This is a submission for the OpenClaw Challenge.
What I Built
<!-- Give us an overview of your project and the problem it solves. -->I investigated a critical Gas DoS vulnerability in a Starknet staking contract. The issue was rooted in an unbounded loop that allowed for duplicate token registrations, eventually hitting the block gas limit. I developed a fix using a mapping-based approach to ensure O(1) complexity for token validation and successfully verified the solution with a comprehensive test suite in snforge.
How I Used OpenClaw
<!-- Walk us through how OpenClaw powers your project. What skills, integrations, or workflows did you set up? -->I integrated KiloClaw as a professional security assistant to streamline my auditing workflow:
Workflow Integration: I deployed a custom AI agent and connected it to Telegram via BotFather for real-time security briefings.
Real-time Verification: I used the agent to cross-verify my findings on the Gas DoS exploit. The bot provided insights into Starknet-specific monitoring tools like Voyager and suggested custom detector patterns for my remediation plan.
Demo
<!-- Share a video of your project in action - this is the best way to show off what you built. Screenshots or a project link are welcome too. -->GitHub Repository: rdin777/starknet-staking_audit1
Proof of Concept: My test suite shows the transition from a failed state (9.8M gas limit hit) to a fully optimized 4/4 passing state.
AI Interaction:
What I Learned
<!-- Any surprises, challenges, or key takeaways from the build? -->The biggest takeaway was how AI-assisted auditing can bridge the gap between manual discovery and continuous monitoring. While manual analysis identified the logic flaw, KiloClaw helped me conceptualize a long-term monitoring strategy. I also learned the nuances of pairing Telegram bots with the Kilo cloud instance, which is a game-changer for independent researchers.
ClawCon Michigan
I didn't attend in person, but participating in the OpenClaw Challenge virtually has been an incredible deep dive into the future of AI-driven security!
<!-- Thanks for participating! --> Thanks for participating!
Top comments (0)