# Umbra — Intelligent Firewall Umbra is Blackhole’s off-chain validation layer. It filters risky or malicious execution routes **before the user signs**. Instead of relying on slow, RPC-heavy simulations, Umbra combines static pattern matching with lightweight machine learning to detect threats in real time. ### Key Capabilities **Static Pattern Filtering** * Detects known malicious contract patterns: honeypots, proxy traps, approval drainers, reentrancy, and self-destruct logic. * Works instantly, without RPC calls or forked simulations. * Fully configurable based on protocol risk tolerance. **ML-Based Risk Scoring** * Models trained on failed transactions, revert patterns, gas anomalies, and contract behaviors. * Continuously updated with live execution data to reduce false positives. * Classifies routes based on both structural and behavioral signals. **Pre-Signature Enforcement** * Validates full execution paths before a wallet requests approval. * Blocks unsafe or unexpected flows at the signing stage. * Integrates seamlessly with fallback logic in Blackhole Diamond. **Self-Learning Feedback Loop** * Learns from post-execution outcomes. * Flags new threat signatures and high-risk contracts automatically. * Reduces reliance on human curation and external audits over time. #### Performance * Average validation time: **5–15 ms** per route (static + ML). * Throughput: **>2,000 tx/sec** per CPU core. * Stateless architecture: horizontally scalable, containerized, easy to deploy. * No chain emulation or simulation delays. Umbra allows wallets and dApps to instantly show validated, human-readable execution paths — even for complex cross-chain flows. This makes it practical for high-frequency environments like aggregators, relayers, and agents. #### Differentiation Traditional DeFi stacks only detect risks *after* the user signs — or not at all. Umbra enforces security **before signature**, understanding both what a transaction does and what it could do. Unlike simulation engines, Umbra is gasless, fast, and scalable by design — combining firewall precision with ML adaptability.