Inspiration
Blockchain transactions generate millions of on-chain logs every second. Finding anomalies, suspicious transfers, or unusual patterns manually is slow, error-prone, and simply does not scale. We wanted to build an agent that could reason over any crypto wallet and answer questions in plain English, instantly.
What it does
ELSA is a multi-step AI crypto wallet analyzer that indexes on-chain transaction data into Elasticsearch and detects anomalies in real time. Users ask questions in plain English and ELSA runs ES|QL queries, reasons over the results, and returns clear actionable answers including risk scores, anomaly reports, token activity, and a full AI-generated wallet summary.
How we built it
ELSA is built on Elastic Agent Builder and Elasticsearch for fast hybrid search and ES|QL query execution. OpenAI powers the reasoning layer. The backend runs on Node.js and TypeScript with an Express server, while the frontend is built with React and Vite. On-chain transaction data is indexed and queried through a custom agent orchestrator with tool definitions for multi-step reasoning.
Challenges we ran into
Designing the agent loop to handle multi-step reasoning without losing context was the biggest challenge. Mapping on-chain transaction data into Elasticsearch index structures that support both keyword and vector search required careful schema planning. Making the Glass Box UI update in real time without blocking the reasoning loop also took significant iteration.
Accomplishments that we're proud of
ELSA detects real threats like dust attacks, spoofed token transfers, and rapid batch transactions — and explains every finding clearly. The Glass Box UI provides a level of auditability rarely seen in AI agents. The full pipeline from wallet input to AI-generated analysis runs in seconds using Elasticsearch as the retrieval backbone.
What we learned
Elasticsearch is far more powerful as an AI retrieval platform than a simple search engine. ES|QL enables precise, expressive queries that pair naturally with LLM reasoning. Building transparent AI agents requires as much design thinking on the explanation layer as on the reasoning layer itself.
What's next for ELSA
Real-time streaming ingestion of live on-chain data, multi-wallet monitoring, and automated alert workflows triggered when anomalies are detected. We also plan to expand ELSA beyond crypto into broader application log analysis and incident response use cases.
Features Used
The core features used in this project are Elastic Agent Builder for multi-step tool orchestration, Elasticsearch for hybrid search and vector indexing, and ES|QL for expressive real-time query execution against on-chain transaction data.
Features We Liked
ES|QL made it possible to write precise, chainable queries that pair naturally with LLM reasoning — far more powerful than standard search. The Elastic Agent Builder tool orchestration system made it straightforward to define custom tools and build a reasoning loop that actually completes multi-step tasks rather than returning a single result.
Built With
- elastic-agent-builder
- elasticsearch
- express.js
- node.js
- react
- tailwind
- typescript
Log in or sign up for Devpost to join the conversation.