Combat algorithmic fraud with algorithmic defense.
The rise of Generative AI has industrialized fraud. Malicious actors now leverage AI to:
- π Generate emotionally manipulative narratives in native-level prose.
- πΌοΈ Create photorealistic deepfakes of non-existent people and prototypes.
- π° Build synthetic identities that pass traditional KYC checks.
- π Execute wash trading schemes with circular wallet funding.
Traditional rule-based detection systems are helpless against generative fraud where every attack is unique.
GemFund Forensic Engine is a Multi-Agent Forensic System that fights AI fraud with AI defense. It combines:
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β π± CAMPAIGN SUBMISSION β
β { text, media[], creatorAddress, donors[], creator } β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β π API GATEWAY β
β JWT Verification β Input Validation β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βββββββββββββββββββββββΌββββββββββββββββββββββ
β β β
βΌ βΌ βΌ
βββββββββββββββββββββββββ βββββββββββββββββββββββββ βββββββββββββββββββββββββ
β βοΈ BLOCKCHAIN β β πΌοΈ VISUAL β β π€ IDENTITY β
β FORENSICS β β FORENSICS β β OSINT β
β βββββββββββββββββ β β βββββββββββββββββ β β βββββββββββββββββ β
β β’ Wallet Age/Nonce β β β’ EXIF Metadata β β β’ Social Media β
β β’ Wash Trading β β β’ GPS & Edit Detect β β β’ Scam Reports β
β β’ Burner Detection β β β’ Reverse Image β β β’ Email Analysis β
β β β β’ Stock Photo Check β β β’ Google Dorking β
βββββββββββββββββββββββββ βββββββββββββββββββββββββ βββββββββββββββββββββββββ
β β β
βββββββββββββββββββββββΌββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β π€ AI JUDGMENT LAYER β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Gemini 3 Flash β β
β β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ β β
β β β System β β Google β β Structured β β β
β β β Prompt β βββΆ β Search β βββΆ β JSON Output β β β
β β β + Forensics β β Grounding β β (Zod Parse) β β β
β β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β π VERDICT β
β Score (0-100) β’ CREDIBLE / SUSPICIOUS / FRAUDULENT β’ Evidence β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
| Feature | Description |
|---|---|
| π Blockchain Forensics | Detect burner wallets (age < 24h, nonce < 5) and wash trading patterns |
| πΈ EXIF Analysis | Extract GPS, timestamps, and detect photo editing software |
| π Reverse Image Search | Identify stock photos and duplicate images via Google Lens |
| π€ Identity OSINT | Cross-platform social verification with scam report detection |
| π§ AI Judgment | Gemini 3 Flash with real-time Google Search grounding |
| π‘οΈ Prompt Injection Defense | Built-in protection against manipulation attempts |
- Bun v1.0+
- API Keys: Gemini, Supabase, Etherscan, SerpAPI
# Clone the repository
git clone https://github.com/your-org/gemfund-gemini-service.git
cd gemfund-gemini-service
# Install dependencies
bun install
# Configure environment
cp .env.example .env
# Start development server
bun run start# Required
GEMINI_API_KEY=your_gemini_key
SUPABASE_URL=https://xxx.supabase.co
SUPABASE_KEY=your_service_role_key
SUPABASE_JWT_SECRET=your_jwt_secret
SUPABASE_BUCKET_NAME=campaign-media
# Optional (enables additional forensics)
ETHERSCAN_API_KEY=your_etherscan_key
SERPAPI_API_KEY=your_serpapi_key| Environment | URL |
|---|---|
| Production | https://gemfund.apir.live |
| Local | http://localhost:3000 |
All /api/* endpoints require a Supabase JWT:
Authorization: Bearer <supabase_jwt_token>| Method | Endpoint | Description |
|---|---|---|
GET |
/ |
Health check |
GET |
/docs |
Interactive API documentation (Scalar UI) |
POST |
/api/v1/assess |
Analyze campaign for fraud |
Perform comprehensive fraud analysis on a fundraising campaign.
{
"text": "Help save my child who needs heart surgery at Johns Hopkins. We need $50,000!",
"media": [
{ "path": "campaigns/123/medical_report.jpg", "type": "image" },
{ "path": "campaigns/123/hospital_video.mp4", "type": "video" }
],
"creatorAddress": "0x742d35Cc6634C0532925a3b844Bc9e7595f8d6b8",
"donors": ["0xabc...", "0xdef..."],
"creator": {
"fullName": "John Doe",
"username": "johndoe123",
"email": "john@example.com"
}
}| Field | Type | Required | Limits | Description |
|---|---|---|---|---|
text |
string | β | min 10 chars | Campaign description/claim |
media |
array | max 10 | Media files from Supabase Storage | |
creatorAddress |
string | Ethereum wallet for blockchain analysis | ||
donors |
array | max 50 | Donor wallets for wash trading detection | |
creator |
object | Creator identity for OSINT investigation |
{
"success": true,
"data": {
"score": 72,
"verdict": "CREDIBLE",
"summary": "Campaign appears legitimate. Hospital verified via Google Search.",
"flags": ["hospital_verified", "cost_reasonable"],
"evidence_match": {
"location_verified": true,
"visuals_match_text": true,
"search_corroboration": true,
"metadata_consistent": true
}
},
"forensics": {
"blockchain": {
"nonce": 42,
"ageHours": 720,
"washTradingScore": 0,
"isBurnerWallet": false
},
"exif": {
"hasGps": true,
"hasEdits": false,
"dateMismatch": false,
"warnings": []
},
"reverseImage": {
"duplicatesFound": 0,
"isStockPhoto": false,
"sources": []
},
"identity": {
"platformsFound": 5,
"scamReportsFound": false,
"isDisposableEmail": false,
"identityConsistent": true,
"accountAge": "established",
"trustScore": 75,
"redFlags": [],
"greenFlags": ["linkedin_verified", "github_active"]
}
}
}The system separates fraud indicators into two weighted categories:
| Type | Weight | Source | Reliability |
|---|---|---|---|
| Hard Metrics | 70% | Objective APIs | Deterministic, verifiable |
| Soft Metrics | 30% | AI Analysis | Probabilistic, contextual |
These are automatic disqualifiers when detected:
| Check | Threshold | Result | Detection Method |
|---|---|---|---|
| π Wash Trading | >20% donors funded by creator | FRAUD | Etherscan genesis tx analysis |
| π Burner Wallet | age <24h AND nonce <5 | HIGH RISK | Etherscan wallet history |
| π· Stock Photo | Shutterstock/Getty detected | FRAUD | Google Lens via SerpAPI |
| Found online | HIGH RISK | Google Search OSINT | |
| π§ Disposable Email | Temp mail detected | SUSPICIOUS | Email domain analysis |
| Check | What It Detects |
|---|---|
| πΌοΈ Visual Consistency | Do images match the claimed location, season, and situation? |
| π EXIF Metadata | GPS coordinates, timestamps, editing software traces |
| π Narrative Logic | Fact-checking via Google Search (hospital names, costs, etc.) |
| π’ Manipulation Detection | High-pressure emotional tactics ("Donate now or he dies!") |
The system performs automated identity investigation:
β Social Media Presence - Twitter, LinkedIn, GitHub, Instagram
β Scam History Search - "username" + scam/fraud queries
β Disposable Email Check - Temp mail domain detection
β Cross-Platform Verify - Identity consistency across platforms
β Account Age Analysis - Established vs new accounts
| Score | Verdict | Meaning | Action |
|---|---|---|---|
| 80-100 | CREDIBLE |
All checks pass | β Approve |
| 60-79 | CREDIBLE |
Minor issues only | β Approve with notes |
| 40-59 | SUSPICIOUS |
Soft metric failures | |
| 20-39 | FRAUDULENT |
Hard metric failures | β Reject |
| 0-19 | FRAUDULENT |
Multiple hard failures | β Reject + Flag |
| Component | Technology |
|---|---|
| Runtime | Bun |
| Framework | Hono |
| AI Engine | Google Gemini 3 Flash |
| Validation | Zod |
| Storage | Supabase |
| Blockchain | Etherscan API V2 |
| Image Search | SerpAPI (Google Lens) |
| EXIF | exiftool-vendored |
- Fail-Open Pattern - Single API failures don't block assessment.
- Two-Step AI Analysis - Free-form reasoning β Structured JSON.
- Zero Trust - Every claim is false until verified.
- Parallel Forensics - All checks run concurrently.
src/
βββ index.ts # Application entry point
βββ lib/
β βββ config.ts # Centralized configuration
β βββ env.ts # Environment variables
β βββ errors.ts # Custom error classes
β βββ factory.ts # Hono factory
β βββ prompts.ts # AI system prompts
β βββ response.ts # Response helpers
β βββ routes.ts # API routes
β βββ types.ts # TypeScript types
β βββ schemas/ # Zod validation schemas
βββ middlewares/
β βββ auth.ts # JWT verification
β βββ init.ts # Service initialization
βββ services/
βββ EtherscanService.ts # Blockchain forensics
βββ ExifService.ts # Metadata extraction
βββ GeminiService.ts # AI analysis
βββ SerpService.ts # Reverse image search
βββ SupabaseService.ts # File storage
FROM oven/bun:1-alpine
WORKDIR /app
# Perl required for exiftool-vendored
RUN apk add --no-cache perl
COPY package.json bun.lock ./
RUN bun install --frozen-lockfile --production
COPY . .
ENV NODE_ENV=production PORT=3000
EXPOSE 3000
CMD ["bun", "run", "src/index.ts"]# Build and deploy
docker compose up --build -dpush to main β build β Docker Hub β deploy to VPS
| Type | Formats | Max Items |
|---|---|---|
| Image | JPEG, PNG, WebP, GIF | 10 |
| Video | MP4, WebM, MOV | 10 |
- JWT Authentication on all
/api/*routes - Input Validation with Zod (array limits: 10 media, 50 donors)
- Prompt Injection Defense built into system prompts
- Secret Management via environment variables
- Rate Limiting with exponential backoff
| Document | Description |
|---|---|
| Architecture | System design & data flow |
| Forensic Modules | Deep dive into each detector |
| AI Integration | Gemini prompt engineering |
| API Reference | Complete endpoint documentation |
| Deployment | Production deployment guide |
| Security | Security considerations |
Contributions are welcome! Please read our contributing guidelines before submitting PRs.
MIT Β© GemFund
Built to protect the integrity of charitable giving in the Web3 era.