blueprint-tsa 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (66) hide show
  1. package/README.md +0 -0
  2. package/dist/cli.d.ts +13 -0
  3. package/dist/cli.js +54 -0
  4. package/dist/commands/audit.d.ts +19 -0
  5. package/dist/commands/audit.js +296 -0
  6. package/dist/commands/bounce-check.d.ts +15 -0
  7. package/dist/commands/bounce-check.js +152 -0
  8. package/dist/commands/clean.d.ts +1 -0
  9. package/dist/commands/clean.js +20 -0
  10. package/dist/commands/drain-check.d.ts +32 -0
  11. package/dist/commands/drain-check.js +218 -0
  12. package/dist/commands/opcode-info.d.ts +23 -0
  13. package/dist/commands/opcode-info.js +176 -0
  14. package/dist/commands/owner-hijack-check.d.ts +20 -0
  15. package/dist/commands/owner-hijack-check.js +290 -0
  16. package/dist/commands/replay-attack-check.d.ts +20 -0
  17. package/dist/commands/replay-attack-check.js +149 -0
  18. package/dist/commands/reproduce.d.ts +3 -0
  19. package/dist/commands/reproduce.js +102 -0
  20. package/dist/common/analyzer-wrapper.d.ts +69 -0
  21. package/dist/common/analyzer-wrapper.js +198 -0
  22. package/dist/common/analyzer.d.ts +10 -0
  23. package/dist/common/analyzer.js +49 -0
  24. package/dist/common/build-utils.d.ts +3 -0
  25. package/dist/common/build-utils.js +68 -0
  26. package/dist/common/constants.d.ts +41 -0
  27. package/dist/common/constants.js +45 -0
  28. package/dist/common/draw.d.ts +7 -0
  29. package/dist/common/draw.js +33 -0
  30. package/dist/common/file-utils.d.ts +7 -0
  31. package/dist/common/file-utils.js +20 -0
  32. package/dist/common/format-utils.d.ts +13 -0
  33. package/dist/common/format-utils.js +30 -0
  34. package/dist/common/opcode-extractor.d.ts +7 -0
  35. package/dist/common/opcode-extractor.js +60 -0
  36. package/dist/common/paths.d.ts +19 -0
  37. package/dist/common/paths.js +139 -0
  38. package/dist/common/result-parsing.d.ts +4 -0
  39. package/dist/common/result-parsing.js +40 -0
  40. package/dist/index.d.ts +4 -0
  41. package/dist/index.js +16 -0
  42. package/dist/install/architecture.d.ts +5 -0
  43. package/dist/install/architecture.js +51 -0
  44. package/dist/install/downloading.d.ts +1 -0
  45. package/dist/install/downloading.js +44 -0
  46. package/dist/install/java.d.ts +1 -0
  47. package/dist/install/java.js +89 -0
  48. package/dist/install/postinstall.d.ts +1 -0
  49. package/dist/install/postinstall.js +12 -0
  50. package/dist/install/tsa-jar.d.ts +1 -0
  51. package/dist/install/tsa-jar.js +23 -0
  52. package/dist/install/unzip.d.ts +1 -0
  53. package/dist/install/unzip.js +14 -0
  54. package/dist/reproduce/build-config.d.ts +3 -0
  55. package/dist/reproduce/build-config.js +24 -0
  56. package/dist/reproduce/concrete-analysis.d.ts +15 -0
  57. package/dist/reproduce/concrete-analysis.js +21 -0
  58. package/dist/reproduce/network.d.ts +19 -0
  59. package/dist/reproduce/network.js +70 -0
  60. package/dist/reproduce/reproduce-config.d.ts +30 -0
  61. package/dist/reproduce/reproduce-config.js +59 -0
  62. package/dist/reproduce/utils.d.ts +4 -0
  63. package/dist/reproduce/utils.js +34 -0
  64. package/dist/tsa.d.ts +2 -0
  65. package/dist/tsa.js +22 -0
  66. package/package.json +45 -0
package/dist/reproduce/reproduce-config.js ADDED
@@ -0,0 +1,59 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
15
+ }) : function(o, v) {
16
+ o["default"] = v;
17
+ });
18
+ var __importStar = (this && this.__importStar) || (function () {
19
+ var ownKeys = function(o) {
20
+ ownKeys = Object.getOwnPropertyNames || function (o) {
21
+ var ar = [];
22
+ for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
23
+ return ar;
24
+ };
25
+ return ownKeys(o);
26
+ };
27
+ return function (mod) {
28
+ if (mod && mod.__esModule) return mod;
29
+ var result = {};
30
+ if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
31
+ __setModuleDefault(result, mod);
32
+ return result;
33
+ };
34
+ })();
35
+ Object.defineProperty(exports, "__esModule", { value: true });
36
+ exports.TsaVulnerabilityConfigSchema = exports.ConcreteCheckerOptionsSchema = void 0;
37
+ const z = __importStar(require("zod"));
38
+ const DrainOptionsSchema = z.object({ kind: z.literal("drain-check") });
39
+ const OwnerHijackOptionsSchema = z.object({
40
+ kind: z.literal("owner-hijack-check"),
41
+ /**
42
+ * for serialization purposes: bigints are not serializable
43
+ */
44
+ methodId: z.string(),
45
+ });
46
+ exports.ConcreteCheckerOptionsSchema = z.xor([
47
+ DrainOptionsSchema,
48
+ OwnerHijackOptionsSchema,
49
+ ]);
50
+ exports.TsaVulnerabilityConfigSchema = z.object({
51
+ mode: z.string(),
52
+ command: z.string(),
53
+ codePath: z.string(),
54
+ dataPath: z.string(),
55
+ suggestedValue: z.string(),
56
+ suggestedBalance: z.string(),
57
+ timeout: z.int().nullable(),
58
+ concreteCheckerOptions: exports.ConcreteCheckerOptionsSchema,
59
+ });
package/dist/reproduce/utils.d.ts ADDED
@@ -0,0 +1,4 @@
1
+ import { UIProvider } from "@ton/blueprint";
2
+ export declare const printCleanupInstructions: (ui: UIProvider) => void;
3
+ export declare const getReproductionInstructions: (analyzerId: string) => string;
4
+ export declare const printReproductionInstructions: (ui: UIProvider, analyzerId: string) => void;
package/dist/reproduce/utils.js ADDED
@@ -0,0 +1,34 @@
1
+ "use strict";
2
+ var __importDefault = (this && this.__importDefault) || function (mod) {
3
+ return (mod && mod.__esModule) ? mod : { "default": mod };
4
+ };
5
+ Object.defineProperty(exports, "__esModule", { value: true });
6
+ exports.printReproductionInstructions = exports.getReproductionInstructions = exports.printCleanupInstructions = void 0;
7
+ const path_1 = __importDefault(require("path"));
8
+ const fs_1 = require("fs");
9
+ const paths_js_1 = require("../common/paths.js");
10
+ const REPRODUCE_INSTRUCTION_HEADER = "To reproduce the vulnerability on the blockchain, run:";
11
+ const REPRODUCE_COMMAND_PREFIX = "> yarn blueprint tsa reproduce --config";
12
+ const printCleanupInstructions = (ui) => {
13
+ ui.write("");
14
+ ui.write("To clean reports, run:");
15
+ ui.write("> yarn blueprint tsa clean");
16
+ ui.write("");
17
+ };
18
+ exports.printCleanupInstructions = printCleanupInstructions;
19
+ const getReproductionInstructions = (analyzerId) => {
20
+ const configPath = (0, paths_js_1.getReproduceConfigPath)(analyzerId);
21
+ if ((0, fs_1.existsSync)(configPath)) {
22
+ const relativeConfigPath = path_1.default.relative(process.cwd(), configPath);
23
+ return `${REPRODUCE_INSTRUCTION_HEADER}\n${REPRODUCE_COMMAND_PREFIX} ${relativeConfigPath}`;
24
+ }
25
+ return "";
26
+ };
27
+ exports.getReproductionInstructions = getReproductionInstructions;
28
+ const printReproductionInstructions = (ui, analyzerId) => {
29
+ const instructions = (0, exports.getReproductionInstructions)(analyzerId);
30
+ if (instructions) {
31
+ ui.write(instructions);
32
+ }
33
+ };
34
+ exports.printReproductionInstructions = printReproductionInstructions;
package/dist/tsa.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import { Runner } from "@ton/blueprint";
2
+ export declare const tsa: Runner;
package/dist/tsa.js ADDED
@@ -0,0 +1,22 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.tsa = void 0;
4
+ const cli_js_1 = require("./cli.js");
5
+ const constants_js_1 = require("./common/constants.js");
6
+ const tsa = async (args, ui) => {
7
+ try {
8
+ const cli = (0, cli_js_1.createCLI)({ ui, args });
9
+ await cli.parseAsync();
10
+ }
11
+ catch (error) {
12
+ if (error instanceof Error) {
13
+ ui.clearActionPrompt();
14
+ ui.write(`${constants_js_1.Sym.ERR} Error: ${error.message}`);
15
+ process.exit(1);
16
+ }
17
+ else {
18
+ throw error;
19
+ }
20
+ }
21
+ };
22
+ exports.tsa = tsa;
package/package.json ADDED
@@ -0,0 +1,45 @@
1
+ {
2
+ "name": "blueprint-tsa",
3
+ "version": "1.0.0",
4
+ "description": "TSA plugin for TON Blueprint",
5
+ "main": "dist/index.js",
6
+ "types": "dist/index.d.ts",
7
+ "files": [
8
+ "dist",
9
+ "checkers"
10
+ ],
11
+ "license": "MIT",
12
+ "scripts": {
13
+ "build": "tsc",
14
+ "lint": "eslint src --ext .ts",
15
+ "lint:fix": "eslint src --ext .ts --fix",
16
+ "postinstall": "[ -d dist ] && node dist/install/postinstall.js || true"
17
+ },
18
+ "devDependencies": {
19
+ "@tact-lang/compiler": "^1.6.13",
20
+ "@ton-community/func-js": "^0.11.0",
21
+ "@ton/tolk-js": "^1.2.0",
22
+ "@types/node": "^25.0.3",
23
+ "@types/tar": "^6.1.13",
24
+ "@types/unzipper": "^0.10.9",
25
+ "@types/yargs": "^17.0.35",
26
+ "@typescript-eslint/eslint-plugin": "^8.0.0",
27
+ "@typescript-eslint/parser": "^8.0.0",
28
+ "eslint": "^9.13.0",
29
+ "eslint-config-prettier": "^10.1.8",
30
+ "globals": "^15.14.0",
31
+ "prettier": "3.8.1",
32
+ "ts-node": "^10.9.2",
33
+ "typescript": "^5.9.3"
34
+ },
35
+ "dependencies": {
36
+ "@ton/blueprint": "^0.42.0",
37
+ "@ton/core": "^0.62.0",
38
+ "@ton/crypto": "^3.3.0",
39
+ "@ton/ton": "^16.1.0",
40
+ "tar": "^7.5.2",
41
+ "unzipper": "^0.12.3",
42
+ "yargs": "^17.7.2",
43
+ "zod": "^4.3.6"
44
+ }
45
+ }