TxScopeMainnet Beta

Engine Online

Coverage79% tracked

Replay7/7 flagged

SEALAligned

Pre-Sign Threat Intelligence · Solana

Know what you're
signing.

Paste your Squads vault. TxScope parses, simulates, decodes, and calibrates each pending proposal into a signer-facing threat report before anyone approves it.

Built for protocol security councils, DAO treasuries, and anyone who wants the moment of signing to be reviewable instead of blind.

Scan your multisig View live watch See case studies

Free · No loginSEAL Aligned

Squads V431 protocol families7 replayed exploits50 watched vaultsRead-only

Flagship Case · Live Report

CRITICALBLOCKDrift Protocol · Apr 1 · 2026

Admin Transfer + Durable Nonce

A single Squads proposal handed protocol admin to a 1‑day‑old wallet and queued it as a non-expiring nonce. Every red flag was detectable before any signer approved.

Risk

/ 100

VaR

$285M

CU used

142k

Durable nonceYes · Never expires

Authority transferAdmin → 1-day wallet

Withdrawal guardsRaised 100,000×

Pattern match98% confidence

TxScope verdict

TX1: Admin Transfer →·TX2: Guards →

How a $500 fake token drained $285M from Drift

Full forensic investigation

Detection

What TxScope detects

The public story is simple: control changes, value movement, program trust, exploit-shape correlation, and unresolved ambiguity all feed a calibrated verdict.

Block

Control-plane changes

Admin, upgrade, authority, guard, or governance changes that materially alter who can move funds or mutate protocol rules.

Critical

Program trust & code risk

Unknown, newly deployed, recently upgraded, or unresolved program paths that make the transaction harder to trust at signing time.

High

Exploit-shape correlation

Multi-signal matches consistent with known exploit classes, without relying on any single heuristic to carry the whole verdict.

Trace

Instruction & state evidence

Decoded instruction trace plus token, SOL, and account-state changes so reviewers can verify the raw mechanism.

Profile

Behavioral calibration

Replay against known exploits and routine watch traffic keeps new signal useful instead of turning every proposal into a warning.

Score

Signer verification guidance

Evidence the signer must verify externally, phrased as concrete checks rather than intent-confirmation traps.

Workflow

From paste to verdict in under two seconds.

TxScope is a read-only interpretation layer for Solana multisigs: parse the transaction, simulate live state, apply protocol knowledge, and emit a calibrated report.

Step · 01

Parse

Accept a Squads URL, vault address, or raw base64 transaction and resolve the signer-facing execution context.

Step · 02

Simulate

Run the transaction against current mainnet state and extract the state diff, CPI tree, and execution metadata.

Step · 03

Interpret

Apply protocol knowledge, structural findings, and exploit-shape correlation without hiding uncertainty.

Step · 04

Decide

Emit a calibrated verdict, concrete evidence to verify, and a report a signer can actually inspect.

Read the engine deep-dive

Proof

Why technical skeptics take it seriously.

The claim is not “trust our model.” The claim is that the product exposes enough evidence, replay proof, and calibration discipline to audit the result.

Replay corpus

7/7

Historical incident families guaranteed to land at least CAUTION in the enforced replay baseline. Current regenerated artifacts are stronger on 5 of those cases.

Coverage posture

172/217

Solana catalog patterns with full or partial coverage, computed from the shipped registry.

Protocol depth

Tracked programs across curated protocol families, with bundled IDLs where available.

Watch surface

Live monitored vaults across 7 governance adapters.

Open watch console

Principles

What TxScope is — and isn't.

Not an audit

Coverage

Audits verify code at one point in time. A $100K audit wouldn't have caught the Drift hack — the code wasn't the problem, the signers were. TxScope verifies every transaction, every time, at the moment of signing.

Not a wallet scanner

Scope

Consumer wallet tools flag scams and phishing sites. They don't understand multisig governance: durable nonces, authority transfers, withdrawal guard manipulation, oracle changes. TxScope is built for the governance layer where nine-figure decisions are made.

Read-only. Non-custodial.

Safety

TxScope never holds keys, never signs transactions, and never has write access to anything on-chain. We simulate the transaction against mainnet and report what we find. That's it.

We never say “safe.”

Honesty

The strongest positive signal TxScope gives is “No Known Threats Detected in Simulation.” We tell you what we found — you decide whether to sign. Simulation is a prediction, not a guarantee.

What we catch that audits don't

Operational

Operationally dangerous transactions at the moment of signing: non-expiring approvals, authority handoffs, suspicious value movement, exploit-shape correlations, and unresolved execution paths. Audits and TxScope solve different problems.

SEAL-aligned

Framework

External transaction monitoring is a recommended security control under the Security Alliance (SEAL) framework. TxScope fills this role for Solana multisigs.

Protect your signers

Your next proposal could be the one.

Free for on-demand scans. Sentinel monitors every pending proposal automatically, with instant Telegram and Slack alerts.