Nyxora AI

视频

技术栈

React

Node

Rust

Web3

Ethers

@napi-rs/keyring

viem

MCP

描述

Nyxora is a Local-First, Zero-Trust AI Middleware designed to autonomously navigate the complex DeFi ecosystem on Arbitrum and other EVM chains. Powered by an advanced 4-Layer Memory Architecture and universal MCP (Model Context Protocol) integration, Nyxora allows users to execute cross-chain swaps, track portfolios, and automate DeFi habits purely through natural language—while ensuring absolute protection against MEV Sandwich Attacks.

As an autonomous framework capable of executing on-chain asset transfers, Nyxora places Private Key protection as its highest absolute priority. In our latest architecture, we have completely eliminated the insecure, manual "Master Password" flow. Instead, Nyxora operates a completely Isolated Signer Vault that securely delegates cryptography to your Operating System's native keyring, ensuring that the AI reasoning engine never has direct read-access to your funds.

The Problem with Current Web3 AI Agents

The current landscape of autonomous AI agents in Web3 is fundamentally broken and highly insecure:

- Insecure Private Key (PK) Storage: Most AI agents force users to store Private Keys in plain text (.env files) or rely on centralized cloud vaults. This creates massive single-point-of-failure honeypots ready to be exploited.

- Prompt Injection Vulnerabilities: Existing agents rely purely on LLM System Prompts for security. A clever prompt injection can easily trick the AI into draining the user's funds.

- The "Amnesia" Friction: Agents lack persistent memory. Users are forced to write exhaustively long, repetitive prompts every single day just to execute routine DeFi tasks.

- MEV Exploitation: AI agents often execute trades blindly on public mempools, exposing users to severe slippage and malicious Sandwich Bot attacks.

How Nyxora Solves It

We solved the industry's biggest flaws through four core pillars:

- Air-Gapped OS Keyring Vault: The AI reasoning engine can strategize, but it has zero physical read-access to the private keys. All cryptography is strictly isolated in the OS Keyring.

- Hard-Coded Anti-Injection Shield: Before any data reaches the database, a strict RegExp-based validation layer physically intercepts and annihilates Private Keys or Prompt Injection attempts, independently of the LLM's behavior.

- 4-Layer Cognitive Memory: Nyxora features persistent background reflection. It quietly extracts and learns user behaviors over time to seamlessly autocomplete repetitive DeFi workflows, slashing human-in-the-loop latency by 90%.

- MEV-Protected Routing: All NLP-driven swaps are forcefully routed through Private RPCs (Flashbots, MEV-Blocker) by default, providing institutional-grade protection against front-running.

Vision

To make Web3 and DeFi interactions as effortless and intuitive as talking to a trusted friend, without ever compromising the core ethos of self-custody and absolute decentralization.

Mission

To build the ultimate Zero-Trust AI infrastructure that securely bridges the gap between complex blockchain protocols and everyday users. We empower individuals with an unhackable, intelligent autonomous executor that protects their assets while amplifying their on-chain capabilities.

Docs: https://nyxoraai.github.io/Nyxora/

Nyxora Smart Contract on Arbitrum Sepolia

本次黑客松进展

Progress During Hackathon During this Buildathon, we evolved Nyxora into a highly resilient, enterprise-grade AI middleware specifically optimized for the Arbitrum ecosystem, pushing the boundaries of local-first execution and data sovereignty: [1] On-Chain Arbitrum AI Registry (The Kill-Switch): Engineered a natively deployed Smart Contract on Arbitrum Sepolia (NyxoraAgentRegistry) that acts as an immutable, decentralized fail-safe. If the local machine is compromised, users hold the absolute cryptographic power to globally paralyze the AI's execution by simply toggling the contract status via Arbiscan. [2] Guarded Autonomy & OS-Level Keyring Vault: Engineered a strict "Bring-Your-Own-Keys" (BYOK) and Zero-Trust architecture. We completely eliminate plain-text private key storage by encrypting and delegating all credentials natively to the user's Operating System Keyring. We also implemented an onboard localhost Legal/Privacy generator to bypass centralized Google verifications. [3] Isolated Tri-IPC Architecture: Designed a highly secure 3-node Inter-Process Communication (IPC) network. Nyxora strictly segregates its system into three independent local processes: the Dashboard UI, the Core Gateway, and the MCP Server. This isolation prevents single-point-of-failure exploits. [4] MEV-Protected Web3 Execution: Developed a dynamic Web3 Multi-Router system to seamlessly execute NLP-driven swaps across Arbitrum DEXs. Upgraded the core config to route transactions through Private RPCs (Flashbots, MEV-Blocker) by default, shielding users from Sandwich Bot attacks. [5] Universal MCP Integration: Implemented the Model Context Protocol (MCP), transforming Nyxora into a universal bridge that allows any external AI client (like Claude Desktop) to securely interact with Arbitrum DeFi within a strictly sandboxed environment. [6] Untrusted Plugin Sandbox VM: Solved the "Rogue Plugin" dilemma by building an airtight Node.js isolated-vm execution chamber. Users can safely install community-built third-party Web3 skills without giving the code any read/write access to the local filesystem. [7] Cryptographic Nonce Guard (Replay Protection): Engineered a military-grade validation layer within the transactionManager. Every pending UI approval payload is cryptographically signed with a randomized 16-byte Nonce, completely eliminating Double-Spending and Replay Attacks. [8] 4-Layer Cognitive Memory & Anti-Injection Shield: Pioneered a masterpiece 4-Layer Memory Architecture powered by persistent background reflection. The AI autonomously learns user behaviors to seamlessly autocomplete repetitive DeFi workflows. We deployed a Hard-Coded RegExp Validator that physically intercepts and annihilates Private Keys or Prompt Injection attempts before reaching the database. [9] Decentralized Portfolio Multicall: Built a hyper-fast, localized Portfolio Scanner utilizing parallel Multicall smart contracts. The AI natively detects obscure/custom tokens dynamically and integrates DexScreener caching to compute real-time USD valuations. [10] High-Concurrency AI Engine & Self-Healing Infrastructure: Optimized the Core AI Engine using a Semantic Keyword Router and SQLite WAL-mode memory, delivering zero-latency execution. Additionally, we fortified the gateway daemon with robust anti-crash resilience and intelligent auto-migration capabilities on boot. [11] Emergency Death-Loop Lockdown: Implemented a critical emergency monitoring protocol. If a core microservice crashes catastrophically, the system autonomously triggers an absolute lockdown to protect the global state and broadcasts a high-priority SOS alert to Telegram.

融资状态

Bootstrapped (Self-funded). Currently open to ecosystem grants and early-stage seed investments to scale our Zero-Knowledge security infrastructure and expand our Arbitrum on-chain AI capabilities.