@snovon/solast 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (738) hide show
  1. package/LICENSE +201 -0
  2. package/README.md +190 -0
  3. package/dist/api.d.ts +89 -0
  4. package/dist/api.js +33 -0
  5. package/dist/ast/resolve-return-names.d.ts +2 -0
  6. package/dist/ast/resolve-return-names.js +199 -0
  7. package/dist/ast/solc-walker.d.ts +17 -0
  8. package/dist/ast/solc-walker.js +497 -0
  9. package/dist/ast/storage-layout.d.ts +21 -0
  10. package/dist/ast/storage-layout.js +64 -0
  11. package/dist/cli.d.ts +65 -0
  12. package/dist/cli.js +755 -0
  13. package/dist/config.d.ts +9 -0
  14. package/dist/config.js +284 -0
  15. package/dist/dedup/files.d.ts +1 -0
  16. package/dist/dedup/files.js +74 -0
  17. package/dist/dedup/findings.d.ts +41 -0
  18. package/dist/dedup/findings.js +211 -0
  19. package/dist/detectors/_common/access-control.d.ts +204 -0
  20. package/dist/detectors/_common/access-control.js +377 -0
  21. package/dist/detectors/_common/ast.d.ts +139 -0
  22. package/dist/detectors/_common/ast.js +239 -0
  23. package/dist/detectors/_common/compiler-profile.d.ts +14 -0
  24. package/dist/detectors/_common/compiler-profile.js +66 -0
  25. package/dist/detectors/_common/dataflow.d.ts +75 -0
  26. package/dist/detectors/_common/dataflow.js +57 -0
  27. package/dist/detectors/_common/fhe.d.ts +7 -0
  28. package/dist/detectors/_common/fhe.js +40 -0
  29. package/dist/detectors/_common/integer-overflow-helpers.d.ts +58 -0
  30. package/dist/detectors/_common/integer-overflow-helpers.js +422 -0
  31. package/dist/detectors/_common/loop-call-stack.d.ts +9 -0
  32. package/dist/detectors/_common/loop-call-stack.js +132 -0
  33. package/dist/detectors/_common/oracle.d.ts +5 -0
  34. package/dist/detectors/_common/oracle.js +64 -0
  35. package/dist/detectors/_common/price-rate.d.ts +116 -0
  36. package/dist/detectors/_common/price-rate.js +446 -0
  37. package/dist/detectors/_common/source-text.d.ts +11 -0
  38. package/dist/detectors/_common/source-text.js +82 -0
  39. package/dist/detectors/_common/weighted-pool-invariant.d.ts +21 -0
  40. package/dist/detectors/_common/weighted-pool-invariant.js +105 -0
  41. package/dist/detectors/aave-v2-reentrancy.d.ts +7 -0
  42. package/dist/detectors/aave-v2-reentrancy.js +286 -0
  43. package/dist/detectors/access-control.d.ts +103 -0
  44. package/dist/detectors/access-control.js +983 -0
  45. package/dist/detectors/add-reentrancy-on-weth-contract.d.ts +7 -0
  46. package/dist/detectors/add-reentrancy-on-weth-contract.js +536 -0
  47. package/dist/detectors/ai-generated-randomness.d.ts +32 -0
  48. package/dist/detectors/ai-generated-randomness.js +239 -0
  49. package/dist/detectors/amm-spot-oracle-manipulation.d.ts +52 -0
  50. package/dist/detectors/amm-spot-oracle-manipulation.js +420 -0
  51. package/dist/detectors/analyzing-the-uniswap-v3-exploit.d.ts +26 -0
  52. package/dist/detectors/analyzing-the-uniswap-v3-exploit.js +279 -0
  53. package/dist/detectors/any-token-is-destroyed.d.ts +34 -0
  54. package/dist/detectors/any-token-is-destroyed.js +527 -0
  55. package/dist/detectors/anyswap-anytoken-permit-allowance-drain.d.ts +7 -0
  56. package/dist/detectors/anyswap-anytoken-permit-allowance-drain.js +524 -0
  57. package/dist/detectors/anyswap-insufficient-token-validation.d.ts +24 -0
  58. package/dist/detectors/anyswap-insufficient-token-validation.js +342 -0
  59. package/dist/detectors/approval-based-drain.d.ts +7 -0
  60. package/dist/detectors/approval-based-drain.js +772 -0
  61. package/dist/detectors/arbitrary-account-balance-transfer.d.ts +7 -0
  62. package/dist/detectors/arbitrary-account-balance-transfer.js +485 -0
  63. package/dist/detectors/arbitrary-address-spoofing-attack.d.ts +7 -0
  64. package/dist/detectors/arbitrary-address-spoofing-attack.js +444 -0
  65. package/dist/detectors/arbitrary-address-spoofing.d.ts +9 -0
  66. package/dist/detectors/arbitrary-address-spoofing.js +657 -0
  67. package/dist/detectors/arbitrary-call-error.d.ts +127 -0
  68. package/dist/detectors/arbitrary-call-error.js +1163 -0
  69. package/dist/detectors/arbitrary-call.d.ts +4 -0
  70. package/dist/detectors/arbitrary-call.js +11 -0
  71. package/dist/detectors/arbitrary-delegatecall-target.d.ts +35 -0
  72. package/dist/detectors/arbitrary-delegatecall-target.js +554 -0
  73. package/dist/detectors/arbitrary-recipient-no-access-control.d.ts +7 -0
  74. package/dist/detectors/arbitrary-recipient-no-access-control.js +638 -0
  75. package/dist/detectors/arbitrary-storage-proof-forgery.d.ts +35 -0
  76. package/dist/detectors/arbitrary-storage-proof-forgery.js +340 -0
  77. package/dist/detectors/arbitrary-transfer-from.d.ts +38 -0
  78. package/dist/detectors/arbitrary-transfer-from.js +339 -0
  79. package/dist/detectors/arbitrum-cross-chain-message-replay.d.ts +22 -0
  80. package/dist/detectors/arbitrum-cross-chain-message-replay.js +477 -0
  81. package/dist/detectors/avs-slashing-without-quorum-check.d.ts +50 -0
  82. package/dist/detectors/avs-slashing-without-quorum-check.js +386 -0
  83. package/dist/detectors/bad-debt-propagation.d.ts +13 -0
  84. package/dist/detectors/bad-debt-propagation.js +480 -0
  85. package/dist/detectors/bad-k-value-verification.d.ts +7 -0
  86. package/dist/detectors/bad-k-value-verification.js +512 -0
  87. package/dist/detectors/bad-randomness-zero-blockhash.d.ts +29 -0
  88. package/dist/detectors/bad-randomness-zero-blockhash.js +115 -0
  89. package/dist/detectors/balancer-flash-loan-manipulation.d.ts +33 -0
  90. package/dist/detectors/balancer-flash-loan-manipulation.js +178 -0
  91. package/dist/detectors/balancer-pause-guard.d.ts +33 -0
  92. package/dist/detectors/balancer-pause-guard.js +307 -0
  93. package/dist/detectors/balancer-weighted-pool-flash-loan.d.ts +42 -0
  94. package/dist/detectors/balancer-weighted-pool-flash-loan.js +275 -0
  95. package/dist/detectors/batch-transfer-overflow.d.ts +7 -0
  96. package/dist/detectors/batch-transfer-overflow.js +465 -0
  97. package/dist/detectors/beneficiary-validation.d.ts +7 -0
  98. package/dist/detectors/beneficiary-validation.js +696 -0
  99. package/dist/detectors/borrow-behalf-consent.d.ts +7 -0
  100. package/dist/detectors/borrow-behalf-consent.js +400 -0
  101. package/dist/detectors/break-continue-scope.d.ts +7 -0
  102. package/dist/detectors/break-continue-scope.js +194 -0
  103. package/dist/detectors/bridge-accounting-bypass.d.ts +65 -0
  104. package/dist/detectors/bridge-accounting-bypass.js +449 -0
  105. package/dist/detectors/bridge-business-logic-flaw-incorrect-acc.d.ts +43 -0
  106. package/dist/detectors/bridge-business-logic-flaw-incorrect-acc.js +394 -0
  107. package/dist/detectors/bridge-collateral-drain.d.ts +7 -0
  108. package/dist/detectors/bridge-collateral-drain.js +630 -0
  109. package/dist/detectors/bridge-forged-proof.d.ts +7 -0
  110. package/dist/detectors/bridge-forged-proof.js +754 -0
  111. package/dist/detectors/bridge-missing-message-nonce.d.ts +57 -0
  112. package/dist/detectors/bridge-missing-message-nonce.js +638 -0
  113. package/dist/detectors/bridge-swap-metapool-attack.d.ts +20 -0
  114. package/dist/detectors/bridge-swap-metapool-attack.js +230 -0
  115. package/dist/detectors/business-logic-flaw-flashloan-price-mani.d.ts +7 -0
  116. package/dist/detectors/business-logic-flaw-flashloan-price-mani.js +353 -0
  117. package/dist/detectors/business-logic-flaw-incorrect-recipient-balance.d.ts +7 -0
  118. package/dist/detectors/business-logic-flaw-incorrect-recipient-balance.js +403 -0
  119. package/dist/detectors/business-logic-flaw.d.ts +21 -0
  120. package/dist/detectors/business-logic-flaw.js +339 -0
  121. package/dist/detectors/business-logic.d.ts +17 -0
  122. package/dist/detectors/business-logic.js +22 -0
  123. package/dist/detectors/bypassed-insolvency-check.d.ts +30 -0
  124. package/dist/detectors/bypassed-insolvency-check.js +232 -0
  125. package/dist/detectors/bytecode-divergence-risk.d.ts +32 -0
  126. package/dist/detectors/bytecode-divergence-risk.js +150 -0
  127. package/dist/detectors/cache-array-length.d.ts +30 -0
  128. package/dist/detectors/cache-array-length.js +177 -0
  129. package/dist/detectors/cache-storage-reads.d.ts +46 -0
  130. package/dist/detectors/cache-storage-reads.js +323 -0
  131. package/dist/detectors/calldata-secret-access-control.d.ts +36 -0
  132. package/dist/detectors/calldata-secret-access-control.js +446 -0
  133. package/dist/detectors/capital-cross-contract-reentrancy.d.ts +34 -0
  134. package/dist/detectors/capital-cross-contract-reentrancy.js +481 -0
  135. package/dist/detectors/cartel-custom-approval-logic.d.ts +7 -0
  136. package/dist/detectors/cartel-custom-approval-logic.js +407 -0
  137. package/dist/detectors/ccip-receiver-missing-replay-guard.d.ts +22 -0
  138. package/dist/detectors/ccip-receiver-missing-replay-guard.js +413 -0
  139. package/dist/detectors/chain-coupling-risk.d.ts +8 -0
  140. package/dist/detectors/chain-coupling-risk.js +203 -0
  141. package/dist/detectors/chainlink-deprecated-function.d.ts +7 -0
  142. package/dist/detectors/chainlink-deprecated-function.js +205 -0
  143. package/dist/detectors/chainlink-tx-origin.d.ts +7 -0
  144. package/dist/detectors/chainlink-tx-origin.js +363 -0
  145. package/dist/detectors/check-effects-interactions.d.ts +39 -0
  146. package/dist/detectors/check-effects-interactions.js +783 -0
  147. package/dist/detectors/check-permit-missing-chainid.d.ts +27 -0
  148. package/dist/detectors/check-permit-missing-chainid.js +456 -0
  149. package/dist/detectors/classic-reentrancy.d.ts +93 -0
  150. package/dist/detectors/classic-reentrancy.js +645 -0
  151. package/dist/detectors/coinbase-morpho-wethloan-policy.d.ts +29 -0
  152. package/dist/detectors/coinbase-morpho-wethloan-policy.js +368 -0
  153. package/dist/detectors/compoundv2-inflation-attack.d.ts +7 -0
  154. package/dist/detectors/compoundv2-inflation-attack.js +675 -0
  155. package/dist/detectors/constructor-address-validation.d.ts +24 -0
  156. package/dist/detectors/constructor-address-validation.js +335 -0
  157. package/dist/detectors/constructor-interface-no-address-validation.d.ts +32 -0
  158. package/dist/detectors/constructor-interface-no-address-validation.js +283 -0
  159. package/dist/detectors/cross-chain-arbitrary-call.d.ts +7 -0
  160. package/dist/detectors/cross-chain-arbitrary-call.js +601 -0
  161. package/dist/detectors/cross-chain-input-validation.d.ts +31 -0
  162. package/dist/detectors/cross-chain-input-validation.js +347 -0
  163. package/dist/detectors/cross-chain-intent-replay.d.ts +38 -0
  164. package/dist/detectors/cross-chain-intent-replay.js +453 -0
  165. package/dist/detectors/cross-chain-intent-stale-resolution.d.ts +7 -0
  166. package/dist/detectors/cross-chain-intent-stale-resolution.js +463 -0
  167. package/dist/detectors/cross-chain-message-order-dependency.d.ts +8 -0
  168. package/dist/detectors/cross-chain-message-order-dependency.js +472 -0
  169. package/dist/detectors/cross-chain-message-replay.d.ts +8 -0
  170. package/dist/detectors/cross-chain-message-replay.js +568 -0
  171. package/dist/detectors/cross-chain-messaging.d.ts +7 -0
  172. package/dist/detectors/cross-chain-messaging.js +663 -0
  173. package/dist/detectors/cross-chain-msg-truncation.d.ts +7 -0
  174. package/dist/detectors/cross-chain-msg-truncation.js +453 -0
  175. package/dist/detectors/cross-chain-truncation.d.ts +7 -0
  176. package/dist/detectors/cross-chain-truncation.js +422 -0
  177. package/dist/detectors/cross-contract-integer-overflow.d.ts +76 -0
  178. package/dist/detectors/cross-contract-integer-overflow.js +554 -0
  179. package/dist/detectors/cross-contract-reentrancy-trusted-callee.d.ts +39 -0
  180. package/dist/detectors/cross-contract-reentrancy-trusted-callee.js +385 -0
  181. package/dist/detectors/cross-contract-reentrancy.d.ts +63 -0
  182. package/dist/detectors/cross-contract-reentrancy.js +631 -0
  183. package/dist/detectors/cross-function-reentrancy.d.ts +37 -0
  184. package/dist/detectors/cross-function-reentrancy.js +648 -0
  185. package/dist/detectors/cross-protocol-contagion.d.ts +20 -0
  186. package/dist/detectors/cross-protocol-contagion.js +445 -0
  187. package/dist/detectors/cross-protocol-oracle-collateral.d.ts +38 -0
  188. package/dist/detectors/cross-protocol-oracle-collateral.js +487 -0
  189. package/dist/detectors/cross-vm-reentrancy.d.ts +7 -0
  190. package/dist/detectors/cross-vm-reentrancy.js +484 -0
  191. package/dist/detectors/decimals-mismatch.d.ts +89 -0
  192. package/dist/detectors/decimals-mismatch.js +451 -0
  193. package/dist/detectors/deferred-state-update.d.ts +16 -0
  194. package/dist/detectors/deferred-state-update.js +35 -0
  195. package/dist/detectors/deflationary-token.d.ts +27 -0
  196. package/dist/detectors/deflationary-token.js +751 -0
  197. package/dist/detectors/delegate-transfer-unrestricted-caller.d.ts +44 -0
  198. package/dist/detectors/delegate-transfer-unrestricted-caller.js +410 -0
  199. package/dist/detectors/delegatecall-fallback-reentrancy-bypass.d.ts +14 -0
  200. package/dist/detectors/delegatecall-fallback-reentrancy-bypass.js +241 -0
  201. package/dist/detectors/delegatecall-in-loops.d.ts +7 -0
  202. package/dist/detectors/delegatecall-in-loops.js +129 -0
  203. package/dist/detectors/delegatecall-init-owner-mutator.d.ts +8 -0
  204. package/dist/detectors/delegatecall-init-owner-mutator.js +655 -0
  205. package/dist/detectors/delegatecall-init.d.ts +7 -0
  206. package/dist/detectors/delegatecall-init.js +769 -0
  207. package/dist/detectors/delegatecall-untrusted-implementation.d.ts +41 -0
  208. package/dist/detectors/delegatecall-untrusted-implementation.js +888 -0
  209. package/dist/detectors/delegated-authorization-bypass.d.ts +7 -0
  210. package/dist/detectors/delegated-authorization-bypass.js +370 -0
  211. package/dist/detectors/denial-of-service.d.ts +117 -0
  212. package/dist/detectors/denial-of-service.js +947 -0
  213. package/dist/detectors/division-before-multiplication.d.ts +7 -0
  214. package/dist/detectors/division-before-multiplication.js +303 -0
  215. package/dist/detectors/dn404-mirror-access-control.d.ts +26 -0
  216. package/dist/detectors/dn404-mirror-access-control.js +315 -0
  217. package/dist/detectors/doge-flashloan.d.ts +29 -0
  218. package/dist/detectors/doge-flashloan.js +329 -0
  219. package/dist/detectors/donate-inflation-exchangerate-roundin.d.ts +7 -0
  220. package/dist/detectors/donate-inflation-exchangerate-roundin.js +621 -0
  221. package/dist/detectors/donation-share-inflation.d.ts +24 -0
  222. package/dist/detectors/donation-share-inflation.js +466 -0
  223. package/dist/detectors/dont-let-eth-get-rekt.d.ts +84 -0
  224. package/dist/detectors/dont-let-eth-get-rekt.js +1151 -0
  225. package/dist/detectors/dos-unbounded-loop-external-call-revert.d.ts +37 -0
  226. package/dist/detectors/dos-unbounded-loop-external-call-revert.js +541 -0
  227. package/dist/detectors/eip1167-proxy-reentrancy.d.ts +7 -0
  228. package/dist/detectors/eip1167-proxy-reentrancy.js +508 -0
  229. package/dist/detectors/eip4626-vault-reentrancy.d.ts +32 -0
  230. package/dist/detectors/eip4626-vault-reentrancy.js +312 -0
  231. package/dist/detectors/eip5792-auth-replay.d.ts +45 -0
  232. package/dist/detectors/eip5792-auth-replay.js +519 -0
  233. package/dist/detectors/eip712-domain-separator.d.ts +42 -0
  234. package/dist/detectors/eip712-domain-separator.js +524 -0
  235. package/dist/detectors/eip712-signature-verification.d.ts +49 -0
  236. package/dist/detectors/eip712-signature-verification.js +689 -0
  237. package/dist/detectors/eip7702-auth-replay.d.ts +7 -0
  238. package/dist/detectors/eip7702-auth-replay.js +768 -0
  239. package/dist/detectors/eip7702-cross-chain-replay.d.ts +27 -0
  240. package/dist/detectors/eip7702-cross-chain-replay.js +307 -0
  241. package/dist/detectors/eip7702-delegated-eoa-approval-race.d.ts +39 -0
  242. package/dist/detectors/eip7702-delegated-eoa-approval-race.js +413 -0
  243. package/dist/detectors/eip7702-delegation-reentrancy.d.ts +21 -0
  244. package/dist/detectors/eip7702-delegation-reentrancy.js +705 -0
  245. package/dist/detectors/eip7702-delegation-risk.d.ts +7 -0
  246. package/dist/detectors/eip7702-delegation-risk.js +745 -0
  247. package/dist/detectors/eip7702-eoa-assumption.d.ts +57 -0
  248. package/dist/detectors/eip7702-eoa-assumption.js +461 -0
  249. package/dist/detectors/erc1155-batch-missing-per-id-approval.d.ts +23 -0
  250. package/dist/detectors/erc1155-batch-missing-per-id-approval.js +343 -0
  251. package/dist/detectors/erc1155-reentrancy.d.ts +31 -0
  252. package/dist/detectors/erc1155-reentrancy.js +217 -0
  253. package/dist/detectors/erc1271-stub-implementation.d.ts +21 -0
  254. package/dist/detectors/erc1271-stub-implementation.js +268 -0
  255. package/dist/detectors/erc20-safe-wrapper-return-unchecked.d.ts +43 -0
  256. package/dist/detectors/erc20-safe-wrapper-return-unchecked.js +368 -0
  257. package/dist/detectors/erc20-unchecked-non-standard-return.d.ts +55 -0
  258. package/dist/detectors/erc20-unchecked-non-standard-return.js +454 -0
  259. package/dist/detectors/erc2612-permit-frontrunning.d.ts +23 -0
  260. package/dist/detectors/erc2612-permit-frontrunning.js +246 -0
  261. package/dist/detectors/erc2771-context-spoofing.d.ts +41 -0
  262. package/dist/detectors/erc2771-context-spoofing.js +510 -0
  263. package/dist/detectors/erc4337-validation-storage-access.d.ts +35 -0
  264. package/dist/detectors/erc4337-validation-storage-access.js +232 -0
  265. package/dist/detectors/erc4626-totalassets-stub.d.ts +17 -0
  266. package/dist/detectors/erc4626-totalassets-stub.js +216 -0
  267. package/dist/detectors/erc6909-balance-overflow.d.ts +7 -0
  268. package/dist/detectors/erc6909-balance-overflow.js +688 -0
  269. package/dist/detectors/erc6909-operator-scope.d.ts +49 -0
  270. package/dist/detectors/erc6909-operator-scope.js +494 -0
  271. package/dist/detectors/erc721-unchecked-transfer.d.ts +38 -0
  272. package/dist/detectors/erc721-unchecked-transfer.js +364 -0
  273. package/dist/detectors/erc7579-module-install-without-threshold.d.ts +40 -0
  274. package/dist/detectors/erc7579-module-install-without-threshold.js +338 -0
  275. package/dist/detectors/erc7683-fill-validation.d.ts +53 -0
  276. package/dist/detectors/erc7683-fill-validation.js +758 -0
  277. package/dist/detectors/erc7683-intent-resolution.d.ts +7 -0
  278. package/dist/detectors/erc7683-intent-resolution.js +457 -0
  279. package/dist/detectors/erc777-callback-reentrancy.d.ts +8 -0
  280. package/dist/detectors/erc777-callback-reentrancy.js +439 -0
  281. package/dist/detectors/erc777-reentrancy.d.ts +7 -0
  282. package/dist/detectors/erc777-reentrancy.js +488 -0
  283. package/dist/detectors/erc777-tokens-to-send-reentrancy.d.ts +47 -0
  284. package/dist/detectors/erc777-tokens-to-send-reentrancy.js +674 -0
  285. package/dist/detectors/estuary-token-flaw.d.ts +16 -0
  286. package/dist/detectors/estuary-token-flaw.js +547 -0
  287. package/dist/detectors/euler-debt-token-manipulation.d.ts +32 -0
  288. package/dist/detectors/euler-debt-token-manipulation.js +347 -0
  289. package/dist/detectors/exploiting-a-vulnerability-in-curve-fina.d.ts +29 -0
  290. package/dist/detectors/exploiting-a-vulnerability-in-curve-fina.js +210 -0
  291. package/dist/detectors/fallback-delegatecall-reentrancy.d.ts +14 -0
  292. package/dist/detectors/fallback-delegatecall-reentrancy.js +236 -0
  293. package/dist/detectors/farm-business-logic-flaw-lack-of-access.d.ts +7 -0
  294. package/dist/detectors/farm-business-logic-flaw-lack-of-access.js +665 -0
  295. package/dist/detectors/fee-mechanism-exploitation.d.ts +20 -0
  296. package/dist/detectors/fee-mechanism-exploitation.js +400 -0
  297. package/dist/detectors/fee-on-transfer-balance-mismatch.d.ts +49 -0
  298. package/dist/detectors/fee-on-transfer-balance-mismatch.js +394 -0
  299. package/dist/detectors/fhe-encrypted-input-validation.d.ts +29 -0
  300. package/dist/detectors/fhe-encrypted-input-validation.js +210 -0
  301. package/dist/detectors/fhe-handle-leakage.d.ts +44 -0
  302. package/dist/detectors/fhe-handle-leakage.js +315 -0
  303. package/dist/detectors/fhe-oz-pattern-misuse.d.ts +26 -0
  304. package/dist/detectors/fhe-oz-pattern-misuse.js +311 -0
  305. package/dist/detectors/fhe-state-leakage.d.ts +8 -0
  306. package/dist/detectors/fhe-state-leakage.js +400 -0
  307. package/dist/detectors/fi-bridges.d.ts +33 -0
  308. package/dist/detectors/fi-bridges.js +428 -0
  309. package/dist/detectors/finance-access-control-price-oracle-man.d.ts +9 -0
  310. package/dist/detectors/finance-access-control-price-oracle-man.js +640 -0
  311. package/dist/detectors/finance-bridge-address0safetransferfrom.d.ts +8 -0
  312. package/dist/detectors/finance-bridge-address0safetransferfrom.js +574 -0
  313. package/dist/detectors/finance-business-logic-in-mint.d.ts +54 -0
  314. package/dist/detectors/finance-business-logic-in-mint.js +687 -0
  315. package/dist/detectors/finance-erc667-reentrancy.d.ts +7 -0
  316. package/dist/detectors/finance-erc667-reentrancy.js +509 -0
  317. package/dist/detectors/finance-flashloan-price-oracle-manipul.d.ts +7 -0
  318. package/dist/detectors/finance-flashloan-price-oracle-manipul.js +546 -0
  319. package/dist/detectors/finance-flashloan-reentrancy.d.ts +7 -0
  320. package/dist/detectors/finance-flashloan-reentrancy.js +547 -0
  321. package/dist/detectors/finance-swap-metapool-attack.d.ts +19 -0
  322. package/dist/detectors/finance-swap-metapool-attack.js +321 -0
  323. package/dist/detectors/flashloan-price-manipulation.d.ts +7 -0
  324. package/dist/detectors/flashloan-price-manipulation.js +950 -0
  325. package/dist/detectors/flashloan-reentrancy-rari.d.ts +28 -0
  326. package/dist/detectors/flashloan-reentrancy-rari.js +577 -0
  327. package/dist/detectors/flashloan-reentrancy.d.ts +7 -0
  328. package/dist/detectors/flashloan-reentrancy.js +383 -0
  329. package/dist/detectors/flashloan-token-migrate.d.ts +7 -0
  330. package/dist/detectors/flashloan-token-migrate.js +274 -0
  331. package/dist/detectors/force-fed-eth-state-corruption.d.ts +32 -0
  332. package/dist/detectors/force-fed-eth-state-corruption.js +293 -0
  333. package/dist/detectors/free-mint-bug.d.ts +41 -0
  334. package/dist/detectors/free-mint-bug.js +483 -0
  335. package/dist/detectors/front-running-orderbook-state-update.d.ts +37 -0
  336. package/dist/detectors/front-running-orderbook-state-update.js +471 -0
  337. package/dist/detectors/front-running-shared-collateral-write.d.ts +41 -0
  338. package/dist/detectors/front-running-shared-collateral-write.js +508 -0
  339. package/dist/detectors/fusion-v1-settlement-arbitrary-yul-calld.d.ts +30 -0
  340. package/dist/detectors/fusion-v1-settlement-arbitrary-yul-calld.js +354 -0
  341. package/dist/detectors/generalized-frontrunning.d.ts +7 -0
  342. package/dist/detectors/generalized-frontrunning.js +836 -0
  343. package/dist/detectors/governance-flash-loan.d.ts +62 -0
  344. package/dist/detectors/governance-flash-loan.js +452 -0
  345. package/dist/detectors/governance-flashloan-vote.d.ts +41 -0
  346. package/dist/detectors/governance-flashloan-vote.js +272 -0
  347. package/dist/detectors/halborn-security-report-aave-v3.d.ts +6 -0
  348. package/dist/detectors/halborn-security-report-aave-v3.js +357 -0
  349. package/dist/detectors/incorrect-access-control.d.ts +26 -0
  350. package/dist/detectors/incorrect-access-control.js +328 -0
  351. package/dist/detectors/incorrect-burn-accounting.d.ts +10 -0
  352. package/dist/detectors/incorrect-burn-accounting.js +387 -0
  353. package/dist/detectors/incorrect-dividends-calculation.d.ts +27 -0
  354. package/dist/detectors/incorrect-dividends-calculation.js +524 -0
  355. package/dist/detectors/incorrect-dividends.d.ts +27 -0
  356. package/dist/detectors/incorrect-dividends.js +485 -0
  357. package/dist/detectors/incorrect-input-validation.d.ts +23 -0
  358. package/dist/detectors/incorrect-input-validation.js +312 -0
  359. package/dist/detectors/incorrect-signature-verification.d.ts +26 -0
  360. package/dist/detectors/incorrect-signature-verification.js +530 -0
  361. package/dist/detectors/infinite-loop.d.ts +7 -0
  362. package/dist/detectors/infinite-loop.js +440 -0
  363. package/dist/detectors/infinite-number-of-loans.d.ts +13 -0
  364. package/dist/detectors/infinite-number-of-loans.js +565 -0
  365. package/dist/detectors/inheritance-override.d.ts +26 -0
  366. package/dist/detectors/inheritance-override.js +320 -0
  367. package/dist/detectors/initialization-access-control.d.ts +8 -0
  368. package/dist/detectors/initialization-access-control.js +659 -0
  369. package/dist/detectors/insecure-randomness.d.ts +73 -0
  370. package/dist/detectors/insecure-randomness.js +610 -0
  371. package/dist/detectors/insufficient-access-control-trusted-param.d.ts +39 -0
  372. package/dist/detectors/insufficient-access-control-trusted-param.js +356 -0
  373. package/dist/detectors/insufficient-dvn-threshold.d.ts +32 -0
  374. package/dist/detectors/insufficient-dvn-threshold.js +585 -0
  375. package/dist/detectors/integer-overflow-detector.d.ts +45 -0
  376. package/dist/detectors/integer-overflow-detector.js +284 -0
  377. package/dist/detectors/integer-overflow.d.ts +95 -0
  378. package/dist/detectors/integer-overflow.js +344 -0
  379. package/dist/detectors/integer-underflow.d.ts +7 -0
  380. package/dist/detectors/integer-underflow.js +422 -0
  381. package/dist/detectors/intent-settlement-balance-manipulation.d.ts +22 -0
  382. package/dist/detectors/intent-settlement-balance-manipulation.js +548 -0
  383. package/dist/detectors/l1-to-l2-message-reentrancy.d.ts +7 -0
  384. package/dist/detectors/l1-to-l2-message-reentrancy.js +545 -0
  385. package/dist/detectors/l2-withdrawal-validation.d.ts +8 -0
  386. package/dist/detectors/l2-withdrawal-validation.js +303 -0
  387. package/dist/detectors/lack-of-access-control.d.ts +7 -0
  388. package/dist/detectors/lack-of-access-control.js +425 -0
  389. package/dist/detectors/lack-of-calldata-validation.d.ts +16 -0
  390. package/dist/detectors/lack-of-calldata-validation.js +914 -0
  391. package/dist/detectors/lack-of-input-validation-reentrancy.d.ts +7 -0
  392. package/dist/detectors/lack-of-input-validation-reentrancy.js +637 -0
  393. package/dist/detectors/lack-of-slippage-control.d.ts +7 -0
  394. package/dist/detectors/lack-of-slippage-control.js +513 -0
  395. package/dist/detectors/lack-of-slippage-protection.d.ts +7 -0
  396. package/dist/detectors/lack-of-slippage-protection.js +474 -0
  397. package/dist/detectors/lack-of-validation-data.d.ts +23 -0
  398. package/dist/detectors/lack-of-validation-data.js +391 -0
  399. package/dist/detectors/lack-of-validation-pool.d.ts +7 -0
  400. package/dist/detectors/lack-of-validation-pool.js +492 -0
  401. package/dist/detectors/lack-of-validation-userdata.d.ts +7 -0
  402. package/dist/detectors/lack-of-validation-userdata.js +583 -0
  403. package/dist/detectors/lack-of-validation.d.ts +27 -0
  404. package/dist/detectors/lack-of-validation.js +609 -0
  405. package/dist/detectors/layerzero-dvn-quorum-missing.d.ts +22 -0
  406. package/dist/detectors/layerzero-dvn-quorum-missing.js +464 -0
  407. package/dist/detectors/layerzero-v2-unverified-origin.d.ts +40 -0
  408. package/dist/detectors/layerzero-v2-unverified-origin.js +368 -0
  409. package/dist/detectors/liquidation-accounting-desync.d.ts +14 -0
  410. package/dist/detectors/liquidation-accounting-desync.js +145 -0
  411. package/dist/detectors/liquidation-gain-manipulation.d.ts +42 -0
  412. package/dist/detectors/liquidation-gain-manipulation.js +606 -0
  413. package/dist/detectors/liquidation-price-rounding-advantage.d.ts +26 -0
  414. package/dist/detectors/liquidation-price-rounding-advantage.js +283 -0
  415. package/dist/detectors/liquidity-poisoning.d.ts +25 -0
  416. package/dist/detectors/liquidity-poisoning.js +339 -0
  417. package/dist/detectors/loans-malicious-proposal-price-oracle.d.ts +44 -0
  418. package/dist/detectors/loans-malicious-proposal-price-oracle.js +813 -0
  419. package/dist/detectors/logic-flaw.d.ts +186 -0
  420. package/dist/detectors/logic-flaw.js +3356 -0
  421. package/dist/detectors/manipulation-of-funds.d.ts +31 -0
  422. package/dist/detectors/manipulation-of-funds.js +304 -0
  423. package/dist/detectors/merkl-unsafe-claim-callback.d.ts +22 -0
  424. package/dist/detectors/merkl-unsafe-claim-callback.js +94 -0
  425. package/dist/detectors/mev-boost-timestamp.d.ts +7 -0
  426. package/dist/detectors/mev-boost-timestamp.js +318 -0
  427. package/dist/detectors/mev-merge-exploit.d.ts +29 -0
  428. package/dist/detectors/mev-merge-exploit.js +397 -0
  429. package/dist/detectors/mev-sandwich-vulnerability.d.ts +24 -0
  430. package/dist/detectors/mev-sandwich-vulnerability.js +648 -0
  431. package/dist/detectors/mev-slot-manipulation.d.ts +36 -0
  432. package/dist/detectors/mev-slot-manipulation.js +691 -0
  433. package/dist/detectors/mevbot-insufficient-validation.d.ts +48 -0
  434. package/dist/detectors/mevbot-insufficient-validation.js +574 -0
  435. package/dist/detectors/migration-rebalance-without-bound.d.ts +7 -0
  436. package/dist/detectors/migration-rebalance-without-bound.js +514 -0
  437. package/dist/detectors/mint-hardcoded-asset-parity.d.ts +31 -0
  438. package/dist/detectors/mint-hardcoded-asset-parity.js +356 -0
  439. package/dist/detectors/miscalculation-on-spendallowance.d.ts +7 -0
  440. package/dist/detectors/miscalculation-on-spendallowance.js +188 -0
  441. package/dist/detectors/misconfiguration.d.ts +27 -0
  442. package/dist/detectors/misconfiguration.js +410 -0
  443. package/dist/detectors/missing-access-control-caller-supplied-auth.d.ts +7 -0
  444. package/dist/detectors/missing-access-control-caller-supplied-auth.js +550 -0
  445. package/dist/detectors/missing-access-control-receiver-payout.d.ts +7 -0
  446. package/dist/detectors/missing-access-control-receiver-payout.js +460 -0
  447. package/dist/detectors/missing-access-control-role-or-transferfrom.d.ts +7 -0
  448. package/dist/detectors/missing-access-control-role-or-transferfrom.js +663 -0
  449. package/dist/detectors/missing-access-control.d.ts +19 -0
  450. package/dist/detectors/missing-access-control.js +781 -0
  451. package/dist/detectors/missing-sequencer-uptime-check.d.ts +30 -0
  452. package/dist/detectors/missing-sequencer-uptime-check.js +348 -0
  453. package/dist/detectors/missing-storage-gap.d.ts +19 -0
  454. package/dist/detectors/missing-storage-gap.js +193 -0
  455. package/dist/detectors/missing-swap-deadline-slippage.d.ts +31 -0
  456. package/dist/detectors/missing-swap-deadline-slippage.js +231 -0
  457. package/dist/detectors/missing-zk-proof-verification.d.ts +60 -0
  458. package/dist/detectors/missing-zk-proof-verification.js +547 -0
  459. package/dist/detectors/my-experience-with-yearn-finance.d.ts +7 -0
  460. package/dist/detectors/my-experience-with-yearn-finance.js +552 -0
  461. package/dist/detectors/network-bridge-ronin.d.ts +7 -0
  462. package/dist/detectors/network-bridge-ronin.js +408 -0
  463. package/dist/detectors/network-bridge.d.ts +7 -0
  464. package/dist/detectors/network-bridge.js +444 -0
  465. package/dist/detectors/network-underflow.d.ts +7 -0
  466. package/dist/detectors/network-underflow.js +517 -0
  467. package/dist/detectors/nft-denial-of-service.d.ts +7 -0
  468. package/dist/detectors/nft-denial-of-service.js +223 -0
  469. package/dist/detectors/nft-marketplace-order-reentrancy.d.ts +7 -0
  470. package/dist/detectors/nft-marketplace-order-reentrancy.js +427 -0
  471. package/dist/detectors/nft-token-standard-access-control.d.ts +7 -0
  472. package/dist/detectors/nft-token-standard-access-control.js +455 -0
  473. package/dist/detectors/oracle-manipulation-amm-spot-price.d.ts +42 -0
  474. package/dist/detectors/oracle-manipulation-amm-spot-price.js +321 -0
  475. package/dist/detectors/oracle-manipulation-liquidity-withdrawal.d.ts +27 -0
  476. package/dist/detectors/oracle-manipulation-liquidity-withdrawal.js +192 -0
  477. package/dist/detectors/oracle-manipulation.d.ts +90 -0
  478. package/dist/detectors/oracle-manipulation.js +1023 -0
  479. package/dist/detectors/oracle-vortex-manipulation.d.ts +30 -0
  480. package/dist/detectors/oracle-vortex-manipulation.js +473 -0
  481. package/dist/detectors/overpriced-asset-in-oracle.d.ts +41 -0
  482. package/dist/detectors/overpriced-asset-in-oracle.js +420 -0
  483. package/dist/detectors/oz-access-control-roles.d.ts +33 -0
  484. package/dist/detectors/oz-access-control-roles.js +359 -0
  485. package/dist/detectors/pair-manipulation-transfer-hook.d.ts +38 -0
  486. package/dist/detectors/pair-manipulation-transfer-hook.js +366 -0
  487. package/dist/detectors/parameter-access-control.d.ts +47 -0
  488. package/dist/detectors/parameter-access-control.js +511 -0
  489. package/dist/detectors/parameter-manipulation.d.ts +7 -0
  490. package/dist/detectors/parameter-manipulation.js +505 -0
  491. package/dist/detectors/parity-multisig-delegatecall.d.ts +7 -0
  492. package/dist/detectors/parity-multisig-delegatecall.js +707 -0
  493. package/dist/detectors/permissionless-claim-amm-spot-pricing.d.ts +7 -0
  494. package/dist/detectors/permissionless-claim-amm-spot-pricing.js +351 -0
  495. package/dist/detectors/permit-future-dated-deadline.d.ts +31 -0
  496. package/dist/detectors/permit-future-dated-deadline.js +339 -0
  497. package/dist/detectors/phishing-attack-bybit.d.ts +37 -0
  498. package/dist/detectors/phishing-attack-bybit.js +513 -0
  499. package/dist/detectors/post-insolvency-check.d.ts +7 -0
  500. package/dist/detectors/post-insolvency-check.js +277 -0
  501. package/dist/detectors/precision-loss-vulnerability.d.ts +7 -0
  502. package/dist/detectors/precision-loss-vulnerability.js +472 -0
  503. package/dist/detectors/precision-truncation.d.ts +8 -0
  504. package/dist/detectors/precision-truncation.js +425 -0
  505. package/dist/detectors/price-dependency-veth.d.ts +41 -0
  506. package/dist/detectors/price-dependency-veth.js +588 -0
  507. package/dist/detectors/price-feed-verification.d.ts +7 -0
  508. package/dist/detectors/price-feed-verification.js +557 -0
  509. package/dist/detectors/price-manipulation-reentrancy.d.ts +32 -0
  510. package/dist/detectors/price-manipulation-reentrancy.js +445 -0
  511. package/dist/detectors/price-manipulation-via-reentranc.d.ts +7 -0
  512. package/dist/detectors/price-manipulation-via-reentranc.js +569 -0
  513. package/dist/detectors/price-oracle-manipulation.d.ts +25 -0
  514. package/dist/detectors/price-oracle-manipulation.js +530 -0
  515. package/dist/detectors/project-instant-rewards-unlocked.d.ts +6 -0
  516. package/dist/detectors/project-instant-rewards-unlocked.js +462 -0
  517. package/dist/detectors/protocol-reentrancy.d.ts +7 -0
  518. package/dist/detectors/protocol-reentrancy.js +457 -0
  519. package/dist/detectors/proxy-init-race.d.ts +11 -0
  520. package/dist/detectors/proxy-init-race.js +634 -0
  521. package/dist/detectors/proxy-storage-slot-collision.d.ts +7 -0
  522. package/dist/detectors/proxy-storage-slot-collision.js +135 -0
  523. package/dist/detectors/public-internal-function.d.ts +39 -0
  524. package/dist/detectors/public-internal-function.js +233 -0
  525. package/dist/detectors/quote-silent-zero.d.ts +25 -0
  526. package/dist/detectors/quote-silent-zero.js +156 -0
  527. package/dist/detectors/readonly-reentrancy.d.ts +9 -0
  528. package/dist/detectors/readonly-reentrancy.js +108 -0
  529. package/dist/detectors/receipt-redemption-missing-validation.d.ts +31 -0
  530. package/dist/detectors/receipt-redemption-missing-validation.js +453 -0
  531. package/dist/detectors/reentrancy-balance.d.ts +36 -0
  532. package/dist/detectors/reentrancy-balance.js +577 -0
  533. package/dist/detectors/reentrancy-business-logic-game.d.ts +36 -0
  534. package/dist/detectors/reentrancy-business-logic-game.js +616 -0
  535. package/dist/detectors/reentrancy-on-sell-nft.d.ts +23 -0
  536. package/dist/detectors/reentrancy-on-sell-nft.js +510 -0
  537. package/dist/detectors/reflection-token-balance-desync.d.ts +28 -0
  538. package/dist/detectors/reflection-token-balance-desync.js +246 -0
  539. package/dist/detectors/registry-engine.d.ts +34 -0
  540. package/dist/detectors/registry-engine.js +388 -0
  541. package/dist/detectors/rollup-unvalidated-state-update.d.ts +35 -0
  542. package/dist/detectors/rollup-unvalidated-state-update.js +286 -0
  543. package/dist/detectors/s-horizon-bridge-private-key-compromis.d.ts +8 -0
  544. package/dist/detectors/s-horizon-bridge-private-key-compromis.js +615 -0
  545. package/dist/detectors/share-price-manipulation.d.ts +7 -0
  546. package/dist/detectors/share-price-manipulation.js +653 -0
  547. package/dist/detectors/signature-replay.d.ts +30 -0
  548. package/dist/detectors/signature-replay.js +367 -0
  549. package/dist/detectors/simpleswap-unverified-approval.d.ts +27 -0
  550. package/dist/detectors/simpleswap-unverified-approval.js +198 -0
  551. package/dist/detectors/single-spot-oracle-collateral-valuation.d.ts +22 -0
  552. package/dist/detectors/single-spot-oracle-collateral-valuation.js +419 -0
  553. package/dist/detectors/skim-token-balance.d.ts +7 -0
  554. package/dist/detectors/skim-token-balance.js +788 -0
  555. package/dist/detectors/sky-oft-governance-payload.d.ts +7 -0
  556. package/dist/detectors/sky-oft-governance-payload.js +515 -0
  557. package/dist/detectors/sky-oft-governance-truncation.d.ts +32 -0
  558. package/dist/detectors/sky-oft-governance-truncation.js +377 -0
  559. package/dist/detectors/solana-evm-bridge-truncation.d.ts +7 -0
  560. package/dist/detectors/solana-evm-bridge-truncation.js +638 -0
  561. package/dist/detectors/solhint-unchecked-low-level-call.d.ts +74 -0
  562. package/dist/detectors/solhint-unchecked-low-level-call.js +463 -0
  563. package/dist/detectors/stablecoin-pair-spot-oracle.d.ts +7 -0
  564. package/dist/detectors/stablecoin-pair-spot-oracle.js +364 -0
  565. package/dist/detectors/staked-rate-as-oracle.d.ts +44 -0
  566. package/dist/detectors/staked-rate-as-oracle.js +497 -0
  567. package/dist/detectors/stale-oracle.d.ts +63 -0
  568. package/dist/detectors/stale-oracle.js +649 -0
  569. package/dist/detectors/starkware-proof-validation-gap.d.ts +18 -0
  570. package/dist/detectors/starkware-proof-validation-gap.js +629 -0
  571. package/dist/detectors/steth-transfer-reentrancy.d.ts +8 -0
  572. package/dist/detectors/steth-transfer-reentrancy.js +317 -0
  573. package/dist/detectors/storage-collision-malicious-proposal.d.ts +27 -0
  574. package/dist/detectors/storage-collision-malicious-proposal.js +386 -0
  575. package/dist/detectors/timestamp-manipulation.d.ts +49 -0
  576. package/dist/detectors/timestamp-manipulation.js +383 -0
  577. package/dist/detectors/token-access-control.d.ts +7 -0
  578. package/dist/detectors/token-access-control.js +544 -0
  579. package/dist/detectors/token-incorrect-signature-verification.d.ts +23 -0
  580. package/dist/detectors/token-incorrect-signature-verification.js +434 -0
  581. package/dist/detectors/token-transfer-logic-flaw.d.ts +33 -0
  582. package/dist/detectors/token-transfer-logic-flaw.js +267 -0
  583. package/dist/detectors/transfer-double-debit-pool-recipient.d.ts +7 -0
  584. package/dist/detectors/transfer-double-debit-pool-recipient.js +542 -0
  585. package/dist/detectors/treasury-reentrancy.d.ts +7 -0
  586. package/dist/detectors/treasury-reentrancy.js +442 -0
  587. package/dist/detectors/tstore-poison.d.ts +32 -0
  588. package/dist/detectors/tstore-poison.js +417 -0
  589. package/dist/detectors/tstore-race-condition.d.ts +7 -0
  590. package/dist/detectors/tstore-race-condition.js +632 -0
  591. package/dist/detectors/types.d.ts +85 -0
  592. package/dist/detectors/types.js +20 -0
  593. package/dist/detectors/unauthorized-payer-transferfrom.d.ts +66 -0
  594. package/dist/detectors/unauthorized-payer-transferfrom.js +339 -0
  595. package/dist/detectors/unauthorized-transferfrom-shell.d.ts +7 -0
  596. package/dist/detectors/unauthorized-transferfrom-shell.js +504 -0
  597. package/dist/detectors/unauthorized-transferfrom.d.ts +16 -0
  598. package/dist/detectors/unauthorized-transferfrom.js +838 -0
  599. package/dist/detectors/unbound-zk-verifier-input.d.ts +7 -0
  600. package/dist/detectors/unbound-zk-verifier-input.js +445 -0
  601. package/dist/detectors/unbounded-share-price-collateral-oracle.d.ts +48 -0
  602. package/dist/detectors/unbounded-share-price-collateral-oracle.js +566 -0
  603. package/dist/detectors/uncapped-reward-emission.d.ts +7 -0
  604. package/dist/detectors/uncapped-reward-emission.js +493 -0
  605. package/dist/detectors/unchecked-call-forwarding.d.ts +31 -0
  606. package/dist/detectors/unchecked-call-forwarding.js +330 -0
  607. package/dist/detectors/unchecked-external-call-unconditional-state-mutation.d.ts +18 -0
  608. package/dist/detectors/unchecked-external-call-unconditional-state-mutation.js +311 -0
  609. package/dist/detectors/unchecked-external-call.d.ts +66 -0
  610. package/dist/detectors/unchecked-external-call.js +389 -0
  611. package/dist/detectors/unchecked-oft-return.d.ts +13 -0
  612. package/dist/detectors/unchecked-oft-return.js +118 -0
  613. package/dist/detectors/unguarded-governance-execution.d.ts +35 -0
  614. package/dist/detectors/unguarded-governance-execution.js +422 -0
  615. package/dist/detectors/unguarded-governance-executor.d.ts +35 -0
  616. package/dist/detectors/unguarded-governance-executor.js +349 -0
  617. package/dist/detectors/unindexed-event-address.d.ts +7 -0
  618. package/dist/detectors/unindexed-event-address.js +268 -0
  619. package/dist/detectors/uninitialized-implementation.d.ts +27 -0
  620. package/dist/detectors/uninitialized-implementation.js +333 -0
  621. package/dist/detectors/uninitialized-storage-pointer.d.ts +7 -0
  622. package/dist/detectors/uninitialized-storage-pointer.js +110 -0
  623. package/dist/detectors/uniswap-skim-token-balance-attack.d.ts +8 -0
  624. package/dist/detectors/uniswap-skim-token-balance-attack.js +331 -0
  625. package/dist/detectors/uniswap-v4-hook-state-manipulation.d.ts +7 -0
  626. package/dist/detectors/uniswap-v4-hook-state-manipulation.js +296 -0
  627. package/dist/detectors/unprotected-admin-or-fund-sink.d.ts +7 -0
  628. package/dist/detectors/unprotected-admin-or-fund-sink.js +643 -0
  629. package/dist/detectors/unprotected-dex-swap.d.ts +43 -0
  630. package/dist/detectors/unprotected-dex-swap.js +334 -0
  631. package/dist/detectors/unprotected-initializer.d.ts +7 -0
  632. package/dist/detectors/unprotected-initializer.js +707 -0
  633. package/dist/detectors/unprotected-pair-initializer.d.ts +22 -0
  634. package/dist/detectors/unprotected-pair-initializer.js +359 -0
  635. package/dist/detectors/unprotected-upgrade-function.d.ts +7 -0
  636. package/dist/detectors/unprotected-upgrade-function.js +180 -0
  637. package/dist/detectors/unreachable-code-0.8.28.d.ts +19 -0
  638. package/dist/detectors/unreachable-code-0.8.28.js +206 -0
  639. package/dist/detectors/unsafe-proxy-storage.d.ts +7 -0
  640. package/dist/detectors/unsafe-proxy-storage.js +436 -0
  641. package/dist/detectors/unsafe-transient-storage.d.ts +7 -0
  642. package/dist/detectors/unsafe-transient-storage.js +1052 -0
  643. package/dist/detectors/unsafe-tx-origin.d.ts +9 -0
  644. package/dist/detectors/unsafe-tx-origin.js +179 -0
  645. package/dist/detectors/unsigned-validity-window.d.ts +20 -0
  646. package/dist/detectors/unsigned-validity-window.js +220 -0
  647. package/dist/detectors/unvalidated-interface-address.d.ts +25 -0
  648. package/dist/detectors/unvalidated-interface-address.js +377 -0
  649. package/dist/detectors/uups-uninitialized-storage.d.ts +9 -0
  650. package/dist/detectors/uups-uninitialized-storage.js +366 -0
  651. package/dist/detectors/v2-error-k-value-attack.d.ts +33 -0
  652. package/dist/detectors/v2-error-k-value-attack.js +276 -0
  653. package/dist/detectors/v2-k-invariant-bypass.d.ts +33 -0
  654. package/dist/detectors/v2-k-invariant-bypass.js +283 -0
  655. package/dist/detectors/v4-hook-reentrancy.d.ts +9 -0
  656. package/dist/detectors/v4-hook-reentrancy.js +488 -0
  657. package/dist/detectors/vault-inflation-rounding.d.ts +23 -0
  658. package/dist/detectors/vault-inflation-rounding.js +477 -0
  659. package/dist/detectors/vault-share-price-manipulation.d.ts +7 -0
  660. package/dist/detectors/vault-share-price-manipulation.js +332 -0
  661. package/dist/detectors/vortex-interaction-guard.d.ts +45 -0
  662. package/dist/detectors/vortex-interaction-guard.js +275 -0
  663. package/dist/detectors/vortex-protocol-reentrancy-guard.d.ts +27 -0
  664. package/dist/detectors/vortex-protocol-reentrancy-guard.js +408 -0
  665. package/dist/detectors/vulnerable-price-dependency.d.ts +41 -0
  666. package/dist/detectors/vulnerable-price-dependency.js +473 -0
  667. package/dist/detectors/weak-random-mint.d.ts +37 -0
  668. package/dist/detectors/weak-random-mint.js +271 -0
  669. package/dist/detectors/withdraw-be-to-withdraw.d.ts +26 -0
  670. package/dist/detectors/withdraw-be-to-withdraw.js +329 -0
  671. package/dist/detectors/wrong-function-visibility.d.ts +29 -0
  672. package/dist/detectors/wrong-function-visibility.js +147 -0
  673. package/dist/detectors/wrong-price-calculation.d.ts +42 -0
  674. package/dist/detectors/wrong-price-calculation.js +387 -0
  675. package/dist/detectors/yearn-vault-v2-share-price-manipulation.d.ts +32 -0
  676. package/dist/detectors/yearn-vault-v2-share-price-manipulation.js +248 -0
  677. package/dist/detectors/zero-fee.d.ts +7 -0
  678. package/dist/detectors/zero-fee.js +596 -0
  679. package/dist/detectors/zetachain-gateway-hack-analysis.d.ts +7 -0
  680. package/dist/detectors/zetachain-gateway-hack-analysis.js +629 -0
  681. package/dist/detectors/zk-rollup-da-gap.d.ts +8 -0
  682. package/dist/detectors/zk-rollup-da-gap.js +322 -0
  683. package/dist/detectors/zksync-batch-validation.d.ts +8 -0
  684. package/dist/detectors/zksync-batch-validation.js +461 -0
  685. package/dist/detectors/zksync-era-rollup-state-update.d.ts +60 -0
  686. package/dist/detectors/zksync-era-rollup-state-update.js +360 -0
  687. package/dist/detectors/zksync-simulation-drift.d.ts +35 -0
  688. package/dist/detectors/zksync-simulation-drift.js +309 -0
  689. package/dist/exit-codes.d.ts +15 -0
  690. package/dist/exit-codes.js +18 -0
  691. package/dist/formatters/github-actions.d.ts +2 -0
  692. package/dist/formatters/github-actions.js +61 -0
  693. package/dist/formatters/sarif.d.ts +24 -0
  694. package/dist/formatters/sarif.js +670 -0
  695. package/dist/formatters/text.d.ts +14 -0
  696. package/dist/formatters/text.js +152 -0
  697. package/dist/fp-rates.json +70 -0
  698. package/dist/identity/diff-baseline.d.ts +16 -0
  699. package/dist/identity/diff-baseline.js +152 -0
  700. package/dist/identity/hashing.d.ts +39 -0
  701. package/dist/identity/hashing.js +96 -0
  702. package/dist/index.d.ts +174 -0
  703. package/dist/index.js +358 -0
  704. package/dist/parallel-scan.d.ts +66 -0
  705. package/dist/parallel-scan.js +227 -0
  706. package/dist/registry.d.ts +17 -0
  707. package/dist/registry.js +118 -0
  708. package/dist/rules/glob.d.ts +5 -0
  709. package/dist/rules/glob.js +76 -0
  710. package/dist/rules/suppressions.d.ts +23 -0
  711. package/dist/rules/suppressions.js +136 -0
  712. package/dist/rules/tiers.d.ts +23 -0
  713. package/dist/rules/tiers.js +341 -0
  714. package/dist/scan-worker.d.ts +1 -0
  715. package/dist/scan-worker.js +61 -0
  716. package/dist/scan.d.ts +24 -0
  717. package/dist/scan.js +558 -0
  718. package/dist/semantic/contracts.d.ts +10 -0
  719. package/dist/semantic/contracts.js +141 -0
  720. package/dist/semantic/diagnostics.d.ts +29 -0
  721. package/dist/semantic/diagnostics.js +25 -0
  722. package/dist/semantic/eog.d.ts +56 -0
  723. package/dist/semantic/eog.js +545 -0
  724. package/dist/semantic/imports.d.ts +88 -0
  725. package/dist/semantic/imports.js +246 -0
  726. package/dist/semantic/index.d.ts +2 -0
  727. package/dist/semantic/index.js +8 -0
  728. package/dist/semantic/inheritance.d.ts +33 -0
  729. package/dist/semantic/inheritance.js +137 -0
  730. package/dist/semantic/model.d.ts +95 -0
  731. package/dist/semantic/model.js +232 -0
  732. package/dist/semantic/taint-tracker.d.ts +49 -0
  733. package/dist/semantic/taint-tracker.js +410 -0
  734. package/dist/semantic/types.d.ts +119 -0
  735. package/dist/semantic/types.js +18 -0
  736. package/dist/severity.d.ts +10 -0
  737. package/dist/severity.js +78 -0
  738. package/package.json +52 -0
package/dist/detectors/unprotected-admin-or-fund-sink.js ADDED
@@ -0,0 +1,643 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.UnprotectedAdminOrFundSinkDetector = void 0;
4
+ const ast_1 = require("./_common/ast");
5
+ const RULE_ID = 'unprotected-admin-or-fund-sink';
6
+ const PROVENANCE = 'x-20231112-mev-0xa247-incorrect-access-control';
7
+ const ACCESS_CONTROL_MODIFIERS = new Set([
8
+ 'onlyowner',
9
+ 'onlyowners',
10
+ 'onlyrole',
11
+ 'onlyadmin',
12
+ 'onlyauthorized',
13
+ 'onlyoperator',
14
+ 'onlyoperators',
15
+ 'onlygovernance',
16
+ 'onlygovernor',
17
+ 'onlyguardian',
18
+ 'onlymanager',
19
+ ]);
20
+ class UnprotectedAdminOrFundSinkDetector {
21
+ id = RULE_ID;
22
+ patternKey = RULE_ID;
23
+ supportedAstKinds = ['parser', 'solc'];
24
+ scanAst(ast, file, sourceText) {
25
+ if (!ast || typeof ast !== 'object')
26
+ return [];
27
+ const findings = [];
28
+ const lineOffsets = buildLineOffsets(sourceText);
29
+ for (const contract of collectContracts(ast)) {
30
+ if (isInterfaceLike(contract))
31
+ continue;
32
+ const contractName = getName(contract) || '<anonymous>';
33
+ const functions = new Map();
34
+ for (const fn of getContractFunctions(contract)) {
35
+ const body = getFunctionBody(fn);
36
+ const params = collectParameterInfo(fn);
37
+ const orderedParameterNames = params.map(p => p.name);
38
+ const addressLikeParameterNames = new Set(params.filter(p => p.isAddressLike && p.name).map(p => p.name));
39
+ const info = {
40
+ node: fn,
41
+ name: functionDisplayName(fn),
42
+ body,
43
+ orderedParameterNames,
44
+ addressLikeParameterNames,
45
+ sinkNodes: [],
46
+ internalCallSites: collectInternalCallSites(body),
47
+ };
48
+ info.sinkNodes = collectSinkNodes(body, addressLikeParameterNames);
49
+ functions.set(info.name, info);
50
+ }
51
+ const seen = new Set();
52
+ const pending = [];
53
+ for (const info of functions.values()) {
54
+ if (!isExternallyCallable(info.node))
55
+ continue;
56
+ if (!info.body)
57
+ continue;
58
+ if (hasRecognizedAccessControlModifier(info.node))
59
+ continue;
60
+ const firstSink = findFirstReachableSink(info, functions, new Map(), new Set());
61
+ if (!firstSink)
62
+ continue;
63
+ if (hasInlineGuardBeforeNode(info.body, firstSink, functions))
64
+ continue;
65
+ if (hasNonReentrantModifier(info.node) && !hasReachableAdminMutationSink(info, functions, new Set()))
66
+ continue;
67
+ const key = `${contractName}:${info.name}`;
68
+ if (seen.has(key))
69
+ continue;
70
+ seen.add(key);
71
+ const fnLoc = (0, ast_1.getLoc)(info.node, lineOffsets) || { line: 0, column: 0 };
72
+ pending.push({
73
+ isAdminMutation: hasReachableAdminMutationSink(info, functions, new Set()),
74
+ finding: {
75
+ file,
76
+ contract: contractName,
77
+ 'function': info.name,
78
+ line: fnLoc.line,
79
+ endLine: fnLoc.line,
80
+ column: fnLoc.column,
81
+ pattern: RULE_ID,
82
+ confidence: 'high',
83
+ ruleId: RULE_ID,
84
+ severity: 'error',
85
+ message: `Incorrect access control in '${contractName}.${info.name}': an externally callable function reaches an admin mutation or contract-held withdrawal without an owner/role guard before the privileged operation.`,
86
+ rationale: 'Mirrors a known MEV-bot access-control exploit shape: any caller can invoke an exposed selector that removes caller-supplied admin accounts or withdraws contract-held native/ERC20 value to msg.sender because no owner/role authorization dominates the sink.',
87
+ suggestedFix: 'Add onlyOwner/onlyRole or an early require(msg.sender == owner) / require(hasRole(role, msg.sender)) guard before admin mutations and contract-held withdrawals; for user withdrawals, keep per-user accounting effects before interactions and use a nonReentrant guard.',
88
+ contractName,
89
+ functionName: info.name,
90
+ sourceLocation: { line: fnLoc.line, column: fnLoc.column },
91
+ findingId: '',
92
+ contractHash: '',
93
+ provenance: PROVENANCE,
94
+ source: PROVENANCE,
95
+ },
96
+ });
97
+ }
98
+ const adminFindings = pending.filter(item => item.isAdminMutation);
99
+ findings.push(...(adminFindings.length > 0 ? adminFindings : pending).map(item => item.finding));
100
+ }
101
+ return findings;
102
+ }
103
+ }
104
+ exports.UnprotectedAdminOrFundSinkDetector = UnprotectedAdminOrFundSinkDetector;
105
+ function collectSinkNodes(body, addressLikeParameterNames) {
106
+ if (!body)
107
+ return [];
108
+ const sinks = [];
109
+ walk(body, node => {
110
+ if (isAdminMutationSink(node, addressLikeParameterNames)) {
111
+ sinks.push(node);
112
+ return;
113
+ }
114
+ if (isTokenTransferToMsgSender(node) || isNativeTransferToMsgSender(node)) {
115
+ // CEI-aware suppression: a transfer to msg.sender preceded by both a caller-entitlement
116
+ // guard (e.g. require(balances[msg.sender] >= amount)) and a caller-specific accounting
117
+ // update (e.g. balances[msg.sender] -= amount, _burn(msg.sender, ...)) is a normal user
118
+ // withdraw / ERC4626 redeem shape — not the unprotected-admin-or-fund-sink contract-held sweep pattern.
119
+ if (isCallerAccountedTransferSink(body, node))
120
+ return;
121
+ sinks.push(node);
122
+ }
123
+ });
124
+ return sinks;
125
+ }
126
+ function findFirstReachableSink(info, functions, binding, visited) {
127
+ if (visited.has(info.name))
128
+ return null;
129
+ visited.add(info.name);
130
+ const statements = getBlockStatements(info.body);
131
+ for (const stmt of statements) {
132
+ for (const sink of info.sinkNodes) {
133
+ if (statementContainsNode(stmt, sink))
134
+ return sink;
135
+ }
136
+ for (const cs of collectInternalCallSites(stmt)) {
137
+ const callee = functions.get(cs.name);
138
+ if (!callee)
139
+ continue;
140
+ const calleeBinding = buildArgumentBinding(callee.orderedParameterNames, cs.arguments, binding);
141
+ const sink = findFirstReachableSink(callee, functions, calleeBinding, new Set(visited));
142
+ if (sink)
143
+ return stmt;
144
+ }
145
+ }
146
+ return null;
147
+ }
148
+ function hasInlineGuardBeforeNode(body, sinkNode, functions) {
149
+ const statements = getBlockStatements(body);
150
+ for (const stmt of statements) {
151
+ if (statementHasInlineGuard(stmt))
152
+ return true;
153
+ if (statementContainsNode(stmt, sinkNode))
154
+ return false;
155
+ for (const cs of collectInternalCallSites(stmt)) {
156
+ const callee = functions.get(cs.name);
157
+ if (callee && hasReachableSink(callee, functions, new Set()))
158
+ return false;
159
+ }
160
+ }
161
+ return false;
162
+ }
163
+ function hasReachableSink(info, functions, visited) {
164
+ if (visited.has(info.name))
165
+ return false;
166
+ visited.add(info.name);
167
+ if (info.sinkNodes.length > 0)
168
+ return true;
169
+ for (const cs of info.internalCallSites) {
170
+ const callee = functions.get(cs.name);
171
+ if (callee && hasReachableSink(callee, functions, visited))
172
+ return true;
173
+ }
174
+ return false;
175
+ }
176
+ function hasReachableAdminMutationSink(info, functions, visited) {
177
+ if (visited.has(info.name))
178
+ return false;
179
+ visited.add(info.name);
180
+ if (hasAdminMutationSink(info.sinkNodes))
181
+ return true;
182
+ for (const cs of info.internalCallSites) {
183
+ const callee = functions.get(cs.name);
184
+ if (callee && hasReachableAdminMutationSink(callee, functions, visited))
185
+ return true;
186
+ }
187
+ return false;
188
+ }
189
+ function isAdminMutationSink(node, addressLikeParameterNames) {
190
+ if (!isAssignmentNode(node))
191
+ return false;
192
+ const left = getAssignmentLeft(node);
193
+ if (!isNode(left, 'IndexAccess'))
194
+ return false;
195
+ if (!isAdminLikeReference(getIndexBase(left)))
196
+ return false;
197
+ if (!isCallerControlledIndex(getIndexIndex(left), addressLikeParameterNames))
198
+ return false;
199
+ return isFalseLike(getAssignmentRight(node));
200
+ }
201
+ function isTokenTransferToMsgSender(node) {
202
+ if (!isFunctionCall(node))
203
+ return false;
204
+ if (getCalleeMemberName(node).toLowerCase() !== 'transfer')
205
+ return false;
206
+ const args = getCallArguments(node);
207
+ return args.length === 2 && isMsgSenderRef(args[0]);
208
+ }
209
+ function isNativeTransferToMsgSender(node) {
210
+ if (!isFunctionCall(node))
211
+ return false;
212
+ if (getCalleeMemberName(node).toLowerCase() !== 'transfer')
213
+ return false;
214
+ const args = getCallArguments(node);
215
+ if (args.length !== 1)
216
+ return false;
217
+ const callee = node.expression;
218
+ return isPayableMsgSender(callee?.expression);
219
+ }
220
+ const CALLER_ACCOUNTING_HELPER_NAMES = new Set([
221
+ '_burn',
222
+ 'burn',
223
+ 'burnfrom',
224
+ '_burnfrom',
225
+ 'burnshares',
226
+ '_burnshares',
227
+ '_decreasebalance',
228
+ 'decreasebalance',
229
+ '_subtractbalance',
230
+ ]);
231
+ function isCallerAccountedTransferSink(body, sinkNode) {
232
+ if (!body || !sinkNode)
233
+ return false;
234
+ let reached = false;
235
+ let hasGuard = false;
236
+ let hasUpdate = false;
237
+ const visit = (node) => {
238
+ if (reached || !node || typeof node !== 'object')
239
+ return;
240
+ if (node === sinkNode) {
241
+ reached = true;
242
+ return;
243
+ }
244
+ if (isCallerEntitlementGuardNode(node))
245
+ hasGuard = true;
246
+ if (isCallerAccountingUpdateNode(node))
247
+ hasUpdate = true;
248
+ for (const child of childrenOf(node)) {
249
+ if (reached)
250
+ return;
251
+ visit(child);
252
+ }
253
+ };
254
+ visit(body);
255
+ return reached && hasGuard && hasUpdate;
256
+ }
257
+ function isCallerEntitlementGuardNode(node) {
258
+ if (!isFunctionCall(node))
259
+ return false;
260
+ const callee = getCalleeIdentifierName(node).toLowerCase();
261
+ if (callee !== 'require' && callee !== 'assert')
262
+ return false;
263
+ const condition = getCallArguments(node)[0];
264
+ return !!condition && referencesCallerOwnedMapping(condition);
265
+ }
266
+ function isCallerAccountingUpdateNode(node) {
267
+ if (isAnyAssignmentNode(node)) {
268
+ const left = getAssignmentLeft(node);
269
+ if (left && isNode(left, 'IndexAccess') && isMsgSenderRef(getIndexIndex(left)))
270
+ return true;
271
+ }
272
+ if (isNode(node, 'UnaryOperation')) {
273
+ const op = String(node.operator || '');
274
+ if (op === '++' || op === '--') {
275
+ const sub = node.subExpression || node.expression;
276
+ if (sub && isNode(sub, 'IndexAccess') && isMsgSenderRef(getIndexIndex(sub)))
277
+ return true;
278
+ }
279
+ }
280
+ if (isFunctionCall(node)) {
281
+ const calleeName = (getCalleeIdentifierName(node) || getCalleeMemberName(node)).toLowerCase();
282
+ if (CALLER_ACCOUNTING_HELPER_NAMES.has(calleeName)) {
283
+ if (getCallArguments(node).some(isMsgSenderRef))
284
+ return true;
285
+ }
286
+ }
287
+ return false;
288
+ }
289
+ function referencesCallerOwnedMapping(node) {
290
+ return walkAny(node, n => isNode(n, 'IndexAccess') && isMsgSenderRef(getIndexIndex(n)));
291
+ }
292
+ function isAnyAssignmentNode(node) {
293
+ if (!node || typeof node !== 'object')
294
+ return false;
295
+ if (isNode(node, 'Assignment'))
296
+ return true;
297
+ if (isNode(node, 'BinaryOperation')) {
298
+ const op = String(node.operator || '');
299
+ return op === '=' || op === '+=' || op === '-=' || op === '*=' || op === '/=' || op === '%='
300
+ || op === '|=' || op === '&=' || op === '^=' || op === '<<=' || op === '>>=';
301
+ }
302
+ return false;
303
+ }
304
+ function isPayableMsgSender(node) {
305
+ if (!isFunctionCall(node))
306
+ return false;
307
+ const callee = node.expression;
308
+ if (!isPayableTypeExpression(callee))
309
+ return false;
310
+ const args = getCallArguments(node);
311
+ return args.length === 1 && isMsgSenderRef(args[0]);
312
+ }
313
+ function isPayableTypeExpression(node) {
314
+ if (!node || typeof node !== 'object')
315
+ return false;
316
+ if (isNode(node, 'Identifier'))
317
+ return String(node.name || '').toLowerCase() === 'payable';
318
+ if (isNode(node, 'ElementaryTypeNameExpression')) {
319
+ const typeName = node.typeName;
320
+ const name = String(typeName?.name || node.name || node.typeDescriptions?.typeString || '').toLowerCase();
321
+ const stateMutability = String(typeName?.stateMutability || node.stateMutability || '').toLowerCase();
322
+ if (name === 'address' && stateMutability === 'payable')
323
+ return true;
324
+ return name === 'payable' || name === 'address payable';
325
+ }
326
+ return false;
327
+ }
328
+ function isAdminLikeReference(node) {
329
+ const name = getReferenceName(node).toLowerCase();
330
+ return /admin|owner|role|operator|auth|permission/.test(name);
331
+ }
332
+ function isCallerControlledIndex(node, addressLikeParameterNames) {
333
+ const name = getIdentifierName(node);
334
+ if (name && addressLikeParameterNames.has(name))
335
+ return true;
336
+ if (isNode(node, 'IndexAccess')) {
337
+ const baseName = getIdentifierName(getIndexBase(node));
338
+ return !!baseName && addressLikeParameterNames.has(baseName);
339
+ }
340
+ return false;
341
+ }
342
+ function hasAdminMutationSink(sinks) {
343
+ return sinks.some(s => isAssignmentNode(s));
344
+ }
345
+ function statementHasInlineGuard(stmt) {
346
+ let guarded = false;
347
+ walk(stmt, node => {
348
+ if (guarded || !isFunctionCall(node))
349
+ return;
350
+ const callee = getCalleeIdentifierName(node).toLowerCase();
351
+ if (callee !== 'require' && callee !== 'assert')
352
+ return;
353
+ const condition = getCallArguments(node)[0];
354
+ if (condition && (containsMsgSenderEquality(condition) || containsHasRoleSenderCall(condition)))
355
+ guarded = true;
356
+ });
357
+ return guarded;
358
+ }
359
+ function containsMsgSenderEquality(node) {
360
+ return walkAny(node, n => {
361
+ if (!isNode(n, 'BinaryOperation') && !isNode(n, 'Assignment'))
362
+ return false;
363
+ const op = String(n.operator || '');
364
+ if (op !== '==' && op !== '===')
365
+ return false;
366
+ const left = getBinaryLeft(n);
367
+ const right = getBinaryRight(n);
368
+ return (isMsgSenderRef(left) && !isMsgSenderRef(right)) || (isMsgSenderRef(right) && !isMsgSenderRef(left));
369
+ });
370
+ }
371
+ function containsHasRoleSenderCall(node) {
372
+ return walkAny(node, n => {
373
+ if (!isFunctionCall(n))
374
+ return false;
375
+ const callee = (getCalleeIdentifierName(n) || getCalleeMemberName(n)).toLowerCase();
376
+ if (callee !== 'hasrole' && callee !== '_checkrole' && callee !== 'checkrole')
377
+ return false;
378
+ return getCallArguments(n).some(isMsgSenderRef);
379
+ });
380
+ }
381
+ function hasRecognizedAccessControlModifier(fn) {
382
+ const modifiers = fn?.modifiers || [];
383
+ return Array.isArray(modifiers) && modifiers.some((m) => ACCESS_CONTROL_MODIFIERS.has(getModifierName(m).toLowerCase()));
384
+ }
385
+ function hasNonReentrantModifier(fn) {
386
+ const modifiers = fn?.modifiers || [];
387
+ return Array.isArray(modifiers) && modifiers.some((m) => getModifierName(m).toLowerCase().includes('nonreentrant'));
388
+ }
389
+ function collectInternalCallSites(body) {
390
+ const out = [];
391
+ if (!body)
392
+ return out;
393
+ walk(body, n => {
394
+ if (!isFunctionCall(n))
395
+ return;
396
+ const callee = n.expression;
397
+ if (callee && isNode(callee, 'Identifier')) {
398
+ const name = String(callee.name || '');
399
+ if (name)
400
+ out.push({ name, arguments: getCallArguments(n) });
401
+ }
402
+ });
403
+ return out;
404
+ }
405
+ function buildArgumentBinding(paramNames, callArgs, parentBinding) {
406
+ const binding = new Map();
407
+ const n = Math.min(paramNames.length, callArgs.length);
408
+ for (let i = 0; i < n; i++) {
409
+ const name = paramNames[i];
410
+ if (!name)
411
+ continue;
412
+ const argName = getIdentifierName(callArgs[i]);
413
+ binding.set(name, argName && parentBinding.has(argName) ? parentBinding.get(argName) : callArgs[i]);
414
+ }
415
+ return binding;
416
+ }
417
+ function collectParameterInfo(fn) {
418
+ return extractParameterList(fn?.parameters).map(p => ({
419
+ name: typeof p?.name === 'string' ? p.name : '',
420
+ isAddressLike: isAddressLikeTypeName(p?.typeName),
421
+ }));
422
+ }
423
+ function extractParameterList(params) {
424
+ if (!params)
425
+ return [];
426
+ if (Array.isArray(params))
427
+ return params;
428
+ if (Array.isArray(params.parameters))
429
+ return params.parameters;
430
+ return [];
431
+ }
432
+ function isAddressLikeTypeName(typeName) {
433
+ if (!typeName || typeof typeName !== 'object')
434
+ return false;
435
+ if (isNode(typeName, 'ElementaryTypeName'))
436
+ return String(typeName.name || '') === 'address';
437
+ if (isNode(typeName, 'ArrayTypeName'))
438
+ return isAddressLikeTypeName(typeName.baseTypeName || typeName.baseType);
439
+ return false;
440
+ }
441
+ function isFalseLike(node) {
442
+ if (!node || typeof node !== 'object')
443
+ return false;
444
+ if (isNode(node, 'BooleanLiteral'))
445
+ return node.value === false || String(node.value) === 'false';
446
+ if (isNode(node, 'Literal'))
447
+ return String(node.value || '').toLowerCase() === 'false';
448
+ return false;
449
+ }
450
+ function getIndexBase(node) {
451
+ return node?.base ?? node?.baseExpression;
452
+ }
453
+ function getIndexIndex(node) {
454
+ return node?.index ?? node?.indexExpression;
455
+ }
456
+ function getAssignmentLeft(node) {
457
+ return node?.left ?? node?.leftHandSide;
458
+ }
459
+ function getAssignmentRight(node) {
460
+ return node?.right ?? node?.rightHandSide;
461
+ }
462
+ function getBinaryLeft(node) {
463
+ return node?.left ?? node?.leftExpression;
464
+ }
465
+ function getBinaryRight(node) {
466
+ return node?.right ?? node?.rightExpression;
467
+ }
468
+ function isAssignmentNode(node) {
469
+ if (!node || typeof node !== 'object')
470
+ return false;
471
+ if (isNode(node, 'Assignment'))
472
+ return true;
473
+ return isNode(node, 'BinaryOperation') && String(node.operator || '') === '=';
474
+ }
475
+ function getReferenceName(node) {
476
+ if (!node || typeof node !== 'object')
477
+ return '';
478
+ if (isNode(node, 'Identifier'))
479
+ return String(node.name || '');
480
+ if (isNode(node, 'MemberAccess'))
481
+ return String(node.memberName || node.member || '');
482
+ if (isNode(node, 'IndexAccess'))
483
+ return getReferenceName(getIndexBase(node));
484
+ return '';
485
+ }
486
+ function getIdentifierName(node) {
487
+ return node && typeof node === 'object' && isNode(node, 'Identifier') ? String(node.name || '') : '';
488
+ }
489
+ function statementContainsNode(stmt, target) {
490
+ let found = false;
491
+ walk(stmt, n => { if (n === target)
492
+ found = true; });
493
+ return found;
494
+ }
495
+ function isMsgSenderRef(node) {
496
+ if (!node || typeof node !== 'object' || !isNode(node, 'MemberAccess'))
497
+ return false;
498
+ const memberName = String(node.memberName || node.member || '');
499
+ if (memberName !== 'sender')
500
+ return false;
501
+ const base = node.expression;
502
+ return isNode(base, 'Identifier') && String(base.name || '') === 'msg';
503
+ }
504
+ function getCalleeMemberName(call) {
505
+ const expr = call?.expression;
506
+ return expr && isNode(expr, 'MemberAccess') ? String(expr.memberName || expr.member || '') : '';
507
+ }
508
+ function getCalleeIdentifierName(call) {
509
+ const expr = call?.expression;
510
+ return expr && isNode(expr, 'Identifier') ? String(expr.name || '') : '';
511
+ }
512
+ function getCallArguments(node) {
513
+ return Array.isArray(node?.arguments) ? node.arguments : [];
514
+ }
515
+ function isFunctionCall(node) {
516
+ return isNode(node, 'FunctionCall');
517
+ }
518
+ function getModifierName(modifier) {
519
+ if (!modifier)
520
+ return '';
521
+ if (typeof modifier === 'string')
522
+ return modifier;
523
+ if (typeof modifier.name === 'string')
524
+ return modifier.name;
525
+ if (modifier.name && typeof modifier.name === 'object') {
526
+ if (typeof modifier.name.name === 'string')
527
+ return modifier.name.name;
528
+ if (typeof modifier.name.namePath === 'string')
529
+ return modifier.name.namePath;
530
+ }
531
+ if (modifier.modifierName) {
532
+ const inner = modifier.modifierName;
533
+ if (typeof inner === 'string')
534
+ return inner;
535
+ if (inner && typeof inner.name === 'string')
536
+ return inner.name;
537
+ }
538
+ return '';
539
+ }
540
+ function isExternallyCallable(fn) {
541
+ if (!fn)
542
+ return false;
543
+ if (fn.isConstructor === true)
544
+ return false;
545
+ const kind = String(fn.kind || fn.functionKind || '').toLowerCase();
546
+ if (kind === 'constructor' || kind === 'fallback' || kind === 'receive')
547
+ return false;
548
+ if (fn.isFallback === true || fn.isReceiveEther === true)
549
+ return false;
550
+ const visibility = String(fn.visibility || '').toLowerCase();
551
+ return visibility === 'public' || visibility === 'external';
552
+ }
553
+ function isInterfaceLike(contract) {
554
+ const kind = String(contract?.kind || contract?.contractKind || '').toLowerCase();
555
+ return kind === 'interface' || kind === 'library';
556
+ }
557
+ function getFunctionBody(node) {
558
+ return node?.body || null;
559
+ }
560
+ function getBlockStatements(body) {
561
+ return body && typeof body === 'object' && Array.isArray(body.statements) ? body.statements : [];
562
+ }
563
+ function getContractFunctions(contract) {
564
+ return getContractMembers(contract).filter(child => isNode(child, 'FunctionDefinition'));
565
+ }
566
+ function getContractMembers(contract) {
567
+ if (!contract || typeof contract !== 'object')
568
+ return [];
569
+ if (Array.isArray(contract.subNodes))
570
+ return contract.subNodes;
571
+ if (Array.isArray(contract.nodes))
572
+ return contract.nodes;
573
+ return [];
574
+ }
575
+ function collectContracts(ast) {
576
+ const out = [];
577
+ walkContracts(ast, n => out.push(n));
578
+ return out;
579
+ }
580
+ function walkContracts(node, visit) {
581
+ if (!node || typeof node !== 'object')
582
+ return;
583
+ if (isNode(node, 'ContractDefinition')) {
584
+ visit(node);
585
+ return;
586
+ }
587
+ for (const child of childrenOf(node))
588
+ walkContracts(child, visit);
589
+ }
590
+ function walkAny(node, predicate) {
591
+ if (!node || typeof node !== 'object')
592
+ return false;
593
+ if (predicate(node))
594
+ return true;
595
+ return childrenOf(node).some(c => walkAny(c, predicate));
596
+ }
597
+ function walk(node, visit) {
598
+ if (!node || typeof node !== 'object')
599
+ return;
600
+ visit(node);
601
+ for (const child of childrenOf(node))
602
+ walk(child, visit);
603
+ }
604
+ function childrenOf(node) {
605
+ if (!node || typeof node !== 'object')
606
+ return [];
607
+ const out = [];
608
+ for (const [key, value] of Object.entries(node)) {
609
+ if (key === 'loc' || key === 'src' || key === 'range' || key === 'typeDescriptions' || key === 'id')
610
+ continue;
611
+ if (Array.isArray(value)) {
612
+ for (const item of value)
613
+ if (item && typeof item === 'object')
614
+ out.push(item);
615
+ }
616
+ else if (value && typeof value === 'object') {
617
+ out.push(value);
618
+ }
619
+ }
620
+ return out;
621
+ }
622
+ function isNode(node, kind) {
623
+ return node?.type === kind || node?.nodeType === kind;
624
+ }
625
+ function getName(node) {
626
+ return typeof node?.name === 'string' ? node.name : '';
627
+ }
628
+ function functionDisplayName(fn) {
629
+ return getName(fn) || '<anonymous>';
630
+ }
631
+ function buildLineOffsets(sourceText) {
632
+ if (sourceText === undefined)
633
+ return undefined;
634
+ const offsets = [0];
635
+ let byteOffset = 0;
636
+ for (const ch of sourceText) {
637
+ byteOffset += Buffer.byteLength(ch, 'utf8');
638
+ if (ch === '\n')
639
+ offsets.push(byteOffset);
640
+ }
641
+ return offsets;
642
+ }
643
+ //# sourceMappingURL=unprotected-admin-or-fund-sink.js.map
package/dist/detectors/unprotected-dex-swap.d.ts ADDED
@@ -0,0 +1,43 @@
1
+ import type { ScanResult } from '../index';
2
+ export declare class UnprotectedDexSwapDetector {
3
+ readonly id = "unprotected-dex-swap";
4
+ readonly patternKey = "unprotected-dex-swap";
5
+ readonly supportedAstKinds: "parser"[];
6
+ readonly descriptor: {
7
+ id: string;
8
+ shortDescription: string;
9
+ helpUri: string;
10
+ defaultSeverity: "medium";
11
+ help: string;
12
+ };
13
+ private currentFile;
14
+ private currentContract;
15
+ private currentFunction;
16
+ private currentFunctionNode;
17
+ private findings;
18
+ private emittedKeys;
19
+ private zeroConstants;
20
+ setFile(file: string): void;
21
+ getFindings(): ScanResult[];
22
+ ContractDefinition(node: any): void;
23
+ ContractDefinition_post(_node: any): void;
24
+ ['ContractDefinition:exit'](node: any): void;
25
+ StateVariableDeclaration(node: any): void;
26
+ FunctionDefinition(node: any): void;
27
+ FunctionDefinition_post(_node: any): void;
28
+ ['FunctionDefinition:exit'](node: any): void;
29
+ FunctionCall(node: any): void;
30
+ private inspectRouterCall;
31
+ private inspectAggregatorSwapCall;
32
+ private inspectCurveExchangeCall;
33
+ private inspectV3StructCall;
34
+ private getStructName;
35
+ private emitFinding;
36
+ private unwrapCallOptions;
37
+ private argumentByNameOrIndex;
38
+ private namedArguments;
39
+ private isZeroLiteral;
40
+ private unsafeDeadlineReason;
41
+ private isBareBlockTimestamp;
42
+ private isUintMaxSentinel;
43
+ }