Autonomous LLM-Agent
CI/CD Gate for Solana

Secure your smart contract upgrades. H3LM analyzes bytecode, diffs the Anchor IDL, and scores risk dimensions in under 30 seconds.

Try The Playground Read Documentation

Agent network online: 20 analyses in 24h

The Upgrade Pipeline

Fetch Buffer

Semantic Diff

Layout Audit

Risk Scoring & Flags

Final Verdict

Retrieving raw program bytecode from the target Solana buffer account.

Automated Upgrade Verdicts

APPROVED

No destructive structural changes detected. Authority and storage layout intact. Safe to proceed with the upgrade.

Risk Score: 12/100

ESCALATED

Manual review required. Unrecognized new CPI targets and anomalous access control changes detected.

Risk Score: 58/100

BLOCKED

Critical layout shift. Storage structure overridden. Potential fund loss identified. Upgrade halted.

Risk Score: 78/100

Engineered for Security

Bytecode Decompilation

Deep analysis of raw Solana instructions.

On-chain Audit Trail

IPFS reports linked to Solana PDAs.

Authority & CPI Checks

Catches upgrade-authority and new CPI target changes.

Sub-second Indexing

Instant websocket events.

LLM-Driven Heuristics

Beyond static analysis.

Multi-Wallet Support

Phantom, Solflare, Backpack integrated.

Playground

H3LM Infra

Connect a wallet to access the Playground.

Access tiers

Your tier is set by your $H3LM balance

Observer

1+ $H3LM

Read-only dashboard

Hunter

10,000+ $H3LM

Playground, 3/day

Pro

50,000+ $H3LM

Unlimited playground

Enterprise

250,000+ $H3LM

Priority access

At a glance

Infrastructure Metrics

8Risk dimensions

<30sPer analysis

100%Upgrades inspected

∞Upgrades gated

Integration

H3lm sits in your deployment pipeline, not inside your contract. You do not change your program's code, you add a CI gate that inspects the upgrade before it ships.

GitHub Action (recommended)

name: H3lm Upgrade Gate
on:
  push:
    branches: [release]
jobs:
  gate:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - run: anchor build
      - uses: h3lm-infra/upgrade-gate@v0
        with:
          program: ${{ vars.PROGRAM_ID }}
          idl: target/idl/myprog.json   # proposed (new) IDL
          # current_idl: omitted -> fetched on-chain
          network: devnet
        env:
          H3LM_RPC_URL: ${{ secrets.RPC_URL }}

The job exits non-zero on BLOCKED or ESCALATED, so a risky upgrade fails the build and never deploys.

SDK

import { H3lm } from "@h3lm/sdk";

const h3lm = new H3lm({
  programId,
  network: "devnet",
  apiBase: "https://backend.h3lminfra.xyz", // optional, defaults to our node
});

const { decision } = await h3lm.gate({ bufferAccount });
if (decision.verdict !== "APPROVED") process.exit(1);

Point the client at the node URL. The node analyzes the upgrade and returns the verdict.

Autonomous upgrades (optional)

// agent pubkey: AnZkXePMCNBnbk7N1h6x4jg5ZATfmfPX2WN7sBDtkMdE

// A) Multisig (Squads): add the agent as a member, set the program's
//    upgrade authority to the vault, then:
await h3lm.register({ multisig, vault });

// B) Single user (no multisig): point the program's upgrade authority
//    at the node's h3lm-gate PDA, then:
await h3lm.register({ mode: "gate" });

// either way, an APPROVED gate() is proposed and auto-executed after
// the time-lock, unless you veto it.

The agent never holds your authority directly: it is one member of your multisig, so you keep the veto and the threshold.

Activate via staking

Stake $H3LM on the Stake page to activate the agent for your program.

Request pilot access

Tell us about your protocol and we will get you onto the agent.

Autonomous LLM-AgentCI/CD Gate for Solana