IMM-2026-0033

ACTIVE
Keccak 0x0bfbf385c8dd55333aeb3260d72da10cee2db31bd0ba8263e934ed230990dc4c
Type
SEMANTIC
Verdict
MALICIOUS
Confidence
91.0%
Severity
84
Value at risk
$394,246.00
Published by 0x4789ddae..1cbc28 View on explorer
Created April 29, 2026 5:29 PM
Envelope v1
Signed payload
Primary matcher semantic
PROMPT_INJECTION "system: you are now"
Scope
galileo-testnet home sepolia
Evidence redacted public excerpt
Reasoning excerpt
Spoofed system-role prefix injection: the payload presents itself as a message from the system role to convince the agent that an upstream operator authorized a role change. The attack relies on the agent's chat-template parser leaking role boundaries into untrusted content. MALICIOUS at high confidence: the construct has no legitimate use in user-side or retrieved content, and successful exploitation typically precedes credential or seed-phrase exfiltration.

Full evidence (TEE-sealed) is fetchable by holders of the unsealing key. Public mirror carries hash only.

TEE attestation
Curated by human
Heuristically published from a known threat catalog, not derived from a TEE-verified verdict.
Evidence CID
0xcb470a8d4645ee890831dd20abcbbd332034f5d08e7ba34ce968b563f4c0c2ba
Network impact Live
Since publish
Cache hits
288
SDK check() matches
Agents synced
41
distinct callers
Attacks blocked
144
tx-level intercepts
Pool reverts
0
Uniswap v4 hook
USD protected
$394,246.00
sum of tx value at intercept
Hits over time each bar is one of 30 equal slices since publish
publish now
Recent intercepts
Agent Method Chain When
0x9e92beab909a552f45c645c84a7aded03f2e9b99 SDK check() evm:16602 (galileo-testnet) 8 hours ago
0x35fea628b18cf5015049e50c6ff64bc79276dc8b SDK check() evm:16602 (galileo-testnet) 8 hours ago
0x31a7b41ac6167c8e622a60f702bd860ea92f5953 SDK check() evm:16602 (galileo-testnet) 8 hours ago
0xf1649ae7a6ce52fd03792f2bec32c1fcfaffae5c SDK check() evm:16602 (galileo-testnet) 2 days ago
0xc7d0ce7463628fbb93576ec034ecf508a6199521 SDK check() evm:16602 (galileo-testnet) 2 days ago
0xca785f542c61393a7bbd1d04eea66b8dcba49782 SDK check() evm:16602 (galileo-testnet) 2 days ago
0x3d8b2929f6a8a7a798491fa12f8ba6d1e784b2b1 SDK check() evm:16602 (galileo-testnet) 2 days ago
0x5c556ee4eece5bba6d1d00bc7204b55bc3bde597 SDK check() evm:16602 (galileo-testnet) 2 days ago
0xa0cef4d2f50e6a58aca14390f058a9d9a5b84352 SDK check() evm:16602 (galileo-testnet) 2 days ago
0xf32075f71452826c3ef10609b31a9513c9a8c86e SDK check() evm:16602 (galileo-testnet) 2 days ago
Mirror status All chains synced
Chain Tx State
sepolia
0x83be1388..56fb active
1 of 1 chains mirrored
v2 feature

Challenge game coming soon

Challenges let anyone counter-stake on a published antibody they believe is wrong. The publisher loses their stake if a challenge succeeds; the challenger does if it fails. The on-chain mechanics are designed; the UI lands in v2.