⛓️ archetype: web3

Ship a smart contract without losing $1B to MEV.

Building with Solidity, Anchor, Foundry, or Rust contracts? GreatCTO auto-detects the web3 archetype and ships oracle strategy (Chainlink/Pyth/TWAP), MEV protection, upgradeability decision, and L2 sequencer halt gates from day one.

$ npx great-cto init Back to home ↗
What you avoid

The 5 DeFi bugs that drain the treasury.

Without GreatCTO

  • Single Chainlink oracle — manipulation, $80M drain
  • No MEV protection — sandwich on every swap
  • Reentrancy via callback in ERC777 — empty pool
  • Upgradeable proxy without timelock — admin rug
  • L2 sequencer halts — oracle stale, liquidations cascade
  • Hack on day 3 · TVL gone · brand dead.

With GreatCTO

  • oracle-reviewer signs off Chainlink + Pyth + TWAP combo
  • MEV: commit-reveal, threshold, or batch-auction
  • CEI pattern + reentrancy guards + Slither passes
  • Timelock + multisig on upgrades · transparent proxy
  • L2 sequencer halt detection + circuit breaker
  • Audit-ready · MEV-resistant · timelocked.
Auto-applied gates

Detected: foundry.toml / hardhat.config.ts / Anchor.toml
web3 archetype.

Compliance auto-suggested: soc2 · audit-prep. Specialist agents activated:

01 · oracle-reviewer

Oracle + MEV strategy

Chainlink / Pyth / TWAP combo · MEV protection (sandwich/JIT/flash-loan) · upgradeability decision (Immutable/UUPS/Diamond/Beacon) · L2 sequencer halts · custody/multisig/timelock · formal verification scope.

02 · security-officer

OWASP smart-contract

Reentrancy · access control · arithmetic · DoS · randomness · front-running · timestamp dependence · Slither/Mythril/Echidna pre-deploy.

03 · code-reviewer

12-angle review

Storage layout · upgrade-safe slots · gas optimization · invariant testing · fuzz / property tests with Foundry.

04 · senior-dev

TDD with Foundry

forge test · invariants · fuzz · differential vs reference impl · mainnet-fork integration tests.

Domain pack overlays

Likely to overlay on web3.

Packs auto-attach when CLI detects pack-specific signals (e.g. twilio in deps → voice-pack). Each pack adds its own reviewer agents + human gates on top of the base archetype pipeline.

+ API Platform
OAuth 2.1, webhook signing, idempotency, RFC 8594 Sunset
+ EM Fintech
India DPDP, Nigeria CBN, Brazil BCB/LGPD, MAS, OJK, BSP, local rails
30 seconds

Drop into any Foundry / Hardhat / Anchor repo.

$ npx great-cto init
no signup·runs locally·pay your own API