BioVerify

Overview

Published papers often point to mutable URLs (data can change or disappear after publication). Reviewer selection is opaque, incentives for reviewers and publishers are weak, and the reproducibility crisis has eroded trust in research findings.

BioVerify is an experiment in that direction. It treats peer review as a coordination game: authors stake ETH, AI screens for plagiarism, human reviewers settle verdicts on-chain, and research artifacts are pinned to IPFS so what was reviewed stays addressable. A truth layer (BioVerifyV3) holds stakes, lifecycle, VRF-based reviewer selection, and settlement; an orchestration layer (LangGraph + Inngest) runs screening and review graphs with durable execution and human-in-the-loop pauses — agents coordinate but do not override the contract.

Key features

• Stake & Submit: Scientists upload research manifests to IPFS (Pinata) and submit on-chain with a collateral stake and submission fee.
• AI Forensic Screening: A LangGraph Submission Agent fetches the abstract from IPFS, runs a neural search against academic literature via Exa AI, and produces a structured Gemini LLM verdict. Plagiarism triggers immediate on-chain slashing.
• VRF Reviewer Selection: If the submission passes AI screening, Chainlink VRF draws `I_VRF_NUM_WORDS = 3` candidates from the staked reviewer pool using cryptographically verifiable randomness. The Senior Reviewer is whichever drawn reviewer has the highest on-chain reputation.
• Human-in-the-Loop Peer Review: Selected reviewers submit EIP-712-signed verdicts through the frontend. Each review resumes the LangGraph Review Agent's HITL interrupt. Conflicting verdicts escalate to the Senior Reviewer for a tie-break.
• On-Chain Settlement: The agent partitions reviewers into honest (aligned with the final decision) and negligent (opposed), then settles on-chain: honest reviewers are rewarded, negligent reviewers are slashed, and the publisher's stake is returned or forfeited.
• Security Architecture: CEI pattern and nonReentrant guards on claim and transferSlashPoolToTreasury; pull-withdrawal model so settlement does not push ETH in bulk (gas-limit DoS resistance). Alchemy Notify webhooks authenticated with HMAC-SHA256 before projection. Off-chain reviewer verdicts use EIP-712 asymmetric signing (ECDSA / secp256k1).
• Event-Driven CQRS Architecture: Getter-less contract design — all state mutations emit events, projected off-chain via Alchemy Notify webhooks into a Neon Postgres read model (Drizzle ORM) with optimistic concurrency control.
• Durable Agent Orchestration: Inngest provides durable execution (automatic retries, wait-for-event, fan-out) while LangGraph manages agent lifecycle with checkpointers, enabling workflows to pause for days during peer review and resume exactly where they left off.
• Live Telegram Notifications: A public Telegram bot broadcasts contract state transitions in real time across Base Sepolia and Ethereum Sepolia — readers can follow the publication lifecycle without keeping the app open.

• Solidity + Foundry + Chainlink VRF: BioVerifyV3 smart contract with staking, slashing, VRF-based reviewer selection, and on-chain settlement. 100% branch coverage.
• Next.js + wagmi + Reown AppKit: DApp frontend with wallet integration, EIP-712 typed data signing, and real-time event-driven UI.
• TanStack Query + TanStack Table + nuqs: Reactive UI data layer — TanStack Query caches server queries and invalidates on `NewPublicationStatus` WSS events; TanStack Table plus a custom niko-table library powers the `/publications` data grid; nuqs syncs filters and pagination to URL state.
• LangGraph.js + Gemini + Exa AI: Stateful AI agents for submission forensics (plagiarism detection via neural search) and review orchestration with HITL interrupts.
• Inngest: Durable execution layer — automatic retries for on-chain commands, wait-for-event logic, and fan-out orchestration.
• Drizzle ORM + Neon Postgres: Event-sourced CQRS read model with optimistic concurrency control, powering all frontend queries.
• Alchemy Notify: HMAC-verified webhooks projecting contract events into the off-chain read model in real time.
• OpenZeppelin: ReentrancyGuard on ETH-out paths (claim, transferSlashPoolToTreasury) — battle-tested primitives instead of hand-rolled guards.

Challenges and Learnings

Orchestrating durable agents across asynchronous human review: LangGraph checkpointers let the workflow pause for days and resume at the same human-in-the-loop interrupt. A getter-light, event-emitted contract required tight alignment between on-chain emissions and Neon Postgres projections via Alchemy Notify; optimistic concurrency on (blockNumber, logIndex) guards out-of-order or duplicate webhook deliveries. Separating Inngest durability (retries, wait-for-event, fan-out) from LangGraph graph state avoided duplicated side effects when steps replay.

Outcome

BioVerify demonstrates an end-to-end DeSci peer-review pipeline on Base Sepolia and Ethereum Sepolia — stake and submit, AI-assisted screening, Chainlink VRF reviewer selection, human review with escalation, and on-chain settlement with explicit incentives. The work is a learning vehicle for combining stateful agents, durable execution, and Solidity coordination — not a production claim for scientific publishing.

Transferable patterns: Event-driven CQRS, durable agent orchestration, multi-actor coordination — patterns that also apply to dashboards, DAO tooling, and marketplaces.

Known limitations

• No author recourse against false positives — The submission agent can produce a false plagiarism verdict, and peer review can reach a binding decision the author considers incorrect. Today both paths are terminal (immediate `earlySlashPublication` or `slashPublication`); there is no contract-level mechanism for the author to contest, post an escalation stake, or trigger a second human-only review.
• IPFS / manifest edge cases — A syntactically valid CID that resolves to an empty or malformed manifest can leave the submission graph without a clean pass/fail path; after Inngest step retries the publication may remain stuck in SUBMITTED until validation is hardened.
• Agent transaction failures — On-chain commands use simulate-then-write with retry only at the Inngest step boundary (no in-command gas bump or nonce recovery). A gas spike during settlement can leave a publication in IN_REVIEW after the last human review is recorded.

Roadmap

• Weighted majority voting — Replace the senior tie-break with consensus weighted by on-chain reputation.
• ZK reputation (Reclaim Protocol) — Privacy-preserving proofs of real-world signals without exposing raw credentials.
• Encrypted access (Lit Protocol) and monetisation (x402) — Encrypt IPFS payloads with on-chain conditional decryption; gate datasets and supplementary material behind micropayments.
• Internal corpus + RAG — Index published manifests in Neon + pgvector alongside Exa AI for similarity checks.
• Author escalation path — Let an author contest a verdict (AI early-slash or peer-review settlement) within a bounded escalation window by posting a larger escalation stake. The contract opens a second review cycle restricted to humans only, with a fresh VRF cohort that excludes the original reviewers. The second verdict is binding and reconciles the first: if confirmed, the escalation stake is slashed on top of the original; if overturned, prior rewards and slashes are reversed and recomputed against the new verdict. This requires a settlement-enforcement delay (escalation window) before terminal states become final.