Miiso

I've been in DeFi long enough to watch friends lose everything to 3am

exploits they never saw coming. The pattern is always the same — someone

approved a contract months ago, forgot about it, and woke up to an empty

wallet. That's the problem Miiso fixes.

Miiso is an autonomous security agent that runs continuously on Base.

It watches every single smart contract deployed on the network, feeds

the bytecode through Venice AI's uncensored reasoning models for exploit

analysis, and — if a threat is confirmed — automatically fires an

approve(0) transaction through 1Shot's permissionless relayer before

any attacker can act. The whole process takes under 9 seconds from

contract deployment to revocation. Gas is paid in USDC. The user

never needs to touch their wallet again after the initial setup.

The permission model is what makes this genuinely different. Using

MetaMask's ERC-7715 Advanced Permissions, users grant Miiso exactly

one ability — the ability to reset token approvals to zero. That's it.

The ApprovalRevocationEnforcer contract on Base makes this restriction

mathematically enforced on-chain. Miiso cannot transfer funds, cannot

swap, cannot touch your balance. If it tries anything else, the

blockchain rejects it.

During the hackathon I built the full pipeline: real-time block

monitoring via QuickNode Flashblocks WebSocket, EVM bytecode

decompilation using Heimdall-rs, Venice AI inference paid via x402

SIWE signatures, ERC-7710 delegation payload assembly, and 1Shot relay

submission with Ed25519 webhook verification. The frontend is a Vite

React SPA with a live SSE event stream showing every scan, every threat,

and every protection event in real time.

Revenue is outcome-based. If Miiso protects $7,000 of your assets,

it charges 1.5% — $105. If nothing happens, you pay nothing. The

same model Immunefi uses for bug bounties. It only makes money when

it earns it.

$1.49 billion was lost to DeFi exploits in 2024. Over 75% of retail

losses came from token approvals users had forgotten about. Miiso is

the first consumer product that actually does something about that

autonomously — not a dashboard, not an alert, but a real agent that

acts while you're asleep.

Started with zero — no team, no codebase, no prior work on this idea.

Over the hackathon I researched the entire threat landscape (exploit

timing windows, bytecode signatures, AI detection accuracy benchmarks),

designed the full system architecture, and built the core protection

pipeline end to end.

The backend daemon runs real-time block monitoring on Base via WebSocket,

decompiles contract bytecode with Heimdall-rs in a worker thread pool,

calls Venice AI for uncensored exploit analysis via x402 payments, and

submits ERC-7710 revocation payloads through 1Shot's permissionless

relayer. The MetaMask ERC-7715 permission grant flow is implemented

using the token-approval-revocation enforcer at the correct Base contract

address. The frontend shows a live SSE-powered event log with real-time

threat tiers, confidence scores, and protection confirmations.

Biggest technical challenge was the Base block timing problem — 2-second

FIFO sequencer blocks mean reactive mempool interception is impossible,

so the entire product had to be redesigned around proactive deployment

scanning rather than reactive attack interception. That decision actually

made the product stronger.

Not currently fundraising. Focused on proving the core loop works

reliably in production before any conversations about capital.