# Build Custom Detector

{% hint style="info" %}
This guide is intended for developers, security researchers, and security teams who want to integrate their unique threat models into the Venn ecosystem or develop new security models.
{% endhint %}

## Overview

### To build a custom detector on Venn, you will need to:

1. Clone (or fork) **venn-custom-detection** Template.
2. Implement your **detection logic**.
3. **Test** that your detector responds with detection results.
4. **Deploy** your detector and connect it to your [Venn node client.](https://docs.venn.build/venn-network/getting-started/node-operators)

{% hint style="info" %}
You can choose to become a [Venn node operator ](https://docs.venn.build/venn-network/getting-started/node-operators)and run your detection model on your node, or connect with other Venn node operators that will run your detection model. 
{% endhint %}

{% hint style="info" %}
If you need help connecting with a Venn node operator to run your detector, please [contact us](https://www.venn.build/join/security-team?_gl=1*1i862le*_ga*NDE3OTA5NDg3LjE3MzkyOTEyMjA.*_ga_Y3G93T90DW*MTc0MTY5MjM4NS4xMjEuMS4xNzQxNjk3MTAzLjU3LjAuMTI5Njc1NDc.*_ga_CEBTDZ1167*MTc0MTY5MjM4NS4xMjEuMS4xNzQxNjk3MTAzLjAuMC4w). We’re here to help you find a trusted partner so you can deploy your detection model.
{% endhint %}

***

## Quick Start

### **Step 1: Clone the Repository**

Begin by cloning or forking the [Venn Custom Detector Boilerplate](https://github.com/ironblocks/venn-custom-detection).

```bash
git clone https://github.com/ironblocks/venn-custom-detection.git
cd venn-custom-detection
```

### **Step 2: Install Dependencies**

Install the required packages using your preferred package manager:

```bash
yarn install
# or
npm install
```

### **Step 3: Run in Development Mode**

Start the detector locally to begin working on your detection logic:

```bash
yarn dev
# or
npm run dev
```

{% hint style="info" %}
Your detector service will start (default on port 3000) and be ready to receive detection requests.
{% endhint %}

***

## Detector Service Overview

The core of your custom detector logic is the `DetectionService`, found in `src/modules/detection-module/service.ts`. This service implements a `detect` method that receives a `DetectionRequest` (an enriched view of an EVM transaction) and returns a `DetectionResponse`.

### Example Implementation

```typescript
import { DetectionResponse, DetectionRequest } from './dtos'

/**
 * DetectionService
 *
 * Implements a `detect` method that receives an enriched view of an
 * EVM compatible transaction (i.e. `DetectionRequest`)
 * and returns a `DetectionResponse`
 *
 * API Reference:
 * https://github.com/ironblocks/venn-custom-detection/blob/master/docs/requests-responses.docs.md
 */
export class DetectionService {
    /**
     * Update this implementation code to insepct the `DetectionRequest`
     * based on your custom business logic
     */
    public static detect(request: DetectionRequest): DetectionResponse {
        
        /**
         * For this "Hello World" style boilerplate
         * we're mocking detection results using
         * some random value
         */
        const detectionResult = Math.random() < 0.5;


        /**
         * Wrap our response in a `DetectionResponse` object
         */
        return new DetectionResponse({
            request,
            detectionInfo: {
                detected: detectionResult,
            },
        });
    }
}
```

{% hint style="info" %}
Update the `detect` method with your security logic or model to analyze transactions based on your threat model.
{% endhint %}

{% hint style="info" %}
For more details, request validation, and response structures, refer to our [API Reference Documentation](https://github.com/ironblocks/venn-custom-detection/blob/master/docs/requests-responses.docs.md).
{% endhint %}

***

## Testing Your Detector

You can simulate transactions using the [Security Sandbox](https://explorer.venn.build/toolkit/security-sandbox), a dedicated testing environment specifically designed to evaluate your custom detection model. With the Security Sandbox, you can simulate any transactions from the preferred chains or choose past hacks to test against your detection model.&#x20;

Or

You can simulate transactions by sending them directly to `DetectionRequest` payload (refer to our [API Reference](https://github.com/ironblocks/venn-custom-detection/blob/master/docs/requests-responses.docs.md) for details) and evaluate your custom detection model in the returned `DetectionResponse`.

***

## Deploy to Production

When you’re ready to deploy your detector service, choose from one of the following options:

### Manual Build & Deployment

1. **Build the Service:**

   ```bash
   yarn build
   # or
   npm run build
   ```
2. **Start the Service:**

   ```bash
   yarn start
   # or
   npm run start
   ```

### Using Docker

Build a Docker image for your detector:

```bash
docker build -f Dockerfile . -t my-custom-detector
```

*Deploy the Docker container to your production environment as needed.*

{% hint style="success" %}
That's it! Welcome to Venn. 🎉&#x20;
{% endhint %}