Skip to content

Add riptide-assess skill: deterministic guided-sim risk assessment for Solana programs#151

Open
AiltonSavio wants to merge 1 commit into
solanabr:mainfrom
AiltonSavio:feat/riptide-assess-skill
Open

Add riptide-assess skill: deterministic guided-sim risk assessment for Solana programs#151
AiltonSavio wants to merge 1 commit into
solanabr:mainfrom
AiltonSavio:feat/riptide-assess-skill

Conversation

@AiltonSavio

@AiltonSavio AiltonSavio commented Jul 1, 2026

Copy link
Copy Markdown

riptide-assess

An agent skill that turns a Solana program repo into a reproducible risk assessment, backed by deterministic guided LiteSVM simulations of the real on-chain program .so.

Unlike static or symbolic tools that check whether a program's code is correct, riptide-assess answers the economic risk question: it constructs the external account bytes the program reads (oracle prices, attestations), drives the protocol's actual lifecycle under an exogenous stress swept over a declared fixed-seed region, and records where the deciding metric moves — surfacing failures that aren't code bugs (bad debt when a crash outruns liquidation, first-mover dilution under a stale NAV attestation, socialized loss on a perps gap).

Flow

One agent-led session — Detect → Scope → Setup → Run → Surface → Assess:

  • Detect the protocol family (lending, AMM, perps, LST, stablecoin) from semantics, source, and IDL evidence.
  • Scope what the guided sim must handle via the A–F trigger taxonomy (typed args, oracle-account byte construction, third-party/keeper actors, multi-instruction sequences, dynamic remaining_accounts, CPI bootstrapping), consulting a per-family library of known personas/invariants/stress scenarios.
  • Setup the project-owned Rust sim crate: author the adapter, generate the crate, fill the TODO(setup) seams.
  • Run the fixed-seed sweep declared in [sim.sweep] — smoke first, then the full sweep.
  • Surface the cartography root the assessment reads.
  • Assess — render assessment.md + assessment.json plus an executive brief, with a non-negotiable honesty discipline enforced as runtime gates (positive control, real-program execution, determinism).

The output is simulation evidence over a declared region — not an audit signoff, formal verification, or a mainnet prediction — plus the exact commands to reproduce every figure.

Contents

Self-contained kit under skills/riptide-assess-skill/:

  • skill/SKILL.md — router (name + description + user-invocable: true) with progressive-disclosure focused files: detect-and-scope, setup, run-and-assess, authoring-patterns, family-library, honesty, worst-case-playbook, resources.
  • install.sh — bootstraps the Riptide CLI (idempotent; wraps curl -fsSL https://riptide.run/install | sh).
  • examples/assessment-input.json, README.md, LICENSE (MIT).

Prerequisites

The CLI is not on npm; it scaffolds a project-owned Rust crate that builds against a vendored runtime. Host needs cargo/rustc, node >= 20, and the Solana SBF toolchain. The skill's First-Contact step auto-installs the CLI if riptide --help fails.

Riptide is open source: https://github.com/riptidesim/riptide

A Claude Code skill that turns a Solana program repo into a reproducible
risk assessment, backed by deterministic guided LiteSVM simulations of the
real on-chain program.

One agent-led flow — Detect -> Scope -> Setup -> Run -> Surface -> Assess:
detect the protocol family, scope what the guided sim must handle (typed
args, oracle-account bytes, third-party/keeper actors, multi-instruction
sequences), author and run the sim over a declared fixed-seed sweep, and
emit an assessment (assessment.md + assessment.json) plus an executive
brief with the exact commands to reproduce every figure.

Self-contained kit: SKILL.md router with progressive-disclosure focused
files (detect-and-scope, setup, run-and-assess, authoring-patterns,
family-library, honesty, worst-case-playbook, resources), a bundled
install.sh that bootstraps the Riptide CLI, an example input, README, and
MIT LICENSE.
@AiltonSavio AiltonSavio changed the title Add riptide-assess skill — deterministic guided-sim risk assessment for Solana programs Add riptide-assess skill: deterministic guided-sim risk assessment for Solana programs Jul 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant