Date: June 26, 2025
Proponent: Dr. Mohammadreza Ashouri
Requested Amount: 9,900 DOT (equivalent to ~$32,670 at $3.3/DOT)
Project Category: Security Infrastructure
Timeline: 7 weeks
The blockchain space is constantly under attack. In 2024 alone, cryptocurrency investors lost over $12.4 billion to scams and exploits, with 117,000+ fraudulent tokens created—a 41% increase from the previous year. These aren't simple copy-paste scams anymore. Modern attackers use sophisticated techniques: hidden smart contract functions, social engineering campaigns, fake development teams, and complex cross-chain manipulations that traditional security tools simply cannot detect.
The problem goes far beyond analyzing lines of code. A perfectly written smart contract can still be a scam if the team behind it plans to disappear with funds. Social signals, team behavior patterns, tokenomics design, and community manipulation tactics often reveal malicious intent before any code vulnerability does. This is why rule-based security scanners that only examine code miss the majority of real-world threats—they're fighting yesterday's battles with yesterday's tools.
amIrug.xyz presents an AI-based adoptive protecting solution. Instead of relying on static rules written once and never updated, our platform learns continuously from each new scam, building intelligence that adapts to evolving threat landscapes. We've been creating a system that any crypto user—from casual investors to experienced developers—can use with a simple web interface. No configuration, no technical expertise required. Just paste a contract address and get instant, intelligent risk assessment that considers not just code patterns, but team reputation, social signals, and behavioral anomalies.
Our success speaks volumes: 12,547+ contracts analyzed so far, $5.7M+ in potential losses prevented, 2,891+ scams identified with 98.5% accuracy. We're not just protecting individual investors—we're building cleaner, more trustworthy ecosystem that legitimates projects can thrive in.
While other major blockchains have evolved their security infrastructure, Polkadot faces a critical gap. The ecosystem currently relies on a handful of developer-focused tools that miss the bigger picture:
This gap becomes more dangerous as Polkadot's DeFi ecosystem grows and attracts both legitimate projects and malicious actors.
Current Polkadot security tools serve specific niches but leave massive blind spots:
What's Missing: Intelligent, adaptive security that combines code analysis with behavioral patterns, social signals, and cross-chain risk assessment—accessible to everyone in the ecosystem.
Learning Intelligence: Our AI models don't just follow pre-written rules. They learn from every new scam pattern, team behavior, and attack vector, becoming smarter over time. When scammers evolve their tactics, our platform evolves faster.
Beyond Code Analysis: While others focus solely on smart contract code, we analyze the complete threat space—team reputation, social media signals, token distribution patterns, governance proposal behaviors, and cross-chain interactions.
Universal Accessibility: Anyone can use our platform. Paste a contract address, get instant results. No CLI commands, no IDE setup, no technical configuration. Security intelligence should be accessible to everyone, not just developers.
Real-Time Protection: We monitor contracts and governance activities continuously, detecting threats as they emerge rather than waiting for post-mortem analysis.
Budget: 4,500 DOT (~$14,850)
Budget: 3,300 DOT (~$10,890)
Budget: 2,100 DOT (~$6,930)
Total Budget: 9,900 DOT (~$32,670)
Capability | amIrug.xyz | Scout | ink! Analyzer | Phishing Lists |
---|---|---|---|---|
AI-Powered Detection | ✅ Learns from new threats | ❌ Static rules only | ❌ Static checks | ❌ Manual curation |
Social Signal Analysis | ✅ Team & community assessment | ❌ Code-only focus | ❌ Code-only focus | ❌ Limited scope |
Cross-Chain Security | ✅ XCMP/HRMP analysis | ❌ Single-chain focus | ❌ Single-chain focus | ❌ Address-level only |
Real-Time Monitoring | ✅ Continuous threat detection | ❌ Development-time only | ❌ Development-time only | ❌ Reactive updates |
User Accessibility | ✅ Web interface for everyone | ❌ CLI/developer-only | ❌ IDE/developer-only | ❌ Background protection |
Governance Security | ✅ OpenGov threat analysis | ❌ Limited scope | ❌ Not applicable | ❌ Not applicable |
Runtime Analysis | ✅ Planned pallet security | ✅ Strong capability | ❌ Not applicable | ❌ Not applicable |
Key Differentiator: amIrug.xyz provides the intelligence layer that existing tools lack—combining code analysis with behavioral patterns, social signals, and cross-ecosystem threat intelligence.
Dr. Mohammadreza Ashouri (PhD) - Lead Developer & Security Researcher
Ph.D. in Software Security from University of Potsdam, Germany (2020)
Proven Blockchain Security Expertise: Creator of amIrug.xyz
Polkadot Ecosystem Experience:
Industry Experience:
Technical Speaking & Research:
Arjun - AI Engineer & Machine Learning Specialist
Zer0_Cipher - Security Engineer & Fullstack Developer
Current Platform Achievement:
Machine Learning Core: Our platform extends existing AI models (trained on 8,000+ token datasets with 92% rugpull prediction accuracy) to Polkadot's unique architecture. Unlike static rule-based tools, our system learns from new attack patterns and adapts continuously.
Multi-Layer Analysis:
Real-Time Intelligence: Continuous monitoring using Substrate RPC endpoints and event streams provides immediate threat detection upon contract deployment or governance proposal submission.
Analysis Coverage:
While this proposal focuses on core security functionality, our roadmap includes:
Market Timing: Security consciousness is at an all-time high after recent industry losses exceeding $2B in Q1 2025 alone. Polkadot can lead by example.
Competitive Position: While other ecosystems rely on reactive security measures, Polkadot can offer proactive, intelligent threat detection.
Ecosystem Growth: Security infrastructure enables institutional adoption and enterprise confidence—critical for Polkadot's next growth phase.
Community Protection: Every prevented scam strengthens trust in the entire ecosystem, attracting more legitimate projects and users.
The blockchain industry stands at a crossroads. We can continue accepting massive losses to increasingly sophisticated scams, or we can build intelligent defenses that evolve with the threat landscape.
amIrug.xyz shows proven technology that has already protected millions in value across other ecosystems. With this funding, Polkadot can join the ranks of security-first blockchains while gaining a competitive advantage that attracts both developers and users seeking a safer environment.
We're not asking for research funding—we're asking for integration funding to bring working, battle-tested security intelligence to Polkadot. The platform exists, the AI models work, and the community needs protection.
Note that the question isn't whether Polkadot needs better security tools—it's whether Polkadot wants to lead the industry in intelligent threat prevention in the blockchain space.
Threshold
✅ Why Vote YES
• Proactive, intelligent security: The platform learns from every new scam and adapts its detection models continuously—far beyond rule-based tools.
• Real-time threat monitoring: Detects malicious behavior as it happens—across runtime pallets, smart contracts, OpenGov, and cross-chain interactions.
• Accessible to everyone: Simple web interface requires no technical skills; users just paste an address for instant threat assessment.
• Polkadot-specific focus: Tailored analysis for ink! contracts, XCMP/HRMP messaging, staking/governance pallets, and OpenGov manipulation risks.
• Proven effectiveness: Already scanned 12,000+ contracts, prevented $5.7M+ in losses, and identified 2,800+ scams with 98.5% accuracy.
• Fills critical gaps: Goes beyond existing tools like Scout and ink! Analyzer by incorporating social signals, behavior patterns, and multi-chain context.
• Low cost, high impact: Only 9,900 DOT for full delivery in 7 weeks—well-scoped across 3 clear development phases.
• Reinforces Polkadot’s position as a security-conscious and innovation-driven Web3 ecosystem.
⸻
❌ Why Vote NO
• Single-team project: No open competition or collaboration—concentrates trust in one team.
• Unclear long-term governance: Who maintains, audits, or evolves the tool beyond this 7-week sprint?
• Privacy concerns: Behavioral analysis and social signal mining may raise ethical concerns around user tracking and algorithmic bias.
• Partial redundancy risk: Some upcoming improvements to ink! tooling and OpenGov monitoring may overlap with this system’s functions.
⸻
🎯 A focused and high-impact initiative that could elevate Polkadot’s security leadership—though some voters may prefer broader collaboration or stronger guarantees for long-term stewardship.
onchain identity not available