your funds move.
EIP-7702 is the flagship frontier: the "CrimeEnjoyor" delegation-drainer family behind 450k+ drained wallets since Pectra, where ~97% of 7702 delegations in the wild are malicious.
How it works
- MetaMask Snap (Smart Accounts Kit / delegation framework): intercepts signatures and transactions in the wallet's main flow — catching Permit/Permit2 spender phishing, EIP-7702 authorization targets, and malicious call targets — and warns or blocks before you sign.
- AI classifier (Venice AI): a heuristic engine scores each target from its bytecode signature; borderline cases escalate to Venice AI for semantic analysis, returning a risk score plus a human-readable explanation.
- Autonomous agent: continuously monitors watched wallets and, on a critical detection, runs a gasless rescue that sweeps funds to safety via the 1Shot Permissionless Relayer — fee paid in USDC, zero ETH needed. Verified live on Arbitrum.
- On-chain enforcer: DraintCuratedTargetsEnforcer, an ICaveatEnforcer built on MetaMask delegation framework v1.3.0 — deployed and verified on Sepolia.
- Composable skill: draint-skills packages the SDK + threat model so any AI coding agent (Claude Code, Cursor) can integrate drain't's checks.
Stack: MetaMask Smart Accounts Kit + MetaMask Snap · Venice AI · 1Shot Permissionless Relayer · EIP-7702 / ERC-7710 · Foundry · Next.js · Hono on Bun (Vercel)
Live
Frontend: https://draint.vercel.app
Backend: https://api-draint.vercel.app
Code: https://github.com/DraintAi
What we shipped
- Threat classifier: bytecode heuristic engine + Venice AI semantic layer (risk score + human-readable reasoning).
- MetaMask Snap: onSignature (Permit/Permit2 phishing) + onTransaction (EIP-7702 delegation targets + malicious call targets) — warns in the wallet's main flow before signing. Published to npm as @draint/snap.
- Smart contract: DraintCuratedTargetsEnforcer (ICaveatEnforcer on MetaMask delegation framework v1.3.0) — deployed & verified on Ethereum Sepolia.
- Autonomous agent: monitors watched wallets → classifies threats → triggers rescue.
- 1Shot Permissionless Relayer: full EIP-7710 gasless rescue flow (build delegation → estimate → send), gas paid in USDC with zero ETH. Verified with a real on-chain transaction on Arbitrum One.
- Composable skill (draint-skills): packages the SDK + threat model for AI coding agents (Claude Code, Cursor).
- Full deployment: Frontend (draint.vercel.app) + Backend (api-draint.vercel.app) live on Vercel.
Integrations: MetaMask Smart Accounts Kit · Venice AI · 1Shot Permissionless Relayer · EIP-7702 / ERC-7710.