Veritas: The Forensic Crypto Detective

A forensic AI engine powered by Gemini 3.0 that detects crypto scams, distinguishes "Meme Culture" from "Utility Fraud," and instantly blocks serial ruggers using Elephant Memory.

Comment

Inspiration

We are tired of seeing people lose money. In crypto, "rug pulls" happen every single day, and the current tools people use to stay safe are failing them.

Most existing scanners (like RugCheck or TokenSniffer) just look at the code. If the code is clean, they say it's safe. But sophisticated scammers know this, so they deploy clean contracts but fund them with dirty wallets, or trick users with high-effort phishing websites. The scanners are blind to the context.

We wanted to build the anti-scanner. We didn't want another dashboard that just gives you a list of numbers. We wanted a Forensic Investigator - a tool that looks at the code, tracks the criminal history, reads the website pixels, and tells you the brutal truth about the developer's intent.

What it does

Veritas acts as a forensic analyst for Solana tokens. Instead of just giving you a generic risk score like "80/100", it gives you a clear verdict: Safe, Caution, or Scam.

It does 4 specific things that standard scanners can't:

  • Multimodal Cross-Examination: It uses Gemini 3.0 Vision to actually "look" at the project's website and Twitter. It spots "Visual Lies" - like a website claiming a Microsoft partnership when the blockchain data shows it’s a 5-minute-old meme coin.
  • Elephant Memory: This is our killer feature. If a developer scams someone once, Veritas fingerprints their wallet cluster. If they try to launch a new token ten minutes later, Veritas blocks it instantly (0.05s latency) before we even waste time scanning the code.
  • The "Hybrid Brain" (Forensic + Degen): We split the AI personality. It performs a rigorous scientific audit, but delivers the verdict in "Street Mode" - giving users a punchy, slang-filled summary (e.g., "Dev dumped 90%, website is a template. It's giving rug energy.") alongside the technical report.
  • Agent-Ready (MCP): Veritas isn't just a website. We built it as a Model Context Protocol (MCP) server, meaning AI Agents (like Claude or Cline) can "plug in" to Veritas to perform their own automated security checks.

How we built it

We built Veritas as a full-stack Next.js app, but the heavy lifting is done by the Gemini 3.0 Flash Preview API.

1. The Brain (Gemini 3.0)

We pushed Gemini 3.0 to its limits using two specific features:

  • System 2 Thinking: We enabled thinkingConfig: { thinkingLevel: "medium" }. This forces the model to generate an internal "Reasoning Trace" before answering. It allows the AI to "think" through contradictions (e.g., "Why is liquidity low if the Market Cap is high?") rather than hallucinating an answer.
  • Vision Optimization: We capture live screenshots using Microlink and feed them into Gemini. We tuned mediaResolution to balance cost vs. accuracy, allowing the AI to spot phishing templates without blowing up our latency budget.

2. The Infrastructure

  • Helius RPC: Digs into on-chain history to trace the "Deployer Graph" and find past projects.
  • RugCheck API: Provides the raw security simulation data (Mint Authority, LP Locks).
  • MongoDB: Stores our "Elephant Memory" of known bad actors.
  • Context Protocol (MCP): We wrapped our core logic into an MCP Server, making Veritas the first "Headless" forensic tool for the AI Agent economy.

Challenges we ran into

The biggest headache was Speed vs. Intelligence. A standard scanner takes 1 second because it's dumb. Veritas takes time (~25-30s) because it is performing a deep forensic audit. Initially, the latency was even higher because we were uploading massive 4MB screenshots to Gemini, causing timeouts.

To fix this, we engineered a "Smart Pipeline":

  1. We switched to Parallel Data Fetching (grabbing History, Security, and Screenshots simultaneously).
  2. We implemented Smart Compression, resizing screenshots to 800px (enough for AI to see scams, small enough to upload instantly).
  3. We tuned Gemini's Thinking Budget, finding the sweet spot between "Deep Reasoning" and "Fast Response."

We successfully stabilized the scan time to under 30 seconds - delivering a comprehensive investigation in less time than it takes a human to open Twitter.

Accomplishments that we're proud of

We are really proud of the "Ghost Ship" Detection. During testing, we scanned a token that had clean code but zero developer activity. A normal scanner gave it a 100/100 "Safe" score. Veritas correctly identified it as a "Legitimate Ghost Ship" - safe from a rug pull, but abandoned by the dev. It captured the nuance that code can be safe while the project is dead.

Building the Elephant Memory was also satisfying. Seeing the system instantly block a "fresh" token just because the creator had flagged a different token three scans ago felt like magic. It felt like we were actually stopping a crime in real-time.

What we learned

We learned that context is everything. Raw data like "Liquidity: $1000" means nothing unless you know the age of the token. AI needs to be taught how to interpret the data, not just summarize it.

We also learned that vision is critical for security. Code audits can be perfect, but the website can still be a phishing trap. Multimodal AI is the only way to catch those visual lies.

What's next for Veritas

We see Veritas as the foundation for the "Agentic Security Layer."

  • Browser Extension: Popping up warnings directly on Pump.fun or Raydium before a user clicks buy.
  • The "Hiring Intel" Tool: We plan to clone our forensic engine to analyze Company Careers pages for the Context Protocol marketplace.
  • Community Memory: Opening our "Elephant Memory" database so the community can report scams, making our dragnet stronger with every scan.

Built With

Share this project:

Updates