"What is Heimdallr, and what are its headline numbers?"	An LLM-based smart contract audit agent (arXiv 2601.17833). 92.45% detection rate, $2.31 per 10K LOC cost, 17/20 real-world attack reconstructions. Targets the business-logic and multi-step vulnerabilities static analyzers miss. The reference AGENT harness for smart contract auditing.	course2a::sdd09::recall
"What is function-level reorganization, and why is it Heimdallr's load-bearing idea?"	Rewriting the contract into context-complete function units: decompose, resolve inheritance, inline modifiers, reconstruct per-function state-read/external-call dependencies. The substrate the LLM reasons over. Without it, the LLM hallucinates over raw source; with it, the same model reasons at auditor depth. No other harness does this transformation.	course2a::sdd09::analysis
"What is cascaded verification, and why is it the cost discipline?"	Three stages: cheap pattern checks (produce candidates) → LLM semantic analysis on candidates (confirm/reject) → exploit reconstruction on confirmed (deepest, most expensive). Each stage filters; the LLM budget is spent only on survivors. The $2.31/10K LOC cost is a direct payoff of aggressive filtering. Naive alternative (LLM on every function) costs orders of magnitude more.	course2a::sdd09::analysis
"Why does the same LLM hallucinate on raw source but reason on reorganized units?"	Raw Solidity mixes state vars, events, modifiers, functions; inheritance spreads logic across files; a vulnerability spans multiple functions linked by shared state. The LLM cannot hold that cross-function context from raw source. Reorganization gives each function its full relevant context, so the model reasons at auditor depth. Same model, different substrate.	course2a::sdd09::analysis
"What does the 17/20 attack reconstruction number measure, and why does it matter most?"	On 20 real-world exploits, Heimdallr reconstructs the attack transaction chain on 17. It measures the agent at HUMAN-AUDITOR DEPTH (not just flag-the-bug depth). A reconstructed attack is close to a proof. Placed last, only on confirmed candidates, to keep it affordable. This is the headline that matters.	course2a::sdd09::analysis
"How do you correctly read the 92.45% detection rate?"	92.45% = RECALL on a known-vulnerability evaluation set (a high-recall first pass, NOT a clean bill of health). 7.55% of known vulns are missed. A Heimdallr audit reports 'what the agent found,' NOT 'the contract is secure.' Treating 92.45% as a guarantee is the failure mode.	course2a::sdd09::analysis
"What is the cost ($2.31/10K LOC) actually a property of?"	Not the model — the CASCADE. The cost is dominated by how few functions reach the expensive stages (Stage 1 filters 100→~30 candidates, Stage 2 →~8 confirmed, Stage 3 →~5 reconstructed). Aggressive per-stage filtering is the lever. The naive alternative (LLM on all functions) costs orders of magnitude more without a better result.	course2a::sdd09::analysis
"Heimdallr vs static analyzers (Slither/Mythril) vs general LLMs — what is each one's position?"	Static = cheap, pattern-based, misses business logic/multi-step flaws. General LLM = raw-source reasoning, hallucinates, ~34% on DeFi (SDD-11). Heimdallr = reorganization + cascade = 92.45% detection, 17/20 reconstruction. STRUCTURE (not a bigger model) closes the gap. Complementary in practice: static first, Heimdallr for depth.	course2a::sdd09::analysis
"What is the key security finding regarding Heimdallr's risk?"	Two surfaces: (1) the 7.55% miss rate — a client must not read 92.45% as 'secure'; (2) symbolic reconstruction hallucination — a reconstructed attack is a hypothesis, not a confirmed exploit, requiring live-chain verification. Read-only execution is safe; the INTERPRETATION of findings is the surface to govern.	course2a::sdd09::analysis
"State Heimdallr's score on the 12-module rubric and its standout modules."	50/60. Perfect scores on Execution Loop (5), Tool Design (5), Context Mgmt (5), Verification (5) — the cascade and reorganization are textbook agent design. Lowest: Memory (3 — per-audit, no cross-audit learning), State (3 — no incremental audit). Build-on: Patch mode, cross-audit learning, live-chain verification.	course2a::sdd09::analysis
"Name 3 things Heimdallr does better than any other harness in the roster."	(1) Function-level reorganization as substrate transformation (no other harness does this). (2) Cascaded verification as cost discipline ($2.31/10K LOC is a direct payoff of per-stage filtering). (3) Exploit reconstruction at 17/20 (measures agent at human-auditor depth, not flag-the-bug depth).	course2a::sdd09::recall
"Name 3 things you would add to Heimdallr."	(1) Patch mode (generate verified fixes, evaluate with EVMbench patch scoring — turn detector into remediation harness). (2) Cross-audit learning (persistent memory of vuln patterns/reconstructions to recognize recurring exploit shapes). (3) Live-chain verification of reconstructions (Foundry fork mode — convert 'reconstructed' to 'demonstrated').	course2a::sdd09::application
"What is symbolic reconstruction, and why does it need live-chain verification?"	Reconstruction runs against the reorganized MODEL, not live chain state — so it's a hypothesis, not a confirmed exploit. A reconstructed chain can look plausible but fail against real state. Live-chain verification (Foundry fork mode) executes the attack against a forked mainnet snapshot, converting 'reconstructed' to 'demonstrated' — the standard a client audit demands.	course2a::sdd09::analysis
"State Heimdallr's Architect's Verdict in one line."	Reference agent harness for smart contract auditing (reorganization + cascaded verification + exploit reconstruction: 92.45% detection, $2.31/10K LOC, 17/20 reconstructions); reorganization is the load-bearing idea, the cascade is the cost discipline, reconstruction is the headline that matters; build on for semantic depth, add Patch mode and live-chain verification to reach audit-product standard.	course2a::sdd09::recall
