PreFlight Labs

A pre-transaction security layer for DeFi

Comment

PreFlight : The Pre-Transaction Security Layer for DeFi

Inspiration

In decentralized finance, users frequently suffer losses even when every visible indicator suggests that a transaction is safe.

  • The interface displays expected outputs
  • Slippage tolerance is configured conservatively
  • The protocol being interacted with is audited and widely used

Yet, despite these assurances, transactions can still result in unintended loss of funds. Through extensive hands-on experience in smart contract security auditing and protocol analysis, we identified a recurring and fundamental issue:

Existing safety mechanisms validate expected outcomes, but fail to verify actual execution behavior.

This distinction is subtle but critical.

Most tools rely on:

  • static previews
  • frontend estimations
  • or bounded constraints such as slippage

However, none of these mechanisms guarantee that the execution path of a transaction faithfully aligns with user intent.

This led to a core realization:

The most critical and least protected boundary in blockchain systems lies between transaction signing and execution.

Once a transaction is submitted:

  • Execution becomes irreversible
  • Internal call behavior is opaque to the user
  • Complex state transitions occur beyond user visibility
  • Malicious or unintended logic may execute silently

PreFlight is designed to secure this exact boundary.

The Fundamental Gap: Outcome Validation vs Execution Validation

A key misconception in DeFi safety is equating output guarantees with execution safety.

What Slippage Actually Guarantees

Slippage protection enforces a single constraint:

  • The user receives at least a minimum specified output (minOut)

This is purely an economic bound, not a security guarantee.

What Slippage Does NOT Guarantee

Slippage does not validate:

  • The integrity of the execution path
  • The absence of malicious internal calls
  • The correctness of intermediate state transitions
  • The safety of token transfer flows
  • The scope of approvals granted during execution

Concrete Failure Modes

Even when slippage conditions are satisfied, the following risks remain:

  • Hidden Value Extraction

    • Tokens siphoned via internal transfers or fee-on-transfer mechanics

  • Delegatecall-Based Exploits

    • Execution redirected to untrusted logic via proxy patterns

  • Approval Escalation

    • Unintended or excessive token allowances granted during execution

  • Flash-Loan Manipulation

    • Temporary state distortions affecting execution conditions

  • Broken Accounting in Vaults

    • ERC-4626 invariants violated while still satisfying output constraints

Key Distinction

Slippage answers: “Did I receive enough tokens?” PreFlight answers: “Was the execution itself safe and aligned with intent?”

What PreFlight Does

PreFlight is a pre-transaction verification firewall that introduces an execution-aware security layer into DeFi workflows.

Instead of trusting UI estimates or bounded constraints, PreFlight:

  • Analyzes live on-chain state
  • Simulates full transaction execution
  • Inspects low-level execution traces
  • Validates accounting and behavioral invariants

It then produces a deterministic, explainable risk classification.

Design Philosophy

PreFlight is intentionally non-custodial and non-opinionated:

  • It does not block transactions
  • It does not enforce decisions
  • It does not rely on opaque scoring systems

Instead, it:

  • surfaces precise execution risks
  • explains them in a structured way
  • preserves full user autonomy

Core Objective

To minimize divergence between intent and execution:

User Intent ≈ Actual Execution Outcome

This principle defines the entire architecture of PreFlight.

System Architecture Overview

PreFlight operates as a multi-layered verification pipeline that intercepts transactions prior to execution and subjects them to progressively deeper analysis.

User / Wallet (Frontend + Extension)
               ↓
     PreFlight Router (Tx Interception)
               ↓
 ┌─────────────┴─────────────┐
 │                           │
 ▼                           ▼
On-Chain Guards        Simulation Engine
 (State Checks)        (Fork Execution)
 │                           │
 │                           ▼
 │                  Execution Trace Analysis
 │                           │
 └─────────────┬─────────────┘
               ▼
        Policy Engine
               ↓
     Risk Classification
               ↓
        User Decision Layer

Each layer contributes a different dimension of verification.

Detailed System Components

1. On-Chain Guards - Deterministic State Validation

On-chain guards are lightweight, view-based contracts that perform immediate validation of live blockchain state.

They serve as the first line of defense, identifying inconsistencies before deeper analysis.

Swap Guard

  • Compares spot price against TWAP
  • Detects abnormal reserve shifts
  • Flags potential flash-loan manipulation

Liquidity Guard

  • Validates token legitimacy and pool composition
  • Detects abnormal liquidity imbalances
  • Flags suspicious approval patterns

Vault Guard (ERC-4626)

  • Verifies share-to-asset conversion consistency
  • Detects exchange rate anomalies
  • Ensures accounting invariants are preserved

These checks are:

  • deterministic
  • low-latency
  • trustless

2. Simulation Layer - Execution Prediction

PreFlight performs full transaction simulation prior to execution.

This involves:

  • Forking the current blockchain state
  • Replaying the exact transaction calldata
  • Capturing resulting state transitions

This provides:

A faithful preview of actual execution behavior, not estimated outputs.

Unlike frontend simulations, this approach captures:

  • internal calls
  • dynamic control flow
  • real state mutations

3. Execution Trace Analysis - Behavioral Inspection

Simulation produces detailed EVM execution traces.

PreFlight analyzes these traces to uncover hidden or non-obvious behaviors that cannot be detected via state inspection alone.

This includes detection of:

  • Delegatecalls to unknown or unverified contracts
  • Unexpected token transfers to third-party addresses
  • Hidden fee extraction mechanisms
  • Approval escalations beyond intended scope
  • Complex nested call structures affecting control flow

This layer is critical for identifying execution-level attack surfaces.

4. Policy Engine - Deterministic Risk Aggregation

All signals from:

  • state validation
  • simulation results
  • trace analysis

are aggregated into a unified classification system.

State Signals + Simulation Signals + Trace Signals
                       ↓
                 Policy Engine
                       ↓
              Risk Classification

Risk Levels

  • Info

    • No meaningful risk detected

  • Warning

    • Minor anomalies or deviations

  • Medium

    • Potentially unsafe execution patterns

  • Critical

    • High-risk or exploit-like behavior detected

Properties

  • Deterministic
  • Explainable
  • Reproducible
  • No black-box scoring

5. User Interaction Layer

Browser Extension

  • Intercepts transactions before signing
  • Routes them through PreFlight pipeline
  • Provides real-time feedback

Frontend Interface

  • Visualizes:

    • transaction intent
    • execution behavior
    • detected risks

  • Enables informed decision-making without requiring deep technical knowledge

Why PreFlight Matters

Current DeFi safety mechanisms operate at the interface or parameter level.

However:

Most critical risks exist at the execution layer.

Even with:

  • correct UI previews
  • conservative slippage
  • audited contracts

Users remain exposed to:

  • hidden execution paths
  • malicious internal interactions
  • unintended state changes
  • complex composability risks

PreFlight introduces a missing primitive:

Execution-aware verification before irreversible commitment

Challenges

Building PreFlight required solving several complex technical challenges:

  • Execution Fidelity

    • Ensuring simulation accurately mirrors real on-chain behavior

  • Trace Decoding

    • Translating low-level EVM traces into meaningful insights

  • Performance Constraints

    • Maintaining responsiveness while performing deep analysis

  • Signal Normalization

    • Aggregating heterogeneous signals into a coherent risk model

  • User Abstraction

    • Presenting complex execution insights in an intuitive format

Accomplishments

  • Built a complete pre-execution verification pipeline

  • Integrated:

    • on-chain guards
    • simulation engine
    • trace analysis system

  • Designed a deterministic and explainable policy engine

  • Developed a browser extension for real-time transaction interception

  • Created a modular architecture extensible across protocols and chains

Most importantly:

Demonstrated that execution-aware security in DeFi is both feasible and practical.

What We Learned

  • Execution behavior is the primary source of hidden risk
  • Outcome validation is insufficient for security guarantees
  • Deterministic systems outperform opaque scoring models in trust-critical environments

  • Security must evolve from:

    • reactive monitoring -> proactive verification

Future Roadmap

PreFlight is currently deployed and tested on Arbitrum and Base testnet.

Planned expansions:

  • Multi-chain support (Ethereum, Polygon, other EVM chains)
  • Deep integration with AMMs and liquidity protocols
  • Advanced vault and yield strategy support
  • Native wallet integrations (MetaMask, Rabby)
  • MEV-aware simulation and adversarial modeling
  • Developer SDK for integration into dApps and routers

Vision

To establish PreFlight as a standard execution verification layer across DeFi, ensuring that:

Every transaction is analyzed before execution Every risk is surfaced before commitment And every user retains full control over their decisions

Built With

Share this project:

Updates