Zero-trust transaction validation for Yield.xyz integrations.
When interacting with on-chain yield protocols through the Yield API, transaction integrity is critical. Even a small modification to an unsigned transaction can redirect funds to an attacker's address, trigger unintended contract calls, or drain token approvals.
Shield is a validation layer that lets you verify every unsigned transaction returned by the Yield API before presenting it for signing. It decodes each transaction into a typed structure — ABI decoding for EVM, instruction parsing for Solana, and TronWeb decoding for Tron — validates each decoded field against a verified template for the specified yield integration, and re-encodes EVM calldata to detect any byte-level tampering. If anything deviates from the expected pattern, Shield flags it immediately.
Shield ships as both a TypeScript library and standalone binaries, so you can embed it directly into your integration regardless of tech stack.
<aside> <img src="/icons/git_green.svg" alt="/icons/git_green.svg" width="40px" />
</aside>
<aside> <img src="/icons/package_red.svg" alt="/icons/package_red.svg" width="40px" />
</aside>
Shield supports two operating modes. Your choice depends on where you are in your integration lifecycle.
| Mode | Behavior | Use case |
|---|---|---|
| Monitor | Validates every transaction and logs the result, but never blocks. Invalid transactions produce warnings. | Initial rollout. Observe Shield's behavior against real production traffic without risk of false-positive disruption. |
| Defense | Validates every transaction and blocks any that fail. Invalid transactions are rejected before they reach the signing flow. | Production hardening. Active protection against tampering, with server-side enforcement. See Defense Mode for full details. |