Francesco from Almanacs discusses AI-powered security tools for blockchain, highlighting how AI-generated code increases attack surface and why traditional security tools fall short. Almanacs launches in the Stellar Audit Bank to provide subsidized security scans for Soroban projects.
Francesco, CEO of Almanacs, presents on security in the age of AI-generated code (Vibe coding). He explains that 40% of Coinbase's code is AI-generated, with tools like Cursor producing billions of lines daily, dramatically expanding attack surface. Traditional static and dynamic analysis tools miss 80% of exploitable bugs by relying on fingerprint matching rather than reasoning like security engineers. Almanacs builds AI agents that detect, triage, and patch vulnerabilities across Stellar and Soroban smart contracts, integrating into CI/CD pipelines for continuous scanning. The team has worked with Stellar ecosystem projects including Preview and identified vulnerabilities in production code. Almanacs is now live in the Stellar Audit Bank, offering subsidized security scans for projects building on Soroban, complementing audits and bug bounties as part of a layered security approach.