// /docs — documentation page const DOC_NAV = [ { h: "Getting started", items: [ { id: "intro", label: "Introduction" }, { id: "install", label: "Installation" }, { id: "quickstart", label: "Quickstart" }, { id: "concepts", label: "Core concepts" }, ]}, { h: "Scanners", items: [ { id: "agentscan", label: "AgentScan" }, { id: "reposcan", label: "RepoScan" }, { id: "scoring", label: "Trust scoring" }, { id: "findings", label: "Findings & severity" }, ]}, { h: "Registry & Hub", items: [ { id: "registry", label: "Registry" }, { id: "providerhub", label: "ProviderHub" }, { id: "alerts", label: "Alerts & webhooks" }, ]}, { h: "Reference", items: [ { id: "api", label: "REST API" }, { id: "cli", label: "CLI" }, { id: "onchain", label: "On-chain reports" }, ]}, ]; const DocsApp = () => { const [active, setActive] = React.useState("intro"); React.useEffect(() => { const ids = DOC_NAV.flatMap(g => g.items.map(i => i.id)); const obs = new IntersectionObserver(entries => { entries.forEach(e => { if (e.isIntersecting) setActive(e.target.id); }); }, { rootMargin: "-30% 0px -60% 0px", threshold: 0 }); ids.forEach(id => { const el = document.getElementById(id); if (el) obs.observe(el); }); return () => obs.disconnect(); }, []); return ( <>

v0.42 · 2026-05-13

Lumiscan documentation.

Everything you need to scan, register, and monitor autonomous agents on Solana.

Introduction

Lumiscan is a security and trust layer for the Solana agent economy. It bundles four interlocking products:

AgentScan — autonomous vulnerability prober for deployed agents.
RepoScan — static auditor for Solana programs and agent codebases.
Registry — live, queryable index of every audited agent.
ProviderHub — uptime and latency monitor for agent endpoints.

All four share a single trust score, a single report format, and a single signed on-chain attestation. Build with any of them; integrate one and the rest come for free.

Installation

Lumiscan ships as a Node/TypeScript SDK, a Rust crate, and a thin CLI. Pick whichever fits your stack:

# npm / pnpm / bun pnpm add @lumiscan/sdk # cargo cargo add lumiscan # cli (homebrew) brew install lumiscan/tap/lumi

The CLI authenticates through a per-wallet keypair — no API key juggling. Run lumi login once and you're set.

Quickstart

Probe any deployed Solana agent in 30 seconds:

import {"{"} Lumiscan {"}"} from "@lumiscan/sdk"; const lumi = new Lumiscan({"{"} cluster: "mainnet-beta" {"}"}); const report = await lumi.agentScan({"{"} address: "sol1jit72b9k4...9xQ", depth: "deep", // shallow | standard | deep battery: ["prompt", "signer", "tools"], {"}"}); console.log(report.trustScore); // → 72 console.log(report.findings); // → [{"{"} severity, kind, location, ... {"}"}] console.log(report.attestation); // → on-chain pubkey of signed report

Every report is signed by a Lumiscan oracle keypair and posted to mainnet as a memo + PDA — third parties can verify a score without trusting your frontend.

Core concepts

Trust score

A 0–100 score combining four sub-scores: prompt safety, signer hygiene, tool surface, and treasury exposure. Anything <60 is flagged.

Findings

Issues are graded info warning critical. Critical findings block registry inclusion until resolved.

Attestation

Every report is anchored on-chain via a PDA derived from (report_hash, oracle_pk). Wallets can verify a score in a single RPC call.

AgentScan

AgentScan spins up an isolated devnet wallet, mirrors the target agent's tool surface, and runs an adversarial battery of probes against it. The wallet is funded with a small SOL balance to allow the agent to make realistic decisions.

Probe batteries

Each scan runs ~94 tests across three batteries:

prompt // 64 tests: system override, role inversion, exfiltration, // context smuggle, confused deputy signer // 18 tests: seed leak, sig reuse, nonce replay, key handling tools // 12 tests: per-tool param fuzzing, rate-limit, slippage

RepoScan

RepoScan ingests a GitHub URL or anchor program address, indexes the source, and compares it against 814k+ known Solana programs. It produces an authenticity score, a similarity percentage, and a list of provenance findings.

await lumi.repoScan({"{"} url: "github.com/jito-foundation/agent-program", ref: "main", {"}"});

Trust scoring

The composite trust score is a weighted sum:

score = 0.35 * prompt + 0.25 * signer + 0.20 * tools + 0.20 * treasury

Weights are tunable per-integration. A DEX router may weight tools higher; a lending agent may weight treasury higher.

Findings & severity

Each finding has a stable kind identifier so you can suppress, snooze, or accept it across re-scans. The full taxonomy is published at lumiscan.app/taxonomy.

Registry

The Registry is a public, paginated index of every agent that has passed an AgentScan with score ≥ 60. Agents re-audit every 24 hours; expired audits are flagged.

const agents = await lumi.registry.list({"{"} minScore: 80, capability: "swap", sort: "score:desc", {"}"});

ProviderHub

Register any HTTP or RPC endpoint your agent exposes. ProviderHub pings from 14 global regions, records latency percentiles, and fires webhooks on degradation.

await lumi.providerHub.register({"{"} url: "https://agent.driftprotocol.io/mcp", agent: "drift-mm.agent", alerts: {"{"} email: "ops@drift.foo", sla: 99.9 {"}"}, {"}"});

Alerts & webhooks

Three delivery channels: email, webhook, and Discord. Webhooks ship a signed JSON payload with the offending probe, latency series, and a link to the report.

Webhook signature

Verify the X-Lumiscan-Signature header against your secret using ed25519.

REST API

Base URL: https://api.lumiscan.app/v1

POST /agent-scan // kick off a probe GET /agent-scan/:id // poll status / fetch report GET /registry // list agents GET /registry/:address // fetch single agent POST /provider-hub // register endpoint GET /provider-hub/:id // metrics

CLI

lumi agent probe <address> # run an AgentScan lumi repo scan <url> # run a RepoScan lumi registry list --min 80 # browse registry lumi hub register <url> # add an endpoint lumi hub watch # tail uptime live

On-chain reports

Every report PDA carries a 32-byte report hash, a 32-byte oracle pubkey, a score byte, and a unix timestamp. Wallets can verify a score with one getAccountInfo call — no Lumiscan server required.

struct LumiReport {"{"} report_hash: [u8; 32], oracle_pk: Pubkey, score: u8, issued_at: i64, expires_at: i64, {"}"}

▸ Ready to build? See the SDK reference for typed bindings and end-to-end examples.