Pentagonal is an AI-driven smart contract forge that generates, attacks, and deploys smart contracts across 14 blockchain networks using a permanent red team of 8 specialised adversarial agents.

How does the adversarial review work?

When you submit a contract, eight specialised attackers run in parallel — Reentrancy Hunter, Flash Loan Attacker, Access Control Prober, Overflow Saboteur, Oracle Manipulator, MEV Predator, Economic Exploit, and Gas Griefer. Each tries to break the contract within its class. Findings are deduplicated, cross-confirmed, and graded by exploit cost.

What blockchain networks does Pentagonal support?

Pentagonal supports 7 EVM mainnets (Ethereum, Polygon, BSC, Arbitrum, Base, Optimism, Avalanche) and Solana for non-EVM via Anchor/Rust programs, plus 8 testnets.

Can I use Pentagonal in my AI IDE?

Yes. Pentagonal has a native MCP (Model Context Protocol) server that integrates with Claude Desktop, Cursor, Windsurf, and any MCP-compatible AI coding client. You can also download the Clawd Skill package.

What programming languages does Pentagonal support?

Pentagonal generates and audits Solidity smart contracts for EVM chains and Rust/Anchor programs for Solana. It follows OpenZeppelin standards for Solidity and Anchor framework conventions for Solana.

How do credits work on Pentagonal?

Security audits and contract generation each cost $5 per use. Fixes and compilation are free. Credits are purchased with crypto. AI agents can pay per-use with USDC on Base via the x402 protocol — no account needed.

What makes Pentagonal different from other smart contract audit tools?

Three things: (1) Adversarial architecture — eight specialised attackers running in parallel, not a single-pass reviewer. (2) Self-learning attack corpus — every exploit found teaches the next contract reviewed. (3) Full lifecycle — generate, attack, remediate, and deploy from one platform.

Adversarial smart contract review

We attack your contract
before the market does.

Pentagonal runs a permanent red team — eight specialised attackers, each fluent in a single class of exploit. Reentrancy, flash loans, oracle manipulation, MEV, economic edge cases, arithmetic overflow, access control, and gas griefing. They hunt every line you ship. The report is what’s left after they fail.

Build a contract Audit one you have

Or have your agent pay per call in USDC via x402

Coverage: 14 networks
Latency: ≈ 30 s / contract
Output: Markdown · PDF

Build

From a plain-English spec to attacker-tested Solidity.

Pentagonal scopes the contract with you, surfacing the decisions an attacker would later target — supply, fees, roles, upgradeability. Then it generates the code, referenced against OpenZeppelin v5 for Solidity and the Anchor framework for Solana, and hands it straight to the red team.

Step 01 · Describe

A sentence is enough to start.

Plain English. No template form. The model handles the rest of the scoping conversation.

“ERC-4626 staking vault for our governance token with a seven-day unlock and a one-percent performance fee, paused by a timelocked admin.”

Step 02 · Scope

Pentagonal asks what attackers would.

Decisions that hide bugs are pulled to the front. You answer them once; they land in the contract and the audit report.

Should the vault accept additional reward tokens, or single-asset only?
Who pauses emergency withdrawals — the admin, a guardian, or no-one?
Performance fee taken on deposit, on withdraw, or on harvest?
Pre-deposit donation protection — virtual shares or initial seed?

Step 03 · Generate

Solidity or Anchor, streamed.

Production-grade code against the most current standards. Compilation is free; the audit runs on the same artefact you deploy.

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.24;

import {ERC4626} from "@openzeppelin/contracts/token/ERC20/extensions/ERC4626.sol";
import {AccessControl} from "@openzeppelin/contracts/access/AccessControl.sol";
import {Pausable} from "@openzeppelin/contracts/utils/Pausable.sol";

contract SentinelVault is ERC4626, AccessControl, Pausable {
    bytes32 public constant GUARDIAN = keccak256("GUARDIAN");
    uint256 public constant UNLOCK = 7 days;
    uint256 public constant PERF_BPS = 100; // 1.00%

    mapping(address => uint256) public unlockAt;
    /* … */
}

Every generation goes straight to the red team. Findings come back inline; fixes and recompiles are free for the same contract.

Adversaries

Eight attackers run in parallel. What survives all of them ships.

Each attacker owns a single class of exploit. They run against the same contract independently, cross-confirm each other’s findings, and converge on a deduplicated report graded by exploit cost — not severity-by-vibes.

ADVERSARY 01

Reentrancy Hunter

Forces re-entry through external-call ordering, cross-function paths, read-only reentrancy via view functions, and ERC-777/1155 hooks.

ADVERSARY 02

Flash Loan Attacker

Manipulates price oracles, governance, and reward accounting inside a single block, funded by uncollateralised flash liquidity.

ADVERSARY 03

Access Control Prober

Hunts missing modifiers, role-mint paths, initializer reentry, proxy admin escalation, and unrenounced ownership.

ADVERSARY 04

Overflow Saboteur

Wraps integers through unchecked blocks, fixed-point precision loss, division ordering, and pre-0.8 patterns reintroduced via assembly.

ADVERSARY 05

Oracle Manipulator

Pushes spot-price reliance, single-source feeds, stale-round usage, TWAP window choice, and Chainlink heartbeat handling.

ADVERSARY 06

MEV Predator

Hunts sandwich exposure, slippage parameters, missing commit-reveal, and order-of-execution dependence in swap and auction paths.

ADVERSARY 07

Economic Exploit

Drives reward dilution, donation attacks against share-based vaults, fee-on-transfer asymmetry, and rounding in ERC-4626 deposits.

ADVERSARY 08

Gas Griefer

Weaponises storage layout, redundant SLOADs, calldata-vs-memory choices, and unbounded loops that turn DoS into a governance lever.

Read the full briefing Or read a sample report (human) →(agent format) →

Coverage

Solidity and Anchor. Seven mainnets, seven testnets, one Solana cluster.

EVM contracts are reviewed against OpenZeppelin and Solady references. Solana programs are reviewed against the Anchor framework and SPL conventions. Same agents, different idioms.

EVM mainnets

EthereumPolygonBNB ChainArbitrumBaseOptimismAvalanche

EVM testnets

SepoliaHoleskyPolygon AmoyArbitrum SepoliaBase SepoliaOP SepoliaAvalanche Fuji

Non-EVM

Solana mainnetSolana devnetAnchor 0.30+SPL Token-2022

Languages

Solidity 0.8.xYul / inline assemblyRust (Anchor)

Reference libraries

OpenZeppelin v5SoladyAnchorSPL

Output

After eight attackers, one report you can hand to a fund.

Markdown by default, PDF on export. Each finding includes the exploit narrative, the offending code segment with line numbers, a severity graded by attack cost, and a remediation diff.

Sample report — for humans Sample report — for AI agents

The agent format is what an autonomous client receives over x402 — the exact output of generateReportMarkdown(). The human format is the same audit, restated as narrative for technical reviewers and fund partners.

Pentagonal · Audit ReportRev. 14 · 2026-04-22

Sentinel Vault — staking module

Solidity 0.8.24 · Base mainnet · 412 LoC · 1 contract, 3 libraries

The module implements a single-asset staking vault with time-weighted rewards. The red team broke it in eleven places, three of them critical: a reentrancy vector in withdraw, a rounding asymmetry that lets an early depositor inflate share price via direct token donation, and a missing oracle staleness check in the reward-rate setter. A consolidated remediation patch is appended.

Attacks that compound

Every exploit teaches the next attack.

Findings, exploit narratives, and remediation diffs feed a persistent rule store. When a new attack surfaces in one audit, every subsequent contract is hit with it. The corpus grows monotonically — coverage cannot regress.

2,184

Attacks in the corpus

Integration

Two ways in. One for humans, one for agents.

Pentagonal ships a native Model Context Protocol server for the IDE you’re already in, and an x402 endpoint so autonomous agents can pay per call in USDC — no account, no key management.

For humans · MCP

Run audits from your IDE.

v1.0.2on npm

Drop the server into Claude Desktop, Cursor, Windsurf, Cline, or Continue. Calls pentagonal_audit against the contract in your open buffer. Stdio for desktop, HTTP for hosted clients.

// claude_desktop_config.json
{
  "mcpServers": {
    "pentagonal": {
      "command": "npx",
      "args": ["-y", "pentagonal-mcp"],
      "env": { "PENTAGONAL_KEY": "your-api-key" }
    }
  }
}

Claude DesktopCursorWindsurfClineContinueHTTP transport

For agents · x402

Pay per call in USDC.

$5/ audit · USDC on Base

Autonomous agents hit the endpoint, get a 402, attach a USDC payment header, and retry. No signup, no API key rotation, no spend limits to engineer around. The Coinbase x402 protocol handles settlement on Base.

# Agent fetches → 402 Payment Required
$ curl https://pentagonal.ai/api/audit \
    -H "Content-Type: application/json" \
    -d @vault.json
HTTP/2 402
x-payment-amount: 5.00
x-payment-asset: USDC
x-payment-network: base

# Agent pays and retries
$ curl https://pentagonal.ai/api/audit \
    -H "X-PAYMENT: <usdc-base-tx>" \
    -d @vault.json
HTTP/2 200  → audit-report.md

x402 protocolUSDC · BaseNo accountPer-call settlement

Pricing

Per-audit. No subscriptions.

Generation and audit each cost five dollars. Compilation, fixes, and re-runs are free. Pay with crypto credits, or have an agent pay per call in USDC over x402.

Single audit

$5_{/ contract}

One contract, eight agents, one consolidated report. Free fixes and recompiles for the same contract.

Pack — 10 audits

$40_{/ ten}

Twenty percent off the single rate. Credits do not expire and are shared across team members.

Agent / x402

$5_{/ call · USDC}

No account, no key management. Autonomous agents pay per invocation in USDC on Base via the x402 protocol.

Run an audit Set up the MCP server

Available on

Distributed where engineers and agents look for tools.

Pentagonal is published to every major MCP registry and skill directory. Independent reviewers list it; agents discover it without a human in the loop.

Glama

100% security score

Independent registry of audited MCP servers. Listed and rated.

npm

pentagonal-mcp · v1.0.2

Public package. Install with npx, no signup.

Smithery

MCP marketplace

One-click install into Claude Desktop, Cursor, Windsurf.

ClawHub

Skills directory

Drop-in skill package for any MCP-compatible client.

Launchpad coverage

Tokens from known launchpads skip the audit queue.

Some launchpads deploy every token from a single template. Pentagonal recognises these on paste and serves a cached template audit instead of charging for a re-run.

Four.meme

BNB Chain · template pre-audited

Detected on paste. Tokens skip the audit queue and serve a cached template review with live bonding-curve progress.

Flap

BNB Chain · template pre-audited

Tax-token launchpad with vault-attached tokens. Detected on paste. Cached template audit covers asymmetric tax + vault trust surface.

Follow on X@PentagonalaiHTTP MCP endpointpentagonal.ai/api/mcp