{ "version": "1.0", "name": "Parapet Community: AI Agent Protection", "description": "Velocity limits and anomaly detection patterns commonly used for autonomous agents.", "published_at": "2026-04-17T01:15:15Z", "source": "parapet-community", "rules": [ { "version": "1.0", "id": "community-track-all-transactions", "name": "Track All Transactions", "description": "Tracks transaction count for velocity limiting (no alert)", "enabled": true, "tags": [ "ai-agent", "tracker" ], "rule": { "action": "pass", "conditions": { "field": "basic:signature", "operator": "exists" }, "flowstate": { "increment": [ "transaction_count" ], "ttl_seconds": 600 }, "message": "Transaction recorded for velocity tracking (pass, no alert)." }, "metadata": { "note": "Tracker rule - increments counter without alerting" } }, { "version": "1.0", "id": "community-ai-agent-velocity-limit", "name": "AI Agent Transaction Velocity Limit", "description": "Blocks when transaction velocity exceeds 10 transactions in 10 minutes", "enabled": true, "tags": [ "ai-agent", "critical", "velocity" ], "rule": { "action": "block", "conditions": { "field": "flowstate:transaction_count", "operator": "greater_than_or_equal", "value": 10 }, "message": "🚨 AI Agent: Unusual transaction velocity (10+ in 10 min) - possible runaway behavior or compromise" }, "metadata": { "attack_type": "runaway_behavior", "tuning_note": "Adjust threshold based on agent's normal activity level" } }, { "version": "1.0", "id": "community-track-account-creation", "name": "Track Account Creation", "description": "Tracks account creation count for spam detection (no alert)", "enabled": true, "tags": [ "ai-agent", "tracker" ], "rule": { "action": "pass", "conditions": { "field": "system:creates_accounts", "operator": "equals", "value": true }, "flowstate": { "increment": [ "account_creation_count" ], "ttl_seconds": 300 }, "message": "Account creation recorded for spam tracking (pass, no alert)." }, "metadata": { "note": "Tracker rule - increments counter without alerting" } }, { "version": "1.0", "id": "community-ai-agent-account-spam", "name": "AI Agent Account Creation Spam", "description": "Blocks when 5+ accounts are created within 5 minutes", "enabled": true, "tags": [ "ai-agent", "critical", "spam" ], "rule": { "action": "block", "conditions": { "all": [ { "field": "system:creates_accounts", "operator": "equals", "value": true }, { "field": "flowstate:account_creation_count", "operator": "greater_than_or_equal", "value": 5 } ] }, "message": "🚨 AI Agent: Account creation spike (5+ in 5 min) - possible loop or compromise" }, "metadata": { "attack_type": "rent_spam", "tuning_note": "Legitimate agents rarely create 5+ accounts in 5 minutes" } }, { "version": "1.0", "id": "community-ai-agent-repeated-blocks", "name": "AI Agent Repeated Block Attempts", "description": "Alerts when agent repeatedly attempts blocked transactions (3+ in 1 hour)", "enabled": true, "tags": [ "ai-agent", "high", "compromise-detection" ], "rule": { "action": "alert", "conditions": { "field": "flowstate:blocked_transaction_count", "operator": "greater_than_or_equal", "value": 3 }, "flowstate": { "ttl_seconds": 3600 }, "message": "⚠️ AI Agent: Repeatedly attempting blocked transactions (3+ in 1h) - investigate for compromise or misconfiguration" }, "metadata": { "attack_type": "persistent_malicious_behavior", "note": "blocked_transaction_count is auto-incremented by rule engine when any rule blocks" } }, { "version": "1.0", "id": "community-ai-agent-gradual-exfiltration", "name": "AI Agent Gradual Exfiltration", "description": "Detects repeated transfers to the same recipient (4+ in 24h) indicating gradual fund exfiltration", "enabled": true, "tags": [ "ai-agent", "critical", "exfiltration", "phase2" ], "rule": { "action": "block", "conditions": { "all": [ { "field": "system:has_sol_transfer", "operator": "equals", "value": true }, { "field": "flowstate:transfers_to:{system:sol_recipients[0]}", "operator": "greater_than", "value": 3 } ] }, "flowstate": { "scope": "perwallet", "increment": [ "transfers_to:{system:sol_recipients[0]}" ], "ttl_seconds": 86400 }, "message": "🚨 AI Agent: Repeated transfers to same recipient (4+ in 24h) - possible gradual exfiltration" }, "metadata": { "attack_type": "gradual_exfiltration", "tuning_note": "Allowlist legitimate recipients (e.g., exchange deposit addresses)", "variable_bindings": { "recipient": "system:sol_recipients[0]" } } }, { "version": "1.0", "id": "community-ai-agent-unknown-program-interaction", "name": "AI Agent Unknown Program Interaction", "description": "Alerts when agent repeatedly interacts with unknown/unverified programs (3+ in 7 days)", "enabled": true, "tags": [ "ai-agent", "high", "program-interaction", "phase2" ], "rule": { "action": "alert", "conditions": { "all": [ { "field": "basic:program_ids", "operator": "not_in", "value": [ "11111111111111111111111111111111", "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA", "ATokenGPvbdGVxr1b2hvZbsiqW5xWH25efTNsLJA8knL", "JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4", "whirLbMiicVdio4qvUfM5KAg6Ct8VwpYzGff3uctyCc", "So11111111111111111111111111111111111111112" ] }, { "field": "flowstate:program_interaction:{basic:program_ids[0]}", "operator": "greater_than", "value": 2 } ] }, "flowstate": { "scope": "perwallet", "increment": [ "program_interaction:{basic:program_ids[0]}" ], "ttl_seconds": 604800 }, "message": "⚠️ AI Agent: Repeated interaction with unknown program - investigate before allowing" }, "metadata": { "attack_type": "suspicious_program_interaction", "tuning_note": "Maintain allowlist of known safe programs (DEXs, lending protocols, etc.)", "variable_bindings": { "program_id": "basic:program_ids[0]" }, "known_safe_programs": [ "System Program (11111111111111111111111111111111)", "Token Program (TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA)", "Associated Token Program (ATokenGPvbdGVxr1b2hvZbsiqW5xWH25efTNsLJA8knL)", "Jupiter Aggregator (JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4)", "Orca Whirlpool (whirLbMiicVdio4qvUfM5KAg6Ct8VwpYzGff3uctyCc)", "Wrapped SOL (So11111111111111111111111111111111111111112)" ] } } ], "deprecated_rule_ids": [] }