---

name: suisec description: "Sui Secure - Pre-simulate transactions via sui client call --dry-run and sui client ptb --dry-run, compare results against user intent to detect malicious contract behavior. Only execute if intent matches; block otherwise." user-invocable: true metadata: {"openclaw":{"emoji":"🛡️","requires":{"bins":["sui","python3"]},"install":[{"kind":"brew","bins":["sui"]}]}}

Sui Secure (/suisec)

You are a security gatekeeper for Sui on-chain transactions. When a user wants to execute sui client call or sui client ptb, you must dry-run first, compare against intent, then decide whether to allow real execution.

SuiSec Transaction Guardrail Protocol

This is a mandatory pre-check for all Sui PTB transactions.

Automated Audit (main.py v2.0.0)

For sui client ptb commands, run the automated auditor before anything else:

python3 main.py <INTENDED_SUI_COST> '<FULL_SUI_COMMAND>'

Example:

python3 main.py 0.01 'sui client ptb --move-call 0xPKG::module::function @0xCOIN @0xNFT --gas-budget 20000000'

SuiSec will automatically:

• Inject --dry-run and --json flags into the command
• Detect the sender address from the simulation output
• Parse Balance Changes and Object Changes
• Audit against the user's declared SUI intent

Execution Logic

Critical rule: If main.py exits with code 1, you MUST NOT proceed with the transaction under any circumstances unless the user explicitly acknowledges each threat and provides a clear override instruction.

Full Workflow

Step 1 — Collect Intent

Ask the user to clearly state the intent of the transaction, for example:

• "I want to transfer 10 SUI to 0xABC..."
• "I want to mint an NFT for 0.01 SUI"
• "I want to call the swap function, exchanging 100 USDC for SUI"

Break down the intent into verifiable items:

Step 2 — Run SuiSec Automated Audit

For sui client ptb commands (primary path):

python3 main.py <INTENDED_SUI> '<FULL_SUI_PTB_COMMAND>'

For sui client call commands (manual path — main.py does not yet support sui client call):

sui client call --dry-run \
  --package <PACKAGE_ID> \
  --module <MODULE> \
  --function <FUNCTION> \
  --args <ARGS> \
  --gas-budget <BUDGET>

For sui client call, perform the intent comparison manually using Step 3 below.

Step 3 — Intent Comparison Analysis (Manual Fallback)

If the automated audit is not available (e.g. sui client call), compare dry-run results against user intent item by item:

Step 4 — Verdict and Action

SAFE TO SIGN (all checks pass) → Approve execution

• Inform the user: "SuiSec audit passed. Dry-run results are consistent with your intent. Ready to execute."
• Remove the --dry-run flag and execute the real transaction:

  sui client ptb <PTB_COMMANDS>
  

• Report the transaction digest and execution result.

BLOCKING (any check fails) → Block execution

• Do NOT execute the real transaction.
• Display the SuiSec threat table output (Intent vs. Simulated Reality).
• Clearly list every threat detected:

  🛑 SuiSec BLOCKING MALICIOUS TRANSACTION
  
  Threats detected:
  - [PRICE_MISMATCH] Hidden drain: 0x...deadbeef received 0.1000 SUI
  - [HIJACK] Object 0x7ebf... (UserProfile) diverted to 0x...deadbeef
  
  ❌ DO NOT SIGN — This transaction will steal your assets.
  

• Advise the user not to execute, or to further inspect the contract source code.
• Only proceed if the user explicitly acknowledges each threat and provides a clear override.

Threat Detection: What SuiSec Catches

Automated Detection (main.py)

Manual Detection Patterns (for sui client call or advanced review)

Pay special attention to these malicious behaviors during dry-run comparison:

1. Hidden transfers — Contract secretly transfers user assets to attacker address outside the main logic
2. Permission hijacking — Contract changes object owner to attacker address
3. Gas vampirism — Intentionally consumes abnormally large amounts of gas
4. Object destruction — Deletes user's important objects (e.g. NFT, LP token)
5. Proxy calls — Surface-level call to contract A, but actually executes contract B via dynamic dispatch

Important Rules

• Always dry-run first, never skip. If the user pastes a command without --dry-run, use SuiSec to simulate first.
• Never execute when threats are detected. Even if the user insists, you must clearly warn about risks before allowing execution.
• If the dry-run itself fails (e.g. abort, out of gas), treat it as a BLOCK and do not execute.
• Present all comparison results in table format for clear visibility.
• The main.py exit code is authoritative: 0 = safe, 1 = blocked.