blueprint-tsa 1.0.0

package/dist/common/paths.js

@@ -0,0 +1,139 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getThrowerPath = exports.getTsaRunLogPath = exports.getMsgBodyTypesPath = exports.getMsgBodyBocPath = exports.getContractDataTypesPath = exports.getContractDataBocPath = exports.getReproduceConfigPath = exports.getInputsPath = exports.getSummaryPath = exports.getSarifReportPath = exports.getCheckerPath = exports.findTsaPath = exports.findJavaBinPath = exports.findCompiledContract = exports.getReportDirectory = exports.findTSAReportsDirectory = exports.findTSAProjectDirectory = exports.findTSAHomeDirectory = exports.BUILD_DIR = void 0;
+const path_1 = __importDefault(require("path"));
+const os_1 = __importDefault(require("os"));
+const fs_1 = __importDefault(require("fs"));
+const architecture_js_1 = require("../install/architecture.js");
+const constants_js_1 = require("./constants.js");
+exports.BUILD_DIR = path_1.default.join(process.cwd(), "build");
+const findTSAHomeDirectory = () => {
+    const tsaDir = path_1.default.join(os_1.default.homedir(), ".tsa");
+    if (!fs_1.default.existsSync(tsaDir)) {
+        fs_1.default.mkdirSync(tsaDir, { recursive: true });
+    }
+    return tsaDir;
+};
+exports.findTSAHomeDirectory = findTSAHomeDirectory;
+const findTSAProjectDirectory = () => {
+    const tsaDir = path_1.default.join(process.cwd(), "tsa");
+    if (!fs_1.default.existsSync(tsaDir)) {
+        fs_1.default.mkdirSync(tsaDir, { recursive: true });
+    }
+    return tsaDir;
+};
+exports.findTSAProjectDirectory = findTSAProjectDirectory;
+const findTSAReportsDirectory = () => {
+    const tsaDir = (0, exports.findTSAProjectDirectory)();
+    const result = path_1.default.join(tsaDir, "reports");
+    if (!fs_1.default.existsSync(result)) {
+        fs_1.default.mkdirSync(result, { recursive: true });
+    }
+    return result;
+};
+exports.findTSAReportsDirectory = findTSAReportsDirectory;
+const getReportDirectory = (id) => {
+    const reportsDir = (0, exports.findTSAReportsDirectory)();
+    const result = path_1.default.join(reportsDir, `run-${id}`);
+    if (!fs_1.default.existsSync(result)) {
+        fs_1.default.mkdirSync(result, { recursive: true });
+    }
+    return result;
+};
+exports.getReportDirectory = getReportDirectory;
+const findCompiledContract = (name) => {
+    return path_1.default.join(exports.BUILD_DIR, name + ".compiled.json");
+};
+exports.findCompiledContract = findCompiledContract;
+const findJavaBinPath = () => {
+    const tsaHome = (0, exports.findTSAHomeDirectory)();
+    const jre = path_1.default.join(tsaHome, "jre");
+    if (!fs_1.default.existsSync(jre)) {
+        return null;
+    }
+    const contents = fs_1.default.readdirSync(jre);
+    // Return null if directory is empty
+    if (contents.length === 0) {
+        return null;
+    }
+    // If exactly one item, use it as the jre path
+    if (contents.length != 1) {
+        throw new Error(`Unexpected content in JRE directory: expected empty or single directory, found ${contents.length} items`);
+    }
+    const javaHomePath = path_1.default.join(jre, contents[0]);
+    let binPath = path_1.default.join(javaHomePath, "bin");
+    if (process.platform == "darwin") {
+        binPath = `${javaHomePath}/Contents/Home/bin`;
+    }
+    const javaBinPath = path_1.default.join(binPath, (0, architecture_js_1.mapOSToJavaBinary)());
+    if (!fs_1.default.existsSync(javaBinPath)) {
+        return null;
+    }
+    return javaBinPath;
+};
+exports.findJavaBinPath = findJavaBinPath;
+const findTsaPath = () => {
+    const tsaHome = (0, exports.findTSAHomeDirectory)();
+    const result = path_1.default.join(tsaHome, constants_js_1.TSA_NAME);
+    if (!fs_1.default.existsSync(result)) {
+        return null;
+    }
+    return result;
+};
+exports.findTsaPath = findTsaPath;
+const getCheckerPath = (checkerName) => {
+    return path_1.default.join(path_1.default.dirname(__filename), "../../src/checkers", checkerName);
+};
+exports.getCheckerPath = getCheckerPath;
+const getSarifReportPath = (id) => {
+    const reportDir = (0, exports.getReportDirectory)(id);
+    return path_1.default.join(reportDir, "report.sarif");
+};
+exports.getSarifReportPath = getSarifReportPath;
+const getSummaryPath = (id) => {
+    const reportDir = (0, exports.getReportDirectory)(id);
+    return path_1.default.join(reportDir, "summary.txt");
+};
+exports.getSummaryPath = getSummaryPath;
+const getInputsPath = (id, index) => {
+    const reportDir = (0, exports.getReportDirectory)(id);
+    return path_1.default.join(reportDir, `execution_${index}`);
+};
+exports.getInputsPath = getInputsPath;
+const getReproduceConfigPath = (id) => {
+    const reportDir = (0, exports.getReportDirectory)(id);
+    return path_1.default.join(reportDir, "tsa-reproduce-config.json");
+};
+exports.getReproduceConfigPath = getReproduceConfigPath;
+const getContractDataBocPath = (id, index) => {
+    const inputsPath = (0, exports.getInputsPath)(id, index);
+    return path_1.default.join(path_1.default.join(inputsPath, "c4_1"), "cell.boc");
+};
+exports.getContractDataBocPath = getContractDataBocPath;
+const getContractDataTypesPath = (id, index) => {
+    const inputsPath = (0, exports.getInputsPath)(id, index);
+    return path_1.default.join(path_1.default.join(inputsPath, "c4_1"), "cell-types.yaml");
+};
+exports.getContractDataTypesPath = getContractDataTypesPath;
+const getMsgBodyBocPath = (id, index) => {
+    const inputsPath = (0, exports.getInputsPath)(id, index);
+    return path_1.default.join(path_1.default.join(inputsPath, "msgBody_0"), "cell.boc");
+};
+exports.getMsgBodyBocPath = getMsgBodyBocPath;
+const getMsgBodyTypesPath = (id, index) => {
+    const inputsPath = (0, exports.getInputsPath)(id, index);
+    return path_1.default.join(path_1.default.join(inputsPath, "msgBody_0"), "cell-types.yaml");
+};
+exports.getMsgBodyTypesPath = getMsgBodyTypesPath;
+const getTsaRunLogPath = (id) => {
+    const reportDir = (0, exports.getReportDirectory)(id);
+    return path_1.default.join(reportDir, "tsa.log");
+};
+exports.getTsaRunLogPath = getTsaRunLogPath;
+const getThrowerPath = () => {
+    return path_1.default.join(path_1.default.dirname(__filename), "../../src/checkers", "thrower.fc");
+};
+exports.getThrowerPath = getThrowerPath;

package/dist/common/result-parsing.d.ts

@@ -0,0 +1,4 @@
+export declare const findExploitExecutionIndex: (sarifPath: string) => number | undefined;
+export declare const findNonFailingExecution: (sarifPath: string) => number | undefined;
+export declare const getMessageValue: (sarifPath: string, index: number) => bigint | null;
+export declare const getInitialBalance: (sarifPath: string, index: number) => bigint;

package/dist/common/result-parsing.js

@@ -0,0 +1,40 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getInitialBalance = exports.getMessageValue = exports.findNonFailingExecution = exports.findExploitExecutionIndex = void 0;
+const fs_1 = require("fs");
+const constants_js_1 = require("./constants.js");
+const findExecutionByMessage = (sarifPath, expectedMessage) => {
+    const sarifContent = (0, fs_1.readFileSync)(sarifPath, "utf-8");
+    const parsedObject = JSON.parse(sarifContent);
+    const results = parsedObject.runs[0].results || [];
+    const index = results.findIndex((result) => result.message?.text === expectedMessage);
+    return index >= 0 ? index : undefined;
+};
+const findExploitExecutionIndex = (sarifPath) => {
+    return findExecutionByMessage(sarifPath, constants_js_1.EXPECTED_MESSAGE_IN_SARIF);
+};
+exports.findExploitExecutionIndex = findExploitExecutionIndex;
+const findNonFailingExecution = (sarifPath) => {
+    return findExecutionByMessage(sarifPath, constants_js_1.EXPECTED_MESSAGE_NON_FAILING);
+};
+exports.findNonFailingExecution = findNonFailingExecution;
+const getMessageValue = (sarifPath, index) => {
+    const sarifContent = (0, fs_1.readFileSync)(sarifPath, "utf-8");
+    const parsedObject = JSON.parse(sarifContent);
+    const results = parsedObject.runs[0].results || [];
+    const result = results[index];
+    const input = result.properties.additionalInputs["0"];
+    if (input.type == "recvExternalInput") {
+        return null;
+    }
+    return BigInt(input.msgValue);
+};
+exports.getMessageValue = getMessageValue;
+const getInitialBalance = (sarifPath, index) => {
+    const sarifContent = (0, fs_1.readFileSync)(sarifPath, "utf-8");
+    const parsedObject = JSON.parse(sarifContent);
+    const results = parsedObject.runs[0].results || [];
+    const result = results[index];
+    return BigInt(result.properties.initialBalance["1"]);
+};
+exports.getInitialBalance = getInitialBalance;

package/dist/index.d.ts

@@ -0,0 +1,4 @@
+import { Plugin, PluginRunner } from "@ton/blueprint";
+export declare class TsaPlugin implements Plugin {
+    runners(): PluginRunner[];
+}

package/dist/index.js

@@ -0,0 +1,16 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TsaPlugin = void 0;
+const tsa_js_1 = require("./tsa.js");
+class TsaPlugin {
+    runners() {
+        return [
+            {
+                name: "tsa",
+                runner: tsa_js_1.tsa,
+                help: "TON Symbolic Analyzer",
+            },
+        ];
+    }
+}
+exports.TsaPlugin = TsaPlugin;

package/dist/install/architecture.d.ts

@@ -0,0 +1,5 @@
+type AdoptiumOS = "mac" | "linux" | "windows";
+type AdoptiumArch = "aarch64" | "x64";
+export declare const adoptiumOS: AdoptiumOS, adoptiumArch: AdoptiumArch;
+export declare const mapOSToJavaBinary: () => string;
+export {};

package/dist/install/architecture.js

@@ -0,0 +1,51 @@
+"use strict";
+var _a;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.mapOSToJavaBinary = exports.adoptiumArch = exports.adoptiumOS = void 0;
+function mapPlatformToAdoptium(osName, arch) {
+    let adoptiumOS;
+    switch (osName) {
+        case "darwin":
+            adoptiumOS = "mac";
+            break;
+        case "linux":
+            adoptiumOS = "linux";
+            break;
+        case "win32":
+            adoptiumOS = "windows";
+            break;
+        default:
+            throw new Error(`unsupported OS for java runtime bootstrap: ${osName}`);
+    }
+    let adoptiumArch;
+    switch (arch) {
+        case "arm64":
+            adoptiumArch = "aarch64";
+            break;
+        case "x64":
+            adoptiumArch = "x64";
+            break;
+        default:
+            throw new Error(`unsupported arch for java runtime bootstrap: ${arch}`);
+    }
+    return [adoptiumOS, adoptiumArch];
+}
+_a = mapPlatformToAdoptium(process.platform, process.arch), exports.adoptiumOS = _a[0], exports.adoptiumArch = _a[1];
+const mapOSToJavaBinary = () => {
+    let javaBinary;
+    switch (exports.adoptiumOS) {
+        case "mac":
+            javaBinary = "java";
+            break;
+        case "linux":
+            javaBinary = "java";
+            break;
+        case "windows":
+            javaBinary = "java.exe";
+            break;
+        default:
+            throw new Error(`unsupported OS for java runtime bootstrap: ${exports.adoptiumOS}`);
+    }
+    return javaBinary;
+};
+exports.mapOSToJavaBinary = mapOSToJavaBinary;

package/dist/install/downloading.d.ts

@@ -0,0 +1 @@
+export declare const downloadWithRedirect: (url: string, filePath: string) => Promise<void>;

package/dist/install/downloading.js

@@ -0,0 +1,44 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.downloadWithRedirect = void 0;
+const https_1 = __importDefault(require("https"));
+const http_1 = __importDefault(require("http"));
+const fs_1 = __importDefault(require("fs"));
+const REDIRECT_STATUS_CODES = [301, 302, 303, 307, 308];
+const downloadWithRedirect = (url, filePath) => {
+    return new Promise((resolve, reject) => {
+        const protocol = url.startsWith("https") ? https_1.default : http_1.default;
+        protocol
+            .get(url, (response) => {
+            if (response.statusCode &&
+                REDIRECT_STATUS_CODES.includes(response.statusCode)) {
+                const redirectUrl = response.headers.location;
+                if (redirectUrl) {
+                    response.resume();
+                    (0, exports.downloadWithRedirect)(redirectUrl, filePath)
+                        .then(resolve)
+                        .catch(reject);
+                    return;
+                }
+            }
+            const file = fs_1.default.createWriteStream(filePath);
+            response.pipe(file);
+            file.on("finish", () => {
+                file.close();
+                resolve();
+            });
+            file.on("error", (err) => {
+                fs_1.default.unlink(filePath, () => { });
+                reject(err);
+            });
+        })
+            .on("error", (err) => {
+            fs_1.default.unlink(filePath, () => { });
+            reject(err);
+        });
+    });
+};
+exports.downloadWithRedirect = downloadWithRedirect;

package/dist/install/java.d.ts

@@ -0,0 +1 @@
+export declare const ensureJavaInstalled: () => Promise<string>;

package/dist/install/java.js

@@ -0,0 +1,89 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ensureJavaInstalled = void 0;
+const architecture_js_1 = require("./architecture.js");
+const paths_js_1 = require("../common/paths.js");
+const downloading_js_1 = require("./downloading.js");
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const tar = __importStar(require("tar"));
+const unzip_js_1 = require("./unzip.js");
+const apiLink = `https://api.adoptium.net/v3/binary/latest/17/ga/${architecture_js_1.adoptiumOS}/${architecture_js_1.adoptiumArch}/jre/hotspot/normal/eclipse`;
+const downloadArchiveWithJava = (filePath) => {
+    return new Promise((resolve, reject) => {
+        const dir = path_1.default.dirname(filePath);
+        if (!fs_1.default.existsSync(dir)) {
+            fs_1.default.mkdirSync(dir, { recursive: true });
+        }
+        (0, downloading_js_1.downloadWithRedirect)(apiLink, filePath).then(resolve).catch(reject);
+    });
+};
+const unpackArchive = (archivePath, extractPath) => {
+    if (!fs_1.default.existsSync(extractPath)) {
+        fs_1.default.mkdirSync(extractPath, { recursive: true });
+    }
+    if (archivePath.endsWith(".zip")) {
+        return (0, unzip_js_1.extractZip)(archivePath, extractPath);
+    }
+    else {
+        return tar.extract({
+            file: archivePath,
+            cwd: extractPath,
+        });
+    }
+};
+const ensureJavaInstalled = async () => {
+    const javaPath = (0, paths_js_1.findJavaBinPath)();
+    if (javaPath != null) {
+        return javaPath;
+    }
+    const tsaHome = (0, paths_js_1.findTSAHomeDirectory)();
+    const archiveExtension = architecture_js_1.adoptiumOS === "windows" ? "zip" : "tar.gz";
+    const archivePath = path_1.default.join(tsaHome, `jre.${archiveExtension}`);
+    const jrePath = path_1.default.join(tsaHome, "jre");
+    await downloadArchiveWithJava(archivePath);
+    await unpackArchive(archivePath, jrePath);
+    fs_1.default.unlinkSync(archivePath);
+    const result = (0, paths_js_1.findJavaBinPath)();
+    if (result == null) {
+        throw new Error("Java was not installed");
+    }
+    return result;
+};
+exports.ensureJavaInstalled = ensureJavaInstalled;

package/dist/install/postinstall.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/install/postinstall.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const java_js_1 = require("./java.js");
+const tsa_jar_js_1 = require("./tsa-jar.js");
+/**
+ * Postinstall script for blueprint-tsa
+ * Runs after the package is installed
+ */
+async function main() {
+    await Promise.all([(0, java_js_1.ensureJavaInstalled)(), (0, tsa_jar_js_1.ensureTsaInstalled)()]);
+}
+main();

package/dist/install/tsa-jar.d.ts

@@ -0,0 +1 @@
+export declare const ensureTsaInstalled: () => Promise<string>;

package/dist/install/tsa-jar.js

@@ -0,0 +1,23 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ensureTsaInstalled = void 0;
+const constants_js_1 = require("../common/constants.js");
+const paths_js_1 = require("../common/paths.js");
+const downloading_js_1 = require("./downloading.js");
+const path_1 = __importDefault(require("path"));
+const ensureTsaInstalled = async () => {
+    const tsaPath = (0, paths_js_1.findTsaPath)();
+    if (tsaPath != null) {
+        return tsaPath;
+    }
+    await (0, downloading_js_1.downloadWithRedirect)(constants_js_1.TSA_URL, path_1.default.join((0, paths_js_1.findTSAHomeDirectory)(), constants_js_1.TSA_NAME));
+    const result = (0, paths_js_1.findTsaPath)();
+    if (result == null) {
+        throw new Error("TSA was not installed");
+    }
+    return result;
+};
+exports.ensureTsaInstalled = ensureTsaInstalled;

package/dist/install/unzip.d.ts

@@ -0,0 +1 @@
+export declare const extractZip: (zipPath: string, extractPath: string) => Promise<void>;

package/dist/install/unzip.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.extractZip = void 0;
+const fs_1 = require("fs");
+const unzipper_1 = require("unzipper");
+const extractZip = (zipPath, extractPath) => {
+    return new Promise((resolve, reject) => {
+        (0, fs_1.createReadStream)(zipPath)
+            .pipe((0, unzipper_1.Extract)({ path: extractPath }))
+            .on("close", resolve)
+            .on("error", reject);
+    });
+};
+exports.extractZip = extractZip;

package/dist/reproduce/build-config.d.ts

@@ -0,0 +1,3 @@
+import { VulnerabilityDescription } from "../common/analyzer-wrapper.js";
+import { ConcreteCheckerOptions } from "./reproduce-config.js";
+export declare const writeReproduceConfig: (vulnerability: VulnerabilityDescription, command: string, timeout: number | null, id: string, concreteCheckerOptions: ConcreteCheckerOptions) => void;

package/dist/reproduce/build-config.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.writeReproduceConfig = void 0;
+const fs_1 = require("fs");
+const paths_js_1 = require("../common/paths.js");
+const constants_js_1 = require("../common/constants.js");
+const writeReproduceConfig = (vulnerability, command, timeout, id, concreteCheckerOptions) => {
+    if (vulnerability.value == null) {
+        throw new Error("Unexpected external message");
+    }
+    const config = {
+        mode: constants_js_1.DEPLOY_AND_REPRODUCE_COMMAND,
+        command,
+        codePath: vulnerability.codePath,
+        dataPath: vulnerability.dataPath,
+        suggestedValue: vulnerability.value.toString(),
+        suggestedBalance: vulnerability.balance.toString(),
+        timeout,
+        concreteCheckerOptions,
+    };
+    const filePath = (0, paths_js_1.getReproduceConfigPath)(id);
+    (0, fs_1.writeFileSync)(filePath, JSON.stringify(config));
+};
+exports.writeReproduceConfig = writeReproduceConfig;

package/dist/reproduce/concrete-analysis.d.ts

@@ -0,0 +1,15 @@
+import { UIProvider } from "@ton/blueprint";
+import { Address } from "@ton/core";
+import { ReproduceParameters } from "./network.js";
+import { ConcreteCheckerOptions } from "./reproduce-config.js";
+export interface ConcreteAnalysisConfig {
+    codePath: string;
+    dataPath: string;
+    balance: bigint;
+    contractAddress: Address;
+    senderAddress: Address;
+    ui: UIProvider;
+    timeout: number | null;
+    concreteCheckerOptions: ConcreteCheckerOptions;
+}
+export declare const runConcreteAnalysis: (mode: string, config: ConcreteAnalysisConfig) => Promise<ReproduceParameters | null>;

package/dist/reproduce/concrete-analysis.js

@@ -0,0 +1,21 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runConcreteAnalysis = void 0;
+const constants_js_1 = require("../common/constants.js");
+const drain_check_js_1 = require("../commands/drain-check.js");
+const owner_hijack_check_js_1 = require("../commands/owner-hijack-check.js");
+const runConcreteAnalysis = async (mode, config) => {
+    const ui = config.ui;
+    const concreteCheckerOptions = config.concreteCheckerOptions;
+    if (concreteCheckerOptions.kind === "drain-check") {
+        return await (0, drain_check_js_1.drainCheckConcrete)(config);
+    }
+    else if (concreteCheckerOptions.kind === "owner-hijack-check") {
+        return await (0, owner_hijack_check_js_1.ownerHijackCheckConcrete)(config, concreteCheckerOptions);
+    }
+    else {
+        ui.write(`${constants_js_1.Sym.ERR} Invalid command: ${mode}`);
+        process.exit(1);
+    }
+};
+exports.runConcreteAnalysis = runConcreteAnalysis;

package/dist/reproduce/network.d.ts

@@ -0,0 +1,19 @@
+import { Address, Cell } from "@ton/core";
+import { NetworkProvider } from "@ton/blueprint";
+export interface DeployConfig {
+    code: Cell;
+    data: Cell;
+    suggestedBalance: bigint;
+    suggestedValue: bigint;
+}
+export interface DeployResult {
+    address: Address;
+    balance: bigint;
+}
+export declare const deployViaChameleon: (network: NetworkProvider, config: DeployConfig, nonces: bigint[]) => Promise<DeployResult>;
+export interface ReproduceParameters {
+    address: Address;
+    msgBody: Cell;
+    suggestedValue: bigint;
+}
+export declare const reproduce: (network: NetworkProvider, config: ReproduceParameters) => Promise<void>;

package/dist/reproduce/network.js

@@ -0,0 +1,70 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.reproduce = exports.deployViaChameleon = void 0;
+const core_1 = require("@ton/core");
+const constants_js_1 = require("../common/constants.js");
+const build_utils_js_1 = require("../common/build-utils.js");
+const format_utils_js_1 = require("../common/format-utils.js");
+const paths_js_1 = require("../common/paths.js");
+async function ensureDeployed(network, chameleonAddress, chameleonStateInit, tonsForSendingMessage, messageToChameleon) {
+    const ui = network.ui();
+    const isDeployed = await network.isContractDeployed(chameleonAddress);
+    // ensure chameleon deployed
+    if (!isDeployed) {
+        ui.write(`${constants_js_1.Sym.WAIT} Sending a message to deploy the contract under test`);
+        await network.sender().send({
+            to: chameleonAddress,
+            value: tonsForSendingMessage,
+            init: chameleonStateInit,
+            body: messageToChameleon,
+        });
+        await network.waitForDeploy(chameleonAddress, constants_js_1.DEPLOY_WAIT_ATTEMPTS);
+        const chameleonState = await network.getContractState(chameleonAddress);
+        if (chameleonState.state.type !== "active") {
+            throw new Error(`Failed to deploy ${chameleonAddress}`);
+        }
+    }
+}
+const deployViaChameleon = async (network, config, nonces) => {
+    const ui = network.ui();
+    const chameleonContractFilename = "chameleon-contract.fc";
+    const path = (0, paths_js_1.getCheckerPath)(chameleonContractFilename);
+    const chameleonContract = core_1.Cell.fromBase64(await (0, build_utils_js_1.compileFuncFileToBase64Boc)(path, chameleonContractFilename));
+    const chameleonStateInit = {
+        code: chameleonContract,
+        data: nonces
+            .reduce((prevCell, nextNoncePart) => prevCell.storeInt(nextNoncePart, 32), (0, core_1.beginCell)())
+            .endCell(),
+    };
+    const chameleonAddress = (0, core_1.contractAddress)(0, chameleonStateInit);
+    const suggested = (0, format_utils_js_1.nanotonToTon)(config.suggestedValue + config.suggestedBalance);
+    const tonsForSendingMessageInput = await ui.input(`Enter amount of TONs for deployment message (suggested: ${suggested} + fees):`);
+    const tonsForSendingMessage = (0, core_1.toNano)(tonsForSendingMessageInput);
+    const messageToChameleon = (0, core_1.beginCell)()
+        .storeRef(config.data)
+        .storeRef(config.code)
+        .endCell();
+    await ensureDeployed(network, chameleonAddress, chameleonStateInit, tonsForSendingMessage, messageToChameleon);
+    const chameleonState = await network.getContractState(chameleonAddress);
+    if (chameleonState.state.type !== "active") {
+        throw new Error(`Failed to deploy ${chameleonAddress}`);
+    }
+    return {
+        address: chameleonAddress,
+        balance: chameleonState.balance,
+    };
+};
+exports.deployViaChameleon = deployViaChameleon;
+const reproduce = async (network, config) => {
+    const ui = network.ui();
+    ui.write(`Number of TONs for reproduction message: ${(0, format_utils_js_1.nanotonToTon)(config.suggestedValue)}`);
+    ui.write(`${constants_js_1.Sym.WAIT} Sending a reproduction message`);
+    await network.sender().send({
+        to: config.address,
+        value: config.suggestedValue,
+        body: config.msgBody,
+    });
+    await network.waitForLastTransaction(constants_js_1.DEPLOY_WAIT_ATTEMPTS);
+    ui.write(`${constants_js_1.Sym.OK} Reproduction message sent!`);
+};
+exports.reproduce = reproduce;

package/dist/reproduce/reproduce-config.d.ts

@@ -0,0 +1,30 @@
+import * as z from "zod";
+declare const OwnerHijackOptionsSchema: z.ZodObject<{
+    kind: z.ZodLiteral<"owner-hijack-check">;
+    methodId: z.ZodString;
+}, z.core.$strip>;
+export type OwnerHijackOptions = z.infer<typeof OwnerHijackOptionsSchema>;
+export declare const ConcreteCheckerOptionsSchema: z.ZodXor<readonly [z.ZodObject<{
+    kind: z.ZodLiteral<"drain-check">;
+}, z.core.$strip>, z.ZodObject<{
+    kind: z.ZodLiteral<"owner-hijack-check">;
+    methodId: z.ZodString;
+}, z.core.$strip>]>;
+export type ConcreteCheckerOptions = z.infer<typeof ConcreteCheckerOptionsSchema>;
+export declare const TsaVulnerabilityConfigSchema: z.ZodObject<{
+    mode: z.ZodString;
+    command: z.ZodString;
+    codePath: z.ZodString;
+    dataPath: z.ZodString;
+    suggestedValue: z.ZodString;
+    suggestedBalance: z.ZodString;
+    timeout: z.ZodNullable<z.ZodInt>;
+    concreteCheckerOptions: z.ZodXor<readonly [z.ZodObject<{
+        kind: z.ZodLiteral<"drain-check">;
+    }, z.core.$strip>, z.ZodObject<{
+        kind: z.ZodLiteral<"owner-hijack-check">;
+        methodId: z.ZodString;
+    }, z.core.$strip>]>;
+}, z.core.$strip>;
+export type TsaVulnerabilityConfig = z.infer<typeof TsaVulnerabilityConfigSchema>;
+export {};