Ark Manifold Cyber
Bounded cyber review-target packets for AI-assisted security work.
Cyber models generate findings. Ark Manifold turns findings into bounded review packets.
Ark Manifold ranks cyber review targets, separates topology-shaped risk from confirmed exploitability, records evidence boundaries, blocks unsupported cyber claims, and routes findings to human security review.
Cyber review targets have shape
Many security-review targets are not just bad lines of code. They appear as structural patterns in execution:
- unsafe external-call ordering
- reentrancy-shaped paths
- suspicious privilege transitions
- state-update placement review targets
- unstable memory or pointer-flow regions
- anomalous control-flow regions that deserve human review
Ark Manifold analyzes the shape of execution directly. It does not ask an LLM whether code should be trusted. It produces bounded review-target evidence from control-flow structure.
What Ark Manifold Cyber does
Ark Manifold Cyber is a bounded specialist agent for cyber review-target packets. It can inspect code, bytecode, binaries, traces, CFG exports, SBOMs, scanner outputs, and supported source artifacts, then produce a structured packet showing where security engineers should look first.
Source-Optional Review
Ark Manifold is source-optional, not evidence-free. Source code improves localization, but unsupported claims remain blocked.
Topology Pattern Matching
Matches reentrancy-shaped cycles, external-call ordering patterns, privilege-transition review targets, and memory-drift regions without LLM enforcement authority.
Replayable Packets
Returns evidence-bounded review packets, reason codes, scope limitations, blocked claims, and SHA-256 hashes designed for reproducible review.
Human Security Handoff
Routes review targets to human security review. The packet does not confirm exploitability, approve disclosure, verify patches, or replace a security audit.
Source-optional, not evidence-free.
Ark Manifold can emit bounded packets from bytecode, binaries, traces, CFG exports, scanner outputs, SBOMs, or supported source artifacts. Source code improves localization, but unsupported claims remain blocked.
Supported pilot inputs
Ark Manifold accepts source artifacts when available, but can also work from bytecode, binaries, traces, CFG exports, scanner outputs, or SBOM fragments. Source code improves localization. It does not convert a review target into a confirmed exploit.
| Input Type | Example | Network Required |
|---|---|---|
| Ethereum contract address | 0x... |
Yes, for bytecode fetch |
| Raw EVM bytecode | .hex file |
No |
| Binary artifact | Mach-O / ELF | No |
| Supported source artifact | .py file |
No |
| Generic control-flow graph | JSON edge list / trace / export | No |
Deterministic topology / evidence check
The analysis engine checks supported artifacts for topology-shaped review targets and evidence boundaries.
- Target Identification: Maps target binary or bytecode segment to basic block boundaries.
- Topology Evaluation: Evaluates execution paths for supported topology-matched risk patterns.
- Review Packet Issuance: Generates evidence-bounded review targets, reason codes, scope limitations, and human-review questions.
- Audit Hash Anchor: Computes reproducibility hashes to bind the evidence input, rules evaluated, and packet record.
Pilot replay evidence
Ark Manifold v0.1.0-pilot has been replayed against known reference targets before client use. These are review-target results, not exploit confirmations.
| Reference Class | Expected Review Class | Ark Manifold Packet Result |
|---|---|---|
| Clean stablecoin reference | NO_SUPPORTED_PATTERN_MATCHED | NO_SUPPORTED_PATTERN_MATCHED |
| Historical DAO-class reentrancy reference | REVIEW_TARGET_IDENTIFIED | REVIEW_TARGET_IDENTIFIED |
Ark Manifold CLI v0.1.0-pilot
Detailed reason codes, raw manifests, and technical replay artifacts are available during qualified technical review.
What a pilot looks like
A founder-led pilot is intentionally simple.
Example output shape
Ark Manifold does not say "confirmed exploit." It shows the review target, evidence present, evidence missing, blocked claims, and reproducible audit hash.
target_type: bytecode
status: REVIEW_TARGET_IDENTIFIED
topology_patterns_matched: external_call_ordering_pattern
blocked_claims: CONFIRMED_EXPLOIT · FUNDS_AT_RISK · BOUNTY_READY · AUDIT_COMPLETE
human_security_review_required: true
packet_authorizes_execution: false
Why teams use it
Security teams do not need another vague AI-generated scanner summary. They need bounded review packets they can inspect, reproduce, and route to engineering.
- Deterministic, reproducible review packets with audit hashes
- Reason-coded evidence pointing to specific control-flow cycles
- Analyzes deployed contracts without Solidity source-code dependency.
- Batch-safe output structures that integrate into developer setups
What Ark Manifold is not
Ark Manifold is not a security audit replacement. It does not replace: manual audits, fuzzing, symbolic execution, invariant testing, formal verification, incident response, legal review, disclosure review, or compliance approval.
A NO_SUPPORTED_PATTERN_MATCHED result means no supported topology pattern was matched under the declared inputs. It does not certify that a system is secure.
A REVIEW_TARGET_IDENTIFIED result flags a structural pattern that should be reviewed by security engineers. It does not, by itself, prove exploitability, funds at risk, compromise, or patch status.
Allowed claims: REVIEW_TARGET_IDENTIFIED · TOPOLOGY_PATTERN_MATCHED · EVIDENCE_PRESENT · EVIDENCE_MISSING · SCOPE_LIMITATION_RECORDED · HUMAN_SECURITY_REVIEW_REQUIRED · REPLAY_PACKET_EMITTED
Cyber consequence stays blocked.
- A vulnerability hypothesis is not a confirmed exploit.
- A source-grounded trace is not bounty-ready.
- A cyber agent finding is not permission to disclose.
- A review packet is not a security audit.
Who it is for
- DeFi protocol engineering teams needing bytecode pre-checks
- Smart contract auditors accelerating execution-path reviews
- Web3 security firms and due diligence reviewers
- Custody and red-team security researchers
- Autonomy and defense software assurance laboratories
Ark Manifold inside Ark Sovereign
Ark Sovereign provides authority envelopes, governed handles, permit verdicts, boundary packets, zero-operation receipts, replay records, and human handoff. Ark Manifold Cyber is the cyber review-target packet surface inside that authority platform.
├── Authority Envelope
├── Governed Handles
├── Permit Layer Verdict
├── Boundary Packet
├── Zero-Operation Receipt
├── Replay Record
└── Ark Manifold Cyber (bounded cyber review-target packets)
Ark Manifold packets preserve evidence boundaries and route review targets to human security review. They do not authorize disclosure, patch claims, production claims, or audit-complete claims.
FAQ
Does Ark Manifold require Solidity source code?
No. Ark Manifold is source-optional, not evidence-free. It can work from bytecode, binaries, traces, CFG exports, scanner outputs, SBOMs, or supported source artifacts. Source improves localization.
Does it require an API key?
No. No Etherscan key is needed. Deployed targets are fetched via standard public Ethereum RPC endpoints.
Can it run offline?
Yes. When running against raw bytecode hex files or local binary segments, it operates completely offline.
Is this an LLM scanner?
No. It uses deterministic control-flow and topological pattern mapping for the evidence check. No LLM is the enforcement authority.
Do you disclose the full engine internals?
No. Detailed technical logs are shared during qualified diligence reviews, while public resources outline boundary parameters and validation outputs.
Review targets have shape
Ark Manifold measures that shape, identifies supported review targets, and returns bounded packets your security team can inspect.