Module SDD-11 — Purpose-Built DeFi AI Systems

Purpose-Built DeFi AI Systems

Domain-specific agents vs general LLMs: the 92% vs 34% detection gap on DeFi vulnerabilities, the three pillars of specificity, and the build-vs-buy decision.

45
minutes
8
artifacts
3
sub-sections
92% versus 34% — the detection-rate gap between a purpose-built DeFi security agent and a general-purpose LLM on DeFi-specific vulnerabilities. This is a domain-specificity story, not a model-size story: oracle manipulation, flash-loan economics, MEV, and compositional risk are absent from general training at reasoning depth. Closing the gap does not require retraining the base model — it requires three external pillars (domain tooling, encoded attack-pattern knowledge, execution verification) that turn a text reasoner into an auditor. The decision framework for when to build the domain agent, when the general model suffices, and when the hybrid is correct.
Key Claims
Load-Bearing Claims

The 92% vs 34% gap is a domain-specificity story, not a model-size story. DeFi-native failure modes (oracle manipulation, flash-loan economics, MEV, compositional risk) are absent from general training at reasoning depth. A larger general LLM does not close the gap; domain structure does.

Closing the gap does not require retraining the base model. The three pillars — domain tooling (Foundry/Tenderly/RPCs), encoded attack-pattern knowledge, and execution verification — are external to the base model. Retraining or fine-tuning is rarely justified because the pillars capture most of the 92% at a fraction of the training cost.

The pragmatic architecture is hybrid and per-task. The general LLM handles breadth (triage, explanation, reporting) at lower cost; the domain agent handles deep DeFi detection. Making the hybrid explicit, rather than paying the domain-agent cost on every capability, is the cost-optimization decision.

Demonstrated attacks are weapons, not findings. The domain agent's execution-verified exploits are higher-sensitivity than findings and must be handled as exploit code. Its encoded knowledge base is a steering-attack surface if poisoned. Govern both.

After This Module
01
Explain the 92% vs 34% gap and the DeFi classes where domain-specificity compounds.
02
Identify what a purpose-built agent has (three pillars) and what each costs to build.
03
Apply the build-vs-buy decision framework: domain agent vs general model vs hybrid.
04
Map the architecture decisions that turn a general LLM into a domain agent without retraining.
05
Score the purpose-built approach on the 12-module rubric (49/60) and identify the specialization tradeoffs.
Artifacts