@snovon/solast 0.2.0

package/dist/detectors/eip712-domain-separator.js

@@ -0,0 +1,524 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Eip712DomainSeparatorDetector = void 0;
+const ast_1 = require("./_common/ast");
+const RULE_ID = 'eip712-domain-separator';
+class Eip712DomainSeparatorDetector {
+    id = RULE_ID;
+    patternKey = RULE_ID;
+    supportedAstKinds = ['parser'];
+    descriptor = {
+        id: RULE_ID,
+        shortDescription: 'EIP-712 domain separator omits replay boundaries or uses a stale cached separator.',
+        helpUri: 'https://snovon.com/',
+        defaultSeverity: 'high',
+        help: 'Flags EIP-712 domain separator implementations that omit runtime chain id, verifying contract binding, or cache invalidation when block.chainid changes.',
+    };
+    currentFile = '';
+    currentContract = '';
+    currentContractKind = '';
+    currentFunction = null;
+    findings = [];
+    domainVariables = new Map();
+    typeHashes = new Map();
+    chainIdHelpers = new Set();
+    safeDomainBuilders = new Set();
+    pendingStaleCacheEmits = [];
+    hasGuardedDomainGetter = false;
+    setFile(file) {
+        this.currentFile = file;
+        this.currentContract = '';
+        this.currentContractKind = '';
+        this.currentFunction = null;
+        this.findings = [];
+        this.domainVariables.clear();
+        this.typeHashes.clear();
+        this.chainIdHelpers.clear();
+        this.safeDomainBuilders.clear();
+        this.pendingStaleCacheEmits = [];
+        this.hasGuardedDomainGetter = false;
+    }
+    getFindings() {
+        return this.findings;
+    }
+    ContractDefinition(node) {
+        this.currentContract = node.name || '';
+        this.currentContractKind = node.kind || '';
+        this.currentFunction = null;
+        this.domainVariables.clear();
+        this.typeHashes.clear();
+        this.chainIdHelpers.clear();
+        this.safeDomainBuilders.clear();
+        this.pendingStaleCacheEmits = [];
+        this.hasGuardedDomainGetter = false;
+        if (!this.isNonExecutableContract())
+            this.preScanContractHelpers(node);
+    }
+    'ContractDefinition:exit'(_node) {
+        if (!this.hasGuardedDomainGetter) {
+            for (const pending of this.pendingStaleCacheEmits) {
+                this.emitFinding(pending.facts, 'stale-cached-domain-separator', pending.node);
+            }
+        }
+        this.currentContract = '';
+        this.currentContractKind = '';
+        this.currentFunction = null;
+        this.domainVariables.clear();
+        this.typeHashes.clear();
+        this.chainIdHelpers.clear();
+        this.safeDomainBuilders.clear();
+        this.pendingStaleCacheEmits = [];
+        this.hasGuardedDomainGetter = false;
+    }
+    StructDefinition(node) {
+        if (this.isNonExecutableContract() || node.name !== 'EIP712Domain')
+            return;
+        const fields = (node.members || []).map((member) => String(member?.name || '').toLowerCase());
+        if (!fields.length)
+            return;
+        this.typeHashes.set('EIP712Domain', {
+            hasChainId: fields.includes('chainid'),
+            hasVerifyingContract: fields.includes('verifyingcontract'),
+        });
+    }
+    StateVariableDeclaration(node) {
+        if (this.isNonExecutableContract())
+            return;
+        for (const variable of node.variables || []) {
+            const name = variable?.name || '';
+            if (!name)
+                continue;
+            const initExpr = variable.expression || node.initialValue;
+            const typeHashFacts = eip712TypeHashFacts(initExpr);
+            if (typeHashFacts)
+                this.typeHashes.set(name, typeHashFacts);
+            if (isDomainSeparatorName(name)) {
+                const isImmutable = Boolean(variable.isImmutable || variable.isDeclaredConst);
+                const isPublic = variable.visibility === 'public';
+                const hasInit = Boolean(initExpr);
+                this.domainVariables.set(name, {
+                    immutable: isImmutable,
+                    public: isPublic,
+                    assignedInConstructor: hasInit,
+                });
+                if (hasInit) {
+                    const facts = {
+                        name,
+                        node,
+                        isConstructor: false,
+                        isDomainFunction: true,
+                        chainGuard: false,
+                        returnsCachedDomain: false,
+                        recomputeFallback: false,
+                        emitted: false,
+                    };
+                    this.analyzeDomainConstruction(initExpr, facts, node);
+                    if (!facts.emitted && isPublic && domainEncodeCall(initExpr)) {
+                        this.pendingStaleCacheEmits.push({ facts, node });
+                    }
+                }
+            }
+        }
+    }
+    FunctionDefinition(node) {
+        this.currentFunction = null;
+        if (this.isNonExecutableContract() || !node.body)
+            return;
+        const name = node.isConstructor ? 'constructor' : (node.name || '<anonymous>');
+        this.currentFunction = {
+            name,
+            node,
+            isConstructor: Boolean(node.isConstructor),
+            isDomainFunction: isDomainSeparatorName(name),
+            chainGuard: false,
+            returnsCachedDomain: false,
+            recomputeFallback: false,
+            emitted: false,
+        };
+    }
+    'FunctionDefinition:exit'(_node) {
+        const facts = this.currentFunction;
+        if (!facts)
+            return;
+        if (facts.isDomainFunction && facts.chainGuard && facts.recomputeFallback) {
+            this.hasGuardedDomainGetter = true;
+        }
+        if (facts.isDomainFunction && facts.returnsCachedDomain && !(facts.chainGuard && facts.recomputeFallback)) {
+            this.emitFinding(facts, 'stale-cached-domain-separator', facts.node);
+        }
+        this.currentFunction = null;
+    }
+    VariableDeclarationStatement(node) {
+        if (!this.currentFunction)
+            return;
+        const facts = eip712TypeHashFacts(node.initialValue);
+        if (!facts)
+            return;
+        for (const variable of node.variables || []) {
+            if (variable?.name)
+                this.typeHashes.set(variable.name, facts);
+        }
+    }
+    ExpressionStatement(node) {
+        const facts = this.currentFunction;
+        if (!facts || !(0, ast_1.isNode)(node.expression, 'BinaryOperation'))
+            return;
+        const expr = node.expression;
+        if (!isAssignmentOperator(expr.operator))
+            return;
+        const target = identifierName(expr.left);
+        if (target) {
+            const typeHashFacts = eip712TypeHashFacts(expr.right);
+            if (typeHashFacts)
+                this.typeHashes.set(target, typeHashFacts);
+        }
+        if (!facts.isConstructor || !target || !isDomainSeparatorName(target))
+            return;
+        const domainVar = this.domainVariables.get(target);
+        if (domainVar)
+            domainVar.assignedInConstructor = true;
+        this.analyzeDomainConstruction(expr.right, facts, node);
+        if (!facts.emitted && domainVar?.public && domainEncodeCall(expr.right)) {
+            this.pendingStaleCacheEmits.push({ facts, node });
+        }
+    }
+    ReturnStatement(node) {
+        const facts = this.currentFunction;
+        if (!facts || !facts.isDomainFunction)
+            return;
+        this.analyzeDomainConstruction(node.expression, facts, node);
+        if (referencesCachedDomain(node.expression, this.domainVariables))
+            facts.returnsCachedDomain = true;
+        if (isSafeDomainRecompute(node.expression, this.safeDomainBuilders, this.chainIdHelpers)) {
+            facts.recomputeFallback = true;
+        }
+    }
+    IfStatement(node) {
+        const facts = this.currentFunction;
+        if (!facts)
+            return;
+        if (containsRuntimeChainId(node.condition, this.chainIdHelpers))
+            facts.chainGuard = true;
+    }
+    FunctionCall(node) {
+        const facts = this.currentFunction;
+        if (!facts)
+            return;
+        if (isAddressThis(node)) {
+            return;
+        }
+        const name = directCallName(node.expression);
+        if (name && this.chainIdHelpers.has(name)) {
+            return;
+        }
+        if (facts.isDomainFunction || facts.isConstructor) {
+            this.analyzeDomainConstruction(node, facts, node);
+        }
+    }
+    analyzeDomainConstruction(node, facts, locNode) {
+        if (!node || facts.emitted)
+            return;
+        const encodeCall = domainEncodeCall(node);
+        if (!encodeCall)
+            return;
+        const args = encodeCall.arguments || [];
+        const typeHashFacts = this.resolveTypeHashFacts(args[0]);
+        const binding = bindingFacts(args, this.chainIdHelpers);
+        const missingChain = typeHashFacts
+            ? !typeHashFacts.hasChainId || (!binding.runtimeChainBound && !binding.staticChainBound)
+            : !binding.runtimeChainBound;
+        const missingContract = typeHashFacts
+            ? !typeHashFacts.hasVerifyingContract || !binding.contractBound
+            : !binding.contractBound;
+        let mode = null;
+        if (missingChain && missingContract)
+            mode = 'missing-domain-boundaries';
+        else if (missingChain)
+            mode = 'missing-chain-id';
+        else if (missingContract)
+            mode = 'missing-verifying-contract';
+        else if (binding.staticChainBound && !binding.runtimeChainBound)
+            mode = 'hardcoded-chain-id';
+        if (mode)
+            this.emitFinding(facts, mode, locNode);
+    }
+    resolveTypeHashFacts(node) {
+        const direct = eip712TypeHashFacts(node);
+        if (direct)
+            return direct;
+        if ((0, ast_1.isNode)(node, 'Identifier')) {
+            return this.typeHashes.get(node.name || '') || null;
+        }
+        return null;
+    }
+    emitFinding(facts, mode, node) {
+        if (facts.emitted)
+            return;
+        facts.emitted = true;
+        const loc = (0, ast_1.tryLoc)(node, facts.node) || { line: 1, endLine: 1, column: 0, endColumn: 0 };
+        this.findings.push({
+            file: this.currentFile,
+            contract: this.currentContract,
+            'function': facts.name,
+            line: loc.line,
+            endLine: loc.endLine,
+            column: loc.column,
+            pattern: mode,
+            confidence: 'medium',
+            ruleId: RULE_ID,
+            severity: 'high',
+            category: 'vulnerability',
+            message: messageFor(mode, facts),
+            rationale: rationaleFor(mode),
+            suggestedFix: fixFor(mode),
+            contractName: this.currentContract,
+            functionName: facts.name,
+            sourceLocation: { line: loc.line, column: loc.column },
+            findingId: '',
+            contractHash: '',
+        });
+    }
+    isNonExecutableContract() {
+        return this.currentContractKind === 'interface';
+    }
+    preScanContractHelpers(contract) {
+        const functions = (contract.subNodes || []).filter((subNode) => (0, ast_1.isNode)(subNode, 'FunctionDefinition') && subNode.body);
+        // Source order is semantically irrelevant in Solidity. Iterate the
+        // pre-scan to a fixed point so a helper used by a builder declared
+        // before it is still recognised. Sets only widen, bounded by 2*N,
+        // so termination is guaranteed.
+        const maxIterations = functions.length * 2 + 2;
+        let iterations = 0;
+        let changed = true;
+        while (changed && iterations < maxIterations) {
+            changed = false;
+            iterations++;
+            for (const fn of functions) {
+                const name = fn.name || '';
+                if (!name)
+                    continue;
+                if (this.chainIdHelpers.has(name) && this.safeDomainBuilders.has(name))
+                    continue;
+                const facts = preScanFunction(fn.body, this.chainIdHelpers, this.safeDomainBuilders);
+                if (facts.runtimeChainBound && !this.chainIdHelpers.has(name)) {
+                    this.chainIdHelpers.add(name);
+                    changed = true;
+                }
+                if (facts.safeDomainBuilder && !this.safeDomainBuilders.has(name)) {
+                    this.safeDomainBuilders.add(name);
+                    changed = true;
+                }
+            }
+        }
+    }
+}
+exports.Eip712DomainSeparatorDetector = Eip712DomainSeparatorDetector;
+function messageFor(mode, facts) {
+    if (mode === 'missing-chain-id') {
+        return `EIP-712 domain separator in ${facts.name} omits runtime chain id binding.`;
+    }
+    if (mode === 'missing-verifying-contract') {
+        return `EIP-712 domain separator in ${facts.name} omits verifying contract binding.`;
+    }
+    if (mode === 'missing-domain-boundaries') {
+        return `EIP-712 domain separator in ${facts.name} omits chain id and verifying contract replay boundaries.`;
+    }
+    if (mode === 'hardcoded-chain-id') {
+        return `EIP-712 domain separator in ${facts.name} uses a fixed chain id instead of block.chainid.`;
+    }
+    return `EIP-712 domain separator in ${facts.name} can return a cached separator without a block.chainid recompute guard.`;
+}
+function rationaleFor(mode) {
+    if (mode === 'missing-verifying-contract') {
+        return 'Typed-data signatures that are not bound to address(this) can be replayed against another contract with the same domain fields.';
+    }
+    if (mode === 'stale-cached-domain-separator' || mode === 'hardcoded-chain-id') {
+        return 'A separator that does not use the current block.chainid, or that reuses a cached value without checking block.chainid, can become replayable after a chain fork.';
+    }
+    return 'EIP-712 domains should bind signatures to both the current chain id and verifying contract to prevent cross-chain or cross-contract replay.';
+}
+function fixFor(mode) {
+    if (mode === 'stale-cached-domain-separator') {
+        return 'Cache the separator with the chain id and return the cached value only when block.chainid still matches; otherwise recompute it.';
+    }
+    return 'Build the EIP-712 domain separator with block.chainid and address(this), and include chainId and verifyingContract in the domain type hash.';
+}
+function eip712TypeHashFacts(node) {
+    if (!(0, ast_1.isNode)(node, 'FunctionCall') || directCallName(node.expression) !== 'keccak256')
+        return null;
+    const arg = node.arguments?.[0];
+    if (!(0, ast_1.isNode)(arg, 'StringLiteral') || typeof arg.value !== 'string')
+        return null;
+    if (!/^EIP712Domain\s*\(/.test(arg.value))
+        return null;
+    return {
+        hasChainId: /\bchainId\b/.test(arg.value),
+        hasVerifyingContract: /\bverifyingContract\b/.test(arg.value),
+    };
+}
+function domainEncodeCall(node) {
+    if (!(0, ast_1.isNode)(node, 'FunctionCall'))
+        return null;
+    const name = directCallName(node.expression);
+    if (name === 'keccak256') {
+        const arg = node.arguments?.[0];
+        return isAbiEncodeCall(arg) ? arg : null;
+    }
+    return null;
+}
+function isAbiEncodeCall(node) {
+    return (0, ast_1.isNode)(node, 'FunctionCall') && (0, ast_1.isNode)(node.expression, 'MemberAccess') &&
+        node.expression.memberName === 'encode' &&
+        (0, ast_1.isNode)(node.expression.expression, 'Identifier') &&
+        node.expression.expression.name === 'abi';
+}
+function bindingFacts(nodes, chainIdHelpers) {
+    let runtimeChainBound = false;
+    let staticChainBound = false;
+    let contractBound = false;
+    for (const node of nodes) {
+        forEachNode(node, current => {
+            if (containsRuntimeChainId(current, chainIdHelpers))
+                runtimeChainBound = true;
+            if (isStaticChainId(current))
+                staticChainBound = true;
+            if (isAddressThis(current))
+                contractBound = true;
+        });
+    }
+    return { runtimeChainBound, staticChainBound, contractBound };
+}
+function isSafeDomainRecompute(node, safeDomainBuilders, chainIdHelpers) {
+    if (!node)
+        return false;
+    const encodeCall = domainEncodeCall(node);
+    if (encodeCall) {
+        const binding = bindingFacts(encodeCall.arguments || [], chainIdHelpers);
+        return binding.runtimeChainBound && binding.contractBound;
+    }
+    if ((0, ast_1.isNode)(node, 'FunctionCall')) {
+        const name = directCallName(node.expression);
+        return Boolean(name && safeDomainBuilders.has(name));
+    }
+    return false;
+}
+function containsRuntimeChainId(node, chainIdHelpers) {
+    return containsNode(node, current => {
+        if (isBlockChainId(current) || isAssemblyChainId(current))
+            return true;
+        if (!(0, ast_1.isNode)(current, 'FunctionCall'))
+            return false;
+        const name = directCallName(current.expression);
+        return Boolean(name && chainIdHelpers.has(name));
+    });
+}
+function preScanFunction(body, chainIdHelpers, safeDomainBuilders) {
+    let runtimeChainBound = false;
+    let safeDomainBuilder = false;
+    forEachNode(body, current => {
+        if (containsRuntimeChainId(current, chainIdHelpers))
+            runtimeChainBound = true;
+        const encodeCall = domainEncodeCall(current);
+        if (!encodeCall)
+            return;
+        const binding = bindingFacts(encodeCall.arguments || [], chainIdHelpers);
+        if (binding.runtimeChainBound && binding.contractBound)
+            safeDomainBuilder = true;
+    });
+    if (!safeDomainBuilder) {
+        forEachNode(body, current => {
+            if (!(0, ast_1.isNode)(current, 'FunctionCall'))
+                return;
+            const name = directCallName(current.expression);
+            if (name && safeDomainBuilders.has(name))
+                safeDomainBuilder = true;
+        });
+    }
+    return { runtimeChainBound, safeDomainBuilder };
+}
+function referencesCachedDomain(node, domainVariables) {
+    return containsNode(node, current => {
+        if (!(0, ast_1.isNode)(current, 'Identifier'))
+            return false;
+        const name = current.name || '';
+        if (!isDomainSeparatorName(name))
+            return false;
+        const tracked = domainVariables.get(name);
+        if (tracked && tracked.immutable)
+            return true;
+        return /cached|_CACHED/i.test(name);
+    });
+}
+function isBlockChainId(node) {
+    return (0, ast_1.isNode)(node, 'MemberAccess') &&
+        node.memberName === 'chainid' &&
+        (0, ast_1.isNode)(node.expression, 'Identifier') &&
+        node.expression.name === 'block';
+}
+function isAssemblyChainId(node) {
+    if (!(0, ast_1.isNode)(node, 'InlineAssemblyStatement'))
+        return false;
+    return JSON.stringify(node).includes('chainid');
+}
+function isStaticChainId(node) {
+    if ((0, ast_1.isNode)(node, 'NumberLiteral'))
+        return true;
+    if (!(0, ast_1.isNode)(node, 'FunctionCall'))
+        return false;
+    const name = directCallName(node.expression);
+    return /^u?int(256)?$/.test(name) && (0, ast_1.isNode)(node.arguments?.[0], 'NumberLiteral');
+}
+function isAddressThis(node) {
+    return (0, ast_1.isNode)(node, 'FunctionCall') &&
+        directCallName(node.expression) === 'address' &&
+        (0, ast_1.isNode)(node.arguments?.[0], 'Identifier') &&
+        node.arguments[0].name === 'this';
+}
+function isDomainSeparatorName(name) {
+    return /domain.*separator/i.test(name);
+}
+function directCallName(expr) {
+    if ((0, ast_1.isNode)(expr, 'Identifier'))
+        return expr.name || '';
+    if ((0, ast_1.isNode)(expr, 'MemberAccess'))
+        return expr.memberName || '';
+    return '';
+}
+function identifierName(node) {
+    if ((0, ast_1.isNode)(node, 'Identifier'))
+        return node.name || '';
+    if ((0, ast_1.isNode)(node, 'IndexAccess'))
+        return identifierName(node.base);
+    if ((0, ast_1.isNode)(node, 'MemberAccess'))
+        return node.memberName || '';
+    return '';
+}
+function isAssignmentOperator(operator) {
+    return ['=', '+=', '-=', '*=', '/=', '%=', '|=', '&=', '^='].includes(operator);
+}
+function containsNode(node, predicate) {
+    let found = false;
+    forEachNode(node, current => {
+        if (!found && predicate(current))
+            found = true;
+    });
+    return found;
+}
+function forEachNode(node, visit, seen = new Set()) {
+    if (!node || typeof node !== 'object' || seen.has(node))
+        return;
+    seen.add(node);
+    visit(node);
+    for (const [key, value] of Object.entries(node)) {
+        if (key === 'loc' || key === 'range' || key === 'comments')
+            continue;
+        if (Array.isArray(value)) {
+            for (const child of value)
+                forEachNode(child, visit, seen);
+        }
+        else if (value && typeof value === 'object') {
+            forEachNode(value, visit, seen);
+        }
+    }
+}
+//# sourceMappingURL=eip712-domain-separator.js.map

package/dist/detectors/eip712-signature-verification.d.ts

@@ -0,0 +1,49 @@
+import type { ScanResult } from '../index';
+export declare class Eip712SignatureVerificationDetector {
+    readonly id = "eip712-signature-verification";
+    readonly patternKey = "eip712-signature-verification";
+    readonly supportedAstKinds: "parser"[];
+    readonly descriptor: {
+        id: string;
+        shortDescription: string;
+        helpUri: string;
+        defaultSeverity: "high";
+        help: string;
+    };
+    private currentFile;
+    private currentContract;
+    private currentContractKind;
+    private currentFunction;
+    private findings;
+    private domainVars;
+    private safeDomainFunctions;
+    private fileRecoverHelpers;
+    private recoverHelpers;
+    private typedDataHelpers;
+    private helperBodyFacts;
+    setFile(file: string): void;
+    getFindings(): ScanResult[];
+    ContractDefinition(node: any): void;
+    'ContractDefinition:exit'(_node: any): void;
+    StateVariableDeclaration(node: any): void;
+    FunctionDefinition(node: any): void;
+    ModifierDefinition(node: any): void;
+    'FunctionDefinition:exit'(node: any): void;
+    'ModifierDefinition:exit'(node: any): void;
+    VariableDeclarationStatement(node: any): void;
+    ExpressionStatement(node: any): void;
+    IfStatement(node: any): void;
+    FunctionCall(node: any): void;
+    ReturnStatement(node: any): void;
+    UnaryOperation(node: any): void;
+    MemberAccess(node: any): void;
+    BinaryOperation(node: any): void;
+    private analyzeFunction;
+    private recoverDigest;
+    private recordDigestFacts;
+    private resolve;
+    private makeFinding;
+    private isNonExecutableContract;
+    private preScanContractHelpers;
+    private preScanFunctionBody;
+}