@snovon/solast 0.2.0

package/dist/detectors/eip7702-delegation-reentrancy.js

@@ -0,0 +1,705 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EIP7702DelegationReentrancyDetector = void 0;
+const RULE_ID = 'eip7702-delegation-reentrancy';
+const PROVENANCE = 'x-20260518-eip7702-delegation-reentrancy';
+class EIP7702DelegationReentrancyDetector {
+    id = RULE_ID;
+    patternKey = RULE_ID;
+    supportedAstKinds = ['parser'];
+    descriptor = {
+        id: RULE_ID,
+        shortDescription: 'EOA/non-contract assumption before external interaction and post-call state mutation can be unsafe under EIP-7702 delegation.',
+        helpUri: 'https://snovon.com/',
+        defaultSeverity: 'medium',
+        help: 'Flags externally callable functions that use tx.origin/no-code/extcodesize EOA assumptions, then interact with an untrusted caller-supplied target, then mutate state after the interaction.',
+    };
+    file = '';
+    findings = [];
+    contractStack = [];
+    setFile(file) {
+        this.file = file;
+        this.findings = [];
+        this.contractStack = [];
+    }
+    getFindings() {
+        return this.findings;
+    }
+    ContractDefinition(node) {
+        this.contractStack.push({
+            name: node?.name || '<anonymous>',
+            kind: String(node?.kind || ''),
+            stateVars: collectStateVariables(node),
+            modifiers: collectModifierDefinitions(node),
+            helpers: collectInternalHelpers(node),
+        });
+    }
+    ContractDefinition_post() {
+        this.contractStack.pop();
+    }
+    FunctionDefinition(node) {
+        const contract = this.contractStack[this.contractStack.length - 1];
+        if (!contract || contract.kind === 'interface' || contract.kind === 'library')
+            return;
+        if (!node?.body || !isExternallyCallable(node))
+            return;
+        if (node?.isConstructor === true || String(node?.kind || '').toLowerCase() === 'constructor')
+            return;
+        const mutability = String(node?.stateMutability || '').toLowerCase();
+        if (mutability === 'view' || mutability === 'pure')
+            return;
+        const ctx = {
+            contract,
+            fn: node,
+            fnName: functionDisplayName(node),
+            localVars: collectFunctionLocals(node),
+            sizeLocals: new Set(),
+            aliases: new Map(),
+            trustGuards: [],
+            sawEoaGuard: false,
+            interaction: null,
+            mutationAfterInteraction: null,
+        };
+        scanAppliedModifiers(node, ctx);
+        scanStatement(node.body, ctx, new Set());
+        if (!ctx.sawEoaGuard || !ctx.interaction || !ctx.mutationAfterInteraction)
+            return;
+        const loc = getLoc(ctx.interaction.node) || getLoc(ctx.mutationAfterInteraction) || getLoc(node) || { line: 1, column: 0 };
+        this.findings.push({
+            file: this.file,
+            contract: contract.name,
+            'function': ctx.fnName,
+            line: loc.line,
+            endLine: loc.line,
+            column: loc.column,
+            pattern: RULE_ID,
+            confidence: 'high',
+            ruleId: RULE_ID,
+            severity: 'medium',
+            category: 'vulnerability',
+            message: `EIP-7702 delegation reentrancy: '${contract.name}.${ctx.fnName}' relies on an EOA/non-contract assumption before an untrusted external interaction and mutates state after the call.`,
+            rationale: 'EIP-7702 lets EOAs execute delegated code, so tx.origin, no-code, or extcodesize gates no longer prove the caller or account cannot execute callback logic during the external interaction.',
+            suggestedFix: 'Remove the EOA-style trust assumption, require an explicit trusted target allowlist where delegation is intentional, and move accounting effects before the interaction or add a reentrancy guard.',
+            contractName: contract.name,
+            functionName: ctx.fnName,
+            sourceLocation: { line: loc.line, column: loc.column },
+            findingId: '',
+            contractHash: '',
+            externalCallNode: ctx.interaction.node,
+            stateMutationNode: ctx.mutationAfterInteraction,
+            operationType: ctx.interaction.kind,
+            provenance: PROVENANCE,
+            source: PROVENANCE,
+        });
+    }
+}
+exports.EIP7702DelegationReentrancyDetector = EIP7702DelegationReentrancyDetector;
+function scanAppliedModifiers(fn, ctx) {
+    for (const invocation of fn?.modifiers || []) {
+        const name = getModifierInvocationName(invocation);
+        const def = name ? ctx.contract.modifiers.get(name) : null;
+        if (!def?.body)
+            continue;
+        addArgumentAliases(invocation, def, ctx);
+        scanGuardOnly(def.body, ctx);
+    }
+}
+function scanStatement(stmt, ctx, visitedHelpers) {
+    if (!stmt || typeof stmt !== 'object' || ctx.mutationAfterInteraction)
+        return;
+    if (isNode(stmt, 'Block')) {
+        for (const s of stmt.statements || [])
+            scanStatement(s, ctx, visitedHelpers);
+        return;
+    }
+    if (isNode(stmt, 'InlineAssemblyStatement')) {
+        collectExtcodesizeAssignments(stmt, ctx.sizeLocals);
+        return;
+    }
+    if (isNode(stmt, 'IfStatement')) {
+        recordIfGate(stmt, ctx);
+        scanStatement(stmt.trueBody, ctx, visitedHelpers);
+        scanStatement(stmt.falseBody, ctx, visitedHelpers);
+        return;
+    }
+    if (isNode(stmt, 'VariableDeclarationStatement')) {
+        recordVariableAliases(stmt, ctx);
+        if (stmt.initialValue)
+            scanExpression(stmt.initialValue, ctx, visitedHelpers);
+        return;
+    }
+    if (isNode(stmt, 'ExpressionStatement')) {
+        scanExpression(stmt.expression, ctx, visitedHelpers);
+        return;
+    }
+    if (isNode(stmt, 'ReturnStatement')) {
+        if (stmt.expression)
+            scanExpression(stmt.expression, ctx, visitedHelpers);
+        return;
+    }
+    if (isNode(stmt, 'ForStatement') || isNode(stmt, 'WhileStatement') || isNode(stmt, 'DoWhileStatement')) {
+        scanStatement(stmt.body, ctx, visitedHelpers);
+        return;
+    }
+    if (isNode(stmt, 'TryStatement')) {
+        if (stmt.expression)
+            scanExpression(stmt.expression, ctx, visitedHelpers);
+        scanStatement(stmt.body, ctx, visitedHelpers);
+        for (const cc of stmt.catchClauses || [])
+            scanStatement(cc?.body, ctx, visitedHelpers);
+        return;
+    }
+    if (isNode(stmt, 'UncheckedStatement')) {
+        scanStatement(stmt.block, ctx, visitedHelpers);
+    }
+}
+function scanExpression(expr, ctx, visitedHelpers) {
+    if (!expr || typeof expr !== 'object' || ctx.mutationAfterInteraction)
+        return;
+    if (isFunctionCall(expr)) {
+        const calleeName = getCalleeIdentifierName(expr);
+        if (calleeName === 'require' || calleeName === 'assert') {
+            const cond = (expr.arguments || [])[0];
+            recordRequireCondition(cond, ctx);
+            return;
+        }
+        if (calleeName === 'revert')
+            return;
+        if (calleeName && ctx.contract.helpers.has(calleeName) && !visitedHelpers.has(calleeName)) {
+            visitedHelpers.add(calleeName);
+            scanStatement(ctx.contract.helpers.get(calleeName)?.body, ctx, visitedHelpers);
+            visitedHelpers.delete(calleeName);
+            return;
+        }
+    }
+    const interaction = findFirstExternalInteraction(expr, ctx);
+    if (!ctx.interaction && interaction)
+        ctx.interaction = interaction;
+    if (ctx.interaction && expressionMutatesState(expr, ctx)) {
+        ctx.mutationAfterInteraction = expr;
+    }
+}
+function scanGuardOnly(node, ctx) {
+    if (!node || typeof node !== 'object')
+        return;
+    if (isNode(node, 'InlineAssemblyStatement')) {
+        collectExtcodesizeAssignments(node, ctx.sizeLocals);
+        return;
+    }
+    if (isNode(node, 'IfStatement'))
+        recordIfGate(node, ctx);
+    if (isNode(node, 'FunctionCall')) {
+        const name = getCalleeIdentifierName(node);
+        if (name === 'require' || name === 'assert')
+            recordRequireCondition((node.arguments || [])[0], ctx);
+    }
+    for (const child of childrenOf(node))
+        scanGuardOnly(child, ctx);
+}
+function recordIfGate(stmt, ctx) {
+    if (bodyContainsRevert(stmt.trueBody) && isEoaInvertedCondition(stmt.condition, ctx.sizeLocals)) {
+        ctx.sawEoaGuard = true;
+    }
+    if (bodyContainsRevert(stmt.falseBody) && isEoaPositiveCondition(stmt.condition, ctx.sizeLocals)) {
+        ctx.sawEoaGuard = true;
+    }
+}
+function recordRequireCondition(cond, ctx) {
+    if (!cond)
+        return;
+    const conjuncts = [];
+    collectAndConjuncts(cond, conjuncts);
+    for (const c of conjuncts) {
+        if (isEoaPositiveCondition(c, ctx.sizeLocals))
+            ctx.sawEoaGuard = true;
+        else
+            ctx.trustGuards.push(c);
+    }
+}
+function findFirstExternalInteraction(expr, ctx) {
+    let found = null;
+    walk(expr, n => {
+        if (found || !isFunctionCall(n))
+            return;
+        const callee = unwrapCallOptions(n.expression);
+        if (!isNode(callee, 'MemberAccess'))
+            return;
+        const memberName = String(callee.memberName || '').toLowerCase();
+        if (memberName === 'staticcall')
+            return;
+        if (memberName === 'call' || memberName === 'delegatecall' || memberName === 'send' || memberName === 'transfer') {
+            if (isUntrustedTarget(callee.expression, ctx))
+                found = { node: n, target: callee.expression, kind: memberName };
+            return;
+        }
+        if (isUntrustedTarget(callee.expression, ctx))
+            found = { node: n, target: callee.expression, kind: 'external-call' };
+    });
+    return found;
+}
+function expressionMutatesState(expr, ctx) {
+    let mutates = false;
+    walk(expr, n => {
+        if (mutates || !n || typeof n !== 'object')
+            return;
+        if (isNode(n, 'BinaryOperation') && ASSIGNMENT_OPERATORS.has(String(n.operator || ''))) {
+            if (isStateReference(n.left, ctx))
+                mutates = true;
+            return;
+        }
+        if (isNode(n, 'UnaryOperation') && (n.operator === '++' || n.operator === '--' || n.operator === 'delete')) {
+            if (isStateReference(n.subExpression, ctx))
+                mutates = true;
+        }
+    });
+    return mutates;
+}
+const ASSIGNMENT_OPERATORS = new Set(['=', '+=', '-=', '*=', '/=', '%=', '&=', '|=', '^=', '<<=', '>>=']);
+function isStateReference(node, ctx) {
+    const root = rootIdentifier(node);
+    return Boolean(root && ctx.contract.stateVars.has(root) && !ctx.localVars.has(root));
+}
+function rootIdentifier(node) {
+    let cur = node;
+    while (cur && typeof cur === 'object') {
+        if (isNode(cur, 'Identifier'))
+            return String(cur.name || '');
+        if (isNode(cur, 'IndexAccess')) {
+            cur = cur.base || cur.baseExpression;
+            continue;
+        }
+        if (isNode(cur, 'MemberAccess')) {
+            cur = cur.expression;
+            continue;
+        }
+        if (isFunctionCall(cur)) {
+            cur = cur.expression;
+            continue;
+        }
+        return '';
+    }
+    return '';
+}
+function recordVariableAliases(stmt, ctx) {
+    const vars = declaredNames(stmt);
+    if (vars.length === 0 || !stmt.initialValue)
+        return;
+    const targetIds = new Set();
+    collectIdentifierNames(stmt.initialValue, targetIds);
+    if (targetIds.size === 0)
+        return;
+    for (const name of vars) {
+        for (const target of targetIds)
+            addAlias(name, target, ctx.aliases);
+    }
+}
+function addArgumentAliases(invocation, definition, ctx) {
+    const params = getParameterNames(definition);
+    const args = invocation?.arguments || [];
+    const count = Math.min(params.length, args.length);
+    for (let i = 0; i < count; i++) {
+        if (isNode(args[i], 'Identifier'))
+            addAlias(params[i], String(args[i].name || ''), ctx.aliases);
+    }
+}
+function addAlias(alias, target, aliases) {
+    if (!alias || !target || alias === target)
+        return;
+    let set = aliases.get(alias);
+    if (!set) {
+        set = new Set();
+        aliases.set(alias, set);
+    }
+    set.add(target);
+}
+function isUntrustedTarget(target, ctx) {
+    if (!target)
+        return true;
+    if (isSelfTarget(target))
+        return false;
+    const ids = new Set();
+    collectIdentifierNames(target, ids);
+    if (ids.size === 0)
+        return true;
+    const expanded = expandAliases(ids, ctx.aliases);
+    for (const guard of ctx.trustGuards) {
+        if (isAllowlistPredicateForTarget(guard, expanded))
+            return false;
+    }
+    return true;
+}
+function expandAliases(ids, aliases) {
+    const expanded = new Set(ids);
+    let changed = true;
+    while (changed) {
+        changed = false;
+        for (const [alias, targets] of aliases.entries()) {
+            if (expanded.has(alias))
+                continue;
+            for (const target of targets) {
+                if (expanded.has(target)) {
+                    expanded.add(alias);
+                    changed = true;
+                    break;
+                }
+            }
+        }
+    }
+    return expanded;
+}
+function isAllowlistPredicateForTarget(guard, targetIds) {
+    if (isIndexAccessKeyedByTarget(guard, targetIds))
+        return true;
+    if (!isNode(guard, 'BinaryOperation'))
+        return false;
+    const op = guard.operator;
+    if (op === '==' || op === '!=') {
+        const wantsTrue = op === '==';
+        const truthyMappingMatch = (a, b) => isIndexAccessKeyedByTarget(a, targetIds) &&
+            ((wantsTrue && (isLiteralTrue(b) || isLiteralOne(b))) ||
+                (!wantsTrue && (isLiteralFalse(b) || isLiteralZero(b))));
+        if (truthyMappingMatch(guard.left, guard.right) || truthyMappingMatch(guard.right, guard.left))
+            return true;
+    }
+    if (op === '==') {
+        return isEqualityWithTrustedReference(guard.left, guard.right, targetIds) ||
+            isEqualityWithTrustedReference(guard.right, guard.left, targetIds);
+    }
+    return false;
+}
+function isIndexAccessKeyedByTarget(node, targetIds) {
+    if (!isNode(node, 'IndexAccess'))
+        return false;
+    const idx = node.index || node.indexExpression;
+    return isNode(idx, 'Identifier') && targetIds.has(String(idx.name || ''));
+}
+function isEqualityWithTrustedReference(targetSide, otherSide, targetIds) {
+    if (!isNode(targetSide, 'Identifier') || !targetIds.has(String(targetSide.name || '')))
+        return false;
+    if (isAddressZeroExpr(otherSide) || isSelfTarget(otherSide) || isMsgSender(otherSide) || isTxOrigin(otherSide))
+        return false;
+    return isNode(otherSide, 'Identifier') || isNode(otherSide, 'MemberAccess');
+}
+function isEoaPositiveCondition(cond, sizeLocals) {
+    if (!cond || typeof cond !== 'object')
+        return false;
+    if (isNode(cond, 'BinaryOperation') && cond.operator === '&&') {
+        return isEoaPositiveCondition(cond.left, sizeLocals) || isEoaPositiveCondition(cond.right, sizeLocals);
+    }
+    if (isNode(cond, 'UnaryOperation') && cond.operator === '!') {
+        return isIsContractCall(cond.subExpression);
+    }
+    if (isFunctionCall(cond) && getCalleeIdentifierName(cond).toLowerCase() === 'isnotcontract')
+        return true;
+    if (!isNode(cond, 'BinaryOperation'))
+        return false;
+    if (cond.operator === '==') {
+        return matchMsgSenderAndTxOrigin(cond.left, cond.right) ||
+            matchSizeAndZero(cond.left, cond.right, sizeLocals) ||
+            matchCodeLengthAndZero(cond.left, cond.right);
+    }
+    if (cond.operator === '<') {
+        return matchSizeAndOne(cond.left, cond.right, sizeLocals) ||
+            matchCodeLengthAndOne(cond.left, cond.right);
+    }
+    return false;
+}
+function isEoaInvertedCondition(cond, sizeLocals) {
+    if (!cond || typeof cond !== 'object')
+        return false;
+    if (isNode(cond, 'BinaryOperation') && cond.operator === '||') {
+        return isEoaInvertedCondition(cond.left, sizeLocals) || isEoaInvertedCondition(cond.right, sizeLocals);
+    }
+    if (!isNode(cond, 'BinaryOperation'))
+        return false;
+    if (cond.operator === '!=') {
+        return matchMsgSenderAndTxOrigin(cond.left, cond.right) ||
+            matchSizeAndZero(cond.left, cond.right, sizeLocals) ||
+            matchCodeLengthAndZero(cond.left, cond.right);
+    }
+    if (cond.operator === '>') {
+        return matchSizeAndZero(cond.left, cond.right, sizeLocals) ||
+            matchCodeLengthAndZero(cond.left, cond.right);
+    }
+    if (cond.operator === '>=') {
+        return matchSizeAndOne(cond.left, cond.right, sizeLocals) ||
+            matchCodeLengthAndOne(cond.left, cond.right);
+    }
+    return false;
+}
+function isIsContractCall(node) {
+    if (!isFunctionCall(node))
+        return false;
+    const name = getCalleeIdentifierName(node).toLowerCase();
+    return name === 'iscontract';
+}
+function matchMsgSenderAndTxOrigin(a, b) {
+    return (isMsgSender(a) && isTxOrigin(b)) || (isTxOrigin(a) && isMsgSender(b));
+}
+function matchSizeAndZero(a, b, sizeLocals) {
+    return (isSizeLocal(a, sizeLocals) && isLiteralZero(b)) || (isSizeLocal(b, sizeLocals) && isLiteralZero(a));
+}
+function matchSizeAndOne(a, b, sizeLocals) {
+    return (isSizeLocal(a, sizeLocals) && isLiteralOne(b)) || (isSizeLocal(b, sizeLocals) && isLiteralOne(a));
+}
+function matchCodeLengthAndZero(a, b) {
+    return (isAddressCodeLength(a) && isLiteralZero(b)) || (isAddressCodeLength(b) && isLiteralZero(a));
+}
+function matchCodeLengthAndOne(a, b) {
+    return (isAddressCodeLength(a) && isLiteralOne(b)) || (isAddressCodeLength(b) && isLiteralOne(a));
+}
+function isMsgSender(n) {
+    return isNode(n, 'MemberAccess') &&
+        String(n.memberName || '') === 'sender' &&
+        isNode(n.expression, 'Identifier') &&
+        String(n.expression.name || '') === 'msg';
+}
+function isTxOrigin(n) {
+    return isNode(n, 'MemberAccess') &&
+        String(n.memberName || '') === 'origin' &&
+        isNode(n.expression, 'Identifier') &&
+        String(n.expression.name || '') === 'tx';
+}
+function isAddressCodeLength(n) {
+    if (!isNode(n, 'MemberAccess') || String(n.memberName || '') !== 'length')
+        return false;
+    const inner = n.expression;
+    return isNode(inner, 'MemberAccess') && String(inner.memberName || '') === 'code';
+}
+function isSizeLocal(n, sizeLocals) {
+    return isNode(n, 'Identifier') && sizeLocals.has(String(n.name || ''));
+}
+function collectExtcodesizeAssignments(stmt, sizeLocals) {
+    walk(stmt, n => {
+        if (n?.type !== 'AssemblyAssignment')
+            return;
+        const expr = n.expression;
+        if (expr?.type !== 'AssemblyCall' || String(expr.functionName || '') !== 'extcodesize')
+            return;
+        for (const target of n.names || []) {
+            if (target?.name)
+                sizeLocals.add(String(target.name));
+        }
+    });
+}
+function bodyContainsRevert(body) {
+    let found = false;
+    walk(body, n => {
+        if (found)
+            return;
+        if (isNode(n, 'RevertStatement') || isNode(n, 'ThrowStatement'))
+            found = true;
+        if (isFunctionCall(n) && getCalleeIdentifierName(n) === 'revert')
+            found = true;
+    });
+    return found;
+}
+function collectStateVariables(contract) {
+    const out = new Set();
+    for (const node of contract?.subNodes || []) {
+        if (isNode(node, 'StateVariableDeclaration')) {
+            for (const variable of node.variables || []) {
+                if (variable?.name)
+                    out.add(String(variable.name));
+            }
+        }
+    }
+    return out;
+}
+function collectModifierDefinitions(contract) {
+    const out = new Map();
+    for (const node of contract?.subNodes || []) {
+        if (isNode(node, 'ModifierDefinition') && node.name)
+            out.set(String(node.name), node);
+    }
+    return out;
+}
+function collectInternalHelpers(contract) {
+    const out = new Map();
+    for (const node of contract?.subNodes || []) {
+        if (!isNode(node, 'FunctionDefinition') || !node.body || !node.name)
+            continue;
+        const visibility = String(node.visibility || '').toLowerCase();
+        if (visibility === 'internal' || visibility === 'private')
+            out.set(String(node.name), node);
+    }
+    return out;
+}
+function collectFunctionLocals(fn) {
+    const out = new Set();
+    for (const param of getParameters(fn)) {
+        if (param?.name)
+            out.add(String(param.name));
+    }
+    walk(fn?.body, n => {
+        if (isNode(n, 'VariableDeclarationStatement')) {
+            for (const name of declaredNames(n))
+                out.add(name);
+        }
+    });
+    return out;
+}
+function getParameters(fn) {
+    return fn?.parameters?.parameters || fn?.parameters || [];
+}
+function getParameterNames(fn) {
+    return getParameters(fn).map((p) => String(p?.name || '')).filter(Boolean);
+}
+function declaredNames(stmt) {
+    const out = [];
+    const vars = stmt?.variables || (stmt?.declarations ? stmt.declarations : []);
+    for (const variable of vars || []) {
+        if (variable?.name)
+            out.push(String(variable.name));
+    }
+    return out;
+}
+function isExternallyCallable(fn) {
+    const visibility = String(fn?.visibility || '').toLowerCase();
+    return visibility === 'external' || visibility === 'public';
+}
+function functionDisplayName(fn) {
+    if (fn?.name)
+        return String(fn.name);
+    if (fn?.isConstructor || String(fn?.kind || '').toLowerCase() === 'constructor')
+        return '<constructor>';
+    if (String(fn?.kind || '').toLowerCase() === 'fallback')
+        return '<fallback>';
+    if (String(fn?.kind || '').toLowerCase() === 'receive')
+        return '<receive>';
+    return '<anonymous>';
+}
+function getModifierInvocationName(mod) {
+    const name = mod?.name;
+    if (typeof name === 'string')
+        return name;
+    if (isNode(name, 'Identifier'))
+        return String(name.name || '');
+    if (isNode(mod, 'FunctionCall'))
+        return getCalleeIdentifierName(mod);
+    return '';
+}
+function isSelfTarget(target) {
+    if (isNode(target, 'Identifier') && String(target.name || '') === 'this')
+        return true;
+    if (!isFunctionCall(target))
+        return false;
+    const callee = target.expression;
+    if (!isNode(callee, 'Identifier') && !isNode(callee, 'ElementaryTypeName'))
+        return false;
+    if (String(callee.name || '') !== 'address')
+        return false;
+    const arg = (target.arguments || [])[0];
+    return isNode(arg, 'Identifier') && String(arg.name || '') === 'this';
+}
+function collectIdentifierNames(node, out) {
+    walk(node, n => {
+        if (!isNode(n, 'Identifier'))
+            return;
+        const name = String(n.name || '');
+        if (name && !BUILTIN_IDENTIFIERS.has(name))
+            out.add(name);
+    });
+}
+const BUILTIN_IDENTIFIERS = new Set(['this', 'msg', 'tx', 'block', 'address', 'payable', 'abi', 'super']);
+function collectAndConjuncts(cond, out) {
+    if (isNode(cond, 'BinaryOperation') && cond.operator === '&&') {
+        collectAndConjuncts(cond.left, out);
+        collectAndConjuncts(cond.right, out);
+        return;
+    }
+    if (cond)
+        out.push(cond);
+}
+function isAddressZeroExpr(n) {
+    if (!isFunctionCall(n))
+        return false;
+    const args = n.arguments || [];
+    if (args.length !== 1 || !isLiteralZero(args[0]))
+        return false;
+    const callee = n.expression;
+    return (isNode(callee, 'Identifier') || isNode(callee, 'ElementaryTypeName')) && String(callee.name || '') === 'address';
+}
+function isLiteralZero(n) {
+    if (!n)
+        return false;
+    if (isNode(n, 'NumberLiteral'))
+        return String(n.number || n.value || '0') === '0';
+    if (n.type === 'Literal' && (n.kind === 'number' || n.kind === undefined))
+        return String(n.value || '0') === '0';
+    return false;
+}
+function isLiteralOne(n) {
+    if (!n)
+        return false;
+    if (isNode(n, 'NumberLiteral'))
+        return String(n.number || n.value || '0') === '1';
+    if (n.type === 'Literal' && (n.kind === 'number' || n.kind === undefined))
+        return String(n.value || '0') === '1';
+    return false;
+}
+function isLiteralTrue(n) {
+    if (isNode(n, 'BooleanLiteral'))
+        return n.value === true || String(n.value || '') === 'true';
+    if (n?.type === 'Literal' && n.kind === 'bool')
+        return String(n.value || '') === 'true';
+    return false;
+}
+function isLiteralFalse(n) {
+    if (isNode(n, 'BooleanLiteral'))
+        return n.value === false || String(n.value || '') === 'false';
+    if (n?.type === 'Literal' && n.kind === 'bool')
+        return String(n.value || '') === 'false';
+    return false;
+}
+function isFunctionCall(n) {
+    return isNode(n, 'FunctionCall');
+}
+function unwrapCallOptions(expr) {
+    if (!expr || typeof expr !== 'object')
+        return expr;
+    if (isNode(expr, 'NameValueExpression') || isNode(expr, 'FunctionCallOptions'))
+        return unwrapCallOptions(expr.expression);
+    return expr;
+}
+function getCalleeIdentifierName(call) {
+    const callee = unwrapCallOptions(call?.expression);
+    if (isNode(callee, 'Identifier'))
+        return String(callee.name || '');
+    return '';
+}
+function getLoc(node) {
+    const start = node?.loc?.start;
+    if (start && typeof start.line === 'number')
+        return { line: start.line, column: start.column || 0 };
+    return null;
+}
+function isNode(node, type) {
+    return Boolean(node && typeof node === 'object' && node.type === type);
+}
+function childrenOf(node) {
+    if (!node || typeof node !== 'object')
+        return [];
+    const out = [];
+    for (const [key, value] of Object.entries(node)) {
+        if (key === 'loc' || key === 'range' || key === 'comments')
+            continue;
+        if (Array.isArray(value)) {
+            for (const item of value)
+                if (item && typeof item === 'object')
+                    out.push(item);
+        }
+        else if (value && typeof value === 'object') {
+            out.push(value);
+        }
+    }
+    return out;
+}
+function walk(node, visit) {
+    if (!node || typeof node !== 'object')
+        return;
+    visit(node);
+    for (const child of childrenOf(node))
+        walk(child, visit);
+}
+//# sourceMappingURL=eip7702-delegation-reentrancy.js.map