New — RAFP+ AI behavior risk engine

What's permitted isn't
always what's safe.

RAFP enforces who can act.
RAFP+ determines whether they should.

The most dangerous withdrawal requests are technically valid — correct signature, legitimate account, approved permissions. RAFP+ detects the behavioral signals that rules can't see.

See live demo Request Demo

LLM · incident_summary_ready AI generated

Automated incident report · 16:51:34

Coordinated multi-account withdrawal attack

detected and contained.

accounts frozen 11

requests blocked 17 / 20

USDT protected $1,240,000

detection window 90 seconds

Key signal: cross-account address

convergence confirmed × 2.

Recommended action:

On-chain tracking for 3 approved txns.

API key rotation required.

The problem

Attacks that look completely legitimate

Stolen API keys, hijacked accounts, abused automation — these generate correctly signed, fully authorized requests that pass every rule check.

A request can clear every policy gate and still be an attack. The signature was valid. The permissions were correct. But the behavior was not.

Traditional rule-based systems evaluate each request in isolation — they have no memory of what normal looks like, and no visibility into patterns that only emerge across accounts or over time. That's the gap RAFP+ closes.

Behavioral anomaly

Operating outside historical activity patterns

Time, frequency, address freshness, amount distribution — scored against a 90-day user baseline

Platform-level signal

Coordinated activity invisible at the account level

Concurrent activations, volume spikes, and address clusters that only appear at the platform layer

Convergence pattern

Independent accounts routing to shared destinations

The definitive signal of a single threat actor operating across multiple compromised accounts

From RAFP to RAFP+

A new intelligence layer

RAFP — existing

Policy & approval orchestration

Role-based permissions and approval flows

Amount thresholds and address whitelisting

Time-window and velocity control rules

Static rule routing, single-request scope

Core question

Who is allowed to approve this?

RAFP+ — new AI layer

AI behavior risk engine

Dynamic scoring against 90-day user baseline

Platform-level anomaly detection across all accounts

Cross-account address convergence detection

LLM audit summaries generated in under 2 minutes

New question

Is this operation actually reasonable?

Live scenario

A real attack. Intercepted in real time.

Preview the full RAFP+ scenario.

RAFP+ Screening Engine · Quantum_Ex Debug Mode

POST /withdraw/apply

#001 16:51:24approved

user: 160000124 $840.66 USDT

#004 16:51:27hold

user: 160000128 $917.69 USDT

#016 16:51:33blocked

user: 160000005 $862.44 USDT

approved: 3 blocked: 17

Screening log

RISK_ENGINE profile_fetch user:160000124

history_days:214 new_addr_rate:8.1%

score:142/1000 action:APPROVED

————————————————————————————

PLATFORM concurrent_users:11 delta:+900%

PLATFORM new_addr_rate:100% baseline:8.1%

PLATFORM addr_convergence_confirmed

THmju... sources:[160000124, 160000005]

PLATFORM status:ELEVATED->CRITICAL

RISK_ENGINE freeze_accounts count:11

LLM incident_summary_ready

Analysis

User baseline loaded — 214-day history

daily_freq μ=0.6 new_addr_rate 8.1% script_prob 0.02

Platform layer — NORMAL → ELEVATED

3 concurrent accounts new_addr_rate 100% vs baseline 7.8%

CRITICAL — address convergence confirmed

THmju... ← [160000124, 160000005] interval: 7.4s

Run the full attack scenario

What's permitted isn'talways what's safe.

Attacks that look completely legitimate

A new intelligence layer

A real attack. Intercepted in real time.

Ready to add a behavioral layer to your infrastructure?

What's permitted isn't
always what's safe.