CodeGuardian iNFTlivehybridmock

Autonomous code-review agent console

CodeGuardian is a minted 0G Agentic ID / ERC-7857-style iNFT. It audits allowlisted TypeScript fixtures, proposes a patch, runs a critic loop, writes memory, checks policy upgrades, commits a trace, and emits a certificate.

Current status

Certified

Unsupported

Ownership

Manifest

Intelligence

Memory

Compute + replay

Certified

Run count

Memory version

Latest run

codeguardian-run-003

Latest memory root

sha256:a2398bbb0b7b561c7fa891cf7a808f81991996cc1bce29b01dc0d6010ac11c72

Latest analysis

zg-live-analysis-95bb0f30184d

Latest critic

zg-live-critic-a83aa740043a

Task queue

#1codeguardian-run-001Audit unsafe JSON parsing in the demo TypeScript file.hybrid #2codeguardian-run-002Audit access control before returning private records.hybrid #3codeguardian-run-003Audit async side effects for unchecked failures.live

Memory evolution

codeguardian-run-001

Validate JSON parse failures before using parsed payloads.

Added a JSON-shape validation heuristic to future reviews.

memory sha256:b71a518d1fadea56c7f0838e9fbd1c6a46bc043995a461f3d282ebf29b81e879

trace sha256:5157e4d713781a2b08fba1012a38ba2483196e2ae935b458ea6a3f06c5626f0c

codeguardian-run-002

Verify authorization before returning private records.

Added an authorization-check heuristic to critic reviews.

memory sha256:568cb2b7f31804eef4dbe0231c5bb82ffb3e669a4a726943bc7e6d8c4f835ba2

trace sha256:0b1397e29e41dd2e2738c8ffdbb2ac027f8bae46173a763c79cee8a769418ad4

codeguardian-run-003

Wrap awaited side effects in explicit error handling.

Added an async side-effect handling pattern to persistent review memory.

memory sha256:a2398bbb0b7b561c7fa891cf7a808f81991996cc1bce29b01dc0d6010ac11c72

trace sha256:655cb96747a2141f62ddc78a16e4b2c39fd5a80e413358bc40ba7bdc125f3c7c

Latest compute analysis

zg-live-analysis-95bb0f30184d

A failed awaited side effect can escape without explicit classification or recovery.

Latest critic reflection

zg-live-critic-a83aa740043a

The patch addresses the issue by ensuring that any errors from awaited side effects are handled explicitly. However, it is important to provide more context on how the failure result will be used and ensure that the error handling is robust and clear. Consider adding detailed error messages and specifying the type of failure for better debugging and maintenance.

Latest proposed patch

Wrap the awaited side effect in explicit error handling and return a typed failure result.

Patch diff

diff --git a/examples/codeguardian/fixtures/unchecked-async-side-effect.ts b/examples/codeguardian/fixtures/unchecked-async-side-effect.ts
@@
 export async function saveAuditResult(
   id: string,
   writeAudit: (id: string) => Promise<void>,
 ): Promise<SaveResult> {
-  await writeAudit(id);
+  try {
+    await writeAudit(id);
+  } catch (error) {
+    return {
+      ok: false,
+      reason: error instanceof Error ? error.message : "audit write failed",
+    };
+  }
   return { ok: true, id };
 }

Dynamic skill / policy upgrade

critic-loop 0.1.0 -> 0.1.1

After detecting a missing authorization guard, CodeGuardian added an authorization-check heuristic to future critic reviews.

old sha256:c88eb62cb4deeaa9dce46fa512f30276a4d6c93620e51da886f87d0474f9e4a9

new sha256:105b17eb2621b0c6591e097f1fc0ebd81b8c6596b46efe2b7404e420173de20c

0G evidence objects

Copy roots and tx identifiers into StorageScan when a direct deep link is unavailable.

manifest

live

sha256:228dab69761d19637632d73801a34d899064ce51f3ffd82d6fc182bb2432aee4

0x291e15a3960ae9993a7fbd6a921df9793ea098109fafc9106326fa801c379408

tx 0x6c0147ab183ad939d1470a3cfbb3f9f3b748aebe65b8114918b97db2221a9e4eseq 764422924 bytes

StorageScan

intelligenceBundle

live

sha256:6289903e00f2e42448eb3cad30d322fcd4e1b3e3af54dd37f35a863a864f0bcd

0x56f2475226993ff79654b246f0fcb3a947a9b877321f6487f869b07ff54df7d4

tx 0x9a9a67da6e11136b05c19578ee519021a1c644f47a38f3324a4b2a03f9be1021seq 686613437 bytes

StorageScan

memory

live

sha256:a2398bbb0b7b561c7fa891cf7a808f81991996cc1bce29b01dc0d6010ac11c72

0xe814c589530f4ae5e338ba17d087cb9785ab145e222f636cc173f207a4651c9a

tx 0x9a9543fddbc3dd81f673c7ff6faee37ce125d59f5a9fbeb0536b1c40c6bf683cseq 764461798 bytes

StorageScan

run

live

sha256:59f86560dcb00747fcb04368daeb8d0318f75ac4928180636db1e37e445362e9

0xe8cfb1ea8be06e7989ea8a8a2eb366303e63629addea0b09299b0c934c7c8037

tx 0xff688a6e670c7852a241750f4259a312ea4e06a38f7f84c9f8c3fb94d55c1816seq 764486899 bytes

StorageScan

computeRuns

live

sha256:3536c2223ad4ce203d583a7b55a73c249aded63430eebbc53a3989be2eadaf4e

0x8b37187dd39bfdd69ad293bbb8be7e338ff57a54b5159fb37535225a0fc18ea3

tx 0xfdcdf6a0166c9eff65205a8841d7bb307f122cd2df1bef2d1aac2d4a02b38b7fseq 764492145 bytes

StorageScan

certificate

live

sha256:8e573883fd043ae0e58b566e12d96c682306c89a8b08a7c3c9a77cac6e6e2db1

0x7e846170285fe403b349bb474e42a830ca17690076a7b95c243f9662d66be272

tx 0x0d86a00405292bdc41043eca0f6522d14fe481918a1cf91c4bf944d373c4685dseq 76450900 bytes

StorageScan

0G Chain transaction proofs

Live Galileo writes recorded during contract deployment, demo iNFT seeding, registry updates, and certificate issuance.

0G Chain write 01

live

0xd3d91fe44dfa0252bd2aa0e00c965947d697ee3625070357bf3d1792438a6844

ChainScan tx

0G Chain write 02

live

0x9729c78487165e5527825c08e5b371359d0b81e4af424bc048084b5dcd166781

ChainScan tx

0G Chain write 03

live

0x6fdb80bf9940648c0338dfc75636d63caed3d544b4d6ed96aead11d9d7dba312

ChainScan tx

0G Chain write 04

live

0xc535cc57c69a364df2f0fca98626696a6e36404a7b8b34041494f84bd2287cd3

ChainScan tx

0G Chain write 05

live

0x1b79155e86c1fc2263befe75cf846affd21f960857e7ef3cd5d3eeba75335a08

ChainScan tx

0G Chain write 06

live

0xb5606ad34213dc98728635913f9c4adeda5f507915a5b68bc7876ffa734013d5

ChainScan tx

0G Chain write 07

live

0x701d6e739172301fd6983fac86bb48d324f2243ae10700406b8b26913ed52935

ChainScan tx

0G Chain write 08

live

0xabdb3954044e288ee288eb7701063b45fee3e1f4deef919f4e26cd40ec3f7843

ChainScan tx

0G Chain write 09

live

0x04e9d42cdc27f64832cc126d44c0a0964a6fbe82d5fa33b56a2a5b6f976283c9

ChainScan tx

0G Chain write 10

live

0x02584dae44305f1925068e56dc4fa52f464eb1c6a5a6f5104a90d9474f2c78f3

ChainScan tx

0G Chain write 11

live

0x27cd7391ae09c39768b8af44fa54105f5af343c14bc112336472059373ec300c

ChainScan tx

0G Chain write 12

live

0x451421d1af739ee3503e19c3ce52564fa3f1fc18abb733ae923af64ee5523722

ChainScan tx

0G Chain write 13

live

0xe3e64598441cfa8ac42db62f648b7d114cc0125878e120b8875c878471d1eb50

ChainScan tx

0G Chain write 14

live

0xc233e0e17dd6ba313eda5e4af4b9da4a1166bc48e1ce16f3c3c5756215db3b45

ChainScan tx

0G Chain write 15

live

0xdbb58d9eae1affc973816530bf2091a1fde69055ac061e1e1ba74aa72e876564

ChainScan tx