Documentation

Everything you need to trust the system.

Full program specification, security audit, API reference, and integration docs. All public. All verifiable on-chain.

Quick start

Up in two minutes.

01
Connect your Phantom wallet

Visit the dashboard and click "Sign in". Guardian only reads your public key — your private key never leaves your wallet.

02
Set your thresholds

Configure your health factor trigger (e.g. 1.20x), maximum repay per action (e.g. 30%), and rug exit price. All stored on-chain.

03
Initialize the PDA

Click "Save to on-chain" — this calls initialize_guardian and creates your GuardianConfig account. One-time transaction, small rent (~0.002 SOL).

04
The agent takes over

From here, the Railway agent polls your position every 30 seconds and executes protective transactions when thresholds are crossed.

Program reference

Nine instructions. Every argument.

InstructionCallerArguments
initialize_guardianOWNERhealth_factor_threshold: u64, max_repay_percent: u8, rug_exit_price: u64
update_thresholdsOWNERhealth_factor_threshold: u64, max_repay_percent: u8
execute_repayAGENTamount: u64, trigger_health_factor: u64
execute_revoke_approvalAGENTdelegate: Pubkey
execute_exit_positionAGENTmint: Pubkey, amount: u64
update_guardian_scoreAGENTscore: u8
deactivate_guardianOWNER(none)
reactivate_guardianOWNER(none)
close_guardianOWNER(none)
Score formula

How 0–100 is computed.

Dimension
Max pts
Formula
Liquidation proximity
30
30 − (30 × (HF − 1.0) / 1.0), clamped 0–30
Rug pull exposure
30
Per token: −10 if no revoke auth, −10 if top holder >30%, −10 if liquidity < 48h old
Malicious approvals
20
−5 per unknown delegate, clamped at 20 total deduction
Portfolio concentration
20
20 − (20 × (top_token_pct / 100)²)
Security audit — v1.0

Self-audit report. Full disclosure.

Auditor
Self (Aditya Chotaliya)
External audit pending — OtterSec / Sec3
Critical findings
0
High findings
0
Medium findings
0
Low findings
1
Info findings
2
Tests passing
233
LOW
Missing event on deactivate

deactivate_guardian did not emit a GuardianStateChanged event. Added in v1.1.

FIXED
INFO
No upgrade authority check

Program is not upgradeable (authority set to None). Intentional design — immutable on deploy.

ACCEPTED
INFO
Max repay capped server-side only

max_repay_percent was enforced in the agent but not the contract. Now enforced on-chain via require!.

FIXED

Still have questions? Read the source.