Wake Arena is a multi-agent AI audit service for the Solidity codebase. It combines LLM inference, graph-based analysis (data dependencies and control flow), and a battle-tested library of static analysis detectors built over years of Ackee audits.
In benchmark testing, Wake Arena found the following: 43 out of 94 high severity vulnerabilities We have achieved outstanding results in past audit competitions. Generic GPT-5 (24/94), General Opus 4.5 (21/94)and Zellic’s Automated Scanner V12 (41/94).
Benchmarks are useful, but the real test is production. Let’s take a closer look at what happened when the team used Wake Arena in production code, and what they changed in response.
What Wake Arena Does
Wake Arena is designed to help teams reach premium audits with cleaner code. that:
- Discover meaningful issues early, Focus on vulnerabilities with high signal, not scale.
- Explain the findings like an auditor, Includes the impact, the exploit path, and where it occurs in your code.
- evidence link Use code snippets, line numbers, and structured summaries for easy categorization.
Protocols are subject to security review based on auditor workflow rather than a typical “LLM scan” and can be rapidly iterated.
Wake Arena across three protocols. No. 192 The team broke it down as follows: 142 true positives and 50 false positives (Ah ~3:1 TP/FP ratio). Most importantly, 79 issues across 5 reports connected to concrete code change: 5 (luxury), 68 (IPOR fusion) and 6 (Monerium).
Additionally, we appreciate user feedback and will use it to make Wake Arena more manageable and transparent at scale.
LUKSO: “Very good and helpful” in hardening shipped code faster
LUKSO, an EVM L1 focused on digital identity and consumer applications, served as a design partner during development and used Wake Arena on the Solidity codebase.
scan results
- 10 total finds In one scan: 2 high, 6 medium, 1 low, 1 warning
- 2 false positives reported
- TP/FP ratio (by client category): 8 / 2
- The team reported that they would resolve the issue. 1 high, 1 medium, 1 low Immediately after receiving the report
positive feedback
“The PDF looks really great. I’m impressed with how well written it is overall.”
“The ‘Summary of Findings’ table is top notch – exactly what I was looking for.”
“I was very impressed with the way the PDF report looks and is written. I would definitely recommend this tool to anyone to catch early bugs before a formal security audit.”
– LUKSO Team Feedback
In the same feedback, the team also mentioned the report sections they relied on the most: severity and confidence description, audit overview/overall security assessment/recommendations, and line-numbered code snippets.
Observed Impact
The report was activated quickly.
- classification (What is important and why it is important)
- check (where it is in the code)
- repeat (Edit → Rerun → Compare)
Product improvements (based on LUKSO’s feedback)
- PDF AI-based automatic analysis (Not a manual audit report)
- Add more explicit Remediation instructions based on findings (Specific next steps, general fixes, and verification tips)
- Keeps the usability of the report “audit-like” without confusing it with human audit output.
IPOR Fusion: Rapid iteration and clear security trade-offs
IPOR Lab, a DeFi team building interest rate and yield products, used Wake Arena. IPOR fusion Over multiple runs in December 2025:
scan results
- 3 reports in 4 daysEnables rapid cure cycles during active development.
- TP/FP ratio (per client classification): 126 / 47 (~2.7:1)
- The IPOR Labs team systematically categorized the results to:
- 68 Valid → Required code change
- 58 Acknowledgment → Acceptance of compromise/relaxation of architecture
- 47 False positive/invalid → Detailed rebuttal based on execution restrictions
- Some issues have been categorized by client as follows: Report has a higher severity than what the team ultimately allocated.
positive feedback
IPOR’s responses show a consistent pattern. The results were evaluated against non-isolated, explicit trust boundaries and execution constraints (who can call what and with what permissions).
“We spent a lot of time analyzing it. I would say the tool is very good.”
– IPOR Institute, response report
This is important because it reflects how senior auditors work. Claims must be tied to a realistic attacker model.
Observed Impact
- In the classification, the IPOR Labs team categorized: 68 true positive results (requires code or documentation changes) and 47 is false positive/invalid.
- Example shown as follows: valid (Required changes) included fee calculation/ERC-4626 semantic inconsistency and anti-slip configuration issues (reflected in per-discovery responses).
- Example shown as follows: false positive It depends on execution constraints (e.g., components that are not publicly accessible, restricted execution paths, and a design that avoids balancing between transactions).
Wake Arena accelerates high-quality engineering conversations about immutability, trust boundaries, and trade-offs before premium audits.
Monerium: Convert results into merged fixes through testing
Monerium, a regulated issuer of fiat-backed on-chain currency, uses Wake Arena on src/SwapV1V2.sol and has published a classification and fix in the public issue “Ackee Wake – AI Audit Report for src/SwapV1V2.sol.” Full report: Wake Arena PDF.
scan results
- 6 items modified (H1~H5, W1)
- 1 item rejected due to ‘by design’ (I1), including rationale for relayers/aggregators and recommended alternative flows.
- TP/FP ratio (Based on client classification): 6 / 1
- Instead of hand waving, they documented trade-offs (e.g. a small gas increase to remove ambiguous “no-op” implications for the integrator).
positive feedback
“We acknowledge this is a valid finding and have implemented a correction.”
“For consistency and integration safety, we modified all swap functions to always execute transfers… eliminating potential confusion for integrators.”
– Monerium, response to public issues
public verification
- 41 tests passed
- 100% coverage SwapV1V2.sol (line/statement/branch/function)
The result is actionable results that translate into clearer semantics for integrators, better documentation, and shipped code changes with regression protection.
What’s next for Wake Arena?
We are focused on improving workflow and visibility as our tools run across multiple protocols and teams.
- Administrator Panel (Internal + Ecosystem/Protocol) Give your team more control over:
- Monthly scan usage
- Number of scans remaining in plan
- Number of issues found per protocol
- Problem tables and richer states Provides status visibility by individual result, severity, count, and protocol. States expanded from 2 to 5 to improve accuracy and workflow. Reported, valid, Confirmed, determined, invalid.
- Manage your emails + view AI reports By organization/protocol.
- Better context input To increase the accuracy of AI results.
conclusion
Wake Arena shortens the time to fix critical issues before you spend premium audit time on avoidable fundamentals.
This tool is a total No. 192 Across three protocols. Each team was judged and classified as follows. 142 true positives and 50 false positivesAs a result, it is advantageous ~3:1 true positive to false positive ratio. More importantly, 79 of these issues across five reports.A message is displayed code fix: 5 for LUKSO, 68 for IPOR Fusion, and 6 for Monerium.
We’re building an admin panel, richer issue workflows, improved management tools, and better context input to make Wake Arena easier to operate at scale and more useful on a per-scan basis.
If you want auditor-style, evidence-backed reports that your team can quickly triage, fix, and rerun to continue strengthening your codebase, use Wake Arena.