@snovon/solast 0.2.0

package/dist/detectors/cross-chain-arbitrary-call.js

@@ -0,0 +1,601 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CrossChainArbitraryCallDetector = void 0;
+const ast_1 = require("./_common/ast");
+const RULE_ID = 'cross-chain-arbitrary-call';
+const CROSS_CHAIN_FUNCTION_NAMES = /^(onmessage|handlemessage|receivemessage|onmessagereceived|oncrosschaincall|oncall|onrevert|lzreceive|nonblockinglzreceive|_lzreceive|ccipreceive|receivepayload|xreceive|anyexecute|sgreceive|onzetamessage|onzetarevert|relaymessage|executemessage)$/i;
+const GENERIC_EXECUTOR_FUNCTION_NAMES = /^(execute|dispatch|relay)$/i;
+const MESSAGE_NAMES = /^(payload|message|data|callData|calldata|msgdata|packet|encoded|_payload|_message)$/i;
+const CROSS_CHAIN_SIGNAL_NAMES = /(gateway|bridge|router|endpoint|mailbox|relayer|zetachain|zeta|layerzero|lz|ccip|wormhole|axelar|stargate|omnichain|crosschain|cross_chain|interchain|xchain|message|payload|origin|sourcechain|srcchain|chainid|context)/i;
+const CROSS_CHAIN_MODIFIERS = /^(only(system|gateway|bridge|router|endpoint|mailbox|relayer))$/i;
+const CROSS_CHAIN_PAYLOAD_PARAMS = /^(message|payload|zetamessage|zetatxsenderaddress|srcchainid|sourcechain|origin|context|messagecontext|_message|_payload)$/i;
+const AGENT_NAMES = /(agent|gateway|executor|router|spender|connector|tss|operator)/i;
+const LOW_LEVEL_MEMBERS = new Set(['call', 'delegatecall']);
+const ACCESS_MODIFIERS = /(only(owner|admin|role|gateway|executor|operator|tss|trusted|authorized)|nonreentrant)/i;
+class CrossChainArbitraryCallDetector {
+    id = RULE_ID;
+    patternKey = RULE_ID;
+    supportedAstKinds = ['parser'];
+    scanAst(ast, file) {
+        if (!ast || ast.type !== 'SourceUnit')
+            return [];
+        const findings = [];
+        for (const contract of ast.children || []) {
+            if (contract?.type !== 'ContractDefinition')
+                continue;
+            if (contract.kind === 'interface' || contract.kind === 'library')
+                continue;
+            const contractName = contract.name || '<anonymous>';
+            const fnMap = collectFunctionMap(contract, file, contractName);
+            const revocations = collectApprovalRevocations(contract);
+            for (const fn of fnMap.values()) {
+                if (!fn.isExternal)
+                    continue;
+                if (!isGatewayEntry(fn, contractName))
+                    continue;
+                const ctx = createContext(file, contractName, fn, fnMap);
+                analyzeBlock(fn.body, ctx, 0);
+                findings.push(...ctx.arbitraryFindings);
+                if (ctx.arbitraryFindings.length === 0) {
+                    for (const loc of ctx.weakDecodeLocs) {
+                        findings.push(makeFinding(file, contractName, fn.name, loc, 'weak-payload-decode', `Cross-chain entry '${fn.name}' decodes a message payload without an AST-visible payload length or ABI-shape guard.`, ctx.instanceKey));
+                    }
+                }
+                for (const approval of findReachableUnlimitedApprovals(fn, fnMap)) {
+                    if (revocations.has(approval.spenderKey))
+                        continue;
+                    findings.push(makeFinding(file, contractName, fn.name, approval.loc, 'stale-unlimited-approval', `Cross-chain entry '${fn.name}' grants an unlimited approval to '${approval.spenderLabel}' without a visible revocation in the same contract.`, ctx.instanceKey));
+                }
+            }
+        }
+        return dedupe(findings);
+    }
+}
+exports.CrossChainArbitraryCallDetector = CrossChainArbitraryCallDetector;
+function createContext(file, contractName, fn, fnMap) {
+    const tainted = new Set();
+    for (const name of [...fn.bytesParams, ...fn.addressParams])
+        tainted.add(name);
+    return {
+        file,
+        contractName,
+        functionName: fn.name,
+        fnMap,
+        tainted,
+        decoded: new Set(),
+        selectorVars: new Set(),
+        lengthGuarded: new Set(),
+        selectorAllowlisted: false,
+        calleeConstrained: false,
+        callerConstrained: fn.modifierGuard,
+        weakDecodeLocs: [],
+        arbitraryFindings: [],
+        instanceKey: fn.instanceKey,
+    };
+}
+function collectFunctionMap(contract, file, contractName) {
+    const map = new Map();
+    for (const sub of contract.subNodes || []) {
+        if (sub?.type !== 'FunctionDefinition' || !sub.body)
+            continue;
+        const params = sub.parameters || [];
+        const bytesParams = new Set();
+        const addressParams = new Set();
+        const paramNames = [];
+        for (const param of params) {
+            if (!param?.name)
+                continue;
+            paramNames.push(param.name);
+            if (isBytesType(param.typeName))
+                bytesParams.add(param.name);
+            if (isAddressType(param.typeName))
+                addressParams.add(param.name);
+        }
+        const name = sub.name || '<fallback>';
+        // Dedup-key site (roadmap 2.14.c JSDoc): `fnStartLine` is hashed
+        // into an instance key, not emitted in a finding. `tryLoc` returns
+        // null on missing-loc (e.g. synthetic FunctionDefinition); the
+        // `?? 0` floor matches the legacy `|| 0` behaviour exactly. Using
+        // `assertLoc` here would crash a scan on synthetic AST input.
+        const fnStartLine = (0, ast_1.tryLoc)(sub)?.line ?? 0;
+        const instanceKey = `${file}|${contractName}|${name}|${fnStartLine}`;
+        map.set(name, {
+            node: sub,
+            name,
+            body: sub.body,
+            params: paramNames,
+            modifierNames: modifierNames(sub),
+            bytesParams,
+            addressParams,
+            isExternal: isExternallyCallable(sub),
+            modifierGuard: hasAccessModifier(sub),
+            instanceKey,
+        });
+    }
+    return map;
+}
+function analyzeBlock(block, ctx, depth) {
+    for (const stmt of block?.statements || [])
+        analyzeStatement(stmt, ctx, depth);
+}
+function analyzeStatement(stmt, ctx, depth) {
+    if (!stmt || typeof stmt !== 'object')
+        return;
+    if (stmt.type === 'Block') {
+        analyzeBlock(stmt, ctx, depth);
+        return;
+    }
+    recordGuards(stmt, ctx);
+    if (stmt.type === 'VariableDeclarationStatement') {
+        const vars = (stmt.variables || []).filter(Boolean);
+        for (const variable of vars) {
+            if (variable?.name && isSelectorExtraction(stmt.initialValue, ctx)) {
+                ctx.selectorVars.add(variable.name);
+            }
+        }
+        if (isAbiDecode(stmt.initialValue)) {
+            recordDecode(stmt.initialValue, vars.map((v) => v?.name).filter(Boolean), ctx);
+        }
+        else if (stmt.initialValue && containsTaint(stmt.initialValue, ctx)) {
+            for (const variable of vars) {
+                if (variable?.name)
+                    ctx.tainted.add(variable.name);
+            }
+        }
+    }
+    if (stmt.type === 'ExpressionStatement' && stmt.expression?.type === 'BinaryOperation') {
+        const expr = stmt.expression;
+        if (expr.operator === '=' && isAbiDecode(expr.right)) {
+            recordDecode(expr.right, namesInAssignable(expr.left), ctx);
+        }
+        else if (expr.operator === '=' && containsTaint(expr.right, ctx)) {
+            for (const name of namesInAssignable(expr.left))
+                ctx.tainted.add(name);
+        }
+    }
+    for (const call of findFunctionCalls(stmt)) {
+        if (isLowLevelCall(call)) {
+            maybeReportLowLevelCall(call, ctx);
+        }
+        else {
+            maybeAnalyzeInternalCall(call, ctx, depth);
+        }
+    }
+    if (stmt.type === 'IfStatement') {
+        analyzeStatement(stmt.trueBody, ctx, depth);
+        analyzeStatement(stmt.falseBody, ctx, depth);
+    }
+}
+function recordDecode(decodeCall, targetNames, ctx) {
+    const payload = decodeCall.arguments?.[0];
+    const payloadName = expressionKey(payload);
+    const payloadIsMessage = isMessageExpression(payload, ctx);
+    if (!payloadIsMessage)
+        return;
+    for (const name of targetNames) {
+        ctx.tainted.add(name);
+        ctx.decoded.add(name);
+    }
+    if (payloadName && !ctx.lengthGuarded.has(payloadName)) {
+        ctx.weakDecodeLocs.push(locOf(decodeCall));
+    }
+}
+function maybeReportLowLevelCall(call, ctx) {
+    const member = lowLevelMemberAccess(call);
+    if (!member)
+        return;
+    const callee = unwrapCallOptions(member.expression);
+    const args = call.arguments || [];
+    const calldataArg = args[0];
+    const dataTainted = containsTaint(calldataArg, ctx);
+    const calleeTainted = containsTaint(callee, ctx);
+    const constrained = ctx.selectorAllowlisted || ctx.calleeConstrained || (ctx.callerConstrained && isFixedTrustedCallee(callee, ctx));
+    if ((!dataTainted && !calleeTainted) || constrained)
+        return;
+    const pattern = member.memberName === 'delegatecall' ? 'unrestricted-delegatecall' : 'unrestricted-call';
+    ctx.arbitraryFindings.push(makeFinding(ctx.file, ctx.contractName, ctx.functionName, locOf(call), pattern, `Cross-chain entry '${ctx.functionName}' forwards message-derived calldata or callee into ${member.memberName} without an AST-visible positive selector allowlist, callee restriction, fixed trusted callee, or route/source constraint.`, ctx.instanceKey));
+}
+function maybeAnalyzeInternalCall(call, ctx, depth) {
+    if (depth > 2)
+        return;
+    const calleeName = directCallName(call.expression);
+    if (!calleeName)
+        return;
+    const target = ctx.fnMap.get(calleeName);
+    if (!target || target.isExternal)
+        return;
+    const inherited = new Set(ctx.tainted);
+    for (let i = 0; i < (call.arguments || []).length; i++) {
+        if (containsTaint(call.arguments[i], ctx) && target.params[i])
+            inherited.add(target.params[i]);
+    }
+    const nested = {
+        ...ctx,
+        functionName: ctx.functionName,
+        tainted: inherited,
+        decoded: new Set(ctx.decoded),
+        selectorVars: new Set(ctx.selectorVars),
+        lengthGuarded: new Set(ctx.lengthGuarded),
+    };
+    analyzeBlock(target.body, nested, depth + 1);
+    ctx.arbitraryFindings.push(...nested.arbitraryFindings);
+    ctx.weakDecodeLocs.push(...nested.weakDecodeLocs);
+}
+function recordGuards(node, ctx) {
+    for (const call of findFunctionCalls(node)) {
+        const name = directCallName(call.expression);
+        if (name !== 'require' && name !== 'assert')
+            continue;
+        const condition = call.arguments?.[0];
+        recordLengthGuards(condition, ctx);
+        if (isPositiveSelectorGuard(condition, ctx))
+            ctx.selectorAllowlisted = true;
+        if (isCalleeAllowlistGuard(condition, ctx))
+            ctx.calleeConstrained = true;
+        if (isCallerGuard(condition))
+            ctx.callerConstrained = true;
+    }
+}
+function recordLengthGuards(expr, ctx) {
+    walk(expr, (node) => {
+        if (node?.type !== 'BinaryOperation')
+            return;
+        if (!['>=', '>', '=='].includes(node.operator))
+            return;
+        const sides = [node.left, node.right];
+        const lengthSide = sides.find(isLengthAccess);
+        const otherSide = lengthSide === node.left ? node.right : node.left;
+        const base = lengthSide?.expression;
+        const key = expressionKey(base);
+        if (key && isNumericLiteral(otherSide))
+            ctx.lengthGuarded.add(key);
+    });
+}
+function isPositiveSelectorGuard(expr, ctx) {
+    if (!expr)
+        return false;
+    if (expr.type === 'IndexAccess' && isAllowName(expr.base))
+        return true;
+    if (expr.type === 'BinaryOperation') {
+        if (expr.operator === '==') {
+            return isSelectorLike(expr.left, ctx) || isSelectorLike(expr.right, ctx) || containsAllowlistIndex(expr);
+        }
+        if (expr.operator === '&&')
+            return isPositiveSelectorGuard(expr.left, ctx) || isPositiveSelectorGuard(expr.right, ctx);
+    }
+    return containsAllowlistIndex(expr) && !containsNegation(expr);
+}
+function isSelectorLike(expr, ctx) {
+    if (!expr)
+        return false;
+    if (expr.type === 'Identifier' && ctx.selectorVars.has(expr.name))
+        return true;
+    if (expr.type === 'MemberAccess' && String(expr.memberName || '').toLowerCase() === 'selector')
+        return true;
+    return isSelectorExtraction(expr, ctx);
+}
+function isSelectorExtraction(expr, ctx) {
+    if (!expr || expr.type !== 'FunctionCall')
+        return false;
+    if (expr.expression?.type !== 'ElementaryTypeNameExpression')
+        return false;
+    if (expr.expression.typeName?.name !== 'bytes4')
+        return false;
+    return containsTaint(expr.arguments?.[0], ctx);
+}
+function isCalleeAllowlistGuard(expr, ctx) {
+    let found = false;
+    walk(expr, (node) => {
+        if (node?.type === 'IndexAccess' && isAllowName(node.base) && containsTaint(node.index, ctx))
+            found = true;
+        if (node?.type === 'FunctionCall' && /allowed|trusted|valid/i.test(expressionKey(node.expression) || '') && (node.arguments || []).some((arg) => containsTaint(arg, ctx)))
+            found = true;
+    });
+    return found;
+}
+function isCallerGuard(expr) {
+    let found = false;
+    walk(expr, (node) => {
+        if (node?.type !== 'BinaryOperation')
+            return;
+        if (node.operator !== '==' && node.operator !== '!=')
+            return;
+        const sides = [node.left, node.right];
+        if (sides.some(isMsgSender) && sides.some(side => /gateway|executor|owner|admin|operator|trusted|tss/i.test(expressionKey(side) || '')))
+            found = true;
+    });
+    return found;
+}
+function isFixedTrustedCallee(callee, ctx) {
+    return !containsTaint(callee, ctx);
+}
+function findUnlimitedApprovals(body) {
+    const approvals = [];
+    for (const call of findFunctionCalls(body)) {
+        if (!isMemberCall(call, 'approve'))
+            continue;
+        const args = call.arguments || [];
+        if (args.length < 2 || !isMaxUint(args[1]))
+            continue;
+        const spenderKey = expressionKey(args[0]) || '<unknown>';
+        const spenderLabel = spenderKey;
+        if (spenderKey === '<unknown>' || AGENT_NAMES.test(spenderKey))
+            approvals.push({ loc: locOf(call), spenderKey, spenderLabel });
+    }
+    return approvals;
+}
+function findReachableUnlimitedApprovals(entryFn, fnMap) {
+    const approvals = [];
+    const visited = new Set();
+    function traverse(fn, depth) {
+        if (depth > 3)
+            return;
+        if (visited.has(fn.name))
+            return;
+        visited.add(fn.name);
+        for (const approval of findUnlimitedApprovals(fn.body)) {
+            approvals.push(approval);
+        }
+        for (const call of findFunctionCalls(fn.body)) {
+            const calleeName = directCallName(call.expression);
+            if (!calleeName)
+                continue;
+            const target = fnMap.get(calleeName);
+            if (!target || target.isExternal)
+                continue;
+            traverse(target, depth + 1);
+        }
+    }
+    traverse(entryFn, 0);
+    return approvals;
+}
+function collectApprovalRevocations(contract) {
+    const revocations = new Set();
+    walk(contract, (node) => {
+        if (!isMemberCall(node, 'approve'))
+            return;
+        const args = node.arguments || [];
+        if (args.length < 2 || !isZero(args[1]))
+            return;
+        const key = expressionKey(args[0]);
+        if (key)
+            revocations.add(key);
+    });
+    return revocations;
+}
+function isGatewayEntry(fn, contractName) {
+    if (CROSS_CHAIN_FUNCTION_NAMES.test(fn.name))
+        return true;
+    if (GENERIC_EXECUTOR_FUNCTION_NAMES.test(fn.name) && hasCrossChainSignal(fn, contractName))
+        return true;
+    if (fn.bytesParams.size > 0 && (fn.addressParams.size > 0 || [...fn.bytesParams].some(name => MESSAGE_NAMES.test(name))) && hasCrossChainSignal(fn, contractName))
+        return true;
+    return false;
+}
+function hasCrossChainSignal(fn, contractName) {
+    if (CROSS_CHAIN_SIGNAL_NAMES.test(contractName))
+        return true;
+    if (fn.modifierNames.some(name => CROSS_CHAIN_MODIFIERS.test(name) || CROSS_CHAIN_SIGNAL_NAMES.test(name)))
+        return true;
+    if (fn.params.some(name => CROSS_CHAIN_PAYLOAD_PARAMS.test(name) || CROSS_CHAIN_SIGNAL_NAMES.test(name)))
+        return true;
+    return hasPayloadDecodeContext(fn);
+}
+function hasPayloadDecodeContext(fn) {
+    let found = false;
+    walk(fn.body, (node) => {
+        if (!isAbiDecode(node))
+            return;
+        const payloadName = expressionKey(node.arguments?.[0]);
+        if (payloadName && CROSS_CHAIN_PAYLOAD_PARAMS.test(payloadName))
+            found = true;
+    });
+    return found;
+}
+function isExternallyCallable(fn) {
+    const visibility = String(fn.visibility || '').toLowerCase();
+    return visibility === 'external' || visibility === 'public' || visibility === '';
+}
+function hasAccessModifier(fn) {
+    return (fn.modifiers || []).some((mod) => ACCESS_MODIFIERS.test(String(mod.name || mod.modifierName?.name || '')));
+}
+function modifierNames(fn) {
+    return (fn.modifiers || []).map((mod) => String(mod.name || mod.modifierName?.name || '')).filter(Boolean);
+}
+function isAbiDecode(node) {
+    return node?.type === 'FunctionCall' &&
+        node.expression?.type === 'MemberAccess' &&
+        node.expression.memberName === 'decode' &&
+        node.expression.expression?.type === 'Identifier' &&
+        node.expression.expression.name === 'abi';
+}
+function isLowLevelCall(node) {
+    if (node?.type !== 'FunctionCall')
+        return false;
+    return !!lowLevelMemberAccess(node);
+}
+function isMemberCall(node, memberName) {
+    return node?.type === 'FunctionCall' && node.expression?.type === 'MemberAccess' && String(node.expression.memberName || '').toLowerCase() === memberName.toLowerCase();
+}
+function unwrapCallOptions(expr) {
+    if (expr?.type === 'NameValueExpression')
+        return unwrapCallOptions(expr.expression);
+    if (expr?.type === 'FunctionCall' && expr.expression?.type === 'MemberAccess' && expr.expression.memberName === 'value') {
+        return expr.expression.expression;
+    }
+    return expr;
+}
+function lowLevelMemberAccess(call) {
+    let expr = call?.expression;
+    if (expr?.type === 'NameValueExpression')
+        expr = expr.expression;
+    if (expr?.type === 'MemberAccess' && LOW_LEVEL_MEMBERS.has(String(expr.memberName || '')))
+        return expr;
+    return null;
+}
+function containsTaint(expr, ctx) {
+    let found = false;
+    walk(expr, (node) => {
+        if (node?.type === 'Identifier' && ctx.tainted.has(node.name))
+            found = true;
+    });
+    return found;
+}
+function isMessageExpression(expr, ctx) {
+    if (!expr)
+        return false;
+    if (expr.type === 'Identifier')
+        return ctx.tainted.has(expr.name) || MESSAGE_NAMES.test(expr.name);
+    if (expr.type === 'MemberAccess')
+        return MESSAGE_NAMES.test(String(expr.memberName || '')) || containsTaint(expr.expression, ctx);
+    return containsTaint(expr, ctx);
+}
+function namesInAssignable(expr) {
+    if (!expr)
+        return [];
+    if (expr.type === 'Identifier')
+        return [expr.name];
+    if (expr.type === 'TupleExpression')
+        return (expr.components || []).flatMap(namesInAssignable);
+    return [];
+}
+function findFunctionCalls(node) {
+    const calls = [];
+    walk(node, (n) => {
+        if (n?.type === 'FunctionCall')
+            calls.push(n);
+    });
+    return calls;
+}
+function directCallName(expr) {
+    if (expr?.type === 'Identifier')
+        return expr.name;
+    return null;
+}
+function containsAllowlistIndex(expr) {
+    let found = false;
+    walk(expr, (node) => {
+        if (node?.type === 'IndexAccess' && isAllowName(node.base))
+            found = true;
+    });
+    return found;
+}
+function containsNegation(expr) {
+    let found = false;
+    walk(expr, (node) => {
+        if (node?.type === 'UnaryOperation' && node.operator === '!')
+            found = true;
+        if (node?.type === 'BinaryOperation' && node.operator === '!=')
+            found = true;
+    });
+    return found;
+}
+function isAllowName(expr) {
+    return /allow|trusted|whitelist|permitted/i.test(expressionKey(expr) || '');
+}
+function isLengthAccess(node) {
+    return node?.type === 'MemberAccess' && node.memberName === 'length';
+}
+function isMsgSender(node) {
+    return node?.type === 'MemberAccess' && node.memberName === 'sender' && node.expression?.type === 'Identifier' && node.expression.name === 'msg';
+}
+function isBytesType(typeName) {
+    return typeName?.type === 'ElementaryTypeName' && typeName.name === 'bytes';
+}
+function isAddressType(typeName) {
+    return typeName?.type === 'ElementaryTypeName' && typeName.name === 'address';
+}
+function isNumericLiteral(node) {
+    return node?.type === 'NumberLiteral' || (node?.type === 'DecimalNumber');
+}
+function isZero(node) {
+    return (node?.type === 'NumberLiteral' || node?.type === 'DecimalNumber') && String(node.number || node.value) === '0';
+}
+function isMaxUint(node) {
+    const key = expressionKey(node).toLowerCase();
+    return key === 'type(uint256).max' || key === 'uint256(-1)' || key === 'max_uint' || key === 'max_uint256' || /maxuint|max_uint|uint256_max/.test(key);
+}
+function expressionKey(expr) {
+    if (!expr || typeof expr !== 'object')
+        return '';
+    switch (expr.type) {
+        case 'Identifier':
+            return expr.name || '';
+        case 'MemberAccess':
+            return `${expressionKey(expr.expression)}.${expr.memberName || ''}`;
+        case 'IndexAccess':
+            return `${expressionKey(expr.base)}[${expressionKey(expr.index)}]`;
+        case 'FunctionCall':
+            return `${expressionKey(expr.expression)}(${(expr.arguments || []).map(expressionKey).join(',')})`;
+        case 'ElementaryTypeName':
+            return expr.name || '';
+        case 'ElementaryTypeNameExpression':
+            return expr.typeName?.name || '';
+        case 'NumberLiteral':
+        case 'DecimalNumber':
+            return String(expr.number || expr.value || '');
+        default:
+            return '';
+    }
+}
+function walk(node, visit) {
+    if (!node || typeof node !== 'object')
+        return;
+    visit(node);
+    for (const child of childNodes(node))
+        walk(child, visit);
+}
+function childNodes(node) {
+    const out = [];
+    for (const [key, value] of Object.entries(node)) {
+        if (key === 'loc' || key === 'range')
+            continue;
+        if (Array.isArray(value)) {
+            for (const item of value)
+                if (item && typeof item === 'object')
+                    out.push(item);
+        }
+        else if (value && typeof value === 'object') {
+            out.push(value);
+        }
+    }
+    return out;
+}
+function locOf(node) {
+    const { line, column } = (0, ast_1.assertLoc)(node);
+    return { line, column };
+}
+function makeFinding(file, contractName, functionName, loc, pattern, message, instanceKey) {
+    return {
+        file,
+        contract: contractName,
+        'function': functionName,
+        line: loc.line,
+        column: loc.column,
+        pattern: `${RULE_ID}/${pattern}`,
+        confidence: 'medium',
+        category: 'vulnerability',
+        ruleId: RULE_ID,
+        severity: 'high',
+        message,
+        contractName,
+        functionName,
+        sourceLocation: loc,
+        findingId: '',
+        contractHash: '',
+        instance_key: instanceKey,
+    };
+}
+function dedupe(findings) {
+    const seen = new Set();
+    const out = [];
+    for (const finding of findings) {
+        const key = `${finding.contractName}:${finding.functionName}:${finding.line}:${finding.pattern}`;
+        if (seen.has(key))
+            continue;
+        seen.add(key);
+        out.push(finding);
+    }
+    return out;
+}
+//# sourceMappingURL=cross-chain-arbitrary-call.js.map

package/dist/detectors/cross-chain-input-validation.d.ts

@@ -0,0 +1,31 @@
+import type { ScanResult } from '../api';
+import type { Detector, DetectorAstKind } from './types';
+export declare class CrossChainInputValidationDetector implements Detector {
+    readonly id = "cross-chain-input-validation";
+    readonly patternKey = "cross-chain-input-validation";
+    readonly supportedAstKinds: DetectorAstKind[];
+    readonly descriptor: {
+        id: string;
+        shortDescription: string;
+        helpUri: string;
+        defaultSeverity: "medium";
+    };
+    private currentFile;
+    private findings;
+    private currentContract;
+    private contractFunctions;
+    setFile(file: string): void;
+    getFindings(): ScanResult[];
+    ContractDefinition(node: any): void;
+    ContractDefinition_post(_node: any): void;
+    FunctionDefinition(node: any): void;
+    private analyzeMinAmountOrdering;
+    private processRestrictionBypass;
+    private emit;
+    private isSinkCall;
+    private getCalleeName;
+    private containsDeductionKeyword;
+    private collectInternalCallNames;
+    private hasRestriction;
+    private requireExpressesRestriction;
+}