What is CrimsonArb Vault?

CrimsonArb Vault is an AI-powered delta-neutral arbitrage vault that captures funding rate yields through automated basis trading on Drift Protocol.

How does basis trading work?

Basis trading involves simultaneously holding a long spot position and a short perpetual futures position. This delta-neutral strategy captures the funding rate paid by leveraged traders.

What is AgentSentry AI?

AgentSentry is our proprietary AI system that monitors market conditions, predicts funding rate movements, and executes trades with institutional-grade risk management.

What are the expected returns?

Historical returns range from 15-40% APY depending on market volatility and funding rate conditions. Past performance does not guarantee future results.

The vault employs delta-neutral strategies to minimize directional risk. All trades are executed on Drift Protocol with real-time monitoring and automatic risk adjustments.

TECHNICAL DOCUMENTATION

Three-Layer Security Architecture

How CrimsonARB protects capital through independent, layered verification

Version 1.0|April 2026|Ranger Build-A-Bear Hackathon

Executive Summary

CrimsonARB employs a three-layer security architecture where each layer operates independently and must approve before any capital is deployed. This design ensures that no single point of failure can result in fund loss.

On April 1, 2026, $285 million was drained from Drift Protocol in 12 minutes. The attack exploited trust assumptions, not code vulnerabilities. CrimsonARB's architecture would have blocked all three attack vectors through independent verification layers.

3 Attack Vectors Detected - 3 Attack Vectors Blocked - $0 Lost

Architecture Overview

Every yield opportunity passes through three independent verification layers before capital is deployed. Each layer has veto power. If any layer returns a negative signal, the operation is blocked.

YIELD SOURCE

Drift, Jupiter, Zeta

SENTRY BRAIN

Layer 1 - AI

AGENTSENTRY

Layer 2 - Circuit

WEBACY DD

Layer 3 - Risk

EXECUTE/SKIP

OPERATIONAL/GUARD

APPROVED/BLOCK

ALL THREE MUST APPROVE TO EXECUTE

LAYER 01

Sentry Brain AI

Purpose

The Sentry Brain is an AI reasoning engine that evaluates every yield opportunity before capital is committed. It analyzes market conditions, token fundamentals, price history, and liquidity depth to generate a confidence score.

Evaluation Criteria

Funding Rate Analysis: 24h velocity, decay prediction, historical patterns
Liquidity Assessment: Order book depth, bid-ask spread, slippage estimation
Token Fundamentals: Holder distribution, volume patterns, organic activity
Price History: Anomaly detection, wash trading signals, manufactured patterns

Decision Outputs

EXECUTE

High confidence

SKIP

Low confidence

GUARD

Risk detected

DEFER

Wait for data

Drift Attack Case Study: Layer 1 Response

The attacker created CVT (a fake token) with manufactured price history and artificial volume. Sentry Brain's analysis:

Token: CVT/USDC

Liquidity: SHALLOW

Volume: WASH_DETECTED

Holders: < 50 wallets

Confidence: 12 / 100

DECISION: SKIP

Reason: Manufactured price history detected.

ATTACK VECTOR BLOCKED: Fake CVT collateral at manufactured price

LAYER 02

AgentSentry ATSP

Purpose

AgentSentry is a protocol-level circuit breaker that monitors governance health, multisig configurations, and timelock parameters. It operates independently of market conditions and triggers GUARD state on any protocol-level anomaly.

Monitored Events

Governance Migration: Any change to security council or admin keys
Timelock Modification: Reduction or removal of safety delays
Multisig Threshold: Changes to required signature count
Oracle Updates: Price feed modifications or additions

Drift Attack Case Study: Layer 2 Response

Before the exploit, attackers migrated the Drift Security Council to a 2/5 threshold and removed the 48-hour timelock. AgentSentry's response:

Protocol: Drift Security Council

Event: GOVERNANCE_MIGRATION

Timelock: 48h to 0h [REMOVED]

Threshold: Changed to 2/5

STATUS: CIRCUIT BREAK

DECISION: GUARD

Action: All positions suspended.

ATTACK VECTOR BLOCKED: Governance migration removed safety timelocks

LAYER 03

Webacy DD.xyz

Purpose

Webacy DD.xyz is a third-party AI risk intelligence platform that screens counterparty wallets against on-chain risk signals. It provides independent verification outside of CrimsonARB's internal systems.

Risk Signals Analyzed

Mixer Origins: Tornado Cash, privacy mixer funding patterns
Wallet Age: Recently created wallets with suspicious funding
Sanctions Lists: OFAC and other regulatory blacklists
Protocol History: Past exploit involvement, rug pull associations

Drift Attack Case Study: Layer 3 Response

The attacker wallets originated from Tornado Cash, were 8 days old, and funded via a privacy mixer. Webacy DD.xyz analysis:

Wallet: 8Xk...9mR

TC_ORIGIN: TRUE

Wallet age: 8 days

Funding: Privacy mixer

DD Score: 11 / 100

RISK LEVEL: CRITICAL

DECISION: BLOCK

Action: Counterparty rejected.

ATTACK VECTOR BLOCKED: Tornado Cash-origin attacker wallet

Combined Defense Summary

Attack Vector	Layer	Response
Fake CVT token	Sentry Brain	SKIP
Governance migration	AgentSentry	GUARD
Tornado Cash wallet	Webacy DD.xyz	BLOCK

Result: $285,000,000 PROTECTED

Executive Summary

Architecture Overview

Sentry Brain AI

Purpose

Evaluation Criteria

Decision Outputs

Drift Attack Case Study: Layer 1 Response

AgentSentry ATSP

Purpose

Monitored Events

Drift Attack Case Study: Layer 2 Response

Webacy DD.xyz

Purpose

Risk Signals Analyzed

Drift Attack Case Study: Layer 3 Response

Combined Defense Summary

Related Documentation