A Smart Contract AI Copilot that helps developers audit and generate Solidity smart contracts using AI trained data. Aim to make smart contract security faster, more accessible and more transparent.
ZeroVuln is a Smart Contract AI Copilot and community-driven AI security platform that helps developers audit existing smart contracts and generate new Solidity contract baselines. The platform is powered by structured vulnerability knowledge contributed by white-hat security researchers and validated by expert reviewers. Instead of relying only on opaque AI training data, ZeroVuln creates a verifiable security intelligence loop where every accepted vulnerability label can improve the AI training dataset.
The flow involves three main roles: hackers, reviewers, and customers. Hackers submit labeled smart contract vulnerability data, including vulnerable code snippets, attack scenarios, fix patterns, severity levels, and reasoning. These submissions are stored in 0G Storage, where each record receives a content-addressed hash. The hash is then anchored on 0G Chain to create a tamper-evident timestamp proof, making the submitted data verifiable and traceable. Reviewers validate each submission and decide whether the label is accurate, useful, and suitable for the training dataset. Their review decision is also stored and anchored, creating an accountable validation trail.
Once a label is approved, it becomes part of ZeroVuln’s training dataset. When a customer uses ZeroVuln to audit an existing smart contract or generate a new one, 0G Compute processes the request using the approved security knowledge. The AI then returns vulnerability findings, attack explanations, recommended fixes, or generated smart contract output. Each AI reasoning trace is stored in 0G Storage and anchored on 0G Chain, so customers can verify which model version, training data, hacker contributions, and reviewer validations influenced the result.
For customers, ZeroVuln provides a faster and more accessible way to identify vulnerabilities and receive security recommendations before deploying smart contracts. For hackers and reviewers, it creates a contribution system where their expertise becomes part of a cumulative AI security dataset. By combining 0G Storage for verifiable data persistence, 0G Compute for AI training and inference, and 0G Chain for on-chain attribution and timestamp proofs, ZeroVuln makes smart contract security more transparent, accountable, and accessible for early-stage Web3 builders.
During this hackathon, we are using the oldest SDLC which is Waterfall, where each team member had a clear role and responsibility across every phase. this helped us stay structured, focused and aligned within the limited hackathon timeline.
Idea Discussion, in this phase we explored several ideas, discussed the potential value of each one and aligned as a team on the final idea we wanted to build.
Design, in this phase we determine the roles, user flow and deciding the functions that we’re planning to deliver for this hackathon. This phase helped us turn the concept into a clearer product structure.
Development, after all ideas turned into design, this phase is where the developer starts to make the designs become real application, our three developers are working closely together with our product designer, adding or deducting on which functions are possible to deliver in this short time to achieve the most valuable features.
Testing, once the development completed, product designer starts to test the application, matching the app functionality with the design, marking any findings when the feature does not running like expected and collaborating with the developers for the fix code.
Launch, the final step of all the phases. At this stage, we had a functional product that was ready to be reviewed and demonstrated.
Testnet
168 Generated Contracts Secured
33 Submitted Findings
5 Active Auditors
6 0G Reward Distributed
Mainnet
10 Generated/Analyzed Contracts Secured
6 Submitted Findings
1 Active Auditors
4 0G Reward Distributed
"Tried ZeroVuln recently, pretty useful for spotting issues early before audit. The AI explanations are clear and the whole review flow feels transparent."
- Ceavin, Indie Web3 Developer,
Software Engineer at Traveloka.
We are actively raising.