what's ENShell?

ENShell is an on-chain firewall protocol designed to protect AI agents operating on blockchain from prompt injection attacks that could lead to malicious transactions. It introduces a four-layer security pipeline between an AI agent's intent—such as token swaps, bridging, or DeFi interactions—and actual execution. Developers integrate the ENShell SDK, which encrypts agent instructions using ECIES (secp256k1 ECDH + AES-256-GCM) before hashing and queuing them on the AgentFirewall smart contract deployed on Ethereum testnets like Sepolia. The contract verifies agent registration, activity, and strike limits before emitting events for off-chain analysis. Chainlink Chainlink Reliable Execution (CRE) workflows detect these events, decrypt payloads securely using threshold-encrypted keys, and analyze instructions with Claude AI for threat scoring (0-100,000). Verdicts—approve, escalate, or block—are signed and updated on-chain. Escalated actions trigger human-in-the-loop review via a CLI tool or conceptual Ledger Live app integration, with agent reputations stored immutably in ENS TXT records under subdomains like enshell.eth. This enables a "trust mesh" for visualizing and enforcing inter-agent trust thresholds. Fully open-source with repos for SDK, CLI, contracts, relay, and dashboard at enshell.xyz.

ENShell is a top 10 finalist at the ETHGlobal Cannes hackathon.