npm - @snovon/solast - Versions diffs - 0.2.0 - Mend

@snovon/solast 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (738) hide show

package/LICENSE +201 -0
package/README.md +190 -0
package/dist/api.d.ts +89 -0
package/dist/api.js +33 -0
package/dist/ast/resolve-return-names.d.ts +2 -0
package/dist/ast/resolve-return-names.js +199 -0
package/dist/ast/solc-walker.d.ts +17 -0
package/dist/ast/solc-walker.js +497 -0
package/dist/ast/storage-layout.d.ts +21 -0
package/dist/ast/storage-layout.js +64 -0
package/dist/cli.d.ts +65 -0
package/dist/cli.js +755 -0
package/dist/config.d.ts +9 -0
package/dist/config.js +284 -0
package/dist/dedup/files.d.ts +1 -0
package/dist/dedup/files.js +74 -0
package/dist/dedup/findings.d.ts +41 -0
package/dist/dedup/findings.js +211 -0
package/dist/detectors/_common/access-control.d.ts +204 -0
package/dist/detectors/_common/access-control.js +377 -0
package/dist/detectors/_common/ast.d.ts +139 -0
package/dist/detectors/_common/ast.js +239 -0
package/dist/detectors/_common/compiler-profile.d.ts +14 -0
package/dist/detectors/_common/compiler-profile.js +66 -0
package/dist/detectors/_common/dataflow.d.ts +75 -0
package/dist/detectors/_common/dataflow.js +57 -0
package/dist/detectors/_common/fhe.d.ts +7 -0
package/dist/detectors/_common/fhe.js +40 -0
package/dist/detectors/_common/integer-overflow-helpers.d.ts +58 -0
package/dist/detectors/_common/integer-overflow-helpers.js +422 -0
package/dist/detectors/_common/loop-call-stack.d.ts +9 -0
package/dist/detectors/_common/loop-call-stack.js +132 -0
package/dist/detectors/_common/oracle.d.ts +5 -0
package/dist/detectors/_common/oracle.js +64 -0
package/dist/detectors/_common/price-rate.d.ts +116 -0
package/dist/detectors/_common/price-rate.js +446 -0
package/dist/detectors/_common/source-text.d.ts +11 -0
package/dist/detectors/_common/source-text.js +82 -0
package/dist/detectors/_common/weighted-pool-invariant.d.ts +21 -0
package/dist/detectors/_common/weighted-pool-invariant.js +105 -0
package/dist/detectors/aave-v2-reentrancy.d.ts +7 -0
package/dist/detectors/aave-v2-reentrancy.js +286 -0
package/dist/detectors/access-control.d.ts +103 -0
package/dist/detectors/access-control.js +983 -0
package/dist/detectors/add-reentrancy-on-weth-contract.d.ts +7 -0
package/dist/detectors/add-reentrancy-on-weth-contract.js +536 -0
package/dist/detectors/ai-generated-randomness.d.ts +32 -0
package/dist/detectors/ai-generated-randomness.js +239 -0
package/dist/detectors/amm-spot-oracle-manipulation.d.ts +52 -0
package/dist/detectors/amm-spot-oracle-manipulation.js +420 -0
package/dist/detectors/analyzing-the-uniswap-v3-exploit.d.ts +26 -0
package/dist/detectors/analyzing-the-uniswap-v3-exploit.js +279 -0
package/dist/detectors/any-token-is-destroyed.d.ts +34 -0
package/dist/detectors/any-token-is-destroyed.js +527 -0
package/dist/detectors/anyswap-anytoken-permit-allowance-drain.d.ts +7 -0
package/dist/detectors/anyswap-anytoken-permit-allowance-drain.js +524 -0
package/dist/detectors/anyswap-insufficient-token-validation.d.ts +24 -0
package/dist/detectors/anyswap-insufficient-token-validation.js +342 -0
package/dist/detectors/approval-based-drain.d.ts +7 -0
package/dist/detectors/approval-based-drain.js +772 -0
package/dist/detectors/arbitrary-account-balance-transfer.d.ts +7 -0
package/dist/detectors/arbitrary-account-balance-transfer.js +485 -0
package/dist/detectors/arbitrary-address-spoofing-attack.d.ts +7 -0
package/dist/detectors/arbitrary-address-spoofing-attack.js +444 -0
package/dist/detectors/arbitrary-address-spoofing.d.ts +9 -0
package/dist/detectors/arbitrary-address-spoofing.js +657 -0
package/dist/detectors/arbitrary-call-error.d.ts +127 -0
package/dist/detectors/arbitrary-call-error.js +1163 -0
package/dist/detectors/arbitrary-call.d.ts +4 -0
package/dist/detectors/arbitrary-call.js +11 -0
package/dist/detectors/arbitrary-delegatecall-target.d.ts +35 -0
package/dist/detectors/arbitrary-delegatecall-target.js +554 -0
package/dist/detectors/arbitrary-recipient-no-access-control.d.ts +7 -0
package/dist/detectors/arbitrary-recipient-no-access-control.js +638 -0
package/dist/detectors/arbitrary-storage-proof-forgery.d.ts +35 -0
package/dist/detectors/arbitrary-storage-proof-forgery.js +340 -0
package/dist/detectors/arbitrary-transfer-from.d.ts +38 -0
package/dist/detectors/arbitrary-transfer-from.js +339 -0
package/dist/detectors/arbitrum-cross-chain-message-replay.d.ts +22 -0
package/dist/detectors/arbitrum-cross-chain-message-replay.js +477 -0
package/dist/detectors/avs-slashing-without-quorum-check.d.ts +50 -0
package/dist/detectors/avs-slashing-without-quorum-check.js +386 -0
package/dist/detectors/bad-debt-propagation.d.ts +13 -0
package/dist/detectors/bad-debt-propagation.js +480 -0
package/dist/detectors/bad-k-value-verification.d.ts +7 -0
package/dist/detectors/bad-k-value-verification.js +512 -0
package/dist/detectors/bad-randomness-zero-blockhash.d.ts +29 -0
package/dist/detectors/bad-randomness-zero-blockhash.js +115 -0
package/dist/detectors/balancer-flash-loan-manipulation.d.ts +33 -0
package/dist/detectors/balancer-flash-loan-manipulation.js +178 -0
package/dist/detectors/balancer-pause-guard.d.ts +33 -0
package/dist/detectors/balancer-pause-guard.js +307 -0
package/dist/detectors/balancer-weighted-pool-flash-loan.d.ts +42 -0
package/dist/detectors/balancer-weighted-pool-flash-loan.js +275 -0
package/dist/detectors/batch-transfer-overflow.d.ts +7 -0
package/dist/detectors/batch-transfer-overflow.js +465 -0
package/dist/detectors/beneficiary-validation.d.ts +7 -0
package/dist/detectors/beneficiary-validation.js +696 -0
package/dist/detectors/borrow-behalf-consent.d.ts +7 -0
package/dist/detectors/borrow-behalf-consent.js +400 -0
package/dist/detectors/break-continue-scope.d.ts +7 -0
package/dist/detectors/break-continue-scope.js +194 -0
package/dist/detectors/bridge-accounting-bypass.d.ts +65 -0
package/dist/detectors/bridge-accounting-bypass.js +449 -0
package/dist/detectors/bridge-business-logic-flaw-incorrect-acc.d.ts +43 -0
package/dist/detectors/bridge-business-logic-flaw-incorrect-acc.js +394 -0
package/dist/detectors/bridge-collateral-drain.d.ts +7 -0
package/dist/detectors/bridge-collateral-drain.js +630 -0
package/dist/detectors/bridge-forged-proof.d.ts +7 -0
package/dist/detectors/bridge-forged-proof.js +754 -0
package/dist/detectors/bridge-missing-message-nonce.d.ts +57 -0
package/dist/detectors/bridge-missing-message-nonce.js +638 -0
package/dist/detectors/bridge-swap-metapool-attack.d.ts +20 -0
package/dist/detectors/bridge-swap-metapool-attack.js +230 -0
package/dist/detectors/business-logic-flaw-flashloan-price-mani.d.ts +7 -0
package/dist/detectors/business-logic-flaw-flashloan-price-mani.js +353 -0
package/dist/detectors/business-logic-flaw-incorrect-recipient-balance.d.ts +7 -0
package/dist/detectors/business-logic-flaw-incorrect-recipient-balance.js +403 -0
package/dist/detectors/business-logic-flaw.d.ts +21 -0
package/dist/detectors/business-logic-flaw.js +339 -0
package/dist/detectors/business-logic.d.ts +17 -0
package/dist/detectors/business-logic.js +22 -0
package/dist/detectors/bypassed-insolvency-check.d.ts +30 -0
package/dist/detectors/bypassed-insolvency-check.js +232 -0
package/dist/detectors/bytecode-divergence-risk.d.ts +32 -0
package/dist/detectors/bytecode-divergence-risk.js +150 -0
package/dist/detectors/cache-array-length.d.ts +30 -0
package/dist/detectors/cache-array-length.js +177 -0
package/dist/detectors/cache-storage-reads.d.ts +46 -0
package/dist/detectors/cache-storage-reads.js +323 -0
package/dist/detectors/calldata-secret-access-control.d.ts +36 -0
package/dist/detectors/calldata-secret-access-control.js +446 -0
package/dist/detectors/capital-cross-contract-reentrancy.d.ts +34 -0
package/dist/detectors/capital-cross-contract-reentrancy.js +481 -0
package/dist/detectors/cartel-custom-approval-logic.d.ts +7 -0
package/dist/detectors/cartel-custom-approval-logic.js +407 -0
package/dist/detectors/ccip-receiver-missing-replay-guard.d.ts +22 -0
package/dist/detectors/ccip-receiver-missing-replay-guard.js +413 -0
package/dist/detectors/chain-coupling-risk.d.ts +8 -0
package/dist/detectors/chain-coupling-risk.js +203 -0
package/dist/detectors/chainlink-deprecated-function.d.ts +7 -0
package/dist/detectors/chainlink-deprecated-function.js +205 -0
package/dist/detectors/chainlink-tx-origin.d.ts +7 -0
package/dist/detectors/chainlink-tx-origin.js +363 -0
package/dist/detectors/check-effects-interactions.d.ts +39 -0
package/dist/detectors/check-effects-interactions.js +783 -0
package/dist/detectors/check-permit-missing-chainid.d.ts +27 -0
package/dist/detectors/check-permit-missing-chainid.js +456 -0
package/dist/detectors/classic-reentrancy.d.ts +93 -0
package/dist/detectors/classic-reentrancy.js +645 -0
package/dist/detectors/coinbase-morpho-wethloan-policy.d.ts +29 -0
package/dist/detectors/coinbase-morpho-wethloan-policy.js +368 -0
package/dist/detectors/compoundv2-inflation-attack.d.ts +7 -0
package/dist/detectors/compoundv2-inflation-attack.js +675 -0
package/dist/detectors/constructor-address-validation.d.ts +24 -0
package/dist/detectors/constructor-address-validation.js +335 -0
package/dist/detectors/constructor-interface-no-address-validation.d.ts +32 -0
package/dist/detectors/constructor-interface-no-address-validation.js +283 -0
package/dist/detectors/cross-chain-arbitrary-call.d.ts +7 -0
package/dist/detectors/cross-chain-arbitrary-call.js +601 -0
package/dist/detectors/cross-chain-input-validation.d.ts +31 -0
package/dist/detectors/cross-chain-input-validation.js +347 -0
package/dist/detectors/cross-chain-intent-replay.d.ts +38 -0
package/dist/detectors/cross-chain-intent-replay.js +453 -0
package/dist/detectors/cross-chain-intent-stale-resolution.d.ts +7 -0
package/dist/detectors/cross-chain-intent-stale-resolution.js +463 -0
package/dist/detectors/cross-chain-message-order-dependency.d.ts +8 -0
package/dist/detectors/cross-chain-message-order-dependency.js +472 -0
package/dist/detectors/cross-chain-message-replay.d.ts +8 -0
package/dist/detectors/cross-chain-message-replay.js +568 -0
package/dist/detectors/cross-chain-messaging.d.ts +7 -0
package/dist/detectors/cross-chain-messaging.js +663 -0
package/dist/detectors/cross-chain-msg-truncation.d.ts +7 -0
package/dist/detectors/cross-chain-msg-truncation.js +453 -0
package/dist/detectors/cross-chain-truncation.d.ts +7 -0
package/dist/detectors/cross-chain-truncation.js +422 -0
package/dist/detectors/cross-contract-integer-overflow.d.ts +76 -0
package/dist/detectors/cross-contract-integer-overflow.js +554 -0
package/dist/detectors/cross-contract-reentrancy-trusted-callee.d.ts +39 -0
package/dist/detectors/cross-contract-reentrancy-trusted-callee.js +385 -0
package/dist/detectors/cross-contract-reentrancy.d.ts +63 -0
package/dist/detectors/cross-contract-reentrancy.js +631 -0
package/dist/detectors/cross-function-reentrancy.d.ts +37 -0
package/dist/detectors/cross-function-reentrancy.js +648 -0
package/dist/detectors/cross-protocol-contagion.d.ts +20 -0
package/dist/detectors/cross-protocol-contagion.js +445 -0
package/dist/detectors/cross-protocol-oracle-collateral.d.ts +38 -0
package/dist/detectors/cross-protocol-oracle-collateral.js +487 -0
package/dist/detectors/cross-vm-reentrancy.d.ts +7 -0
package/dist/detectors/cross-vm-reentrancy.js +484 -0
package/dist/detectors/decimals-mismatch.d.ts +89 -0
package/dist/detectors/decimals-mismatch.js +451 -0
package/dist/detectors/deferred-state-update.d.ts +16 -0
package/dist/detectors/deferred-state-update.js +35 -0
package/dist/detectors/deflationary-token.d.ts +27 -0
package/dist/detectors/deflationary-token.js +751 -0
package/dist/detectors/delegate-transfer-unrestricted-caller.d.ts +44 -0
package/dist/detectors/delegate-transfer-unrestricted-caller.js +410 -0
package/dist/detectors/delegatecall-fallback-reentrancy-bypass.d.ts +14 -0
package/dist/detectors/delegatecall-fallback-reentrancy-bypass.js +241 -0
package/dist/detectors/delegatecall-in-loops.d.ts +7 -0
package/dist/detectors/delegatecall-in-loops.js +129 -0
package/dist/detectors/delegatecall-init-owner-mutator.d.ts +8 -0
package/dist/detectors/delegatecall-init-owner-mutator.js +655 -0
package/dist/detectors/delegatecall-init.d.ts +7 -0
package/dist/detectors/delegatecall-init.js +769 -0
package/dist/detectors/delegatecall-untrusted-implementation.d.ts +41 -0
package/dist/detectors/delegatecall-untrusted-implementation.js +888 -0
package/dist/detectors/delegated-authorization-bypass.d.ts +7 -0
package/dist/detectors/delegated-authorization-bypass.js +370 -0
package/dist/detectors/denial-of-service.d.ts +117 -0
package/dist/detectors/denial-of-service.js +947 -0
package/dist/detectors/division-before-multiplication.d.ts +7 -0
package/dist/detectors/division-before-multiplication.js +303 -0
package/dist/detectors/dn404-mirror-access-control.d.ts +26 -0
package/dist/detectors/dn404-mirror-access-control.js +315 -0
package/dist/detectors/doge-flashloan.d.ts +29 -0
package/dist/detectors/doge-flashloan.js +329 -0
package/dist/detectors/donate-inflation-exchangerate-roundin.d.ts +7 -0
package/dist/detectors/donate-inflation-exchangerate-roundin.js +621 -0
package/dist/detectors/donation-share-inflation.d.ts +24 -0
package/dist/detectors/donation-share-inflation.js +466 -0
package/dist/detectors/dont-let-eth-get-rekt.d.ts +84 -0
package/dist/detectors/dont-let-eth-get-rekt.js +1151 -0
package/dist/detectors/dos-unbounded-loop-external-call-revert.d.ts +37 -0
package/dist/detectors/dos-unbounded-loop-external-call-revert.js +541 -0
package/dist/detectors/eip1167-proxy-reentrancy.d.ts +7 -0
package/dist/detectors/eip1167-proxy-reentrancy.js +508 -0
package/dist/detectors/eip4626-vault-reentrancy.d.ts +32 -0
package/dist/detectors/eip4626-vault-reentrancy.js +312 -0
package/dist/detectors/eip5792-auth-replay.d.ts +45 -0
package/dist/detectors/eip5792-auth-replay.js +519 -0
package/dist/detectors/eip712-domain-separator.d.ts +42 -0
package/dist/detectors/eip712-domain-separator.js +524 -0
package/dist/detectors/eip712-signature-verification.d.ts +49 -0
package/dist/detectors/eip712-signature-verification.js +689 -0
package/dist/detectors/eip7702-auth-replay.d.ts +7 -0
package/dist/detectors/eip7702-auth-replay.js +768 -0
package/dist/detectors/eip7702-cross-chain-replay.d.ts +27 -0
package/dist/detectors/eip7702-cross-chain-replay.js +307 -0
package/dist/detectors/eip7702-delegated-eoa-approval-race.d.ts +39 -0
package/dist/detectors/eip7702-delegated-eoa-approval-race.js +413 -0
package/dist/detectors/eip7702-delegation-reentrancy.d.ts +21 -0
package/dist/detectors/eip7702-delegation-reentrancy.js +705 -0
package/dist/detectors/eip7702-delegation-risk.d.ts +7 -0
package/dist/detectors/eip7702-delegation-risk.js +745 -0
package/dist/detectors/eip7702-eoa-assumption.d.ts +57 -0
package/dist/detectors/eip7702-eoa-assumption.js +461 -0
package/dist/detectors/erc1155-batch-missing-per-id-approval.d.ts +23 -0
package/dist/detectors/erc1155-batch-missing-per-id-approval.js +343 -0
package/dist/detectors/erc1155-reentrancy.d.ts +31 -0
package/dist/detectors/erc1155-reentrancy.js +217 -0
package/dist/detectors/erc1271-stub-implementation.d.ts +21 -0
package/dist/detectors/erc1271-stub-implementation.js +268 -0
package/dist/detectors/erc20-safe-wrapper-return-unchecked.d.ts +43 -0
package/dist/detectors/erc20-safe-wrapper-return-unchecked.js +368 -0
package/dist/detectors/erc20-unchecked-non-standard-return.d.ts +55 -0
package/dist/detectors/erc20-unchecked-non-standard-return.js +454 -0
package/dist/detectors/erc2612-permit-frontrunning.d.ts +23 -0
package/dist/detectors/erc2612-permit-frontrunning.js +246 -0
package/dist/detectors/erc2771-context-spoofing.d.ts +41 -0
package/dist/detectors/erc2771-context-spoofing.js +510 -0
package/dist/detectors/erc4337-validation-storage-access.d.ts +35 -0
package/dist/detectors/erc4337-validation-storage-access.js +232 -0
package/dist/detectors/erc4626-totalassets-stub.d.ts +17 -0
package/dist/detectors/erc4626-totalassets-stub.js +216 -0
package/dist/detectors/erc6909-balance-overflow.d.ts +7 -0
package/dist/detectors/erc6909-balance-overflow.js +688 -0
package/dist/detectors/erc6909-operator-scope.d.ts +49 -0
package/dist/detectors/erc6909-operator-scope.js +494 -0
package/dist/detectors/erc721-unchecked-transfer.d.ts +38 -0
package/dist/detectors/erc721-unchecked-transfer.js +364 -0
package/dist/detectors/erc7579-module-install-without-threshold.d.ts +40 -0
package/dist/detectors/erc7579-module-install-without-threshold.js +338 -0
package/dist/detectors/erc7683-fill-validation.d.ts +53 -0
package/dist/detectors/erc7683-fill-validation.js +758 -0
package/dist/detectors/erc7683-intent-resolution.d.ts +7 -0
package/dist/detectors/erc7683-intent-resolution.js +457 -0
package/dist/detectors/erc777-callback-reentrancy.d.ts +8 -0
package/dist/detectors/erc777-callback-reentrancy.js +439 -0
package/dist/detectors/erc777-reentrancy.d.ts +7 -0
package/dist/detectors/erc777-reentrancy.js +488 -0
package/dist/detectors/erc777-tokens-to-send-reentrancy.d.ts +47 -0
package/dist/detectors/erc777-tokens-to-send-reentrancy.js +674 -0
package/dist/detectors/estuary-token-flaw.d.ts +16 -0
package/dist/detectors/estuary-token-flaw.js +547 -0
package/dist/detectors/euler-debt-token-manipulation.d.ts +32 -0
package/dist/detectors/euler-debt-token-manipulation.js +347 -0
package/dist/detectors/exploiting-a-vulnerability-in-curve-fina.d.ts +29 -0
package/dist/detectors/exploiting-a-vulnerability-in-curve-fina.js +210 -0
package/dist/detectors/fallback-delegatecall-reentrancy.d.ts +14 -0
package/dist/detectors/fallback-delegatecall-reentrancy.js +236 -0
package/dist/detectors/farm-business-logic-flaw-lack-of-access.d.ts +7 -0
package/dist/detectors/farm-business-logic-flaw-lack-of-access.js +665 -0
package/dist/detectors/fee-mechanism-exploitation.d.ts +20 -0
package/dist/detectors/fee-mechanism-exploitation.js +400 -0
package/dist/detectors/fee-on-transfer-balance-mismatch.d.ts +49 -0
package/dist/detectors/fee-on-transfer-balance-mismatch.js +394 -0
package/dist/detectors/fhe-encrypted-input-validation.d.ts +29 -0
package/dist/detectors/fhe-encrypted-input-validation.js +210 -0
package/dist/detectors/fhe-handle-leakage.d.ts +44 -0
package/dist/detectors/fhe-handle-leakage.js +315 -0
package/dist/detectors/fhe-oz-pattern-misuse.d.ts +26 -0
package/dist/detectors/fhe-oz-pattern-misuse.js +311 -0
package/dist/detectors/fhe-state-leakage.d.ts +8 -0
package/dist/detectors/fhe-state-leakage.js +400 -0
package/dist/detectors/fi-bridges.d.ts +33 -0
package/dist/detectors/fi-bridges.js +428 -0
package/dist/detectors/finance-access-control-price-oracle-man.d.ts +9 -0
package/dist/detectors/finance-access-control-price-oracle-man.js +640 -0
package/dist/detectors/finance-bridge-address0safetransferfrom.d.ts +8 -0
package/dist/detectors/finance-bridge-address0safetransferfrom.js +574 -0
package/dist/detectors/finance-business-logic-in-mint.d.ts +54 -0
package/dist/detectors/finance-business-logic-in-mint.js +687 -0
package/dist/detectors/finance-erc667-reentrancy.d.ts +7 -0
package/dist/detectors/finance-erc667-reentrancy.js +509 -0
package/dist/detectors/finance-flashloan-price-oracle-manipul.d.ts +7 -0
package/dist/detectors/finance-flashloan-price-oracle-manipul.js +546 -0
package/dist/detectors/finance-flashloan-reentrancy.d.ts +7 -0
package/dist/detectors/finance-flashloan-reentrancy.js +547 -0
package/dist/detectors/finance-swap-metapool-attack.d.ts +19 -0
package/dist/detectors/finance-swap-metapool-attack.js +321 -0
package/dist/detectors/flashloan-price-manipulation.d.ts +7 -0
package/dist/detectors/flashloan-price-manipulation.js +950 -0
package/dist/detectors/flashloan-reentrancy-rari.d.ts +28 -0
package/dist/detectors/flashloan-reentrancy-rari.js +577 -0
package/dist/detectors/flashloan-reentrancy.d.ts +7 -0
package/dist/detectors/flashloan-reentrancy.js +383 -0
package/dist/detectors/flashloan-token-migrate.d.ts +7 -0
package/dist/detectors/flashloan-token-migrate.js +274 -0
package/dist/detectors/force-fed-eth-state-corruption.d.ts +32 -0
package/dist/detectors/force-fed-eth-state-corruption.js +293 -0
package/dist/detectors/free-mint-bug.d.ts +41 -0
package/dist/detectors/free-mint-bug.js +483 -0
package/dist/detectors/front-running-orderbook-state-update.d.ts +37 -0
package/dist/detectors/front-running-orderbook-state-update.js +471 -0
package/dist/detectors/front-running-shared-collateral-write.d.ts +41 -0
package/dist/detectors/front-running-shared-collateral-write.js +508 -0
package/dist/detectors/fusion-v1-settlement-arbitrary-yul-calld.d.ts +30 -0
package/dist/detectors/fusion-v1-settlement-arbitrary-yul-calld.js +354 -0
package/dist/detectors/generalized-frontrunning.d.ts +7 -0
package/dist/detectors/generalized-frontrunning.js +836 -0
package/dist/detectors/governance-flash-loan.d.ts +62 -0
package/dist/detectors/governance-flash-loan.js +452 -0
package/dist/detectors/governance-flashloan-vote.d.ts +41 -0
package/dist/detectors/governance-flashloan-vote.js +272 -0
package/dist/detectors/halborn-security-report-aave-v3.d.ts +6 -0
package/dist/detectors/halborn-security-report-aave-v3.js +357 -0
package/dist/detectors/incorrect-access-control.d.ts +26 -0
package/dist/detectors/incorrect-access-control.js +328 -0
package/dist/detectors/incorrect-burn-accounting.d.ts +10 -0
package/dist/detectors/incorrect-burn-accounting.js +387 -0
package/dist/detectors/incorrect-dividends-calculation.d.ts +27 -0
package/dist/detectors/incorrect-dividends-calculation.js +524 -0
package/dist/detectors/incorrect-dividends.d.ts +27 -0
package/dist/detectors/incorrect-dividends.js +485 -0
package/dist/detectors/incorrect-input-validation.d.ts +23 -0
package/dist/detectors/incorrect-input-validation.js +312 -0
package/dist/detectors/incorrect-signature-verification.d.ts +26 -0
package/dist/detectors/incorrect-signature-verification.js +530 -0
package/dist/detectors/infinite-loop.d.ts +7 -0
package/dist/detectors/infinite-loop.js +440 -0
package/dist/detectors/infinite-number-of-loans.d.ts +13 -0
package/dist/detectors/infinite-number-of-loans.js +565 -0
package/dist/detectors/inheritance-override.d.ts +26 -0
package/dist/detectors/inheritance-override.js +320 -0
package/dist/detectors/initialization-access-control.d.ts +8 -0
package/dist/detectors/initialization-access-control.js +659 -0
package/dist/detectors/insecure-randomness.d.ts +73 -0
package/dist/detectors/insecure-randomness.js +610 -0
package/dist/detectors/insufficient-access-control-trusted-param.d.ts +39 -0
package/dist/detectors/insufficient-access-control-trusted-param.js +356 -0
package/dist/detectors/insufficient-dvn-threshold.d.ts +32 -0
package/dist/detectors/insufficient-dvn-threshold.js +585 -0
package/dist/detectors/integer-overflow-detector.d.ts +45 -0
package/dist/detectors/integer-overflow-detector.js +284 -0
package/dist/detectors/integer-overflow.d.ts +95 -0
package/dist/detectors/integer-overflow.js +344 -0
package/dist/detectors/integer-underflow.d.ts +7 -0
package/dist/detectors/integer-underflow.js +422 -0
package/dist/detectors/intent-settlement-balance-manipulation.d.ts +22 -0
package/dist/detectors/intent-settlement-balance-manipulation.js +548 -0
package/dist/detectors/l1-to-l2-message-reentrancy.d.ts +7 -0
package/dist/detectors/l1-to-l2-message-reentrancy.js +545 -0
package/dist/detectors/l2-withdrawal-validation.d.ts +8 -0
package/dist/detectors/l2-withdrawal-validation.js +303 -0
package/dist/detectors/lack-of-access-control.d.ts +7 -0
package/dist/detectors/lack-of-access-control.js +425 -0
package/dist/detectors/lack-of-calldata-validation.d.ts +16 -0
package/dist/detectors/lack-of-calldata-validation.js +914 -0
package/dist/detectors/lack-of-input-validation-reentrancy.d.ts +7 -0
package/dist/detectors/lack-of-input-validation-reentrancy.js +637 -0
package/dist/detectors/lack-of-slippage-control.d.ts +7 -0
package/dist/detectors/lack-of-slippage-control.js +513 -0
package/dist/detectors/lack-of-slippage-protection.d.ts +7 -0
package/dist/detectors/lack-of-slippage-protection.js +474 -0
package/dist/detectors/lack-of-validation-data.d.ts +23 -0
package/dist/detectors/lack-of-validation-data.js +391 -0
package/dist/detectors/lack-of-validation-pool.d.ts +7 -0
package/dist/detectors/lack-of-validation-pool.js +492 -0
package/dist/detectors/lack-of-validation-userdata.d.ts +7 -0
package/dist/detectors/lack-of-validation-userdata.js +583 -0
package/dist/detectors/lack-of-validation.d.ts +27 -0
package/dist/detectors/lack-of-validation.js +609 -0
package/dist/detectors/layerzero-dvn-quorum-missing.d.ts +22 -0
package/dist/detectors/layerzero-dvn-quorum-missing.js +464 -0
package/dist/detectors/layerzero-v2-unverified-origin.d.ts +40 -0
package/dist/detectors/layerzero-v2-unverified-origin.js +368 -0
package/dist/detectors/liquidation-accounting-desync.d.ts +14 -0
package/dist/detectors/liquidation-accounting-desync.js +145 -0
package/dist/detectors/liquidation-gain-manipulation.d.ts +42 -0
package/dist/detectors/liquidation-gain-manipulation.js +606 -0
package/dist/detectors/liquidation-price-rounding-advantage.d.ts +26 -0
package/dist/detectors/liquidation-price-rounding-advantage.js +283 -0
package/dist/detectors/liquidity-poisoning.d.ts +25 -0
package/dist/detectors/liquidity-poisoning.js +339 -0
package/dist/detectors/loans-malicious-proposal-price-oracle.d.ts +44 -0
package/dist/detectors/loans-malicious-proposal-price-oracle.js +813 -0
package/dist/detectors/logic-flaw.d.ts +186 -0
package/dist/detectors/logic-flaw.js +3356 -0
package/dist/detectors/manipulation-of-funds.d.ts +31 -0
package/dist/detectors/manipulation-of-funds.js +304 -0
package/dist/detectors/merkl-unsafe-claim-callback.d.ts +22 -0
package/dist/detectors/merkl-unsafe-claim-callback.js +94 -0
package/dist/detectors/mev-boost-timestamp.d.ts +7 -0
package/dist/detectors/mev-boost-timestamp.js +318 -0
package/dist/detectors/mev-merge-exploit.d.ts +29 -0
package/dist/detectors/mev-merge-exploit.js +397 -0
package/dist/detectors/mev-sandwich-vulnerability.d.ts +24 -0
package/dist/detectors/mev-sandwich-vulnerability.js +648 -0
package/dist/detectors/mev-slot-manipulation.d.ts +36 -0
package/dist/detectors/mev-slot-manipulation.js +691 -0
package/dist/detectors/mevbot-insufficient-validation.d.ts +48 -0
package/dist/detectors/mevbot-insufficient-validation.js +574 -0
package/dist/detectors/migration-rebalance-without-bound.d.ts +7 -0
package/dist/detectors/migration-rebalance-without-bound.js +514 -0
package/dist/detectors/mint-hardcoded-asset-parity.d.ts +31 -0
package/dist/detectors/mint-hardcoded-asset-parity.js +356 -0
package/dist/detectors/miscalculation-on-spendallowance.d.ts +7 -0
package/dist/detectors/miscalculation-on-spendallowance.js +188 -0
package/dist/detectors/misconfiguration.d.ts +27 -0
package/dist/detectors/misconfiguration.js +410 -0
package/dist/detectors/missing-access-control-caller-supplied-auth.d.ts +7 -0
package/dist/detectors/missing-access-control-caller-supplied-auth.js +550 -0
package/dist/detectors/missing-access-control-receiver-payout.d.ts +7 -0
package/dist/detectors/missing-access-control-receiver-payout.js +460 -0
package/dist/detectors/missing-access-control-role-or-transferfrom.d.ts +7 -0
package/dist/detectors/missing-access-control-role-or-transferfrom.js +663 -0
package/dist/detectors/missing-access-control.d.ts +19 -0
package/dist/detectors/missing-access-control.js +781 -0
package/dist/detectors/missing-sequencer-uptime-check.d.ts +30 -0
package/dist/detectors/missing-sequencer-uptime-check.js +348 -0
package/dist/detectors/missing-storage-gap.d.ts +19 -0
package/dist/detectors/missing-storage-gap.js +193 -0
package/dist/detectors/missing-swap-deadline-slippage.d.ts +31 -0
package/dist/detectors/missing-swap-deadline-slippage.js +231 -0
package/dist/detectors/missing-zk-proof-verification.d.ts +60 -0
package/dist/detectors/missing-zk-proof-verification.js +547 -0
package/dist/detectors/my-experience-with-yearn-finance.d.ts +7 -0
package/dist/detectors/my-experience-with-yearn-finance.js +552 -0
package/dist/detectors/network-bridge-ronin.d.ts +7 -0
package/dist/detectors/network-bridge-ronin.js +408 -0
package/dist/detectors/network-bridge.d.ts +7 -0
package/dist/detectors/network-bridge.js +444 -0
package/dist/detectors/network-underflow.d.ts +7 -0
package/dist/detectors/network-underflow.js +517 -0
package/dist/detectors/nft-denial-of-service.d.ts +7 -0
package/dist/detectors/nft-denial-of-service.js +223 -0
package/dist/detectors/nft-marketplace-order-reentrancy.d.ts +7 -0
package/dist/detectors/nft-marketplace-order-reentrancy.js +427 -0
package/dist/detectors/nft-token-standard-access-control.d.ts +7 -0
package/dist/detectors/nft-token-standard-access-control.js +455 -0
package/dist/detectors/oracle-manipulation-amm-spot-price.d.ts +42 -0
package/dist/detectors/oracle-manipulation-amm-spot-price.js +321 -0
package/dist/detectors/oracle-manipulation-liquidity-withdrawal.d.ts +27 -0
package/dist/detectors/oracle-manipulation-liquidity-withdrawal.js +192 -0
package/dist/detectors/oracle-manipulation.d.ts +90 -0
package/dist/detectors/oracle-manipulation.js +1023 -0
package/dist/detectors/oracle-vortex-manipulation.d.ts +30 -0
package/dist/detectors/oracle-vortex-manipulation.js +473 -0
package/dist/detectors/overpriced-asset-in-oracle.d.ts +41 -0
package/dist/detectors/overpriced-asset-in-oracle.js +420 -0
package/dist/detectors/oz-access-control-roles.d.ts +33 -0
package/dist/detectors/oz-access-control-roles.js +359 -0
package/dist/detectors/pair-manipulation-transfer-hook.d.ts +38 -0
package/dist/detectors/pair-manipulation-transfer-hook.js +366 -0
package/dist/detectors/parameter-access-control.d.ts +47 -0
package/dist/detectors/parameter-access-control.js +511 -0
package/dist/detectors/parameter-manipulation.d.ts +7 -0
package/dist/detectors/parameter-manipulation.js +505 -0
package/dist/detectors/parity-multisig-delegatecall.d.ts +7 -0
package/dist/detectors/parity-multisig-delegatecall.js +707 -0
package/dist/detectors/permissionless-claim-amm-spot-pricing.d.ts +7 -0
package/dist/detectors/permissionless-claim-amm-spot-pricing.js +351 -0
package/dist/detectors/permit-future-dated-deadline.d.ts +31 -0
package/dist/detectors/permit-future-dated-deadline.js +339 -0
package/dist/detectors/phishing-attack-bybit.d.ts +37 -0
package/dist/detectors/phishing-attack-bybit.js +513 -0
package/dist/detectors/post-insolvency-check.d.ts +7 -0
package/dist/detectors/post-insolvency-check.js +277 -0
package/dist/detectors/precision-loss-vulnerability.d.ts +7 -0
package/dist/detectors/precision-loss-vulnerability.js +472 -0
package/dist/detectors/precision-truncation.d.ts +8 -0
package/dist/detectors/precision-truncation.js +425 -0
package/dist/detectors/price-dependency-veth.d.ts +41 -0
package/dist/detectors/price-dependency-veth.js +588 -0
package/dist/detectors/price-feed-verification.d.ts +7 -0
package/dist/detectors/price-feed-verification.js +557 -0
package/dist/detectors/price-manipulation-reentrancy.d.ts +32 -0
package/dist/detectors/price-manipulation-reentrancy.js +445 -0
package/dist/detectors/price-manipulation-via-reentranc.d.ts +7 -0
package/dist/detectors/price-manipulation-via-reentranc.js +569 -0
package/dist/detectors/price-oracle-manipulation.d.ts +25 -0
package/dist/detectors/price-oracle-manipulation.js +530 -0
package/dist/detectors/project-instant-rewards-unlocked.d.ts +6 -0
package/dist/detectors/project-instant-rewards-unlocked.js +462 -0
package/dist/detectors/protocol-reentrancy.d.ts +7 -0
package/dist/detectors/protocol-reentrancy.js +457 -0
package/dist/detectors/proxy-init-race.d.ts +11 -0
package/dist/detectors/proxy-init-race.js +634 -0
package/dist/detectors/proxy-storage-slot-collision.d.ts +7 -0
package/dist/detectors/proxy-storage-slot-collision.js +135 -0
package/dist/detectors/public-internal-function.d.ts +39 -0
package/dist/detectors/public-internal-function.js +233 -0
package/dist/detectors/quote-silent-zero.d.ts +25 -0
package/dist/detectors/quote-silent-zero.js +156 -0
package/dist/detectors/readonly-reentrancy.d.ts +9 -0
package/dist/detectors/readonly-reentrancy.js +108 -0
package/dist/detectors/receipt-redemption-missing-validation.d.ts +31 -0
package/dist/detectors/receipt-redemption-missing-validation.js +453 -0
package/dist/detectors/reentrancy-balance.d.ts +36 -0
package/dist/detectors/reentrancy-balance.js +577 -0
package/dist/detectors/reentrancy-business-logic-game.d.ts +36 -0
package/dist/detectors/reentrancy-business-logic-game.js +616 -0
package/dist/detectors/reentrancy-on-sell-nft.d.ts +23 -0
package/dist/detectors/reentrancy-on-sell-nft.js +510 -0
package/dist/detectors/reflection-token-balance-desync.d.ts +28 -0
package/dist/detectors/reflection-token-balance-desync.js +246 -0
package/dist/detectors/registry-engine.d.ts +34 -0
package/dist/detectors/registry-engine.js +388 -0
package/dist/detectors/rollup-unvalidated-state-update.d.ts +35 -0
package/dist/detectors/rollup-unvalidated-state-update.js +286 -0
package/dist/detectors/s-horizon-bridge-private-key-compromis.d.ts +8 -0
package/dist/detectors/s-horizon-bridge-private-key-compromis.js +615 -0
package/dist/detectors/share-price-manipulation.d.ts +7 -0
package/dist/detectors/share-price-manipulation.js +653 -0
package/dist/detectors/signature-replay.d.ts +30 -0
package/dist/detectors/signature-replay.js +367 -0
package/dist/detectors/simpleswap-unverified-approval.d.ts +27 -0
package/dist/detectors/simpleswap-unverified-approval.js +198 -0
package/dist/detectors/single-spot-oracle-collateral-valuation.d.ts +22 -0
package/dist/detectors/single-spot-oracle-collateral-valuation.js +419 -0
package/dist/detectors/skim-token-balance.d.ts +7 -0
package/dist/detectors/skim-token-balance.js +788 -0
package/dist/detectors/sky-oft-governance-payload.d.ts +7 -0
package/dist/detectors/sky-oft-governance-payload.js +515 -0
package/dist/detectors/sky-oft-governance-truncation.d.ts +32 -0
package/dist/detectors/sky-oft-governance-truncation.js +377 -0
package/dist/detectors/solana-evm-bridge-truncation.d.ts +7 -0
package/dist/detectors/solana-evm-bridge-truncation.js +638 -0
package/dist/detectors/solhint-unchecked-low-level-call.d.ts +74 -0
package/dist/detectors/solhint-unchecked-low-level-call.js +463 -0
package/dist/detectors/stablecoin-pair-spot-oracle.d.ts +7 -0
package/dist/detectors/stablecoin-pair-spot-oracle.js +364 -0
package/dist/detectors/staked-rate-as-oracle.d.ts +44 -0
package/dist/detectors/staked-rate-as-oracle.js +497 -0
package/dist/detectors/stale-oracle.d.ts +63 -0
package/dist/detectors/stale-oracle.js +649 -0
package/dist/detectors/starkware-proof-validation-gap.d.ts +18 -0
package/dist/detectors/starkware-proof-validation-gap.js +629 -0
package/dist/detectors/steth-transfer-reentrancy.d.ts +8 -0
package/dist/detectors/steth-transfer-reentrancy.js +317 -0
package/dist/detectors/storage-collision-malicious-proposal.d.ts +27 -0
package/dist/detectors/storage-collision-malicious-proposal.js +386 -0
package/dist/detectors/timestamp-manipulation.d.ts +49 -0
package/dist/detectors/timestamp-manipulation.js +383 -0
package/dist/detectors/token-access-control.d.ts +7 -0
package/dist/detectors/token-access-control.js +544 -0
package/dist/detectors/token-incorrect-signature-verification.d.ts +23 -0
package/dist/detectors/token-incorrect-signature-verification.js +434 -0
package/dist/detectors/token-transfer-logic-flaw.d.ts +33 -0
package/dist/detectors/token-transfer-logic-flaw.js +267 -0
package/dist/detectors/transfer-double-debit-pool-recipient.d.ts +7 -0
package/dist/detectors/transfer-double-debit-pool-recipient.js +542 -0
package/dist/detectors/treasury-reentrancy.d.ts +7 -0
package/dist/detectors/treasury-reentrancy.js +442 -0
package/dist/detectors/tstore-poison.d.ts +32 -0
package/dist/detectors/tstore-poison.js +417 -0
package/dist/detectors/tstore-race-condition.d.ts +7 -0
package/dist/detectors/tstore-race-condition.js +632 -0
package/dist/detectors/types.d.ts +85 -0
package/dist/detectors/types.js +20 -0
package/dist/detectors/unauthorized-payer-transferfrom.d.ts +66 -0
package/dist/detectors/unauthorized-payer-transferfrom.js +339 -0
package/dist/detectors/unauthorized-transferfrom-shell.d.ts +7 -0
package/dist/detectors/unauthorized-transferfrom-shell.js +504 -0
package/dist/detectors/unauthorized-transferfrom.d.ts +16 -0
package/dist/detectors/unauthorized-transferfrom.js +838 -0
package/dist/detectors/unbound-zk-verifier-input.d.ts +7 -0
package/dist/detectors/unbound-zk-verifier-input.js +445 -0
package/dist/detectors/unbounded-share-price-collateral-oracle.d.ts +48 -0
package/dist/detectors/unbounded-share-price-collateral-oracle.js +566 -0
package/dist/detectors/uncapped-reward-emission.d.ts +7 -0
package/dist/detectors/uncapped-reward-emission.js +493 -0
package/dist/detectors/unchecked-call-forwarding.d.ts +31 -0
package/dist/detectors/unchecked-call-forwarding.js +330 -0
package/dist/detectors/unchecked-external-call-unconditional-state-mutation.d.ts +18 -0
package/dist/detectors/unchecked-external-call-unconditional-state-mutation.js +311 -0
package/dist/detectors/unchecked-external-call.d.ts +66 -0
package/dist/detectors/unchecked-external-call.js +389 -0
package/dist/detectors/unchecked-oft-return.d.ts +13 -0
package/dist/detectors/unchecked-oft-return.js +118 -0
package/dist/detectors/unguarded-governance-execution.d.ts +35 -0
package/dist/detectors/unguarded-governance-execution.js +422 -0
package/dist/detectors/unguarded-governance-executor.d.ts +35 -0
package/dist/detectors/unguarded-governance-executor.js +349 -0
package/dist/detectors/unindexed-event-address.d.ts +7 -0
package/dist/detectors/unindexed-event-address.js +268 -0
package/dist/detectors/uninitialized-implementation.d.ts +27 -0
package/dist/detectors/uninitialized-implementation.js +333 -0
package/dist/detectors/uninitialized-storage-pointer.d.ts +7 -0
package/dist/detectors/uninitialized-storage-pointer.js +110 -0
package/dist/detectors/uniswap-skim-token-balance-attack.d.ts +8 -0
package/dist/detectors/uniswap-skim-token-balance-attack.js +331 -0
package/dist/detectors/uniswap-v4-hook-state-manipulation.d.ts +7 -0
package/dist/detectors/uniswap-v4-hook-state-manipulation.js +296 -0
package/dist/detectors/unprotected-admin-or-fund-sink.d.ts +7 -0
package/dist/detectors/unprotected-admin-or-fund-sink.js +643 -0
package/dist/detectors/unprotected-dex-swap.d.ts +43 -0
package/dist/detectors/unprotected-dex-swap.js +334 -0
package/dist/detectors/unprotected-initializer.d.ts +7 -0
package/dist/detectors/unprotected-initializer.js +707 -0
package/dist/detectors/unprotected-pair-initializer.d.ts +22 -0
package/dist/detectors/unprotected-pair-initializer.js +359 -0
package/dist/detectors/unprotected-upgrade-function.d.ts +7 -0
package/dist/detectors/unprotected-upgrade-function.js +180 -0
package/dist/detectors/unreachable-code-0.8.28.d.ts +19 -0
package/dist/detectors/unreachable-code-0.8.28.js +206 -0
package/dist/detectors/unsafe-proxy-storage.d.ts +7 -0
package/dist/detectors/unsafe-proxy-storage.js +436 -0
package/dist/detectors/unsafe-transient-storage.d.ts +7 -0
package/dist/detectors/unsafe-transient-storage.js +1052 -0
package/dist/detectors/unsafe-tx-origin.d.ts +9 -0
package/dist/detectors/unsafe-tx-origin.js +179 -0
package/dist/detectors/unsigned-validity-window.d.ts +20 -0
package/dist/detectors/unsigned-validity-window.js +220 -0
package/dist/detectors/unvalidated-interface-address.d.ts +25 -0
package/dist/detectors/unvalidated-interface-address.js +377 -0
package/dist/detectors/uups-uninitialized-storage.d.ts +9 -0
package/dist/detectors/uups-uninitialized-storage.js +366 -0
package/dist/detectors/v2-error-k-value-attack.d.ts +33 -0
package/dist/detectors/v2-error-k-value-attack.js +276 -0
package/dist/detectors/v2-k-invariant-bypass.d.ts +33 -0
package/dist/detectors/v2-k-invariant-bypass.js +283 -0
package/dist/detectors/v4-hook-reentrancy.d.ts +9 -0
package/dist/detectors/v4-hook-reentrancy.js +488 -0
package/dist/detectors/vault-inflation-rounding.d.ts +23 -0
package/dist/detectors/vault-inflation-rounding.js +477 -0
package/dist/detectors/vault-share-price-manipulation.d.ts +7 -0
package/dist/detectors/vault-share-price-manipulation.js +332 -0
package/dist/detectors/vortex-interaction-guard.d.ts +45 -0
package/dist/detectors/vortex-interaction-guard.js +275 -0
package/dist/detectors/vortex-protocol-reentrancy-guard.d.ts +27 -0
package/dist/detectors/vortex-protocol-reentrancy-guard.js +408 -0
package/dist/detectors/vulnerable-price-dependency.d.ts +41 -0
package/dist/detectors/vulnerable-price-dependency.js +473 -0
package/dist/detectors/weak-random-mint.d.ts +37 -0
package/dist/detectors/weak-random-mint.js +271 -0
package/dist/detectors/withdraw-be-to-withdraw.d.ts +26 -0
package/dist/detectors/withdraw-be-to-withdraw.js +329 -0
package/dist/detectors/wrong-function-visibility.d.ts +29 -0
package/dist/detectors/wrong-function-visibility.js +147 -0
package/dist/detectors/wrong-price-calculation.d.ts +42 -0
package/dist/detectors/wrong-price-calculation.js +387 -0
package/dist/detectors/yearn-vault-v2-share-price-manipulation.d.ts +32 -0
package/dist/detectors/yearn-vault-v2-share-price-manipulation.js +248 -0
package/dist/detectors/zero-fee.d.ts +7 -0
package/dist/detectors/zero-fee.js +596 -0
package/dist/detectors/zetachain-gateway-hack-analysis.d.ts +7 -0
package/dist/detectors/zetachain-gateway-hack-analysis.js +629 -0
package/dist/detectors/zk-rollup-da-gap.d.ts +8 -0
package/dist/detectors/zk-rollup-da-gap.js +322 -0
package/dist/detectors/zksync-batch-validation.d.ts +8 -0
package/dist/detectors/zksync-batch-validation.js +461 -0
package/dist/detectors/zksync-era-rollup-state-update.d.ts +60 -0
package/dist/detectors/zksync-era-rollup-state-update.js +360 -0
package/dist/detectors/zksync-simulation-drift.d.ts +35 -0
package/dist/detectors/zksync-simulation-drift.js +309 -0
package/dist/exit-codes.d.ts +15 -0
package/dist/exit-codes.js +18 -0
package/dist/formatters/github-actions.d.ts +2 -0
package/dist/formatters/github-actions.js +61 -0
package/dist/formatters/sarif.d.ts +24 -0
package/dist/formatters/sarif.js +670 -0
package/dist/formatters/text.d.ts +14 -0
package/dist/formatters/text.js +152 -0
package/dist/fp-rates.json +70 -0
package/dist/identity/diff-baseline.d.ts +16 -0
package/dist/identity/diff-baseline.js +152 -0
package/dist/identity/hashing.d.ts +39 -0
package/dist/identity/hashing.js +96 -0
package/dist/index.d.ts +174 -0
package/dist/index.js +358 -0
package/dist/parallel-scan.d.ts +66 -0
package/dist/parallel-scan.js +227 -0
package/dist/registry.d.ts +17 -0
package/dist/registry.js +118 -0
package/dist/rules/glob.d.ts +5 -0
package/dist/rules/glob.js +76 -0
package/dist/rules/suppressions.d.ts +23 -0
package/dist/rules/suppressions.js +136 -0
package/dist/rules/tiers.d.ts +23 -0
package/dist/rules/tiers.js +341 -0
package/dist/scan-worker.d.ts +1 -0
package/dist/scan-worker.js +61 -0
package/dist/scan.d.ts +24 -0
package/dist/scan.js +558 -0
package/dist/semantic/contracts.d.ts +10 -0
package/dist/semantic/contracts.js +141 -0
package/dist/semantic/diagnostics.d.ts +29 -0
package/dist/semantic/diagnostics.js +25 -0
package/dist/semantic/eog.d.ts +56 -0
package/dist/semantic/eog.js +545 -0
package/dist/semantic/imports.d.ts +88 -0
package/dist/semantic/imports.js +246 -0
package/dist/semantic/index.d.ts +2 -0
package/dist/semantic/index.js +8 -0
package/dist/semantic/inheritance.d.ts +33 -0
package/dist/semantic/inheritance.js +137 -0
package/dist/semantic/model.d.ts +95 -0
package/dist/semantic/model.js +232 -0
package/dist/semantic/taint-tracker.d.ts +49 -0
package/dist/semantic/taint-tracker.js +410 -0
package/dist/semantic/types.d.ts +119 -0
package/dist/semantic/types.js +18 -0
package/dist/severity.d.ts +10 -0
package/dist/severity.js +78 -0
package/package.json +52 -0

package/dist/detectors/skim-token-balance.js ADDED Viewed

@@ -0,0 +1,788 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SkimTokenBalanceDetector = void 0;
+const access_control_1 = require("./_common/access-control");
+const RULE_ID = 'skim-token-balance';
+const PAT_USE_SITE = `${RULE_ID}/use-site`;
+const PAT_PAIR_SIDE = `${RULE_ID}/pair-side`;
+const PAT_UNRECONCILED_SELF_BALANCE = `${RULE_ID}/unreconciled-self-balance-payout`;
+const SOURCE = 'x-2023-08-24-gss-skim-token-balance';
+const ACCESS_CONTROL_MODIFIERS = new Set([
+    'onlyowner', 'onlyowners', 'onlyrole', 'onlyadmin', 'onlyauthorized',
+    'authorized', 'auth', 'onlyoperator', 'onlyoperators', 'onlygovernance',
+    'onlygovernor', 'onlyguardian', 'onlymanager', 'onlytrusted',
+    'onlytimelock', 'onlydeployer', 'onlykeeper',
+]);
+const REENTRANCY_GUARD_MODIFIERS = new Set([
+    'nonreentrant', 'noreentrant', 'noreentry', 'reentrancyguard',
+    'lock', 'locked', 'mutex',
+]);
+class SkimTokenBalanceDetector {
+    id = RULE_ID;
+    patternKey = RULE_ID;
+    supportedAstKinds = ['parser', 'solc'];
+    scanAst(ast, file, sourceText) {
+        if (!ast || typeof ast !== 'object')
+            return [];
+        if (Object.keys(ast).length === 0)
+            return [];
+        const findings = [];
+        const lineOffsets = buildLineOffsets(sourceText);
+        const contracts = collectContracts(ast);
+        const hasInSourceDeflationaryToken = contracts.some(contract => !isInterfaceLike(contract) && contractHasPairConditionalTransfer(contract));
+        for (const contract of contracts) {
+            if (isInterfaceLike(contract))
+                continue;
+            const contractName = getName(contract) || '<anonymous>';
+            for (const fn of getContractFunctions(contract)) {
+                if (!isExternallyReachable(fn))
+                    continue;
+                const body = getFunctionBody(fn);
+                if (!body)
+                    continue;
+                const fnName = getName(fn) || '';
+                if (!fnName)
+                    continue;
+                let hit = findUseSiteSkim(body);
+                if (!hit && !hasAccessControlGuard(fn, body) && !hasReentrancyGuard(fn)) {
+                    hit = findUnreconciledSelfBalancePayout(body, contract);
+                }
+                if (!hit && hasInSourceDeflationaryToken) {
+                    if (!hasAccessControlGuard(fn) && !hasReentrancyGuard(fn)) {
+                        hit = findPairSideSkim(body, contract);
+                    }
+                }
+                if (!hit)
+                    continue;
+                const loc = getLoc(hit.node, lineOffsets) || getLoc(fn, lineOffsets) || { line: 0, column: 0 };
+                findings.push({
+                    file,
+                    contract: contractName,
+                    'function': fnName,
+                    line: loc.line,
+                    endLine: loc.line,
+                    column: loc.column,
+                    pattern: hit.pattern,
+                    confidence: 'high',
+                    ruleId: RULE_ID,
+                    severity: hit.pattern === PAT_UNRECONCILED_SELF_BALANCE ? 'high' : 'error',
+                    message: messageFor(hit.pattern, contractName, fnName),
+                    rationale: rationaleFor(hit.pattern),
+                    suggestedFix: remediationFor(hit.pattern),
+                    contractName,
+                    functionName: fnName,
+                    sourceLocation: { line: loc.line, column: loc.column },
+                    findingId: '',
+                    contractHash: '',
+                    source: SOURCE,
+                    provenance: SOURCE,
+                });
+            }
+        }
+        return findings;
+    }
+}
+exports.SkimTokenBalanceDetector = SkimTokenBalanceDetector;
+function messageFor(pattern, contractName, fnName) {
+    if (pattern === PAT_UNRECONCILED_SELF_BALANCE) {
+        return `Function '${contractName}.${fnName}' pays a caller-benefiting sink from the contract's full live self-balance without reserve reconciliation or a guard.`;
+    }
+    if (pattern === PAT_USE_SITE) {
+        return `Function '${contractName}.${fnName}' transfers tokens to a pair and then calls 'skim' on that same pair, matching the gss balance-excess extraction shape.`;
+    }
+    return `Function '${contractName}.${fnName}' computes a skimmable amount from a pair's token balance and transfers it out, while a co-located token contract drifts the pair's balance on transfers — the gss skim-token-balance vulnerability shape.`;
+}
+function rationaleFor(pattern) {
+    if (pattern === PAT_UNRECONCILED_SELF_BALANCE) {
+        return 'The function reads `balanceOf(address(this))` or `address(this).balance` and uses the unreconciled whole balance as the amount for a payout or mint to the caller. Attackers can inflate live balance with donations or flash-loan top-ups and skim value that is not backed by tracked reserves.';
+    }
+    if (pattern === PAT_USE_SITE) {
+        return 'Reproduces the gss attack use-site: the contract pushes tokens into a pair to inflate the pair-held balance above the recorded reserve, then calls `skim` to harvest the excess to an attacker-controlled recipient.';
+    }
+    return 'Pair-side `skim` releases `balanceOf(pair) - reserve` without re-syncing the reserve before the transfer. When the paired token applies a tax or burn on transfers to the pair (deflationary on-pair-transfer), the pair accumulates a recoverable excess that any caller can drain with `skim` and a follow-up `sync`.';
+}
+function remediationFor(pattern) {
+    if (pattern === PAT_UNRECONCILED_SELF_BALANCE) {
+        return 'Pay only a reconciled reserve delta such as `balanceOf(address(this)) - reserve`, update accounting before value leaves, or restrict emergency skim paths with access control and reentrancy protection.';
+    }
+    if (pattern === PAT_USE_SITE) {
+        return 'Treat any flow that pushes tokens into a pair and then calls `skim`/`sync` on that pair as an attack signature; do not exposed it from a permissionless entry point.';
+    }
+    return 'Update the reserve to match the post-transfer balance before performing the token transfer (CEI), and gate `skim` behind an access-controlled rescue or a reentrancy-guarded sync, so a deflationary token cannot be drained by a permissionless skim.';
+}
+function findUseSiteSkim(body) {
+    const transferTargets = new Set();
+    let foundNode = null;
+    function visit(node) {
+        if (foundNode)
+            return;
+        if (!node || typeof node !== 'object')
+            return;
+        if (isFunctionCall(node)) {
+            const callee = unwrapCallOptions(getCallee(node));
+            if (isMemberAccess(callee)) {
+                const memberName = String(callee.memberName || '');
+                const args = getCallArguments(node);
+                if (memberName === 'transfer' && args.length >= 2) {
+                    const destName = identifierName(unwrapAddressCast(args[0]));
+                    if (destName)
+                        transferTargets.add(destName);
+                }
+                else if (memberName === 'skim' && args.length >= 1) {
+                    const baseExpr = getMemberAccessBase(callee);
+                    const recvName = identifierName(baseExpr) || identifierName(unwrapInterfaceCast(baseExpr));
+                    if (recvName && transferTargets.has(recvName)) {
+                        foundNode = node;
+                        return;
+                    }
+                }
+            }
+        }
+        for (const child of childrenOf(node))
+            visit(child);
+    }
+    visit(body);
+    return foundNode ? { node: foundNode, pattern: PAT_USE_SITE } : null;
+}
+function findUnreconciledSelfBalancePayout(body, contract) {
+    const stateVars = collectStateVariableNames(contract);
+    const selfAliases = new Set();
+    const balanceVars = new Set();
+    const safeDeltaVars = new Set();
+    let foundNode = null;
+    function visit(node) {
+        if (foundNode)
+            return;
+        if (!node || typeof node !== 'object')
+            return;
+        if (isNode(node, 'VariableDeclarationStatement')) {
+            const varNames = getVariableDeclarationNames(node);
+            const initialValue = node.initialValue ?? node.expression ?? null;
+            if (initialValue && varNames.length > 0) {
+                if (isSelfAddressExpression(initialValue, selfAliases)) {
+                    for (const name of varNames)
+                        selfAliases.add(name);
+                }
+                else if (isUnreconciledSelfBalanceAmount(initialValue, balanceVars, selfAliases)) {
+                    for (const name of varNames)
+                        balanceVars.add(name);
+                }
+                else if (isReserveReconciledAmount(initialValue, balanceVars, selfAliases, stateVars)) {
+                    for (const name of varNames)
+                        safeDeltaVars.add(name);
+                }
+            }
+        }
+        else if (isNode(node, 'Assignment')) {
+            const left = node.leftHandSide ?? node.left;
+            const right = node.rightHandSide ?? node.right;
+            const name = identifierName(left);
+            if (name && right) {
+                if (isSelfAddressExpression(right, selfAliases)) {
+                    selfAliases.add(name);
+                }
+                else if (isUnreconciledSelfBalanceAmount(right, balanceVars, selfAliases)) {
+                    balanceVars.add(name);
+                    safeDeltaVars.delete(name);
+                }
+                else if (isReserveReconciledAmount(right, balanceVars, selfAliases, stateVars)) {
+                    safeDeltaVars.add(name);
+                    balanceVars.delete(name);
+                }
+            }
+        }
+        if (isUserBenefitingPayoutCall(node, balanceVars, safeDeltaVars, selfAliases, stateVars)) {
+            foundNode = node;
+            return;
+        }
+        for (const child of childrenOf(node))
+            visit(child);
+    }
+    visit(body);
+    return foundNode ? { node: foundNode, pattern: PAT_UNRECONCILED_SELF_BALANCE } : null;
+}
+function getVariableDeclarationNames(node) {
+    const out = [];
+    for (const variable of node?.variables || []) {
+        const name = String(variable?.name || variable?.identifier?.name || '');
+        if (name)
+            out.push(name);
+    }
+    if (node?.declarations) {
+        for (const variable of node.declarations) {
+            const name = String(variable?.name || variable?.identifier?.name || '');
+            if (name)
+                out.push(name);
+        }
+    }
+    return out;
+}
+function isUserBenefitingPayoutCall(node, balanceVars, safeDeltaVars, selfAliases, stateVars) {
+    if (!isFunctionCall(node))
+        return false;
+    const callee = unwrapCallOptions(getCallee(node));
+    const args = getCallArguments(node);
+    if (isMemberAccess(callee)) {
+        const member = String(callee.memberName || '');
+        if ((member === 'transfer' || member === 'safeTransfer') && args.length >= 2) {
+            return isCallerBeneficiary(args[0]) &&
+                isDangerousPayoutAmount(args[1], balanceVars, safeDeltaVars, selfAliases, stateVars);
+        }
+        if ((member === 'transfer' || member === 'send') && args.length >= 1) {
+            return isCallerBeneficiary(getMemberAccessBase(callee)) &&
+                isDangerousPayoutAmount(args[0], balanceVars, safeDeltaVars, selfAliases, stateVars);
+        }
+    }
+    const name = getCallName(callee).toLowerCase();
+    if ((name === '_mint' || name === 'mint') && args.length >= 2) {
+        return isCallerBeneficiary(args[0]) &&
+            isDangerousPayoutAmount(args[1], balanceVars, safeDeltaVars, selfAliases, stateVars);
+    }
+    return false;
+}
+function isDangerousPayoutAmount(expr, balanceVars, safeDeltaVars, selfAliases, stateVars) {
+    if (!expr)
+        return false;
+    const name = identifierName(expr);
+    if (name && safeDeltaVars.has(name))
+        return false;
+    if (isReserveReconciledAmount(expr, balanceVars, selfAliases, stateVars))
+        return false;
+    return isUnreconciledSelfBalanceAmount(expr, balanceVars, selfAliases);
+}
+function isUnreconciledSelfBalanceAmount(expr, balanceVars, selfAliases) {
+    if (!expr || typeof expr !== 'object')
+        return false;
+    const name = identifierName(expr);
+    if (name && balanceVars.has(name))
+        return true;
+    if (isSelfBalanceExpression(expr, selfAliases))
+        return true;
+    return false;
+}
+function isReserveReconciledAmount(expr, balanceVars, selfAliases, stateVars) {
+    if (!isNode(expr, 'BinaryOperation') || String(expr.operator || '') !== '-')
+        return false;
+    const left = getBinLeft(expr);
+    const right = getBinRight(expr);
+    if (!isUnreconciledSelfBalanceAmount(left, balanceVars, selfAliases))
+        return false;
+    return expressionReferencesStateVariable(right, stateVars);
+}
+function expressionReferencesStateVariable(expr, stateVars) {
+    if (!expr || typeof expr !== 'object')
+        return false;
+    const name = identifierName(expr) || rootIdentifierName(expr);
+    if (name && stateVars.has(name))
+        return true;
+    return walkAny(expr, node => {
+        const innerName = identifierName(node) || rootIdentifierName(node);
+        return !!innerName && stateVars.has(innerName);
+    });
+}
+function isSelfBalanceExpression(expr, selfAliases) {
+    if (isBalanceOfSelfCall(expr, selfAliases))
+        return true;
+    if (!isMemberAccess(expr))
+        return false;
+    if (String(expr.memberName || '') !== 'balance')
+        return false;
+    return isSelfAddressExpression(getMemberAccessBase(expr), selfAliases);
+}
+function isBalanceOfSelfCall(node, selfAliases) {
+    if (!isBalanceOfCall(node))
+        return false;
+    const args = getCallArguments(node);
+    if (args.length < 1)
+        return false;
+    return isSelfAddressExpression(args[0], selfAliases);
+}
+function isSelfAddressExpression(expr, selfAliases) {
+    if (!expr)
+        return false;
+    if (isNode(expr, 'Identifier')) {
+        const name = String(expr.name || '');
+        return name === 'this' || selfAliases.has(name);
+    }
+    if (!isFunctionCall(expr))
+        return false;
+    const callee = getCallee(expr);
+    const args = getCallArguments(expr);
+    if (args.length !== 1)
+        return false;
+    return getCallName(callee).toLowerCase() === 'address' && isSelfAddressExpression(args[0], selfAliases);
+}
+function isCallerBeneficiary(expr) {
+    if (!expr)
+        return false;
+    if (isMsgSenderExpression(expr))
+        return true;
+    if (!isFunctionCall(expr))
+        return false;
+    const args = getCallArguments(expr);
+    if (args.length !== 1)
+        return false;
+    const calleeName = getCallName(getCallee(expr)).toLowerCase();
+    return (calleeName === 'payable' || calleeName === 'address') && isMsgSenderExpression(args[0]);
+}
+function isMsgSenderExpression(expr) {
+    if (!isMemberAccess(expr))
+        return false;
+    if (String(expr.memberName || '') !== 'sender')
+        return false;
+    const base = getMemberAccessBase(expr);
+    return isNode(base, 'Identifier') && String(base.name || '') === 'msg';
+}
+function getCallName(callee) {
+    if (!callee)
+        return '';
+    if (isNode(callee, 'Identifier'))
+        return String(callee.name || '');
+    if (isNode(callee, 'ElementaryTypeNameExpression')) {
+        const tn = callee.typeName;
+        if (typeof tn === 'string')
+            return tn;
+        return String(tn?.name || tn?.typeDescriptions?.typeString || '');
+    }
+    if (isNode(callee, 'UserDefinedTypeName'))
+        return String(callee.namePath || callee.name || '');
+    if (isMemberAccess(callee))
+        return String(callee.memberName || '');
+    return '';
+}
+function findPairSideSkim(body, contract) {
+    const stateVars = collectStateVariableNames(contract);
+    let sawBalanceOf = false;
+    let sawStateAssignmentBeforeTransfer = false;
+    let transferCallNode = null;
+    function visit(node) {
+        if (transferCallNode)
+            return;
+        if (!node || typeof node !== 'object')
+            return;
+        if (isBalanceOfCall(node)) {
+            sawBalanceOf = true;
+        }
+        if (isAssignmentToStateVariable(node, stateVars)) {
+            sawStateAssignmentBeforeTransfer = true;
+        }
+        if (isExternalTransferCall(node)) {
+            transferCallNode = node;
+            return;
+        }
+        for (const child of childrenOf(node))
+            visit(child);
+    }
+    visit(body);
+    if (!transferCallNode)
+        return null;
+    if (!sawBalanceOf)
+        return null;
+    if (sawStateAssignmentBeforeTransfer)
+        return null;
+    return { node: transferCallNode, pattern: PAT_PAIR_SIDE };
+}
+function contractHasPairConditionalTransfer(contract) {
+    const stateVarNames = collectStateVariableNames(contract);
+    if (stateVarNames.size === 0)
+        return false;
+    for (const fn of getContractFunctions(contract)) {
+        if (!isExternallyReachable(fn))
+            continue;
+        if (getName(fn) !== 'transfer')
+            continue;
+        const params = getParameters(fn);
+        const addressParamNames = new Set(params.filter(isAddressParameter).map(p => String(p.name || '')).filter(Boolean));
+        if (addressParamNames.size === 0)
+            continue;
+        const body = getFunctionBody(fn);
+        if (!body)
+            continue;
+        if (bodyHasPairEqualityCheck(body, addressParamNames, stateVarNames))
+            return true;
+    }
+    return false;
+}
+function bodyHasPairEqualityCheck(body, addressParams, stateVars) {
+    return walkAny(body, node => {
+        if (!isNode(node, 'BinaryOperation'))
+            return false;
+        const op = String(node.operator || '');
+        if (op !== '==' && op !== '!=')
+            return false;
+        const left = getBinLeft(node);
+        const right = getBinRight(node);
+        return paramVsState(left, right, addressParams, stateVars) ||
+            paramVsState(right, left, addressParams, stateVars);
+    });
+}
+function paramVsState(maybeParam, maybeState, addressParams, stateVars) {
+    if (!isNode(maybeParam, 'Identifier'))
+        return false;
+    if (!addressParams.has(String(maybeParam.name || '')))
+        return false;
+    if (!isNode(maybeState, 'Identifier'))
+        return false;
+    return stateVars.has(String(maybeState.name || ''));
+}
+function isAssignmentToStateVariable(node, stateVars) {
+    if (!node || typeof node !== 'object')
+        return false;
+    let left;
+    if (isNode(node, 'Assignment')) {
+        left = node.leftHandSide ?? node.left;
+    }
+    else if (isNode(node, 'BinaryOperation')) {
+        const op = String(node.operator || '');
+        if (!isAssignmentOperator(op))
+            return false;
+        left = node.left;
+    }
+    else {
+        return false;
+    }
+    if (!left)
+        return false;
+    if (isNode(left, 'Identifier'))
+        return stateVars.has(String(left.name || ''));
+    const root = rootIdentifierName(left);
+    return root ? stateVars.has(root) : false;
+}
+function isAssignmentOperator(op) {
+    return op === '=' || op === '+=' || op === '-=' || op === '*=' || op === '/=' ||
+        op === '%=' || op === '|=' || op === '&=' || op === '^=' || op === '<<=' || op === '>>=';
+}
+function rootIdentifierName(node) {
+    let cur = node;
+    while (cur && typeof cur === 'object') {
+        if (isNode(cur, 'Identifier'))
+            return String(cur.name || '');
+        if (isNode(cur, 'IndexAccess')) {
+            cur = cur.base ?? cur.baseExpression;
+            continue;
+        }
+        if (isNode(cur, 'MemberAccess')) {
+            cur = cur.expression;
+            continue;
+        }
+        return '';
+    }
+    return '';
+}
+function isBalanceOfCall(node) {
+    if (!isFunctionCall(node))
+        return false;
+    const callee = unwrapCallOptions(getCallee(node));
+    if (!isMemberAccess(callee))
+        return false;
+    return String(callee.memberName || '') === 'balanceOf';
+}
+function isExternalTransferCall(node) {
+    if (!isFunctionCall(node))
+        return false;
+    const callee = unwrapCallOptions(getCallee(node));
+    if (!isMemberAccess(callee))
+        return false;
+    const member = String(callee.memberName || '');
+    if (member !== 'transfer' && member !== 'transferFrom' && member !== 'safeTransfer')
+        return false;
+    const args = getCallArguments(node);
+    return args.length >= 2;
+}
+function unwrapAddressCast(expr) {
+    if (!isFunctionCall(expr))
+        return expr;
+    const callee = getCallee(expr);
+    const args = getCallArguments(expr);
+    if (args.length !== 1)
+        return expr;
+    if (isNode(callee, 'ElementaryTypeNameExpression')) {
+        const tn = callee.typeName;
+        const isAddress = (tn?.name === 'address') ||
+            (tn?.typeDescriptions?.typeString === 'address') ||
+            (typeof tn === 'string' && tn === 'address');
+        if (isAddress)
+            return args[0];
+    }
+    if (isNode(callee, 'Identifier') && String(callee.name || '') === 'address') {
+        return args[0];
+    }
+    return expr;
+}
+function unwrapInterfaceCast(expr) {
+    if (!isFunctionCall(expr))
+        return expr;
+    const callee = getCallee(expr);
+    const args = getCallArguments(expr);
+    if (args.length !== 1)
+        return expr;
+    if (!isNode(args[0], 'Identifier'))
+        return expr;
+    if (isNode(callee, 'Identifier') || isNode(callee, 'UserDefinedTypeName')) {
+        return args[0];
+    }
+    return expr;
+}
+function identifierName(node) {
+    if (!node)
+        return '';
+    if (isNode(node, 'Identifier'))
+        return String(node.name || '');
+    return '';
+}
+function isFunctionCall(node) {
+    return isNode(node, 'FunctionCall');
+}
+function isMemberAccess(node) {
+    return isNode(node, 'MemberAccess');
+}
+function getCallee(node) {
+    return node?.expression ?? null;
+}
+function getMemberAccessBase(node) {
+    if (!isMemberAccess(node))
+        return null;
+    return node.expression ?? null;
+}
+function getCallArguments(call) {
+    if (Array.isArray(call?.arguments))
+        return call.arguments;
+    if (Array.isArray(call?.args))
+        return call.args;
+    return [];
+}
+function unwrapCallOptions(expr) {
+    let cur = expr;
+    while (cur && (isNode(cur, 'NameValueExpression') || isNode(cur, 'FunctionCallOptions'))) {
+        cur = cur.expression;
+    }
+    return cur;
+}
+function getBinLeft(node) {
+    return node.left ?? node.leftExpression ?? node.leftHandSide ?? null;
+}
+function getBinRight(node) {
+    return node.right ?? node.rightExpression ?? node.rightHandSide ?? null;
+}
+function hasAccessControlGuard(fn, body) {
+    if ((0, access_control_1.hasRecognisedAccessControlModifier)(fn))
+        return true;
+    for (const m of fn?.modifiers || []) {
+        const name = getModifierName(m).toLowerCase();
+        if (name && ACCESS_CONTROL_MODIFIERS.has(name))
+            return true;
+    }
+    if (body && bodyHasAccessControlRequire(body))
+        return true;
+    return false;
+}
+function bodyHasAccessControlRequire(body) {
+    return walkAny(body, node => {
+        if (!isFunctionCall(node))
+            return false;
+        const calleeName = getCallName(getCallee(node)).toLowerCase();
+        if (calleeName !== 'require' && calleeName !== 'assert')
+            return false;
+        const args = getCallArguments(node);
+        if (args.length === 0)
+            return false;
+        return (0, access_control_1.requireExpressesAccessControl)(args[0], name => (0, access_control_1.isPrivilegedIdentifier)(name));
+    });
+}
+function hasReentrancyGuard(fn) {
+    for (const m of fn?.modifiers || []) {
+        const name = getModifierName(m).toLowerCase();
+        if (!name)
+            continue;
+        if (REENTRANCY_GUARD_MODIFIERS.has(name))
+            return true;
+    }
+    return false;
+}
+function getModifierName(modifier) {
+    if (!modifier)
+        return '';
+    if (typeof modifier === 'string')
+        return modifier;
+    if (typeof modifier.name === 'string')
+        return modifier.name;
+    if (modifier.name && typeof modifier.name === 'object') {
+        if (typeof modifier.name.name === 'string')
+            return modifier.name.name;
+        if (typeof modifier.name.namePath === 'string')
+            return modifier.name.namePath;
+    }
+    if (modifier.modifierName) {
+        const inner = modifier.modifierName;
+        if (typeof inner === 'string')
+            return inner;
+        if (inner && typeof inner.name === 'string')
+            return inner.name;
+    }
+    return '';
+}
+function collectStateVariableNames(contract) {
+    const out = new Set();
+    for (const member of getContractMembers(contract)) {
+        if (isNode(member, 'StateVariableDeclaration')) {
+            for (const variable of member.variables || []) {
+                if (variable?.name)
+                    out.add(String(variable.name));
+            }
+        }
+        else if (isNode(member, 'VariableDeclaration') && member.stateVariable === true) {
+            if (member.name)
+                out.add(String(member.name));
+        }
+    }
+    return out;
+}
+function isAddressParameter(param) {
+    const typeName = param?.typeName;
+    if (!typeName) {
+        const typeString = String(param?.typeDescriptions?.typeString || '');
+        return /^address\b/.test(typeString);
+    }
+    if (typeof typeName === 'string')
+        return typeName === 'address';
+    if (typeName.type === 'ElementaryTypeName' && typeName.name === 'address')
+        return true;
+    if (typeName.nodeType === 'ElementaryTypeName' && typeName.name === 'address')
+        return true;
+    if (typeName.typeDescriptions?.typeString === 'address')
+        return true;
+    return false;
+}
+function isExternallyReachable(fn) {
+    if (!fn)
+        return false;
+    if (fn.isConstructor === true)
+        return false;
+    const kind = String(fn.kind || '').toLowerCase();
+    if (kind === 'constructor')
+        return false;
+    const visibility = String(fn.visibility || '').toLowerCase();
+    if (visibility === 'public' || visibility === 'external')
+        return true;
+    if (kind === 'fallback' || kind === 'receive')
+        return true;
+    return false;
+}
+function isInterfaceLike(contract) {
+    const kind = String(contract?.kind || contract?.contractKind || '').toLowerCase();
+    return kind === 'interface' || kind === 'library';
+}
+function getFunctionBody(fn) {
+    return fn?.body || null;
+}
+function getName(node) {
+    return typeof node?.name === 'string' ? node.name : '';
+}
+function getParameters(fn) {
+    if (Array.isArray(fn?.parameters))
+        return fn.parameters;
+    if (Array.isArray(fn?.parameters?.parameters))
+        return fn.parameters.parameters;
+    return [];
+}
+function getContractFunctions(contract) {
+    return getContractMembers(contract).filter(node => isNode(node, 'FunctionDefinition'));
+}
+function getContractMembers(contract) {
+    if (!contract || typeof contract !== 'object')
+        return [];
+    if (Array.isArray(contract.subNodes))
+        return contract.subNodes;
+    if (Array.isArray(contract.nodes))
+        return contract.nodes;
+    return [];
+}
+function collectContracts(ast) {
+    const out = [];
+    walkContracts(ast, out);
+    return out;
+}
+function walkContracts(node, out) {
+    if (!node || typeof node !== 'object')
+        return;
+    if (isNode(node, 'ContractDefinition')) {
+        out.push(node);
+        return;
+    }
+    for (const child of childrenOf(node))
+        walkContracts(child, out);
+}
+function walkAny(node, predicate) {
+    if (!node || typeof node !== 'object')
+        return false;
+    if (predicate(node))
+        return true;
+    for (const child of childrenOf(node)) {
+        if (walkAny(child, predicate))
+            return true;
+    }
+    return false;
+}
+function childrenOf(node) {
+    if (!node || typeof node !== 'object')
+        return [];
+    const out = [];
+    for (const [key, value] of Object.entries(node)) {
+        if (key === 'loc' || key === 'src' || key === 'range' || key === 'typeDescriptions' ||
+            key === 'id' || key === 'scope')
+            continue;
+        if (Array.isArray(value)) {
+            for (const item of value)
+                if (item && typeof item === 'object')
+                    out.push(item);
+        }
+        else if (value && typeof value === 'object') {
+            out.push(value);
+        }
+    }
+    return out;
+}
+function isNode(node, kind) {
+    return node?.type === kind || node?.nodeType === kind;
+}
+function buildLineOffsets(sourceText) {
+    if (sourceText === undefined)
+        return undefined;
+    const offsets = [0];
+    let byteOffset = 0;
+    for (const ch of sourceText) {
+        byteOffset += Buffer.byteLength(ch, 'utf8');
+        if (ch === '\n')
+            offsets.push(byteOffset);
+    }
+    return offsets;
+}
+function getLoc(node, lineOffsets) {
+    if (node?.loc?.start) {
+        return { line: node.loc.start.line || 0, column: node.loc.start.column || 0 };
+    }
+    if (!node?.src || !lineOffsets)
+        return undefined;
+    const [offsetRaw] = String(node.src).split(':');
+    const offset = Number(offsetRaw);
+    if (!Number.isFinite(offset) || offset < 0)
+        return undefined;
+    return byteOffsetToLineColumn(offset, lineOffsets);
+}
+function byteOffsetToLineColumn(byteOffset, lineOffsets) {
+    let low = 0;
+    let high = lineOffsets.length - 1;
+    let lineIdx = 0;
+    while (low <= high) {
+        const mid = Math.floor((low + high) / 2);
+        if (lineOffsets[mid] <= byteOffset) {
+            lineIdx = mid;
+            low = mid + 1;
+        }
+        else {
+            high = mid - 1;
+        }
+    }
+    return { line: lineIdx + 1, column: byteOffset - lineOffsets[lineIdx] };
+}
+//# sourceMappingURL=skim-token-balance.js.map