blueprint-tsa 1.0.0

package/dist/common/analyzer-wrapper.js

@@ -0,0 +1,198 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AnalyzerWrapper = void 0;
+const fs_1 = require("fs");
+const path_1 = __importDefault(require("path"));
+const os_1 = require("os");
+const core_1 = require("@ton/core");
+const constants_js_1 = require("./constants.js");
+const build_utils_js_1 = require("./build-utils.js");
+const analyzer_js_1 = require("./analyzer.js");
+const draw_js_1 = require("./draw.js");
+const format_utils_js_1 = require("./format-utils.js");
+const result_parsing_js_1 = require("./result-parsing.js");
+const paths_js_1 = require("./paths.js");
+/**
+ * Generic wrapper for checker-based vulnerability analysis
+ * Handles common logic for compiling, running, and cleaning up checker analysis
+ */
+class AnalyzerWrapper {
+    constructor(config) {
+        this.tempBocPath = null;
+        this.tempCheckerCellPath = null;
+        this.config = config;
+        this.id = (0, format_utils_js_1.generateReportId)();
+    }
+    /**
+     * Prints analysis information to UI
+     */
+    printAnalysisInfo() {
+        if (!this.config.properties) {
+            return;
+        }
+        const output = (0, draw_js_1.generateTreeTable)(constants_js_1.ANALYSIS_INFO_TITLE, this.config.properties);
+        this.config.ui.write("");
+        this.config.ui.write(output);
+        this.config.ui.write("");
+    }
+    /**
+     * Validates that checker file exists
+     */
+    validateCheckerFile() {
+        if (this.config.checkerPath != null &&
+            !(0, fs_1.existsSync)(this.config.checkerPath)) {
+            this.config.ui.write(`\n${constants_js_1.Sym.ERR} Checker file not found at ${this.config.checkerPath}`);
+            process.exit(1);
+        }
+    }
+    /**
+     * Compiles FunC checker to BoC and writes to temporary file
+     */
+    async compileChecker(checkerFilename) {
+        if (this.config.checkerPath == null) {
+            return;
+        }
+        this.config.ui.setActionPrompt(`${constants_js_1.Sym.WAIT} Compiling checker...`);
+        try {
+            const bocCode = await (0, build_utils_js_1.compileFuncFileToBase64Boc)(this.config.checkerPath, checkerFilename);
+            const bocBuffer = Buffer.from(bocCode, "base64");
+            this.tempBocPath = path_1.default.join((0, os_1.tmpdir)(), `checker-${Date.now()}.boc`);
+            (0, fs_1.writeFileSync)(this.tempBocPath, bocBuffer);
+        }
+        catch (error) {
+            this.config.ui.clearActionPrompt();
+            this.config.ui.write(`\n${constants_js_1.Sym.ERR} Compilation failed: ${error.message}`);
+            process.exit(1);
+        }
+    }
+    /**
+     * Writes checker cell to temporary BoC file
+     */
+    writeCheckerCell() {
+        const checkerCellBoc = this.config.checkerCell.toBoc();
+        this.tempCheckerCellPath = path_1.default.join((0, os_1.tmpdir)(), `checker-cell-${Date.now()}.boc`);
+        (0, fs_1.writeFileSync)(this.tempCheckerCellPath, checkerCellBoc);
+    }
+    /**
+     * Cleans up temporary files
+     */
+    cleanup() {
+        if (this.tempBocPath && (0, fs_1.existsSync)(this.tempBocPath)) {
+            (0, fs_1.unlinkSync)(this.tempBocPath);
+        }
+        if (this.tempCheckerCellPath && (0, fs_1.existsSync)(this.tempCheckerCellPath)) {
+            (0, fs_1.unlinkSync)(this.tempCheckerCellPath);
+        }
+    }
+    /**
+     * Gets the temporary BoC file path (for use in analyzer arguments)
+     */
+    getTempBocPath() {
+        if (!this.tempBocPath) {
+            throw new Error("Checker not compiled yet");
+        }
+        return this.tempBocPath;
+    }
+    /**
+     * Gets the temporary checker cell file path (for use in analyzer arguments)
+     */
+    getTempCheckerCellPath() {
+        if (!this.tempCheckerCellPath) {
+            throw new Error("Checker cell not written yet");
+        }
+        return this.tempCheckerCellPath;
+    }
+    /**
+     * Runs the checker analysis with custom analyzer arguments
+     * @param checkerFilename - Name of the checker file to compile
+     * @param buildArgs - Callback function to build analyzer arguments after compilation
+     */
+    async run(checkerFilename, buildArgs, completionMessage = "Analysis complete.") {
+        this.printAnalysisInfo();
+        this.validateCheckerFile();
+        if (checkerFilename != null) {
+            await this.compileChecker(checkerFilename);
+        }
+        this.writeCheckerCell();
+        try {
+            this.config.ui.clearActionPrompt();
+            this.config.ui.setActionPrompt(`${constants_js_1.Sym.WAIT} Running analysis...`);
+            const analyzerArgs = buildArgs(this);
+            const analyzer = await analyzer_js_1.Analyzer.create();
+            const logPath = (0, paths_js_1.getTsaRunLogPath)(this.id);
+            const result = await analyzer.run(analyzerArgs, logPath);
+            (0, fs_1.writeFileSync)(logPath, result.stdout);
+            this.config.ui.clearActionPrompt();
+            this.config.ui.write(`${constants_js_1.Sym.OK} ${completionMessage}`);
+            this.config.ui.write(`TSA run log available at: ${logPath}`);
+            if (result.stdout.trim().length > 0) {
+                this.config.ui.write(`${constants_js_1.Sym.WARN} Log file is not empty.`);
+            }
+        }
+        finally {
+            this.cleanup();
+        }
+    }
+    getVulnerability() {
+        const sarifPath = (0, paths_js_1.getSarifReportPath)(this.id);
+        const index = (0, result_parsing_js_1.findExploitExecutionIndex)(sarifPath);
+        if (index === undefined) {
+            return null;
+        }
+        const dataPath = (0, paths_js_1.getContractDataBocPath)(this.id, index);
+        const value = (0, result_parsing_js_1.getMessageValue)(sarifPath, index);
+        const balance = (0, result_parsing_js_1.getInitialBalance)(sarifPath, index);
+        const msgBodyPath = (0, paths_js_1.getMsgBodyBocPath)(this.id, index);
+        const msgBodyBuffer = (0, fs_1.readFileSync)(msgBodyPath);
+        const msgBody = core_1.Cell.fromBoc(msgBodyBuffer)[0];
+        return {
+            value,
+            balance,
+            dataPath,
+            codePath: this.config.codePath,
+            executionIndex: index,
+            msgBody,
+        };
+    }
+    vulnerabilityIsPresent() {
+        const sarifPath = (0, paths_js_1.getSarifReportPath)(this.id);
+        const index = (0, result_parsing_js_1.findExploitExecutionIndex)(sarifPath);
+        return index !== undefined;
+    }
+    reportVulnerability(vulnerability, descriptionUrl) {
+        const summaryPath = (0, paths_js_1.getSummaryPath)(this.id);
+        const sarifPath = (0, paths_js_1.getSarifReportPath)(this.id);
+        if (vulnerability == null) {
+            const report = `${constants_js_1.Sym.OK} Vulnerability not found.`;
+            (0, fs_1.writeFileSync)(summaryPath, report);
+            this.config.ui.write("");
+            this.config.ui.write(report);
+            this.config.ui.write("");
+            return;
+        }
+        const reportLines = [
+            `${constants_js_1.Sym.WARN} Vulnerability found!`,
+            `Summary path: ${summaryPath}`,
+            `Input message body and contract data: ${(0, paths_js_1.getInputsPath)(this.id, vulnerability.executionIndex)}`,
+            `Typed message body: ${(0, paths_js_1.getMsgBodyTypesPath)(this.id, vulnerability.executionIndex)}`,
+            `Typed contract data: ${(0, paths_js_1.getContractDataTypesPath)(this.id, vulnerability.executionIndex)}`,
+            `SARIF with full information: ${sarifPath}`,
+        ];
+        if (descriptionUrl) {
+            reportLines.push("");
+            reportLines.push(`Description of the vulnerability: ${descriptionUrl}`);
+        }
+        reportLines.push("");
+        this.config.ui.write("");
+        for (const line of reportLines) {
+            this.config.ui.write(line);
+        }
+        const analysisInfo = (0, draw_js_1.generateTreeTable)(constants_js_1.ANALYSIS_INFO_TITLE, this.config.properties);
+        const report = analysisInfo + "\n\n" + reportLines.join("\n");
+        (0, fs_1.writeFileSync)(summaryPath, report);
+    }
+}
+exports.AnalyzerWrapper = AnalyzerWrapper;

package/dist/common/analyzer.d.ts

@@ -0,0 +1,10 @@
+export declare class Analyzer {
+    javaPath: string;
+    tsaJarPath: string;
+    constructor(javaPath: string, tsaJarPath: string);
+    static create(): Promise<Analyzer>;
+    run(args: string[], logPath?: string): Promise<{
+        stdout: string;
+        stderr: string;
+    }>;
+}

package/dist/common/analyzer.js

@@ -0,0 +1,49 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Analyzer = void 0;
+const java_js_1 = require("../install/java.js");
+const tsa_jar_js_1 = require("../install/tsa-jar.js");
+const child_process_1 = require("child_process");
+const fs_1 = require("fs");
+class Analyzer {
+    constructor(javaPath, tsaJarPath) {
+        this.javaPath = javaPath;
+        this.tsaJarPath = tsaJarPath;
+    }
+    static async create() {
+        const javaPath = await (0, java_js_1.ensureJavaInstalled)();
+        const tsaJarPath = await (0, tsa_jar_js_1.ensureTsaInstalled)();
+        return new Analyzer(javaPath, tsaJarPath);
+    }
+    run(args, logPath) {
+        return new Promise((resolve, reject) => {
+            const allArgs = ["-jar", this.tsaJarPath, ...args];
+            const proc = (0, child_process_1.spawn)(this.javaPath, allArgs);
+            let stdout = "";
+            let stderr = "";
+            proc.stdout?.on("data", (data) => {
+                const chunk = data.toString();
+                stdout += chunk;
+            });
+            proc.stderr?.on("data", (data) => {
+                const chunk = data.toString();
+                stderr += chunk;
+            });
+            proc.on("close", (code) => {
+                if (code === 0) {
+                    resolve({ stdout, stderr });
+                }
+                else {
+                    console.error("\n" + stderr);
+                    if (logPath) {
+                        (0, fs_1.writeFileSync)(logPath, stdout);
+                        console.error(`TSA log available at: ${logPath}`);
+                    }
+                    reject(new Error(`TSA process exited with code ${code}`));
+                }
+            });
+            proc.on("error", reject);
+        });
+    }
+}
+exports.Analyzer = Analyzer;

package/dist/common/build-utils.d.ts

@@ -0,0 +1,3 @@
+import { UIProvider } from "@ton/blueprint";
+export declare const buildContracts: (ui: UIProvider) => Promise<void>;
+export declare const compileFuncFileToBase64Boc: (filePath: string, fileName: string) => Promise<string>;

package/dist/common/build-utils.js

@@ -0,0 +1,68 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.compileFuncFileToBase64Boc = exports.buildContracts = void 0;
+const blueprint_1 = require("@ton/blueprint");
+const fs_1 = require("fs");
+const path_1 = __importDefault(require("path"));
+const func_js_1 = require("@ton-community/func-js");
+const constants_js_1 = require("./constants.js");
+const buildContracts = async (ui) => {
+    ui.setActionPrompt(`${constants_js_1.Sym.WAIT} Compiling contracts...`);
+    try {
+        await (0, blueprint_1.buildAll)(ui);
+    }
+    catch (e) {
+        ui.clearActionPrompt();
+        ui.write(e.toString());
+        ui.write(`\n${constants_js_1.Sym.ERR} Failed to compile one of the files`);
+        ui.write("Please make sure you can run `blueprint build --all` successfully before running TSA.");
+        process.exit(1);
+    }
+    ui.clearActionPrompt();
+    ui.write(`${constants_js_1.Sym.OK} Compiled.\n`);
+};
+exports.buildContracts = buildContracts;
+const loadFuncSources = (filePath, baseDir, loaded = new Set()) => {
+    const sources = {};
+    const absolutePath = path_1.default.resolve(baseDir, filePath);
+    const normalizedPath = path_1.default.normalize(absolutePath);
+    if (loaded.has(normalizedPath)) {
+        return sources;
+    }
+    loaded.add(normalizedPath);
+    if (!(0, fs_1.existsSync)(absolutePath)) {
+        throw new Error(`File not found: ${absolutePath}`);
+    }
+    const content = (0, fs_1.readFileSync)(absolutePath, "utf-8");
+    const relativeKey = path_1.default
+        .relative(baseDir, absolutePath)
+        .split(path_1.default.sep)
+        .join("/");
+    sources[relativeKey] = content;
+    // Parse #include statements
+    const includeRegex = /#include\s+["<]([^"<>]+)["<]/g;
+    let match;
+    while ((match = includeRegex.exec(content)) !== null) {
+        const importPath = match[1];
+        const importDir = path_1.default.dirname(absolutePath);
+        const importedSources = loadFuncSources(importPath, importDir, loaded);
+        Object.assign(sources, importedSources);
+    }
+    return sources;
+};
+const compileFuncFileToBase64Boc = async (filePath, fileName) => {
+    const fileDir = path_1.default.dirname(filePath);
+    const sources = loadFuncSources(fileName, fileDir);
+    const compilationResult = await (0, func_js_1.compileFunc)({
+        targets: [fileName],
+        sources,
+    });
+    if (compilationResult.status === "error") {
+        throw new Error(`FunC compilation error: ${compilationResult.message}`);
+    }
+    return compilationResult.codeBoc;
+};
+exports.compileFuncFileToBase64Boc = compileFuncFileToBase64Boc;

package/dist/common/constants.d.ts

@@ -0,0 +1,41 @@
+export declare class Sym {
+    static OK: string;
+    static WARN: string;
+    static ERR: string;
+    static WAIT: string;
+}
+export declare const TSA_VERSION = "v0.5.0";
+export declare const TSA_NAME = "tsa-cli-v0.5.0.jar";
+export declare const TSA_URL = "https://github.com/espritoxyz/tsa/releases/download/v0.5.0/tsa-cli.jar";
+export declare const DRAIN_CHECK_SYMBOLIC_FILENAME = "drain-check-symbolic.fc";
+export declare const DRAIN_CHECK_CONCRETE_FILENAME = "drain-check-concrete.fc";
+export declare const DRAIN_CHECK_ID = "drain-check";
+export declare const DRAIN_DESCRIPTION_URL = "https://tonsec.dev/docs/builtin-checkers#drain-check";
+export declare const REPRODUCE_ID = "reproduce";
+export declare const REPLAY_ATTACK_CHECK_SYMBOLIC_FILENAME = "replay-attack-symbolic.fc";
+export declare const REPLAY_ATTACK_CHECK_ID = "replay-attack-check";
+export declare const REPLAY_DESCRIPTION_URL = "https://tonsec.dev/docs/builtin-checkers#replay-attack-checker";
+export declare const BOUNCE_CHECK_FILENAME = "bounce-check.fc";
+export declare const BOUNCE_CHECK_SCHEME_FILENAME = "bounce-check-scheme.json";
+export declare const BOUNCE_CHECK_ID = "bounce-check";
+export declare const BOUNCE_DESCRIPTION_URL = "https://tonsec.dev/docs/builtin-checkers#bounced-messages-processing-checker";
+export declare const THROWER_FILENAME = "thrower-contract.fc";
+export declare const OWNER_HIJACK_CHECK_ID = "owner-hijack-check";
+export declare const OWNER_HIJACK_CHECK_SYMBOLIC_FILENAME = "owner-hijack-symbolic.fc";
+export declare const OWNER_HIJACK_CHECK_CONCRETE_FILENAME = "owner-hijack-concrete.fc";
+export declare const OWNER_HIJACK_DESCRIPTION_URL = "https://tonsec.dev/docs/builtin-checkers#ownership-hijack-check";
+export declare const OPCODE_INFO = "opcode-info";
+export declare const OPCODE_AUTHORIZATION_CHECK_FILENAME = "authorization-check.fc";
+export declare const OPCODE_INFO_DESCRIPTION_URL = "https://tonsec.dev/docs/builtin-checkers#opcode-authorization-check";
+export declare const AUDIT_ID = "audit";
+export declare const DRAIN_CHECK_NAME = "Drain Check";
+export declare const REPLAY_ATTACK_CHECK_NAME = "Replay Attack Check";
+export declare const OWNER_HIJACK_CHECK_NAME = "Owner Hijack Check";
+export declare const BOUNCE_CHECK_NAME = "Bounce Check";
+export declare const ERROR_EXIT_CODE = 1000;
+export declare const NON_FAILING_EXIT_CODE = 1001;
+export declare const EXPECTED_MESSAGE_IN_SARIF = "TvmFailure(exit=TVM user defined error with exit code 1000, phase=TvmComputePhase)";
+export declare const EXPECTED_MESSAGE_NON_FAILING = "TvmFailure(exit=TVM user defined error with exit code 1001, phase=TvmComputePhase)";
+export declare const ANALYSIS_INFO_TITLE = "TSA analysis";
+export declare const DEPLOY_AND_REPRODUCE_COMMAND = "deploy-and-reproduce";
+export declare const DEPLOY_WAIT_ATTEMPTS = 30;

package/dist/common/constants.js

@@ -0,0 +1,45 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEPLOY_WAIT_ATTEMPTS = exports.DEPLOY_AND_REPRODUCE_COMMAND = exports.ANALYSIS_INFO_TITLE = exports.EXPECTED_MESSAGE_NON_FAILING = exports.EXPECTED_MESSAGE_IN_SARIF = exports.NON_FAILING_EXIT_CODE = exports.ERROR_EXIT_CODE = exports.BOUNCE_CHECK_NAME = exports.OWNER_HIJACK_CHECK_NAME = exports.REPLAY_ATTACK_CHECK_NAME = exports.DRAIN_CHECK_NAME = exports.AUDIT_ID = exports.OPCODE_INFO_DESCRIPTION_URL = exports.OPCODE_AUTHORIZATION_CHECK_FILENAME = exports.OPCODE_INFO = exports.OWNER_HIJACK_DESCRIPTION_URL = exports.OWNER_HIJACK_CHECK_CONCRETE_FILENAME = exports.OWNER_HIJACK_CHECK_SYMBOLIC_FILENAME = exports.OWNER_HIJACK_CHECK_ID = exports.THROWER_FILENAME = exports.BOUNCE_DESCRIPTION_URL = exports.BOUNCE_CHECK_ID = exports.BOUNCE_CHECK_SCHEME_FILENAME = exports.BOUNCE_CHECK_FILENAME = exports.REPLAY_DESCRIPTION_URL = exports.REPLAY_ATTACK_CHECK_ID = exports.REPLAY_ATTACK_CHECK_SYMBOLIC_FILENAME = exports.REPRODUCE_ID = exports.DRAIN_DESCRIPTION_URL = exports.DRAIN_CHECK_ID = exports.DRAIN_CHECK_CONCRETE_FILENAME = exports.DRAIN_CHECK_SYMBOLIC_FILENAME = exports.TSA_URL = exports.TSA_NAME = exports.TSA_VERSION = exports.Sym = void 0;
+class Sym {
+}
+exports.Sym = Sym;
+Sym.OK = "✅";
+Sym.WARN = "⚠️";
+Sym.ERR = "❌";
+Sym.WAIT = "⏳";
+exports.TSA_VERSION = "v0.5.0";
+exports.TSA_NAME = `tsa-cli-${exports.TSA_VERSION}.jar`;
+exports.TSA_URL = `https://github.com/espritoxyz/tsa/releases/download/${exports.TSA_VERSION}/tsa-cli.jar`;
+exports.DRAIN_CHECK_SYMBOLIC_FILENAME = "drain-check-symbolic.fc";
+exports.DRAIN_CHECK_CONCRETE_FILENAME = "drain-check-concrete.fc";
+exports.DRAIN_CHECK_ID = "drain-check";
+exports.DRAIN_DESCRIPTION_URL = "https://tonsec.dev/docs/builtin-checkers#drain-check";
+exports.REPRODUCE_ID = "reproduce";
+exports.REPLAY_ATTACK_CHECK_SYMBOLIC_FILENAME = "replay-attack-symbolic.fc";
+exports.REPLAY_ATTACK_CHECK_ID = "replay-attack-check";
+exports.REPLAY_DESCRIPTION_URL = "https://tonsec.dev/docs/builtin-checkers#replay-attack-checker";
+exports.BOUNCE_CHECK_FILENAME = "bounce-check.fc";
+exports.BOUNCE_CHECK_SCHEME_FILENAME = "bounce-check-scheme.json";
+exports.BOUNCE_CHECK_ID = "bounce-check";
+exports.BOUNCE_DESCRIPTION_URL = "https://tonsec.dev/docs/builtin-checkers#bounced-messages-processing-checker";
+exports.THROWER_FILENAME = "thrower-contract.fc";
+exports.OWNER_HIJACK_CHECK_ID = "owner-hijack-check";
+exports.OWNER_HIJACK_CHECK_SYMBOLIC_FILENAME = "owner-hijack-symbolic.fc";
+exports.OWNER_HIJACK_CHECK_CONCRETE_FILENAME = "owner-hijack-concrete.fc";
+exports.OWNER_HIJACK_DESCRIPTION_URL = "https://tonsec.dev/docs/builtin-checkers#ownership-hijack-check";
+exports.OPCODE_INFO = "opcode-info";
+exports.OPCODE_AUTHORIZATION_CHECK_FILENAME = "authorization-check.fc";
+exports.OPCODE_INFO_DESCRIPTION_URL = "https://tonsec.dev/docs/builtin-checkers#opcode-authorization-check";
+exports.AUDIT_ID = "audit";
+exports.DRAIN_CHECK_NAME = "Drain Check";
+exports.REPLAY_ATTACK_CHECK_NAME = "Replay Attack Check";
+exports.OWNER_HIJACK_CHECK_NAME = "Owner Hijack Check";
+exports.BOUNCE_CHECK_NAME = "Bounce Check";
+exports.ERROR_EXIT_CODE = 1000;
+exports.NON_FAILING_EXIT_CODE = 1001;
+exports.EXPECTED_MESSAGE_IN_SARIF = `TvmFailure(exit=TVM user defined error with exit code ${exports.ERROR_EXIT_CODE}, phase=TvmComputePhase)`;
+exports.EXPECTED_MESSAGE_NON_FAILING = `TvmFailure(exit=TVM user defined error with exit code ${exports.NON_FAILING_EXIT_CODE}, phase=TvmComputePhase)`;
+exports.ANALYSIS_INFO_TITLE = "TSA analysis";
+exports.DEPLOY_AND_REPRODUCE_COMMAND = "deploy-and-reproduce";
+exports.DEPLOY_WAIT_ATTEMPTS = 30;

package/dist/common/draw.d.ts

@@ -0,0 +1,7 @@
+export interface TreeProperty {
+    key: string;
+    value?: string;
+    children?: TreeProperty[];
+    separator?: boolean;
+}
+export declare function generateTreeTable(title: string, properties: TreeProperty[]): string;

package/dist/common/draw.js

@@ -0,0 +1,33 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateTreeTable = generateTreeTable;
+function generateTreeTable(title, properties) {
+    const lines = [];
+    const titleLine = `╭─${title}─╮`;
+    const headerLine = `╰─┬${"─".repeat(titleLine.length - 4)}╯`;
+    lines.push(titleLine);
+    lines.push(headerLine);
+    properties.forEach((prop, index) => {
+        if (prop.separator) {
+            lines.push("  │");
+        }
+        const isLast = index === properties.length - 1;
+        const prefix = isLast ? "  └──" : "  ├──";
+        const line = prop.value
+            ? `${prefix} ${prop.key}: ${prop.value}`
+            : `${prefix} ${prop.key}`;
+        lines.push(line);
+        if (prop.children && prop.children.length > 0) {
+            const childPrefix = isLast ? "      " : "  │  ";
+            prop.children.forEach((child, childIndex) => {
+                const isLastChild = childIndex === prop.children.length - 1;
+                const childConnector = isLastChild ? "└──" : "├──";
+                const childLine = child.value
+                    ? `${childConnector} ${child.key}: ${child.value}`
+                    : `${childConnector} ${child.key}`;
+                lines.push(`${childPrefix}${childLine}`);
+            });
+        }
+    });
+    return lines.join("\n");
+}

package/dist/common/file-utils.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Executes a function with a temporary file, ensuring cleanup in all cases
+ * @param callback - Function that receives the temporary file path and returns a promise
+ * @param tempFilePath - Path to the temporary file to create and clean up
+ * @returns The result of the callback function
+ */
+export declare function doWithTemporaryFile<T>(callback: (tempFilePath: string) => Promise<T>, tempFilePath: string): Promise<T>;

package/dist/common/file-utils.js

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.doWithTemporaryFile = doWithTemporaryFile;
+const fs_1 = require("fs");
+/**
+ * Executes a function with a temporary file, ensuring cleanup in all cases
+ * @param callback - Function that receives the temporary file path and returns a promise
+ * @param tempFilePath - Path to the temporary file to create and clean up
+ * @returns The result of the callback function
+ */
+async function doWithTemporaryFile(callback, tempFilePath) {
+    try {
+        return await callback(tempFilePath);
+    }
+    finally {
+        if ((0, fs_1.existsSync)(tempFilePath)) {
+            (0, fs_1.unlinkSync)(tempFilePath);
+        }
+    }
+}

package/dist/common/format-utils.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Formats an opcode as an 8-digit hexadecimal string with 0x prefix
+ * @param opcode - The opcode number to format
+ * @returns Formatted opcode string (e.g., "0x00000001")
+ */
+export declare function formatOpcodeHex(opcode: number): string;
+/**
+ * Generates a unique identifier based on current date and time
+ * Format: YYYY-MM-DD-milliseconds (where milliseconds is time since start of day)
+ * @returns Unique identifier string
+ */
+export declare function generateReportId(): string;
+export declare function nanotonToTon(nanotons: bigint): number;

package/dist/common/format-utils.js

@@ -0,0 +1,30 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.formatOpcodeHex = formatOpcodeHex;
+exports.generateReportId = generateReportId;
+exports.nanotonToTon = nanotonToTon;
+/**
+ * Formats an opcode as an 8-digit hexadecimal string with 0x prefix
+ * @param opcode - The opcode number to format
+ * @returns Formatted opcode string (e.g., "0x00000001")
+ */
+function formatOpcodeHex(opcode) {
+    return `0x${opcode.toString(16).padStart(8, "0")}`;
+}
+/**
+ * Generates a unique identifier based on current date and time
+ * Format: YYYY-MM-DD-milliseconds (where milliseconds is time since start of day)
+ * @returns Unique identifier string
+ */
+function generateReportId() {
+    const now = new Date();
+    const year = now.getFullYear();
+    const month = String(now.getMonth() + 1).padStart(2, "0");
+    const day = String(now.getDate()).padStart(2, "0");
+    const startOfDay = new Date(year, now.getMonth(), now.getDate());
+    const milliseconds = now.getTime() - startOfDay.getTime();
+    return `${year}-${month}-${day}-${milliseconds}`;
+}
+function nanotonToTon(nanotons) {
+    return Number(nanotons) / 1e9;
+}

package/dist/common/opcode-extractor.d.ts

@@ -0,0 +1,7 @@
+import { UIProvider } from "@ton/blueprint";
+export interface OpcodeExtractorConfig {
+    ui: UIProvider;
+    codePath: string;
+    contractName: string;
+}
+export declare function extractOpcodes(config: OpcodeExtractorConfig): Promise<number[]>;

package/dist/common/opcode-extractor.js

@@ -0,0 +1,60 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.extractOpcodes = extractOpcodes;
+const core_1 = require("@ton/core");
+const fs_1 = require("fs");
+const os_1 = require("os");
+const path_1 = require("path");
+const crypto_1 = require("crypto");
+const analyzer_wrapper_js_1 = require("./analyzer-wrapper.js");
+const format_utils_js_1 = require("./format-utils.js");
+const file_utils_js_1 = require("./file-utils.js");
+const OPCODE_EXTRACTION_TIMEOUT_SECONDS = 20;
+async function extractOpcodes(config) {
+    config.ui.write("");
+    config.ui.write("Extracting contract opcodes for better path selection strategy...");
+    const properties = [
+        { key: "Contract", value: config.contractName },
+        { key: "Mode", value: "Opcode extraction" },
+        {
+            key: "Options",
+            separator: true,
+            children: [
+                {
+                    key: "Timeout",
+                    value: `${OPCODE_EXTRACTION_TIMEOUT_SECONDS} seconds`,
+                },
+            ],
+        },
+    ];
+    // Create a temporary file for opcode output
+    const outputFile = (0, path_1.join)((0, os_1.tmpdir)(), `opcodes-${(0, crypto_1.randomBytes)(8).toString("hex")}.txt`);
+    return (0, file_utils_js_1.doWithTemporaryFile)(async (tempPath) => {
+        const analyzer = new analyzer_wrapper_js_1.AnalyzerWrapper({
+            ui: config.ui,
+            checkerPath: null,
+            checkerCell: new core_1.Cell(),
+            properties,
+            codePath: config.codePath,
+        });
+        const args = [
+            "opcodes",
+            "--input",
+            config.codePath,
+            "--output",
+            tempPath,
+            "--timeout",
+            OPCODE_EXTRACTION_TIMEOUT_SECONDS.toString(),
+        ];
+        await analyzer.run(null, () => args, "Opcode extraction completed.");
+        // Read and parse the output file
+        const content = (0, fs_1.readFileSync)(tempPath, "utf-8").trim();
+        if (content.length === 0) {
+            config.ui.write("Extracted opcodes: []");
+            return [];
+        }
+        const opcodes = content.split("\n").map((op) => parseInt(op.trim(), 10));
+        config.ui.write(`Extracted opcodes: [${opcodes.map((op) => (0, format_utils_js_1.formatOpcodeHex)(op)).join(", ")}]`);
+        return opcodes;
+    }, outputFile);
+}

package/dist/common/paths.d.ts

@@ -0,0 +1,19 @@
+export declare const BUILD_DIR: string;
+export declare const findTSAHomeDirectory: () => string;
+export declare const findTSAProjectDirectory: () => string;
+export declare const findTSAReportsDirectory: () => string;
+export declare const getReportDirectory: (id: string) => string;
+export declare const findCompiledContract: (name: string) => string;
+export declare const findJavaBinPath: () => string | null;
+export declare const findTsaPath: () => string | null;
+export declare const getCheckerPath: (checkerName: string) => string;
+export declare const getSarifReportPath: (id: string) => string;
+export declare const getSummaryPath: (id: string) => string;
+export declare const getInputsPath: (id: string, index: number) => string;
+export declare const getReproduceConfigPath: (id: string) => string;
+export declare const getContractDataBocPath: (id: string, index: number) => string;
+export declare const getContractDataTypesPath: (id: string, index: number) => string;
+export declare const getMsgBodyBocPath: (id: string, index: number) => string;
+export declare const getMsgBodyTypesPath: (id: string, index: number) => string;
+export declare const getTsaRunLogPath: (id: string) => string;
+export declare const getThrowerPath: () => string;