Swarm

CAPTCHAs are dead. AI swarms solve visual puzzles in milliseconds. BlinkTrap replaces cognitive friction with economic friction - legitimate users pay nothing, attackers fund the protocol.

Comment

Inspiration

Agentic AI is turning into an “economic actor” overnight — it can browse, decide, and transact at machine speed. Combine that with crypto payments and you get huge upside. You are also met with a brand-new fraud surface area, especially for smaller vendors who don’t have the resources of big marketplaces.

One of the most damaging patterns we kept coming back to is swarm abuse: a malicious operator spins up hundreds or thousands of automated agents to hammer a site, hoard inventory, and drain operational capacity before a human can react. Traditional defences (rate limits, CAPTCHAs, manual review) either don’t scale, or they punish legitimate high-throughput users.

We built SWARM to protect vendors with a simple idea: treat agentic commerce like banking treats credit risk — identity, behavior, and economic incentives.

What it does

    1. User signals intent to purchase
2.  SWARM evaluates the wallet identity and returns an x402 paywall challenge (a small SOL deposit)
3.  SWARM builds/updates a risk profile for the wallet using:
• observed behaviour at the gateway (velocity, fan-in patterns, repeated attempts)
• optional bootstrapping from public on-chain history (counterparty novelty, cadence, concentration)
• our internal “criminal agent” database (known bad wallets / prior incidents)
4.  If the wallet looks legitimate, the deposit is returned and the purchase proceeds normally.
5.  If the wallet is flagged as part of a malicious pattern (e.g., swarm), SWARM does not refund the deposit - it’s forfeited to the vendor (or optionally routed to charity).

How we built it

FastAPI backend — SWARM Gateway + policy engine + scoring logic • Redis caching/state — per-wallet risk profiles, rolling windows, incident logs • Solana integration — wallet identity, deposits, verification via RPC • Streamlit dashboard — live analytics: risk scores, swarm fan-in, incident feed • Next.js simulation harness — generates normal vs swarm-like traffic patterns for testing and demo

Wallet = UUID identity: stable global identifier without requiring an account system • Behavioral “DNA” + drift detection: rolling window signals compared to baseline (like integrity monitoring) • Swarm fan-in detector: detects “many wallets → one vendor/merchant” coordination in a short window • x402 paywall: ties decisions to enforceable economic friction and deposits

Challenges we ran into

Uniquely identifying malicious users: attackers can generate many new wallets quickly. We addressed this by combining: • behaviour signals (swarm fan-in, velocity) • on-chain history bootstrapping (when available) • a reputation database for repeat offenders • Solana payment UX and reliability: devnet airdrop limits and RPC constraints forced us to build for real-world constraints (caching, minimal RPC calls, graceful fallback modes). • Cold start: new wallets may have little history. We solved this by assigning a conservative baseline risk and updating quickly based on observed behavior.

Accomplishments that we're proud of

Operating cohesively as a team of three, having lost a highly capable team member on the morning of the hackathon.

Successfully producing a product with a hackathon debutant from a mathematics background

Our resilience - not giving up!

What we learned

The importance of fleshing out your idea - this allows you to understand its viability, provides a launchpad for the next iteration of your idea (don’t settle on the first one!) and find the devil in the detail.

Taking one step at a time, knowing the mile ahead - in building such a large project, under the pressures of time and competition of a hackathon, it is crucial to stay calm and focus on the next achievable step. At the same time, it is key to maintain big picture thinking, to ensure you keep to time and effectively build the parts that can click well, like a good Lego set.

Getting opinions of others - the mentors, fellow competitors, LLMs and even the organisers. Everyone’s opinion helps mould and develop the idea, ultimately making the concept valuable, thoughtful and achievable. As Raj Dosanjh said, “make sure you know the real problem you are trying to solve”

What's next for Swarm

This product is a prototype that can be fully integrated into Solana’s cryptocurrency wallet platform, truly leveraging the public blockchain and traceable nature of this payment method. As AI agents evolve and adapt, our agent attributes will be made more sophisticated, to continue finding and mitigating adverse AI-enabled threats and, ultimately, protecting our clients.

Built With

Share this project:

Updates