MEVSCOPE

Replays a tx or address history to attribute sandwich, frontrun, and backrun MEV extraction with per-trade loss accounting.

Web3 & Smart-Contract Security — on-chain safety and analytics.

pip install cognis-mevscope
mevscope scan .            # → prioritized findings in seconds

Usage — step by step

mevscope replays DEX swap history and attributes sandwich/frontrun MEV with per-trade victim-loss accounting. Console script: mevscope (or python -m mevscope).

1. Install from a clone:

   pip install -e .

2. Scan a swap-history JSON file for sandwich attacks:

   mevscope scan demos/01-basic/swaps.json

3. Read the output — --format json exposes totals you can pipe:

   mevscope scan swaps.json --format json | jq '.total_victim_loss'

4. Gate on MEV — --fail-on-mev exits non-zero if any sandwich is detected:

   mevscope scan swaps.json --fail-on-mev

   Exit codes: 0 clean, 1 sandwich detected with --fail-on-mev, 2 input error.
5. Automate in CI — flag regressions in a protected-router test fixture:

   - run: pip install -e .
   - run: mevscope scan fixtures/swaps.json --fail-on-mev

Contents

• Why mevscope? · Features · Quick start · Example · Architecture · AI stack · How it compares · Integrations · Install anywhere · Related · Contributing

Why mevscope?

'How much was I sandwiched this month?' as a single CLI command — quantified victim losses are intensely shareable on Crypto Twitter.

mevscope is single-purpose, scriptable, and self-hostable: point it at a target, get prioritized results in the format your workflow already speaks (table · JSON · SARIF), gate CI on it, and let agents drive it over MCP.

↑ back to top

Features

• ✅ Load Swaps From Obj
• ✅ Load Swaps
• ✅ Detect Sandwiches
• ✅ Build Report
• ✅ Runs on Linux/macOS/Windows · Docker · devcontainer
• ✅ Ports in Python, JavaScript, Go, and Rust (ports/)

↑ back to top

Quick start

pip install cognis-mevscope
mevscope --version
mevscope scan .                       # scan current project
mevscope scan . --format json         # machine-readable
mevscope scan . --fail-on high        # CI gate (non-zero exit)

↑ back to top

Example

$ mevscope scan .
  [HIGH    ] MEV-001  example finding             (./src/app.py)
  [MEDIUM  ] MEV-002  another signal              (./config.yaml)

  2 findings · risk score 5 · 38ms

↑ back to top

Architecture

flowchart LR
  IN[input] --> P[mevscope<br/>analyze + score]
  P --> OUT[report]

Loading

↑ back to top

Use it from any AI stack

mevscope is interoperable with every popular way of using AI:

• MCP server — mevscope mcp (Claude Desktop, Cursor, Cognis.Studio, uncensored-fleet)
• OpenAI-compatible / JSON — pipe mevscope scan . --format json into any agent or LLM
• LangChain · CrewAI · AutoGen · LlamaIndex — wrap the CLI/JSON as a tool in one line
• CI / scripts — exit codes + SARIF for non-AI pipelines

↑ back to top

How it compares

	Cognis mevscope	EigenPhi
Self-hostable, no account	✅	varies
Single command, zero config	✅	⚠️
JSON + SARIF for CI	✅	varies
MCP-native (AI agents)	✅	❌
Polyglot ports (JS/Go/Rust)	✅	❌
Open license	✅ COCL	varies

Built in the spirit of EigenPhi / mev-inspect-py, re-framed the Cognis way. Missing a credit? Open a PR.

↑ back to top

Integrations

Pipes into your stack: SARIF for code-scanning, JSON for anything, an MCP server (mevscope mcp) for AI agents, and a webhook forwarder for SIEM/Slack/Jira. See docs/INTEGRATIONS.md.

↑ back to top

Install — every way, every platform

pip install "git+https://github.com/cognis-digital/mevscope.git"    # pip (works today)
pipx install "git+https://github.com/cognis-digital/mevscope.git"   # isolated CLI
uv tool install "git+https://github.com/cognis-digital/mevscope.git" # uv
pip install cognis-mevscope                                          # PyPI (when published)
docker run --rm ghcr.io/cognis-digital/mevscope:latest --help        # Docker
brew install cognis-digital/tap/mevscope                             # Homebrew tap
curl -fsSL https://raw.githubusercontent.com/cognis-digital/mevscope/main/install.sh | sh

Linux	macOS	Windows	Docker	Cloud
scripts/setup-linux.sh	scripts/setup-macos.sh	scripts/setup-windows.ps1	docker run ghcr.io/cognis-digital/mevscope	DEPLOY.md (AWS/Azure/GCP/k8s)

↑ back to top

Related Cognis tools

• reentryx — Static + symbolic detector that flags reentrancy, cross-function, and read-only reentrancy paths in Solidity/Vyper with CI-gating SARIF output.
• forkfuzz — Mainnet-fork invariant fuzzer that replays your contract against live state and stateful sequences to break protocol invariants before deploy.
• approvewarden — Scans any wallet for dangerous ERC-20/721/1155 token approvals and infinite allowances, scoring drainer exposure and emitting revoke transactions.
• rugradar — Token contract risk scanner detecting honeypots, hidden mint/blacklist functions, owner backdoors, and unlocked liquidity before you ape.
• storagelens — Diffs and decodes contract storage layouts across proxy upgrades to catch storage-collision and uninitialized-slot bugs.
• sigsleuth — Decodes raw calldata and EIP-712 typed-data into human-readable intent, flagging blind-signing and malicious permit/Permit2 payloads.

Explore the suite → 🗂️ all 170+ tools · ⭐ awesome-cognis · 🔗 cognis-sources · 🤖 uncensored-fleet · 🧠 engram

↑ back to top

Contributing

PRs, new rules, and demo scenarios are welcome under the collaboration-pull model — see CONTRIBUTING.md and SECURITY.md.

⭐ If mevscope saved you time, star it — it genuinely helps others find it.

Interoperability

{} composes with the 300+ tool Cognis suite — JSON in/out and a shared OpenAI-compatible /v1 backbone. See INTEROP.md for the suite map, composition patterns, and reference stacks.

License

Source-available under the Cognis Open Collaboration License (COCL) v1.0 — free for personal, internal-evaluation, research, and educational use; commercial / production use requires a license (licensing@cognis.digital). See LICENSE.

---

_{Cognis Digital · one of 170+ tools in the Cognis Neural Suite · Making Tomorrow Better Today}