🌟 Overview

Claude-Flow Web3 Auditing Platform is an AI-powered smart contract security analysis system that revolutionizes blockchain application auditing. By combining specialized security agents, vulnerability pattern recognition, and automated audit workflows, Claude-Flow enables comprehensive Web3 security analysis.

🎯 Key Features

• 🔐 Smart Contract Security: AI-powered vulnerability detection for Solidity, Vyper, and Web3 applications
• 🤖 Specialized Security Agents: 8+ dedicated agents for different security domains (DeFi, Access Control, Reentrancy, Oracles)
• ⚡ Automated Audit Workflows: End-to-end security analysis from code review to report generation
• 🎯 Vulnerability Pattern Database: Pre-loaded knowledge of common Web3 vulnerabilities and exploits
• 💰 DeFi Protocol Analysis: Specialized analysis for lending protocols, AMMs, yield farming, and flash loan risks
• ⛽ Gas Optimization: Automated recommendations for reducing transaction costs
• 🔄 Multi-Chain Support: Analysis for Ethereum, BSC, Polygon, Arbitrum, and other EVM chains
• 📊 Comprehensive Reporting: Professional audit reports with severity ratings and remediation steps
• 🧠 Neural Security Patterns: Machine learning-based detection of novel attack vectors

🔥 AI-Powered Web3 Security: Catch critical vulnerabilities before they become exploits

🎯 NEW: Web3 Security Audit Mode (v2.5.0-alpha.140)

AI-powered smart contract auditing - comprehensive security analysis with specialized security agents.

Security Analysis Capabilities:

• 🔐 Reentrancy Detection: Identifies cross-function and read-only reentrancy vulnerabilities
• 💰 DeFi Risk Analysis: Flash loan attacks, oracle manipulation, price manipulation detection
• 🔑 Access Control Review: Permission escalation, role-based access control validation
• ⛽ Gas Optimization: Identifies expensive operations and suggests optimizations
• 🔒 Cryptographic Review: Signature verification, randomness, and encryption analysis

Quick Start:

Option 1: Web3 Audit Mode

# Initialize Web3 audit environment
npx claude-flow@alpha init --mode web3-audit

# Start comprehensive audit
npx claude-flow@alpha audit "path/to/contracts" --full-analysis

Option 2: Direct Contract Analysis

# Analyze specific vulnerabilities
npx claude-flow@alpha audit analyze --file MyContract.sol --check reentrancy,access-control

# Generate audit report
npx claude-flow@alpha audit report --format pdf --severity critical,high

Vulnerability Coverage:

✓ Reentrancy (CEI pattern violations)
✓ Integer Overflow/Underflow (SafeMath)
✓ Access Control Issues (ownership, roles)
✓ Oracle Manipulation (price feeds)
✓ Front-Running (MEV vulnerabilities)
✓ Flash Loan Attacks (liquidity risks)
✓ Gas Optimization (storage patterns)
✓ Cryptographic Weaknesses (signatures, randomness)

📚 Docs: WEB3-AUDIT-GUIDE.md | Agents: 8 specialized security experts

🌐 Web3 Security Infrastructure

Claude-Flow Web3 Auditing Platform includes comprehensive security analysis infrastructure:

• Multi-Chain Analysis: Support for Ethereum, BSC, Polygon, Arbitrum, Optimism, and other EVM chains
• DeFi Protocol Expertise: Specialized analysis for Uniswap, Aave, Compound, Curve, and custom protocols
• Vulnerability Database: 50+ pre-loaded vulnerability patterns with detection algorithms
• Audit Report Generation: Professional reports with severity ratings, remediation steps, and PoC exploits
• Continuous Monitoring: Real-time vulnerability scanning for deployed contracts
• Gas Profiling: Detailed analysis of transaction costs and optimization opportunities

📚 Complete documentation: See WEB3-AUDIT-GUIDE.md for comprehensive security analysis workflows

⚡ Get Started with Web3 Auditing

📋 Prerequisites

• Node.js 18+ (LTS recommended)
• npm 9+ or equivalent package manager
• Smart Contract Files: Solidity (.sol) or Vyper (.vy) files to audit
• Optional: Foundry, Hardhat, or Truffle for additional analysis

⚠️ IMPORTANT: Claude Code must be installed first:

# 1. Install Claude Code globally
npm install -g @anthropic-ai/claude-code

# 2. (Optional) Skip permissions check for faster setup
# Only use if you understand the security implications
claude --dangerously-skip-permissions

🎯 NEW: Claude-Flow now supports Claude Code Max! Use npx claude-flow claude spawn inside Claude Code to get Task tool instructions. Learn more

💡 For Auditors: Claude-Flow works seamlessly with existing audit tools like Slither, Mythril, and Foundry for comprehensive analysis.

🎯 Quick Start - Web3 Audit

Method 1: Initialize Web3 Audit Mode

# Initialize Web3 security audit environment
npx claude-flow@alpha init --mode web3-audit --force

# Start auditing your smart contracts
npx claude-flow@alpha audit "contracts/" --full-analysis --output audit-report.pdf

Method 2: Interactive Audit Workflow

# 1. Launch the Web3 audit wizard
npx claude-flow@alpha hive-mind wizard --mode web3-audit

# 2. Start comprehensive security analysis
npx claude-flow@alpha hive-mind spawn "audit MyToken.sol for all vulnerabilities" --agents smart-contract-auditor,defi-security-specialist

# 3. Generate detailed report
npx claude-flow@alpha audit report --format markdown --severity all

Method 3: Specific Vulnerability Checks

# Check for specific vulnerability types
npx claude-flow@alpha audit check --file MyContract.sol --vulnerability reentrancy
npx claude-flow@alpha audit check --file DeFiProtocol.sol --vulnerability flash-loan,oracle-manipulation
npx claude-flow@alpha audit optimize --file Contract.sol --focus gas

🚀 Quick Start with Flow Nexus

# 1. Initialize Flow Nexus only (minimal setup)
npx claude-flow init --flow-nexus

# 2. Register and login (use MCP tools in Claude Code)
mcp__flow-nexus__user_register({ email: "your@email.com", password: "secure" })
mcp__flow-nexus__user_login({ email: "your@email.com", password: "secure" })

# 3. Deploy your first cloud swarm
mcp__flow-nexus__swarm_init({ topology: "mesh", maxAgents: 5 })
mcp__flow-nexus__sandbox_create({ template: "node", name: "api-dev" })

🤔 Swarm vs Hive-Mind: Which to Use?

Quick Rule: Start with swarm for most tasks. Use hive-mind when you need persistent sessions or complex multi-agent coordination.

🎯 Typical Workflows - Your "Happy Path" Guide

New to Claude-Flow? Start Here!

Confused about .hive-mind and .swarm directories? Not sure when to create new hives? Here are the most common workflow patterns:

🚀 Pattern 1: Single Feature Development

# Initialize once per feature/task
npx claude-flow@alpha init --force
npx claude-flow@alpha hive-mind spawn "Implement user authentication" --claude

# Continue working on SAME feature (reuse existing hive)
npx claude-flow@alpha hive-mind status
npx claude-flow@alpha memory query "authentication" --recent
npx claude-flow@alpha swarm "Add password reset functionality" --continue-session

🏗️ Pattern 2: Multi-Feature Project

# Project-level initialization (once per project)
npx claude-flow@alpha init --force --project-name "my-app"

# Feature 1: Authentication (new hive)
npx claude-flow@alpha hive-mind spawn "auth-system" --namespace auth --claude

# Feature 2: User management (separate hive)  
npx claude-flow@alpha hive-mind spawn "user-management" --namespace users --claude

# Resume Feature 1 later (use session ID from spawn output)
npx claude-flow@alpha hive-mind resume session-xxxxx-xxxxx

🔍 Pattern 3: Research & Analysis

# Start research session
npx claude-flow@alpha hive-mind spawn "Research microservices patterns" --agents researcher,analyst --claude

# Continue research in SAME session
npx claude-flow@alpha memory stats  # See what's been learned
npx claude-flow@alpha swarm "Deep dive into API gateway patterns" --continue-session

🤔 When Should I Create a New Hive?

📁 Understanding "Empty" Directories

Don't panic if directories seem empty! Claude-Flow uses SQLite databases that may not show files in directory listings:

# Check what's actually stored (even if directories look empty)
npx claude-flow@alpha memory stats        # See memory data
npx claude-flow@alpha memory list         # List all namespaces  
npx claude-flow@alpha hive-mind status    # See active hives

# Your project structure after initialization:
# .hive-mind/     <- Contains config.json + SQLite session data
# .swarm/         <- Contains memory.db (SQLite database)
# memory/         <- Agent-specific memories (created when agents spawn)
# coordination/   <- Active workflow files (created during tasks)

🔄 Continuing Previous Work

# See what you were working on
npx claude-flow@alpha hive-mind status
npx claude-flow@alpha memory query --recent --limit 5

# List all sessions to find the one you want
npx claude-flow@alpha hive-mind sessions

# Resume specific session by ID
npx claude-flow@alpha hive-mind resume session-xxxxx-xxxxx

🪝 Advanced Hooks System

Automated Workflow Enhancement

Claude-Flow v2.0.0 introduces a powerful hooks system that automates coordination and enhances every operation:

# Hooks automatically trigger on operations
npx claude-flow@alpha init --force  # Auto-configures MCP servers & hooks

Available Hooks

Pre-Operation Hooks

• pre-task: Auto-assigns agents based on task complexity
• pre-search: Caches searches for improved performance
• pre-edit: Validates files and prepares resources
• pre-command: Security validation before execution

Post-Operation Hooks

• post-edit: Auto-formats code using language-specific tools
• post-task: Trains neural patterns from successful operations
• post-command: Updates memory with operation context
• notification: Real-time progress updates

Session Hooks

• session-start: Restores previous context automatically
• session-end: Generates summaries and persists state
• session-restore: Loads memory from previous sessions

Hook Configuration

// .claude/settings.json (auto-configured)
{
  "hooks": {
    "preEditHook": {
      "command": "npx",
      "args": ["claude-flow", "hooks", "pre-edit", "--file", "${file}", "--auto-assign-agents", "true"],
      "alwaysRun": false
    },
    "postEditHook": {
      "command": "npx", 
      "args": ["claude-flow", "hooks", "post-edit", "--file", "${file}", "--format", "true"],
      "alwaysRun": true
    },
    "sessionEndHook": {
      "command": "npx",
      "args": ["claude-flow", "hooks", "session-end", "--generate-summary", "true"],
      "alwaysRun": true
    }
  }
}

📚 Complete Documentation

For detailed information about all features, advanced usage, and comprehensive guides, visit our GitHub Wiki:

🤖 Core Features

• Neural Module - SAFLA self-learning systems with 4-tier memory architecture
• Goal Module - GOAP intelligent planning with A* pathfinding
• Agent System Overview - Complete catalog of all 64 agents
• Hive-Mind Intelligence - Queen-led AI coordination patterns

⚡ Advanced Topics

• Memory System - SQLite-based persistent memory
• MCP Tools Reference - Complete guide to all 87 tools
• GitHub Integration - Repository management automation
• Performance Benchmarking - Optimization strategies

📋 Configuration & Templates

• CLAUDE.md Templates - Project-specific configurations
• SPARC Methodology - Test-driven development patterns
• Development Patterns - Best practices

🛠️ Setup & Troubleshooting

• Installation Guide - Detailed setup instructions
• Windows Installation - Windows-specific setup
• Troubleshooting - Common issues and solutions
• Non-Interactive Mode - CI/CD automation

🤝 Community & Support

• GitHub Issues: Report bugs or request features
• Discord: Join the Agentics Foundation community
• Wiki: Comprehensive documentation
• Examples: Real-world usage patterns

📊 Performance & Stats

• 84.8% SWE-Bench solve rate - Industry-leading problem-solving capability
• 32.3% token reduction - Efficient context management
• 2.8-4.4x speed improvement - Parallel coordination strategies
• 64 specialized agents - Complete development ecosystem
• 87 MCP tools - Comprehensive automation toolkit

📊 Targets (Month 12)

• 5K+ GitHub stars, 50K npm downloads/month
• $25K MRR, 15 enterprise customers
• 90%+ error prevention, 30+ min saved/dev/week

Star History

Built with ❤️ by rUv | Powered by Revolutionary AI

v2.5.0-alpha.140 - The Future of AI Orchestration with PreToolUse Modification Hooks