@snovon/solast 0.2.0

package/dist/detectors/stale-oracle.js

@@ -0,0 +1,649 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.StaleOracleDetector = void 0;
+const resolve_return_names_1 = require("../ast/resolve-return-names");
+const ast_1 = require("./_common/ast");
+const RULE_ID = 'oracle-staleness';
+const MAX_FRESHNESS_SECONDS = 900;
+class StaleOracleDetector {
+    id = RULE_ID;
+    patternKey = RULE_ID;
+    supportedAstKinds = ['parser', 'solc'];
+    findings = [];
+    currentFile = '';
+    currentContract = '';
+    currentFunction = '';
+    functionStack = [];
+    seen = new Set();
+    contractConstants = new Map();
+    structMembers = new Map();
+    currentAst = null;
+    setFile(file) {
+        this.currentFile = file;
+        this.findings = [];
+        this.currentContract = '';
+        this.currentFunction = '';
+        this.functionStack = [];
+        this.seen.clear();
+        this.contractConstants.clear();
+        this.structMembers.clear();
+        this.currentAst = null;
+    }
+    getFindings() {
+        return this.findings;
+    }
+    SourceUnit(node) {
+        this.currentAst = node;
+    }
+    ContractDefinition(node) {
+        this.currentContract = node?.name || '<anonymous>';
+        this.contractConstants.clear();
+        for (const sub of node?.subNodes || []) {
+            if (sub?.type === 'StateVariableDeclaration')
+                this.recordConstantDeclaration(sub);
+        }
+    }
+    ContractDefinition_post(_node) {
+        this.currentContract = '';
+        this.contractConstants.clear();
+    }
+    StateVariableDeclaration(node) {
+        this.recordConstantDeclaration(node);
+    }
+    StructDefinition(node) {
+        if (!node?.name)
+            return;
+        const members = (node.members || [])
+            .map((member) => String(member?.name || ''))
+            .filter(Boolean);
+        if (members.length === 0)
+            return;
+        this.structMembers.set(node.name, members);
+        if (this.currentContract) {
+            this.structMembers.set(`${this.currentContract}.${node.name}`, members);
+        }
+    }
+    recordConstantDeclaration(node) {
+        for (const variable of node?.variables || []) {
+            if (!variable || !variable.name)
+                continue;
+            if (variable.isDeclaredConst !== true)
+                continue;
+            const typeName = (variable.typeName?.name || '').toLowerCase();
+            if (typeName !== 'uint256' && typeName !== 'uint')
+                continue;
+            const seconds = this.thresholdSecondsFromLiteral(variable.expression);
+            if (seconds === null)
+                continue;
+            this.contractConstants.set(variable.name, seconds);
+        }
+    }
+    FunctionDefinition(node) {
+        if (!node?.body)
+            return;
+        this.functionStack.push(this.currentFunction);
+        this.currentFunction = node.name || '<anonymous>';
+        const oracleReads = this.collectOracleReads(node.body);
+        this.walk(node.body, child => {
+            if (!child || typeof child !== 'object')
+                return;
+            if (child.type !== 'FunctionCall')
+                return;
+            const callee = this.getCalleeMemberName(child.expression);
+            if (callee === 'latestAnswer') {
+                this.recordFinding(child, node, {
+                    sourceExpression: this.expressionToText(child),
+                    missingReason: 'latestAnswer has no update timestamp metadata',
+                    trace: 'manipulation-window',
+                });
+            }
+        });
+        for (const read of oracleReads) {
+            if (read.priceName && !this.bodyUsesIdentifier(node.body, read.priceName))
+                continue;
+            const freshness = read.timestampName
+                ? this.bodyFreshnessStatusForName(node.body, read.timestampName)
+                : { ok: false, reason: read.missingReason };
+            if (!freshness.ok) {
+                this.recordFinding(read.callNode, node, {
+                    sourceExpression: read.sourceExpression,
+                    missingReason: freshness.reason || read.missingReason,
+                    trace: read.trace || 'missing-freshness',
+                });
+            }
+        }
+    }
+    FunctionDefinition_post(_node) {
+        this.currentFunction = this.functionStack.pop() || '';
+    }
+    recordFinding(callNode, fnNode, details) {
+        // tryLoc-with-floor for solc-walker compat.
+        // Bind primaryLoc separately so endLine stays sourced from callNode
+        // only (matches legacy `callNode?.loc?.end?.line || line` semantics).
+        const primaryLoc = (0, ast_1.tryLoc)(callNode);
+        const loc = primaryLoc ?? (0, ast_1.tryLoc)(fnNode) ?? { line: 0, endLine: 0, column: 0 };
+        const { line, column } = loc;
+        const endLine = primaryLoc?.endLine ?? line;
+        const functionName = this.currentFunction || fnNode?.name || '<anonymous>';
+        const key = `${this.currentFile}:${line}:${column}:${functionName}:${details.sourceExpression}:${details.missingReason}`;
+        if (this.seen.has(key))
+            return;
+        this.seen.add(key);
+        const remediation = `require updatedAt to be within ${MAX_FRESHNESS_SECONDS} seconds of block.timestamp before using answer`;
+        const message = `Oracle staleness risk in function '${functionName}': ${details.sourceExpression} is consumed with ${details.missingReason}. Remediation: ${remediation}.`;
+        this.findings.push({
+            file: this.currentFile,
+            contract: this.currentContract,
+            'function': functionName,
+            line,
+            endLine,
+            column,
+            pattern: RULE_ID,
+            confidence: 'high',
+            ruleId: RULE_ID,
+            severity: 'medium',
+            message,
+            contractName: this.currentContract,
+            functionName,
+            sourceLocation: { line, column },
+            trace: details.trace,
+            rationale: `Oracle source: ${details.sourceExpression}; missing/weak freshness condition: ${details.missingReason}.`,
+            suggestedFix: remediation,
+            source: details.sourceExpression,
+            findingId: '',
+            contractHash: '',
+        });
+    }
+    collectOracleReads(body) {
+        const reads = [];
+        const associatedCalls = new Set();
+        this.walk(body, node => {
+            if (!node || typeof node !== 'object')
+                return;
+            if (node.type === 'VariableDeclarationStatement' && this.isLatestRoundDataCall(node.initialValue)) {
+                if (this.isSequencerUptimeRead(node.initialValue, node.variables)) {
+                    associatedCalls.add(node.initialValue);
+                    return;
+                }
+                const timestampName = this.getTimestampBindingFromReturnNames(node.initialValue, node.variables, 3);
+                reads.push({
+                    callNode: node.initialValue,
+                    sourceExpression: this.expressionToText(node.initialValue),
+                    priceName: this.getPriceBindingFromReturnNames(node.initialValue, node.variables, 1),
+                    timestampName,
+                    timestampLabel: timestampName || 'updatedAt',
+                    missingReason: timestampName ? `missing ${timestampName} freshness check` : 'missing updatedAt freshness check',
+                });
+                associatedCalls.add(node.initialValue);
+                return;
+            }
+            if (node.type === 'VariableDeclarationStatement' && this.isCustomTupleOracleCall(node.initialValue, node.variables)) {
+                const timestampName = this.getTimestampBindingFromReturnNames(node.initialValue, node.variables);
+                reads.push({
+                    callNode: node.initialValue,
+                    sourceExpression: this.expressionToText(node.initialValue),
+                    priceName: this.getPriceBindingFromReturnNames(node.initialValue, node.variables),
+                    timestampName,
+                    timestampLabel: timestampName || 'timestamp',
+                    missingReason: timestampName ? `missing ${timestampName} freshness check` : 'missing timestamp freshness check',
+                });
+                associatedCalls.add(node.initialValue);
+                return;
+            }
+            if (node.type === 'VariableDeclarationStatement') {
+                const structRead = this.timestampedStructOracleRead(node.initialValue, node.variables);
+                if (!structRead)
+                    return;
+                reads.push({
+                    callNode: node.initialValue,
+                    sourceExpression: this.expressionToText(node.initialValue),
+                    priceName: `${structRead.variableName}.${structRead.priceField}`,
+                    timestampName: `${structRead.variableName}.${structRead.timestampField}`,
+                    timestampLabel: structRead.timestampField,
+                    missingReason: `missing ${structRead.timestampField} freshness check`,
+                });
+                associatedCalls.add(node.initialValue);
+                return;
+            }
+            if (node.type === 'ExpressionStatement') {
+                const assignment = this.unwrapParens(node.expression);
+                if (assignment?.type === 'BinaryOperation' &&
+                    assignment.operator === '=' &&
+                    this.isLatestRoundDataCall(assignment.right)) {
+                    const timestampName = this.getTimestampBindingFromReturnNames(assignment.right, undefined, 3, assignment.left);
+                    reads.push({
+                        callNode: assignment.right,
+                        sourceExpression: this.expressionToText(assignment.right),
+                        priceName: this.getPriceBindingFromReturnNames(assignment.right, undefined, 1, assignment.left),
+                        timestampName,
+                        timestampLabel: timestampName || 'updatedAt',
+                        missingReason: timestampName ? `missing ${timestampName} freshness check` : 'missing updatedAt freshness check',
+                    });
+                    associatedCalls.add(assignment.right);
+                }
+            }
+        });
+        this.walk(body, node => {
+            if (!this.isLatestRoundDataCall(node) || associatedCalls.has(node))
+                return;
+            reads.push({
+                callNode: node,
+                sourceExpression: this.expressionToText(node),
+                priceName: '',
+                timestampName: '',
+                timestampLabel: 'updatedAt',
+                missingReason: 'missing updatedAt freshness check',
+            });
+        });
+        const counts = new Map();
+        for (const read of reads)
+            counts.set(read.timestampName, (counts.get(read.timestampName) || 0) + 1);
+        for (const read of reads) {
+            if (read.timestampName && counts.size > 1) {
+                read.missingReason = `missing freshness check for ${read.timestampName}`;
+            }
+        }
+        return reads;
+    }
+    bodyFreshnessStatusForName(body, timestampName) {
+        let status = { ok: false };
+        this.walk(body, node => {
+            if (status.ok || !node || typeof node !== 'object')
+                return;
+            if (node.type === 'IfStatement') {
+                const conditionStatus = this.staleRevertExpressionStatus(node.condition, timestampName);
+                if (conditionStatus.ok && this.statementContainsRevert(node.trueBody))
+                    status = { ok: true };
+                return;
+            }
+            if (node.type === 'FunctionCall' && this.isRequireOrAssert(node)) {
+                const condition = (node.arguments || [])[0];
+                const conditionStatus = this.freshnessExpressionStatus(condition, timestampName);
+                if (conditionStatus.ok)
+                    status = { ok: true };
+                if (!status.reason && conditionStatus.reason)
+                    status = conditionStatus;
+            }
+        });
+        return status.ok ? status : { ok: false, reason: status.reason };
+    }
+    freshnessExpressionStatus(node, timestampName) {
+        return this.boundedAgePredicateStatus(this.unwrapParens(node), timestampName);
+    }
+    staleRevertExpressionStatus(node, timestampName) {
+        const unwrapped = this.unwrapParens(node);
+        if (!unwrapped || typeof unwrapped !== 'object')
+            return { ok: false };
+        if (unwrapped.type === 'BinaryOperation' && (unwrapped.operator === '&&' || unwrapped.operator === '||')) {
+            const left = this.staleRevertExpressionStatus(unwrapped.left, timestampName);
+            const right = this.staleRevertExpressionStatus(unwrapped.right, timestampName);
+            return left.ok ? left : right;
+        }
+        const direct = this.boundedAgePredicateStatus(unwrapped, timestampName);
+        if (direct.ok)
+            return direct;
+        if (unwrapped.type !== 'BinaryOperation' || !this.isComparisonOperator(unwrapped.operator))
+            return direct;
+        const left = this.unwrapParens(unwrapped.left);
+        const right = this.unwrapParens(unwrapped.right);
+        const timestampMinusRight = this.getTimestampMinusThreshold(right);
+        if (this.isTimestampRef(left, timestampName) && timestampMinusRight !== null && (unwrapped.operator === '<' || unwrapped.operator === '<=')) {
+            return this.thresholdStatus(timestampMinusRight);
+        }
+        if (this.isBlockTimestampMinusName(left, timestampName)) {
+            const seconds = this.thresholdSeconds(right);
+            if (seconds !== null && (unwrapped.operator === '>' || unwrapped.operator === '>='))
+                return this.thresholdStatus(seconds);
+        }
+        return direct;
+    }
+    boundedAgePredicateStatus(node, timestampName) {
+        if (!node || typeof node !== 'object')
+            return { ok: false };
+        if (node.type !== 'BinaryOperation')
+            return { ok: false };
+        if (node.operator === '&&' || node.operator === '||') {
+            const left = this.boundedAgePredicateStatus(this.unwrapParens(node.left), timestampName);
+            const right = this.boundedAgePredicateStatus(this.unwrapParens(node.right), timestampName);
+            return left.ok ? left : right;
+        }
+        if (!this.isComparisonOperator(node.operator))
+            return { ok: false };
+        const left = this.unwrapParens(node.left);
+        const right = this.unwrapParens(node.right);
+        if (this.isTimestampRef(left, timestampName) && this.isBlockTimestampRef(right) && node.operator === '<=') {
+            return { ok: false, reason: 'non-future check does not bound age' };
+        }
+        if (this.isBlockTimestampRef(left) && this.isTimestampRef(right, timestampName) && node.operator === '>=') {
+            return { ok: false, reason: 'non-future check does not bound age' };
+        }
+        const timestampMinusRight = this.getTimestampMinusThreshold(right);
+        if (this.isTimestampRef(left, timestampName) && timestampMinusRight !== null && (node.operator === '>' || node.operator === '>=')) {
+            return this.thresholdStatus(timestampMinusRight);
+        }
+        const timestampMinusLeft = this.getTimestampMinusThreshold(left);
+        if (this.isTimestampRef(right, timestampName) && timestampMinusLeft !== null && (node.operator === '<' || node.operator === '<=')) {
+            return this.thresholdStatus(timestampMinusLeft);
+        }
+        if (this.isBlockTimestampMinusName(left, timestampName)) {
+            const seconds = this.thresholdSeconds(right);
+            if (seconds !== null && (node.operator === '<' || node.operator === '<='))
+                return this.thresholdStatus(seconds);
+        }
+        if (this.isBlockTimestampMinusName(right, timestampName)) {
+            const seconds = this.thresholdSeconds(left);
+            if (seconds !== null && (node.operator === '>' || node.operator === '>='))
+                return this.thresholdStatus(seconds);
+        }
+        const timestampPlusLeft = this.getTimestampPlusThreshold(left, timestampName);
+        if (timestampPlusLeft !== null && this.isBlockTimestampRef(right) && (node.operator === '>' || node.operator === '>=')) {
+            return this.thresholdStatus(timestampPlusLeft);
+        }
+        const timestampPlusRight = this.getTimestampPlusThreshold(right, timestampName);
+        if (timestampPlusRight !== null && this.isBlockTimestampRef(left) && (node.operator === '<' || node.operator === '<=')) {
+            return this.thresholdStatus(timestampPlusRight);
+        }
+        return { ok: false };
+    }
+    isComparisonOperator(op) {
+        return op === '>' || op === '>=' || op === '<' || op === '<=';
+    }
+    unwrapParens(node) {
+        if (!node || typeof node !== 'object')
+            return node;
+        if (node.type === 'TupleExpression' && Array.isArray(node.components) && node.components.length === 1) {
+            return this.unwrapParens(node.components[0]);
+        }
+        return node;
+    }
+    isRequireOrAssert(node) {
+        const expr = node?.expression;
+        if (!expr)
+            return false;
+        if (expr.type === 'Identifier')
+            return expr.name === 'require' || expr.name === 'assert';
+        return false;
+    }
+    isTimestampRef(node, timestampName) {
+        if (!node || typeof node !== 'object')
+            return false;
+        const parts = timestampName ? timestampName.split('.') : [];
+        if (node.type === 'Identifier') {
+            return parts.length === 1 ? node.name === parts[0] : (node.name === 'updatedAt' || node.name === 'updated_at' || node.name === 'timestamp');
+        }
+        if (node.type === 'MemberAccess') {
+            if (parts.length === 2) {
+                return node.memberName === parts[1] && this.isTimestampRef(node.expression, parts[0]);
+            }
+            return !timestampName && (node.memberName === 'updatedAt' || node.memberName === 'updated_at' || node.memberName === 'timestamp');
+        }
+        return false;
+    }
+    isBlockTimestampRef(node) {
+        return !!(node && typeof node === 'object' &&
+            node.type === 'MemberAccess' &&
+            node.memberName === 'timestamp' &&
+            node.expression?.type === 'Identifier' &&
+            node.expression.name === 'block');
+    }
+    getTimestampMinusThreshold(node) {
+        const u = this.unwrapParens(node);
+        if (!u || typeof u !== 'object' || u.type !== 'BinaryOperation' || u.operator !== '-')
+            return null;
+        if (!this.isBlockTimestampRef(this.unwrapParens(u.left)))
+            return null;
+        return this.thresholdSeconds(this.unwrapParens(u.right));
+    }
+    getTimestampPlusThreshold(node, timestampName) {
+        const u = this.unwrapParens(node);
+        if (!u || typeof u !== 'object' || u.type !== 'BinaryOperation' || u.operator !== '+')
+            return null;
+        const left = this.unwrapParens(u.left);
+        const right = this.unwrapParens(u.right);
+        if (this.isTimestampRef(left, timestampName))
+            return this.thresholdSeconds(right);
+        if (this.isTimestampRef(right, timestampName))
+            return this.thresholdSeconds(left);
+        return null;
+    }
+    isBlockTimestampMinusName(node, timestampName) {
+        const u = this.unwrapParens(node);
+        if (!u || typeof u !== 'object' || u.type !== 'BinaryOperation' || u.operator !== '-')
+            return false;
+        return this.isBlockTimestampRef(this.unwrapParens(u.left)) &&
+            this.isTimestampRef(this.unwrapParens(u.right), timestampName);
+    }
+    thresholdStatus(seconds) {
+        if (seconds <= MAX_FRESHNESS_SECONDS)
+            return { ok: true };
+        return {
+            ok: false,
+            reason: `freshness threshold ${seconds} seconds exceeds configured maximum ${MAX_FRESHNESS_SECONDS} seconds`,
+        };
+    }
+    thresholdSeconds(node) {
+        const u = this.unwrapParens(node);
+        if (!u || typeof u !== 'object')
+            return null;
+        const literalSeconds = this.thresholdSecondsFromLiteral(u);
+        if (literalSeconds !== null)
+            return literalSeconds;
+        if (u.type === 'Identifier' && typeof u.name === 'string' && this.contractConstants.has(u.name)) {
+            return this.contractConstants.get(u.name) ?? null;
+        }
+        return null;
+    }
+    thresholdSecondsFromLiteral(node) {
+        const u = this.unwrapParens(node);
+        if (!u || typeof u !== 'object' || u.type !== 'NumberLiteral')
+            return null;
+        const raw = u.number ?? u.value;
+        if (raw === undefined || raw === null)
+            return null;
+        const value = Number(String(raw).replace(/_/g, ''));
+        if (!Number.isFinite(value) || value <= 0)
+            return null;
+        const unit = String(u.subdenomination || '').toLowerCase();
+        const multiplier = unit === 'minutes' || unit === 'minute' ? 60
+            : unit === 'hours' || unit === 'hour' ? 3600
+                : unit === 'days' || unit === 'day' ? 86400
+                    : 1;
+        return value * multiplier;
+    }
+    getCalleeMemberName(expr) {
+        if (!expr || typeof expr !== 'object')
+            return '';
+        if (expr.type === 'MemberAccess')
+            return expr.memberName || '';
+        return '';
+    }
+    isLatestRoundDataCall(node) {
+        return !!(node &&
+            typeof node === 'object' &&
+            node.type === 'FunctionCall' &&
+            this.getCalleeMemberName(node.expression) === 'latestRoundData');
+    }
+    isSequencerUptimeRead(callNode, variables = []) {
+        if (!this.isLatestRoundDataCall(callNode))
+            return false;
+        const source = this.expressionToText(callNode).toLowerCase();
+        const answerName = this.getBindingFromVariables(variables, 1).toLowerCase();
+        const startedAtName = this.getBindingFromVariables(variables, 2).toLowerCase();
+        const updatedAtName = this.getBindingFromVariables(variables, 3).toLowerCase();
+        return ((source.includes('sequencer') || answerName.includes('sequencer')) &&
+            (startedAtName === 'startedat' || startedAtName === 'started_at') &&
+            updatedAtName === '');
+    }
+    isCustomTupleOracleCall(callNode, variables = []) {
+        if (!callNode || typeof callNode !== 'object' || callNode.type !== 'FunctionCall')
+            return false;
+        const callee = this.getCalleeMemberName(callNode.expression).toLowerCase();
+        if (!/price|quote|rate/.test(callee))
+            return false;
+        return !!this.getPriceBindingFromReturnNames(callNode, variables) && !!this.getTimestampBindingFromReturnNames(callNode, variables);
+    }
+    timestampedStructOracleRead(callNode, variables = []) {
+        if (!callNode || typeof callNode !== 'object' || callNode.type !== 'FunctionCall')
+            return null;
+        const callee = this.getCalleeMemberName(callNode.expression).toLowerCase();
+        if (!/price|quote|rate/.test(callee))
+            return null;
+        const variable = variables[0];
+        const variableName = variable?.name || '';
+        const structType = this.typeNameToStructName(variable?.typeName);
+        const members = structType ? this.structMembers.get(structType) : undefined;
+        if (!variableName || !members)
+            return null;
+        const priceField = members.find(member => this.isPriceLikeField(member));
+        const timestampField = members.find(member => this.isTimestampLikeField(member));
+        if (!priceField || !timestampField)
+            return null;
+        return { variableName, priceField, timestampField };
+    }
+    getBindingFromVariables(variables = [], index) {
+        const variable = variables[index];
+        return variable?.name || '';
+    }
+    getPriceBindingFromVariables(variables = []) {
+        for (const variable of variables) {
+            const name = variable?.name || '';
+            if (/^(answer|price|value|rate|quote)$/i.test(name))
+                return name;
+        }
+        return this.getBindingFromVariables(variables, 0);
+    }
+    getTimestampBindingFromVariables(variables = []) {
+        for (const variable of variables) {
+            const name = variable?.name || '';
+            if (/^(updatedAt|updated_at|timestamp|time|publishTime|publishedAt)$/i.test(name))
+                return name;
+        }
+        return '';
+    }
+    getPriceBindingFromReturnNames(callNode, variables = [], fallbackIndex = 0, tupleNode) {
+        return this.getBindingByReturnName(callNode, variables, ['answer', 'price', 'value', 'rate', 'quote'], () => tupleNode ? this.getBindingFromTuple(tupleNode, fallbackIndex) : this.getPriceBindingFromVariables(variables));
+    }
+    getTimestampBindingFromReturnNames(callNode, variables = [], fallbackIndex, tupleNode) {
+        return this.getBindingByReturnName(callNode, variables, ['updatedat', 'updated_at', 'timestamp', 'time', 'publishtime', 'publishedat'], () => {
+            if (tupleNode && fallbackIndex !== undefined)
+                return this.getBindingFromTuple(tupleNode, fallbackIndex);
+            if (fallbackIndex !== undefined)
+                return this.getBindingFromVariables(variables, fallbackIndex);
+            return this.getTimestampBindingFromVariables(variables);
+        }, tupleNode);
+    }
+    getBindingByReturnName(callNode, variables = [], slotNames, fallback, tupleNode) {
+        const names = this.currentAst ? (0, resolve_return_names_1.resolveReturnNames)(callNode, this.currentAst) : undefined;
+        if (names) {
+            const index = names.findIndex(name => !!name && slotNames.includes(name.toLowerCase()));
+            if (index >= 0) {
+                return tupleNode ? this.getBindingFromTuple(tupleNode, index) : this.getBindingFromVariables(variables, index);
+            }
+        }
+        return fallback();
+    }
+    typeNameToStructName(typeName) {
+        if (!typeName)
+            return '';
+        if (typeof typeName === 'string')
+            return typeName;
+        if (typeof typeName.namePath === 'string')
+            return typeName.namePath;
+        if (typeof typeName.name === 'string')
+            return typeName.name;
+        if (typeName.pathNode)
+            return this.typeNameToStructName(typeName.pathNode);
+        if (typeName.typeName)
+            return this.typeNameToStructName(typeName.typeName);
+        if (typeof typeName.typeString === 'string') {
+            const match = typeName.typeString.match(/\bstruct\s+([A-Za-z_][A-Za-z0-9_.]*)/);
+            if (match)
+                return match[1];
+        }
+        return '';
+    }
+    isPriceLikeField(name) {
+        return /^(price|value|answer|rate|quote)$/i.test(name);
+    }
+    isTimestampLikeField(name) {
+        return /^(timestamp|updatedAt|publishTime|time|lastUpdated)$/i.test(name);
+    }
+    getBindingFromTuple(node, index) {
+        const tuple = this.unwrapParens(node);
+        const component = tuple?.type === 'TupleExpression' && Array.isArray(tuple.components)
+            ? tuple.components[index]
+            : null;
+        if (component?.type === 'Identifier')
+            return component.name || '';
+        if (component?.type === 'MemberAccess')
+            return component.memberName || '';
+        return '';
+    }
+    bodyUsesIdentifier(body, name) {
+        let uses = 0;
+        const parts = name.split('.');
+        this.walk(body, node => {
+            if (!node || typeof node !== 'object')
+                return;
+            if (parts.length === 1 && node.type === 'Identifier' && node.name === name)
+                uses++;
+            if (parts.length === 2 && node.type === 'MemberAccess' && node.memberName === parts[1] && this.isTimestampRef(node.expression, parts[0]))
+                uses++;
+        });
+        return uses > 0;
+    }
+    statementContainsRevert(node) {
+        let found = false;
+        this.walk(node, child => {
+            if (found || child?.type !== 'FunctionCall')
+                return;
+            const expr = child.expression;
+            if (expr?.type === 'Identifier' && (expr.name === 'revert' || expr.name === 'require' || expr.name === 'assert'))
+                found = true;
+        });
+        return found;
+    }
+    displayTimestampName(timestampName) {
+        return timestampName.includes('.') ? 'timestamp' : timestampName;
+    }
+    expressionToText(node) {
+        if (!node || typeof node !== 'object')
+            return '';
+        if (node.type === 'FunctionCall')
+            return `${this.expressionToText(node.expression)}()`;
+        if (node.type === 'MemberAccess')
+            return `${this.expressionToText(node.expression)}.${node.memberName || ''}`.replace(/^\./, '');
+        if (node.type === 'Identifier')
+            return node.name || '';
+        if (node.type === 'BinaryOperation')
+            return `${this.expressionToText(node.left)} ${node.operator} ${this.expressionToText(node.right)}`.trim();
+        return this.getCalleeMemberName(node) || node.type || '';
+    }
+    walk(node, visit) {
+        if (!node || typeof node !== 'object')
+            return;
+        visit(node);
+        for (const child of this.childNodes(node)) {
+            this.walk(child, visit);
+        }
+    }
+    childNodes(node) {
+        const children = [];
+        for (const [key, value] of Object.entries(node)) {
+            if (key === 'loc' || key === 'range' || key === 'typeName')
+                continue;
+            if (Array.isArray(value)) {
+                for (const item of value) {
+                    if (item && typeof item === 'object')
+                        children.push(item);
+                }
+            }
+            else if (value && typeof value === 'object') {
+                children.push(value);
+            }
+        }
+        return children;
+    }
+}
+exports.StaleOracleDetector = StaleOracleDetector;
+//# sourceMappingURL=stale-oracle.js.map

package/dist/detectors/starkware-proof-validation-gap.d.ts

@@ -0,0 +1,18 @@
+import type { ScanResult } from '../index';
+export declare class StarkwareProofValidationGapDetector {
+    readonly id = "starkware-proof-validation-gap";
+    readonly patternKey = "starkware-proof-validation-gap";
+    readonly supportedAstKinds: "parser"[];
+    scanAst(ast: any, file: string): ScanResult[];
+    private analyzeFunction;
+    private walkStatement;
+    private observeExpression;
+    private observeValidations;
+    private markValidatedFacts;
+    private observeVerifierGateBinding;
+    private observeTryVerifierGate;
+    private markVerifierGateFacts;
+    private factsForDecodedVerifierReturn;
+    private isStateWriteSink;
+    private emitFinding;
+}