@snovon/solast 0.2.0

package/dist/detectors/business-logic-flaw.js

@@ -0,0 +1,339 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BusinessLogicFlawDetector = void 0;
+const ast_1 = require("./_common/ast");
+const RULE_ID = 'business-logic-flaw';
+const PROVENANCE = 'x-20230216-platypus-cross-contract-state-invariant';
+const PROTOCOL_STATE_CALLS = new Set([
+    'borrow',
+    'deposit',
+    'flashloan',
+    'liquidate',
+    'mint',
+    'repay',
+    'swap',
+]);
+const STATE_READ_CALLS = new Set([
+    'accountliquidity',
+    'borrowbalancecurrent',
+    'borrowbalanceof',
+    'collateralof',
+    'debtof',
+    'getaccountliquidity',
+    'getuseraccountdata',
+    'liquidityof',
+]);
+const VALUE_MOVING_CALLS = new Set([
+    'burn',
+    'mint',
+    'redeem',
+    'safetransfer',
+    'safetransferfrom',
+    'send',
+    'transfer',
+    'transferfrom',
+    'withdraw',
+]);
+class BusinessLogicFlawDetector {
+    id = RULE_ID;
+    patternKey = RULE_ID;
+    supportedAstKinds = ['parser'];
+    descriptor = {
+        id: RULE_ID,
+        shortDescription: 'Cross-contract business logic flow can move value after stale state reads',
+        helpUri: 'https://snovon.com/',
+        defaultSeverity: 'high',
+        help: 'Detects Platypus-style cross-contract flows where a protocol state-changing call is followed by a debt/collateral state read and a value-moving call without an intervening invariant re-check.',
+    };
+    file = '';
+    findings = [];
+    contractStack = [];
+    setFile(file) {
+        this.file = file;
+        this.findings = [];
+        this.contractStack = [];
+    }
+    getFindings() {
+        return this.findings;
+    }
+    ContractDefinition(node) {
+        const kind = String(node?.kind || node?.contractKind || '').toLowerCase();
+        this.contractStack.push({
+            name: (0, ast_1.getName)(node) || '<anonymous>',
+            interfaceLike: kind === 'interface' || kind === 'library',
+        });
+    }
+    ContractDefinition_post() {
+        this.contractStack.pop();
+    }
+    FunctionDefinition(node) {
+        const contract = this.contractStack[this.contractStack.length - 1];
+        if (!contract || contract.interfaceLike)
+            return;
+        if (!node?.body || isViewOrPure(node))
+            return;
+        const sink = findPlatypusFlowSink(node.body);
+        if (!sink)
+            return;
+        const fnName = (0, ast_1.getName)(node) || '<anonymous>';
+        const loc = (0, ast_1.getLoc)(sink.node, undefined) || (0, ast_1.getLoc)(node, undefined);
+        if (!loc)
+            return;
+        this.findings.push({
+            file: this.file,
+            contract: contract.name,
+            'function': fnName,
+            line: loc.line,
+            endLine: loc.endLine,
+            column: loc.column,
+            pattern: RULE_ID,
+            confidence: 'high',
+            category: 'vulnerability',
+            ruleId: RULE_ID,
+            severity: 'high',
+            message: `Platypus-style cross-contract state inconsistency in '${contract.name}.${fnName}': ` +
+                `a protocol state-changing call is followed by ${sink.label} derived from a fresh debt/collateral read ` +
+                'and then value is moved without a strong solvency invariant re-check.',
+            rationale: 'Sequential cross-contract calls can make debt, collateral, or liquidity accounting inconsistent when a later payout/withdrawal is computed from post-call state but not re-validated before value leaves the contract.',
+            suggestedFix: 'Re-check the collateral/debt invariant immediately before the value-moving call, or reorder the flow so accounting is finalized before external protocol interactions and payouts.',
+            contractName: contract.name,
+            functionName: fnName,
+            sourceLocation: { line: loc.line, column: loc.column },
+            trace: 'protocol-state-call -> debt/collateral-read -> value-moving-call-without-invariant-recheck',
+            findingId: '',
+            contractHash: '',
+            provenance: PROVENANCE,
+            source: PROVENANCE,
+        });
+    }
+}
+exports.BusinessLogicFlawDetector = BusinessLogicFlawDetector;
+function findPlatypusFlowSink(body) {
+    const state = {
+        sawProtocolStateCall: false,
+        tainted: new Set(),
+        stateReadLabel: '',
+        invariantRechecked: false,
+        emitted: false,
+    };
+    let sink = null;
+    walkPreOrder(body, node => {
+        if (sink || state.emitted)
+            return;
+        if ((0, ast_1.isNode)(node, 'VariableDeclarationStatement')) {
+            processVariableDeclaration(node, state);
+            return;
+        }
+        if (isAssignmentNode(node)) {
+            processAssignment(node, state);
+            return;
+        }
+        if (!(0, ast_1.isNode)(node, 'FunctionCall'))
+            return;
+        if (isStrongInvariantCheck(node, state.tainted)) {
+            state.invariantRechecked = true;
+            return;
+        }
+        if (!state.sawProtocolStateCall && isProtocolStateCall(node)) {
+            state.sawProtocolStateCall = true;
+            return;
+        }
+        const valueSink = findValueMovingSink(node, state);
+        if (valueSink) {
+            sink = valueSink;
+            state.emitted = true;
+        }
+    });
+    return sink;
+}
+function processVariableDeclaration(node, state) {
+    const initial = getInitialValue(node);
+    if (!initial)
+        return;
+    const stateRead = state.sawProtocolStateCall ? findStateReadCall(initial) : null;
+    const taintedByRead = !!stateRead;
+    const taintedByAlias = expressionUsesTaint(initial, state.tainted);
+    if (!taintedByRead && !taintedByAlias)
+        return;
+    if (stateRead) {
+        state.stateReadLabel = describeCall(stateRead);
+        state.invariantRechecked = false;
+    }
+    for (const decl of getDeclaredVariables(node)) {
+        const name = (0, ast_1.getName)(decl);
+        if (name)
+            state.tainted.add(name);
+    }
+}
+function processAssignment(node, state) {
+    const right = getAssignmentRight(node);
+    const left = getAssignmentLeft(node);
+    if (!right || !left)
+        return;
+    const stateRead = state.sawProtocolStateCall ? findStateReadCall(right) : null;
+    const taintedByRead = !!stateRead;
+    const taintedByAlias = expressionUsesTaint(right, state.tainted);
+    if (!taintedByRead && !taintedByAlias)
+        return;
+    if (stateRead) {
+        state.stateReadLabel = describeCall(stateRead);
+        state.invariantRechecked = false;
+    }
+    const name = getIdentifierBaseName(left);
+    if (name)
+        state.tainted.add(name);
+}
+function findValueMovingSink(call, state) {
+    if (!state.sawProtocolStateCall || state.tainted.size === 0 || state.invariantRechecked)
+        return null;
+    if (!VALUE_MOVING_CALLS.has(getCalleeMemberName(call).toLowerCase()))
+        return null;
+    if (!getCallArguments(call).some(arg => expressionUsesTaint(arg, state.tainted)))
+        return null;
+    const readLabel = state.stateReadLabel || 'a debt/collateral state read';
+    return { node: call, label: `${describeCall(call)} using ${readLabel}` };
+}
+function isProtocolStateCall(call) {
+    const callee = getCalleeMemberName(call).toLowerCase();
+    if (!PROTOCOL_STATE_CALLS.has(callee))
+        return false;
+    return (0, ast_1.isNode)(call?.expression, 'MemberAccess');
+}
+function findStateReadCall(node) {
+    let found = null;
+    walkPreOrder(node, child => {
+        if (found || !(0, ast_1.isNode)(child, 'FunctionCall'))
+            return;
+        const callee = getCalleeMemberName(child).toLowerCase();
+        if (STATE_READ_CALLS.has(callee) || /^(debt|collateral|liquidity).*of$/.test(callee)) {
+            found = child;
+        }
+    });
+    return found;
+}
+function isStrongInvariantCheck(call, tainted) {
+    const name = getCalleeName(call).toLowerCase();
+    if (name !== 'require' && name !== 'assert')
+        return false;
+    const condition = getCallArguments(call)[0];
+    if (!condition || !expressionUsesTaint(condition, tainted))
+        return false;
+    return containsComparison(condition);
+}
+function containsComparison(node) {
+    return walkAny(node, child => {
+        if (!(0, ast_1.isNode)(child, 'BinaryOperation'))
+            return false;
+        return ['>=', '>', '<=', '<', '==', '!='].includes(String(child.operator || ''));
+    });
+}
+function expressionUsesTaint(node, tainted) {
+    if (!node || tainted.size === 0)
+        return false;
+    return walkAny(node, child => (0, ast_1.isNode)(child, 'Identifier') && tainted.has(String(child.name || '')));
+}
+function getCalleeName(call) {
+    const expr = call?.expression;
+    if (!expr)
+        return '';
+    if ((0, ast_1.isNode)(expr, 'Identifier'))
+        return String(expr.name || '');
+    if ((0, ast_1.isNode)(expr, 'MemberAccess'))
+        return String(expr.memberName || '');
+    return '';
+}
+function getCalleeMemberName(call) {
+    const expr = call?.expression;
+    if (!(0, ast_1.isNode)(expr, 'MemberAccess'))
+        return '';
+    return String(expr.memberName || '');
+}
+function getCallArguments(call) {
+    return Array.isArray(call?.arguments) ? call.arguments : [];
+}
+function getInitialValue(node) {
+    if (node?.initialValue)
+        return node.initialValue;
+    return node?.initialValueExpression || null;
+}
+function getDeclaredVariables(node) {
+    if (Array.isArray(node?.variables))
+        return node.variables.filter(Boolean);
+    if (Array.isArray(node?.declarations))
+        return node.declarations.filter(Boolean);
+    return [];
+}
+function isAssignmentNode(node) {
+    return (0, ast_1.isNode)(node, 'Assignment') || (0, ast_1.isNode)(node, 'AssignmentExpression');
+}
+function getAssignmentLeft(node) {
+    return node?.left || node?.leftHandSide || null;
+}
+function getAssignmentRight(node) {
+    return node?.right || node?.rightHandSide || null;
+}
+function getIdentifierBaseName(node) {
+    if (!node || typeof node !== 'object')
+        return '';
+    if ((0, ast_1.isNode)(node, 'Identifier'))
+        return String(node.name || '');
+    if ((0, ast_1.isNode)(node, 'IndexAccess'))
+        return getIdentifierBaseName(node.base || node.baseExpression);
+    if ((0, ast_1.isNode)(node, 'MemberAccess')) {
+        return String(node.memberName || '') || getIdentifierBaseName(node.expression);
+    }
+    if ((0, ast_1.isNode)(node, 'TupleExpression') && Array.isArray(node.components)) {
+        for (const component of node.components) {
+            const name = getIdentifierBaseName(component);
+            if (name)
+                return name;
+        }
+    }
+    return '';
+}
+function describeCall(call) {
+    const expr = call?.expression;
+    if ((0, ast_1.isNode)(expr, 'MemberAccess'))
+        return `.${String(expr.memberName || '<unknown>')}()`;
+    if ((0, ast_1.isNode)(expr, 'Identifier'))
+        return `${String(expr.name || '<unknown>')}()`;
+    return 'call';
+}
+function isViewOrPure(fn) {
+    const stateMutability = String(fn?.stateMutability || '').toLowerCase();
+    return stateMutability === 'view' || stateMutability === 'pure';
+}
+function walkAny(node, predicate) {
+    if (!node || typeof node !== 'object')
+        return false;
+    if (predicate(node))
+        return true;
+    return childrenOf(node).some(child => walkAny(child, predicate));
+}
+function walkPreOrder(node, visit) {
+    if (!node || typeof node !== 'object')
+        return;
+    visit(node);
+    for (const child of childrenOf(node))
+        walkPreOrder(child, visit);
+}
+function childrenOf(node) {
+    if (!node || typeof node !== 'object')
+        return [];
+    const out = [];
+    for (const [key, value] of Object.entries(node)) {
+        if (key === 'loc' || key === 'range' || key === 'src' || key === 'typeDescriptions' || key === 'id')
+            continue;
+        if (Array.isArray(value)) {
+            for (const item of value) {
+                if (item && typeof item === 'object')
+                    out.push(item);
+            }
+        }
+        else if (value && typeof value === 'object') {
+            out.push(value);
+        }
+    }
+    return out;
+}
+//# sourceMappingURL=business-logic-flaw.js.map

package/dist/detectors/business-logic.d.ts

@@ -0,0 +1,17 @@
+/**
+ * business-logic — issue #806 cross-reference module.
+ *
+ * The DeFiHackLabs MyAi 2023-06-30 "business logic" exploit shape — a
+ * permissionless `batchTokenTransfer(address from, ...)` that forwards an
+ * attacker-supplied `from` straight to ERC20.transferFrom — is already
+ * covered by the shipped `unauthorized-transferfrom` rule. Issue
+ * #806 is therefore an extension/duplicate of that rule rather than a
+ * new detector.
+ *
+ * This module re-exports the shipped detector so tooling that imports
+ * `src/detectors/business-logic` resolves to the same singleton, and so
+ * the registry does not double-emit findings on the MyAi pattern.
+ *
+
+ */
+export { UnauthorizedTransferfromDetector as BusinessLogicDetector } from './unauthorized-transferfrom';

package/dist/detectors/business-logic.js

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BusinessLogicDetector = void 0;
+/**
+ * business-logic — issue #806 cross-reference module.
+ *
+ * The DeFiHackLabs MyAi 2023-06-30 "business logic" exploit shape — a
+ * permissionless `batchTokenTransfer(address from, ...)` that forwards an
+ * attacker-supplied `from` straight to ERC20.transferFrom — is already
+ * covered by the shipped `unauthorized-transferfrom` rule. Issue
+ * #806 is therefore an extension/duplicate of that rule rather than a
+ * new detector.
+ *
+ * This module re-exports the shipped detector so tooling that imports
+ * `src/detectors/business-logic` resolves to the same singleton, and so
+ * the registry does not double-emit findings on the MyAi pattern.
+ *
+
+ */
+var unauthorized_transferfrom_1 = require("./unauthorized-transferfrom");
+Object.defineProperty(exports, "BusinessLogicDetector", { enumerable: true, get: function () { return unauthorized_transferfrom_1.UnauthorizedTransferfromDetector; } });
+//# sourceMappingURL=business-logic.js.map

package/dist/detectors/bypassed-insolvency-check.d.ts

@@ -0,0 +1,30 @@
+import type { ScanResult } from '../index';
+export declare class BypassedInsolvencyCheckDetector {
+    readonly id = "bypassed-insolvency-check";
+    readonly patternKey = "bypassed-insolvency-check";
+    readonly supportedAstKinds: ("parser" | "solc")[];
+    readonly descriptor: {
+        id: string;
+        shortDescription: string;
+        helpUri: string;
+        defaultSeverity: "high";
+    };
+    private file;
+    private findings;
+    private contracts;
+    private functions;
+    private currentStatement;
+    setFile(file: string): void;
+    getFindings(): ScanResult[];
+    ContractDefinition(node: any): void;
+    ['ContractDefinition:exit'](): void;
+    ContractDefinition_post(): void;
+    FunctionDefinition(node: any): void;
+    ExpressionStatement(node: any): void;
+    ['ExpressionStatement:exit'](): void;
+    ExpressionStatement_post(): void;
+    ['FunctionDefinition:exit'](): void;
+    FunctionDefinition_post(): void;
+    FunctionCall(node: any): void;
+    private emitFinding;
+}

package/dist/detectors/bypassed-insolvency-check.js

@@ -0,0 +1,232 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BypassedInsolvencyCheckDetector = void 0;
+const ast_1 = require("./_common/ast");
+const RULE_ID = 'bypassed-insolvency-check';
+const LENDING_FUNCTION_PREFIXES = ['borrow', 'withdraw', 'leverage', 'close'];
+const OUTBOUND_TRANSFER_MEMBERS = new Set(['transfer', 'safeTransfer', 'send']);
+const SOLVENCY_NAME_RE = /(solven|healthfactor|collateralratio|debtratio|accounthealthy)/i;
+class BypassedInsolvencyCheckDetector {
+    id = RULE_ID;
+    patternKey = RULE_ID;
+    supportedAstKinds = ['parser', 'solc'];
+    descriptor = {
+        id: RULE_ID,
+        shortDescription: 'Borrow or withdrawal flow moves value before a solvency or health-factor guard.',
+        helpUri: 'https://snovon.com/',
+        defaultSeverity: 'high',
+    };
+    file = '';
+    findings = [];
+    contracts = [];
+    functions = [];
+    // Tracks the expression statement currently being visited so that a risky
+    // effect call can borrow its enclosing statement's source location — see
+    // `firstRiskyEffectStmt`.
+    currentStatement = null;
+    setFile(file) {
+        this.file = file;
+        this.findings = [];
+        this.contracts = [];
+        this.functions = [];
+        this.currentStatement = null;
+    }
+    getFindings() {
+        return this.findings;
+    }
+    ContractDefinition(node) {
+        const kind = String(node?.kind || node?.contractKind || '').toLowerCase();
+        this.contracts.push({
+            name: String(node?.name || '<anonymous>'),
+            skip: kind === 'interface' || kind === 'library',
+        });
+    }
+    ['ContractDefinition:exit']() {
+        this.contracts.pop();
+    }
+    ContractDefinition_post() {
+        this.contracts.pop();
+    }
+    FunctionDefinition(node) {
+        const contract = this.contracts[this.contracts.length - 1];
+        const fnName = String(node?.name || '<anonymous>');
+        const visibility = String(node?.visibility || '').toLowerCase();
+        const kind = String(node?.kind || '').toLowerCase();
+        const mutability = String(node?.stateMutability || '').toLowerCase();
+        const active = Boolean(contract &&
+            !contract.skip &&
+            node?.body &&
+            kind !== 'constructor' &&
+            node?.isConstructor !== true &&
+            (visibility === 'public' || visibility === 'external') &&
+            mutability !== 'view' &&
+            mutability !== 'pure' &&
+            isLendingLikeFunction(fnName));
+        this.functions.push({
+            name: fnName,
+            node,
+            contractName: contract?.name || '<anonymous>',
+            active,
+            sawPreEffectGuard: false,
+            firstRiskyEffect: null,
+            firstRiskyEffectStmt: null,
+            emitted: false,
+        });
+    }
+    ExpressionStatement(node) {
+        this.currentStatement = node;
+    }
+    ['ExpressionStatement:exit']() {
+        this.currentStatement = null;
+    }
+    ExpressionStatement_post() {
+        this.currentStatement = null;
+    }
+    ['FunctionDefinition:exit']() {
+        this.functions.pop();
+    }
+    FunctionDefinition_post() {
+        this.functions.pop();
+    }
+    FunctionCall(node) {
+        const fn = this.functions[this.functions.length - 1];
+        if (!fn?.active || fn.emitted)
+            return;
+        const isSolvency = isSolvencyCheck(node);
+        if (isOutboundValueMovement(node)) {
+            if (!fn.sawPreEffectGuard && !fn.firstRiskyEffect) {
+                fn.firstRiskyEffect = node;
+                fn.firstRiskyEffectStmt = this.currentStatement;
+            }
+            return;
+        }
+        if (!isSolvency)
+            return;
+        if (fn.firstRiskyEffect) {
+            this.emitFinding(fn);
+            return;
+        }
+        fn.sawPreEffectGuard = true;
+    }
+    emitFinding(fn) {
+        if (fn.emitted)
+            return;
+        fn.emitted = true;
+        // Prefer the risky-effect node's own location. A solc compact-JSON AST may
+        // carry `src` only on the enclosing expression statement (parser ASTs and
+        // real solc output always populate the call node itself), so fall back to
+        // the recorded statement before the function node. `assertLoc` remains the
+        // final arm so a genuinely loc-less AST still fails loudly per roadmap 2.14.
+        const loc = (0, ast_1.tryLoc)(fn.firstRiskyEffect) ??
+            (0, ast_1.tryLoc)(fn.firstRiskyEffectStmt) ??
+            (0, ast_1.assertLoc)(fn.firstRiskyEffect, fn.node);
+        this.findings.push({
+            file: this.file,
+            contract: fn.contractName,
+            'function': fn.name,
+            line: loc.line,
+            endLine: loc.endLine,
+            column: loc.column,
+            pattern: RULE_ID,
+            confidence: 'high',
+            ruleId: RULE_ID,
+            severity: 'high',
+            message: `Bypassed insolvency check in '${fn.contractName}.${fn.name}': outbound value movement occurs before the solvency or health-factor guard.`,
+            rationale: 'MIMSpell3-style borrow and withdrawal flows become unsafe when debt/accounting effects or value transfers happen before the borrower solvency or health-factor guard. The guard observes the flow only after value has already left the protocol.',
+            suggestedFix: 'Run the solvency or health-factor check before debt/accounting mutation and before outbound token or native value movement.',
+            contractName: fn.contractName,
+            functionName: fn.name,
+            sourceLocation: { line: loc.line, column: loc.column },
+            findingId: '',
+            contractHash: '',
+            source: 'x-20251004-mimspell3-bypassed-insolvency-check',
+        });
+    }
+}
+exports.BypassedInsolvencyCheckDetector = BypassedInsolvencyCheckDetector;
+function isLendingLikeFunction(name) {
+    const lower = name.toLowerCase();
+    return LENDING_FUNCTION_PREFIXES.some(prefix => lower.startsWith(prefix));
+}
+function isOutboundValueMovement(call) {
+    const rawCallee = call?.expression;
+    if (hasNativeValueOption(rawCallee)) {
+        const inner = unwrapCallOptions(rawCallee);
+        return (0, ast_1.isNode)(inner, 'MemberAccess') && String(inner.memberName || '') === 'call';
+    }
+    const callee = unwrapCallOptions(rawCallee);
+    if (!(0, ast_1.isNode)(callee, 'MemberAccess'))
+        return false;
+    return OUTBOUND_TRANSFER_MEMBERS.has(String(callee.memberName || ''));
+}
+function isSolvencyCheck(call) {
+    const callee = unwrapCallOptions(call?.expression);
+    if (isSolvencyNamedCallee(callee))
+        return true;
+    if ((0, ast_1.isNode)(callee, 'Identifier') && String(callee.name || '') === 'require') {
+        return (call.arguments || []).some((arg) => containsSolvencyNamedCall(arg));
+    }
+    return false;
+}
+function containsSolvencyNamedCall(node) {
+    if (!node || typeof node !== 'object')
+        return false;
+    if ((0, ast_1.isNode)(node, 'FunctionCall') && isSolvencyNamedCallee(unwrapCallOptions(node.expression))) {
+        return true;
+    }
+    for (const child of expressionChildren(node)) {
+        if (containsSolvencyNamedCall(child))
+            return true;
+    }
+    return false;
+}
+function isSolvencyNamedCallee(callee) {
+    if ((0, ast_1.isNode)(callee, 'Identifier')) {
+        return SOLVENCY_NAME_RE.test(String(callee.name || ''));
+    }
+    if ((0, ast_1.isNode)(callee, 'MemberAccess')) {
+        return SOLVENCY_NAME_RE.test(String(callee.memberName || ''));
+    }
+    return false;
+}
+function hasNativeValueOption(node) {
+    if (!node || typeof node !== 'object')
+        return false;
+    if (!(0, ast_1.isNode)(node, 'NameValueExpression') && !(0, ast_1.isNode)(node, 'FunctionCallOptions'))
+        return false;
+    if (Array.isArray(node.names) && node.names.map(String).includes('value'))
+        return true;
+    if (Array.isArray(node.arguments?.names) && node.arguments.names.map(String).includes('value'))
+        return true;
+    return false;
+}
+function unwrapCallOptions(expr) {
+    let cur = expr;
+    while (cur && ((0, ast_1.isNode)(cur, 'NameValueExpression') || (0, ast_1.isNode)(cur, 'FunctionCallOptions'))) {
+        cur = cur.expression;
+    }
+    return cur;
+}
+function expressionChildren(node) {
+    if (!node || typeof node !== 'object')
+        return [];
+    const children = [];
+    const keys = [
+        'expression', 'left', 'right', 'base', 'index', 'condition',
+        'trueExpression', 'falseExpression', 'subExpression', 'arguments', 'components',
+    ];
+    for (const key of keys) {
+        const value = node[key];
+        if (Array.isArray(value)) {
+            for (const item of value) {
+                if (item && typeof item === 'object')
+                    children.push(item);
+            }
+        }
+        else if (value && typeof value === 'object') {
+            children.push(value);
+        }
+    }
+    return children;
+}
+//# sourceMappingURL=bypassed-insolvency-check.js.map

package/dist/detectors/bytecode-divergence-risk.d.ts

@@ -0,0 +1,32 @@
+import type { ScanResult } from '../index';
+export declare class BytecodeDivergenceRiskDetector {
+    readonly id = "bytecode-divergence-risk";
+    readonly patternKey = "bytecode-divergence-risk";
+    readonly supportedAstKinds: "parser"[];
+    readonly descriptor: {
+        id: string;
+        shortDescription: string;
+        helpUri: string;
+        defaultSeverity: "informational";
+        help: string;
+    };
+    private currentFile;
+    private currentContract;
+    private currentFunction;
+    private currentAssembly;
+    private findings;
+    setFile(file: string): void;
+    getFindings(): ScanResult[];
+    ContractDefinition(node: any): void;
+    ContractDefinition_post(_node: any): void;
+    ['ContractDefinition:exit'](node: any): void;
+    FunctionDefinition(node: any): void;
+    FunctionDefinition_post(_node: any): void;
+    ['FunctionDefinition:exit'](node: any): void;
+    InlineAssemblyStatement(node: any): void;
+    InlineAssemblyStatement_post(_node: any): void;
+    ['InlineAssemblyStatement:exit'](node: any): void;
+    AssemblyCall(node: any): void;
+    FunctionCall(node: any): void;
+    private addFinding;
+}