AssumptionsKill Systems
We build domain-specific AI security agents for complex protocol architectures.
One agent per domain.
All of them sharing intelligence to stop cascading failures.
Our Mission
Bluethroat Labs exists to accelerate the security maturity of Web3. Security cannot be solved with generic tools. Every domain has its own assumptions, attack surfaces, and failure modes that must be understood from first principles.
We build domain-specific AI security agents to study these domains deeply, surface vulnerabilities earlier, and share intelligence across systems.
Success means closing the gap between how fast Web3 ships and how slowly it learns from its mistakes.
We began with Trusted Execution Environments. Studying these systems from first principles led to confirmed findings across every major TEE-heavy protocol in Web3.
The same methodology was then applied to consensus engines, a fundamentally different domain, and the same result followed: Novel vulnerabilities in live production systems.
Our agents reason about systems they have never seen before.
Two domains tested. The methodology holds.
Complex protocols span multiple domains. Securing them requires more than a single agent or a single audit.
We build an ecosystem of domain-expert AI agents that reason together across subsystems. Each agent understands its domain. Together they understand your protocol.
Not a tool. An ecosystem of domain experts custom-built for your protocol.
Security that compounds with time.
Our Work
We operate across three fronts. We find real vulnerabilities in production systems. We build internal AI security systems tailored to your protocol. And we turn what we learn into public knowledge that raises the bar for the industry.
Vulnerability Research
Our research takes us deep into production codebases. When we find something real, we pursue it — across TEE protocols, consensus implementations, ZK systems, and beyond. We proactively reach out to concerned teams and responsibly disclose vulnerabilities. The patterns we uncover eventually flow back into our public research.
Internal AI Security Systems
We design and build internal AI-driven security tooling and workflows tailored to your protocol. Shaped around your codebase, threat model, and engineering reality, these systems evolve with the protocol. We can hand over the full stack to your team or remain involved on a light retainer.
The TEE Security Handbook
Every domain we study produces knowledge that shouldn't stay private. The TEE Security Handbook documents real failure modes, vulnerable patterns, and practical guidance for safely deploying TEE-heavy Web3 systems — built from confirmed findings across production codebases, not just theoretical analysis. More handbooks on the way.
Our Team
A small team of domain experts obsessed with understanding how systems actually break. We are researchers and builders who believe domain-specific security is how Web3 wins — and we are here to prove it.
