AssumptionsKill Systems
We build domain-specific AI security agents for complex protocol architectures.
One agent per domain.
All of them sharing intelligence to stop cascading failures.
Our Mission
Bluethroat Labs exists to accelerate the security maturity of Web3. Security cannot be solved with generic tools. Every domain has its own assumptions, attack surfaces, and failure modes that must be understood from first principles.
We build domain-specific AI security agents to study these domains deeply, surface vulnerabilities earlier, and share intelligence across systems.
Success means closing the gap between how fast Web3 ships and how slowly it learns from its mistakes.
We began with Trusted Execution Environments. Studying these systems from first principles led to confirmed findings across every major TEE-heavy protocol in Web3.
The same methodology was then applied to consensus engines, a fundamentally different domain, and the same result followed: Novel vulnerabilities in live production systems.
Our agents reason about systems they have never seen before.
Two domains tested. The methodology holds.
Complex protocols span multiple domains. Securing them requires more than a single agent or a single audit.
We build an ecosystem of domain-expert AI agents that reason together across subsystems. Each agent understands its domain. Together they understand your protocol.
Not a tool. An ecosystem of domain experts custom-built for your protocol.
Security that compounds with time.
Our Work
We operate across three fronts. Research that compounds into public knowledge. Private vulnerability work that stays confidential. And bespoke security ecosystems built specifically for your protocol.
The TEE Security Handbook
Every domain we study produces knowledge that shouldn't stay private. The TEE Security Handbook documents real failure modes, vulnerable patterns, and practical guidance for safely deploying TEE-heavy Web3 systems — built from confirmed findings across production codebases, not just theoretical analysis. More handbooks on the way.
Vulnerability Research
Our research takes us deep into production codebases. When we find something real, we pursue it — across TEE protocols, consensus implementations, ZK systems, and beyond. We proactively reach out to concerned teams and responsibly disclose vulnerabilities. The patterns we uncover eventually flow back into our public research.
Protocol Security Ecosystems
Domain-specific AI agents, built for your codebase, reasoning together across subsystems. Each one learns your protocol more deeply with every run. Blind spots are unavoidable. That is why monitoring is treated as a first-class citizen of the security stack, not an afterthought.
Our Team
A small team of domain experts obsessed with understanding how systems actually break. We are researchers and builders who believe domain-specific security is how Web3 wins — and we are here to prove it.
