brainblast 0.7.2 → 0.7.3

package/dist/{chunk-IY52XKWL.js → chunk-5H5JQXXU.js}

@@ -996,6 +996,60 @@ function anchorBodyCallPattern(c, p) {
   };
 }
 
+// src/checkers/anchorCpiUnverifiedProgram.ts
+var DEFAULT_PROGRAM_NAME = "(^|_)program$|^program(_id)?$";
+var DEFAULT_CPI = "invoke_signed\\s*\\(|invoke\\s*\\(|CpiContext::|\\.cpi\\(\\)|solana_program::program::invoke";
+var DEFAULT_VERIFIED_TYPE = "Program\\s*<";
+var DEFAULT_ADDRESS_CONSTRAINT = "address\\s*=";
+var RAW_TYPES = ["AccountInfo", "UncheckedAccount"];
+function isRawAccountType(typeName) {
+  return RAW_TYPES.some((t) => typeName.includes(t));
+}
+function isProgramNamed(name, re) {
+  return re.test(name);
+}
+function anchorCpiUnverifiedProgram(c, p) {
+  const programNameRe = new RegExp(p?.programNameRegex ?? DEFAULT_PROGRAM_NAME, "i");
+  const cpiRe = new RegExp(p?.cpiRegex ?? DEFAULT_CPI);
+  const verifiedTypeRe = new RegExp(p?.verifiedTypeRegex ?? DEFAULT_VERIFIED_TYPE);
+  const addressRe = new RegExp(p?.addressConstraintRegex ?? DEFAULT_ADDRESS_CONSTRAINT);
+  const body = c.fnBodyText ?? "";
+  const performsCpi = cpiRe.test(body);
+  if (!performsCpi) {
+    return {
+      result: "cant_tell",
+      detail: p?.absentDetail ?? `Handler '${c.fnName}' performs no cross-program invocation; CPI program-ID verification does not apply.`
+    };
+  }
+  const programFields = c.accountFields.filter((f) => isProgramNamed(f.name, programNameRe));
+  if (programFields.length === 0) {
+    return {
+      result: "cant_tell",
+      detail: p?.absentDetail ?? `Handler '${c.fnName}' performs a CPI but no program-named account field was found on '${c.accountStructName}' to verify.`
+    };
+  }
+  const isVerified = (f) => {
+    if (verifiedTypeRe.test(f.typeName)) return true;
+    if (!isRawAccountType(f.typeName)) return true;
+    if (addressRe.test(f.attrText)) return true;
+    const keyCheck = new RegExp(`${f.name}\\.key\\s*\\(\\s*\\)`);
+    if (keyCheck.test(body)) return true;
+    return false;
+  };
+  const unverified = programFields.filter((f) => !isVerified(f));
+  if (unverified.length > 0) {
+    const names = unverified.map((f) => `${f.name}: ${f.typeName}`).join(", ");
+    return {
+      result: "fail",
+      detail: p?.failDetail ?? `Handler '${c.fnName}' performs a cross-program invocation but the target program account(s) [${names}] are raw AccountInfo/UncheckedAccount with no address verification. An attacker can substitute a malicious program \u2014 this is the Wormhole ($325M, Feb 2022) class of bug. Type the account as Program<'info, T> or add #[account(address = <expected_program_id>)].`
+    };
+  }
+  return {
+    result: "pass",
+    detail: p?.passDetail ?? `Handler '${c.fnName}' performs a CPI and every program account (${programFields.map((f) => f.name).join(", ")}) is identity-verified (Program<'info, _>, address= constraint, or in-body key check).`
+  };
+}
+
 // src/checkers/index.ts
 var registry = {
   "positional-arg-identity": positionalArgIdentity,
@@ -1013,7 +1067,8 @@ var registry = {
   "anchor-account-matches-idl": anchorIdlAccount,
   "anchor-account-missing-constraint": anchorAccountMissingConstraint,
   "anchor-forbidden-account-type": anchorForbiddenAccountType,
-  "anchor-body-call-pattern": anchorBodyCallPattern
+  "anchor-body-call-pattern": anchorBodyCallPattern,
+  "anchor-cpi-unverified-program": anchorCpiUnverifiedProgram
 };
 function runChecker(kind, c, params) {
   const fn = registry[kind];

package/dist/{chunk-B2M3TZSA.js → chunk-5VYTURTO.js}

@@ -7,7 +7,7 @@ import {
   loadPack,
   resolveRules,
   walk
-} from "./chunk-IY52XKWL.js";
+} from "./chunk-5H5JQXXU.js";
 
 // src/costAnalysis.ts
 import { Project, SyntaxKind } from "ts-morph";
@@ -252,6 +252,123 @@ function renderCostReportMd(r) {
   return lines.join("\n");
 }
 
+// src/exploitPatterns.ts
+var EXPLOIT_PATTERNS = [
+  {
+    id: "wormhole",
+    title: "Wormhole bridge exploit",
+    date: "2022-02-02",
+    lossUsd: 325e6,
+    chain: "Solana",
+    postmortemUrl: "https://rekt.news/wormhole-rekt/",
+    rootCause: "A cross-program invocation / signature-verification load trusted an account by position, not by identity. A deprecated load did not verify the supplied sysvar's address, so an attacker substituted their own account and forged a 'verified' signature set.",
+    ruleId: "cpi-target-program-unverified",
+    detects: "An Anchor handler that performs a CPI (invoke / invoke_signed / CpiContext) against a program-named account typed as raw AccountInfo/UncheckedAccount with no address= constraint and no in-body key check.",
+    fix: "Type the program account as Program<'info, T> (Anchor verifies the program id on deserialization) or add #[account(address = <expected_program_id>)]."
+  },
+  {
+    id: "cashio",
+    title: "Cashio infinite-mint exploit",
+    date: "2022-03-23",
+    lossUsd: 48e6,
+    chain: "Solana",
+    postmortemUrl: "https://rekt.news/cashio-rekt/",
+    rootCause: "A missing account-validation chain: the program accepted attacker-supplied accounts without verifying their owner/identity, letting a fake collateral account mint unbacked CASH.",
+    ruleId: "anchor-unchecked-account-type",
+    detects: "UncheckedAccount<'info> fields in instruction handlers \u2014 accounts Anchor performs zero runtime validation on (owner, signer, data layout all unchecked).",
+    fix: "Replace UncheckedAccount with Account<'info, T>, Signer<'info>, or SystemAccount<'info> so Anchor enforces ownership and type before the handler runs."
+  },
+  {
+    id: "crema",
+    title: "Crema Finance exploit",
+    date: "2022-07-03",
+    lossUsd: 88e5,
+    chain: "Solana",
+    postmortemUrl: "https://rekt.news/crema-finance-rekt/",
+    rootCause: "A forged 'tick' account was passed into the program and accepted without identity validation, letting the attacker report fake fee data and drain liquidity.",
+    ruleId: "anchor-unchecked-account-type",
+    detects: "The same unchecked-account class: a security-critical account taken as UncheckedAccount with no ownership/type enforcement.",
+    fix: "Deserialize the account through a typed Account<'info, T> (or add an explicit owner/address constraint) so a forged account is rejected."
+  },
+  {
+    id: "fake-mint-impersonation",
+    title: "SPL mint impersonation (counterfeit tokens)",
+    chain: "Solana",
+    postmortemUrl: "https://solana.com/developers/guides/token-extensions/metadata-pointer",
+    rootCause: "A counterfeit SPL mint reuses a legitimate token's name/symbol/metadata; integrations that key off symbol or metadata instead of the canonical mint address route value to the wrong token.",
+    ruleId: "solana-token-impersonation",
+    detects: "Code that resolves or trusts a token by symbol/name rather than pinning the canonical mint address, against the bundled canonical-mint registry.",
+    fix: "Pin and compare the canonical mint address (Pubkey) for every supported token; never trust symbol/name/metadata as identity."
+  }
+];
+function getExploitPattern(idOrRule) {
+  return EXPLOIT_PATTERNS.find((e) => e.id === idOrRule || e.ruleId === idOrRule);
+}
+function formatUsd(n) {
+  if (n == null) return "\u2014";
+  if (n >= 1e9) return `$${(n / 1e9).toFixed(2)}B`;
+  if (n >= 1e6) return `$${(n / 1e6).toFixed(1)}M`;
+  if (n >= 1e3) return `$${(n / 1e3).toFixed(0)}K`;
+  return `$${n}`;
+}
+function totalLossUsd(patterns = EXPLOIT_PATTERNS) {
+  return patterns.reduce((s, e) => s + (e.lossUsd ?? 0), 0);
+}
+function renderExploitsMd(patterns = EXPLOIT_PATTERNS) {
+  const L = ["## Exploit Pattern Database\n"];
+  L.push(
+    "Real on-chain incidents, each mapped to the bundled brainblast rule that statically detects its root-cause pattern. The code that lost these funds is the exact code these rules fail on.\n"
+  );
+  L.push("| Incident | Date | Loss | Detecting rule |");
+  L.push("|----------|------|------|----------------|");
+  for (const e of patterns) {
+    L.push(
+      `| [${e.title}](${e.postmortemUrl}) | ${e.date ?? "ongoing"} | ${formatUsd(e.lossUsd)} | \`${e.ruleId}\` |`
+    );
+  }
+  const total = totalLossUsd(patterns);
+  L.push("");
+  L.push(`**Catalogued losses: ${formatUsd(total)} across ${patterns.length} patterns.**
+`);
+  for (const e of patterns) {
+    L.push(`### ${e.title}${e.lossUsd ? ` \u2014 ${formatUsd(e.lossUsd)}` : ""}
+`);
+    L.push(`- **Chain / date:** ${e.chain} \xB7 ${e.date ?? "ongoing class"}`);
+    L.push(`- **Post-mortem:** ${e.postmortemUrl}`);
+    L.push(`- **Root cause:** ${e.rootCause}`);
+    L.push(`- **Detected by:** \`${e.ruleId}\` \u2014 ${e.detects}`);
+    L.push(`- **Fix:** ${e.fix}`);
+    L.push("");
+  }
+  return L.join("\n");
+}
+function renderExploitsText(patterns = EXPLOIT_PATTERNS) {
+  const L = [];
+  L.push("\u2500\u2500 Exploit Pattern Database \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  L.push("  real incidents \u2192 the bundled rule that detects each root cause");
+  L.push("");
+  for (const e of patterns) {
+    L.push(`  ${e.title}  (${e.date ?? "ongoing"}, ${formatUsd(e.lossUsd)}, ${e.chain})`);
+    L.push(`    rule:  ${e.ruleId}`);
+    L.push(`    cause: ${e.rootCause}`);
+    L.push("");
+  }
+  L.push(`  catalogued losses: ${formatUsd(totalLossUsd(patterns))} across ${patterns.length} patterns`);
+  return L.join("\n");
+}
+function renderExploitDetailText(e) {
+  const L = [];
+  L.push(`\u2500\u2500 ${e.title} \u2500\u2500`);
+  L.push(`  chain/date: ${e.chain} \xB7 ${e.date ?? "ongoing class"}`);
+  L.push(`  loss:       ${formatUsd(e.lossUsd)}`);
+  L.push(`  postmortem: ${e.postmortemUrl}`);
+  L.push(`  root cause: ${e.rootCause}`);
+  L.push(`  detected by: ${e.ruleId}`);
+  L.push(`    ${e.detects}`);
+  L.push(`  fix: ${e.fix}`);
+  return L.join("\n");
+}
+
 // src/watch.ts
 import { watch as fsWatch } from "fs";
 function runIncrementalScan(targetDir, rules, emit) {
@@ -492,6 +609,13 @@ export {
   lamportsToSol,
   analyzeCosts,
   renderCostReportMd,
+  EXPLOIT_PATTERNS,
+  getExploitPattern,
+  formatUsd,
+  totalLossUsd,
+  renderExploitsMd,
+  renderExploitsText,
+  renderExploitDetailText,
   runIncrementalScan,
   startWatch,
   parseDiff,

package/dist/cli.js

@@ -1,19 +1,24 @@
 #!/usr/bin/env node
 import {
+  EXPLOIT_PATTERNS,
   analyzeCosts,
   applyDiffToFile,
+  getExploitPattern,
   initPack,
   isTelemetryEnabled,
   lamportsToSol,
   parseDiff,
   recordGraduationEvents,
   renderCostReportMd,
+  renderExploitDetailText,
+  renderExploitsMd,
+  renderExploitsText,
   rentExemptMinimum,
   startWatch,
   submitTelemetry,
   telemetryFilePath,
   validatePack
-} from "./chunk-B2M3TZSA.js";
+} from "./chunk-5VYTURTO.js";
 import {
   renderTrustGraphMd
 } from "./chunk-2UZGWXIX.js";
@@ -27,7 +32,7 @@ import {
   audit,
   getChangedRanges,
   resolveRules
-} from "./chunk-IY52XKWL.js";
+} from "./chunk-5H5JQXXU.js";
 import "./chunk-2XJORJPQ.js";
 import "./chunk-O5Z4ZJHC.js";
 import "./chunk-XSVQSK53.js";
@@ -475,7 +480,7 @@ if (args[0] === "drift") {
   process.exit(0);
 }
 if (args[0] === "mcp") {
-  const { startMcpServer } = await import("./mcp-AM7MTCSZ.js");
+  const { startMcpServer } = await import("./mcp-EOTWSQK7.js");
   await startMcpServer();
   process.exit(0);
 }
@@ -554,6 +559,10 @@ if (args[0] === "deploy-plan") {
   runDeployPlan(args.slice(1));
   process.exit(0);
 }
+if (args[0] === "exploits") {
+  runExploits(args.slice(1));
+  process.exit(0);
+}
 if (args[0] === "fix") {
   await runFix(args.slice(1));
   process.exit(0);
@@ -691,6 +700,39 @@ function runDeployPlan(argv) {
   writeFileSync2(mdPath, renderDeployPlanMd(plan));
   console.log(`  deploy plan: ${mdPath}`);
 }
+function runExploits(argv) {
+  if (argv.includes("--help") || argv.includes("-h")) {
+    console.log("usage: brainblast exploits [id] [--json]");
+    console.log("  The Exploit Pattern Database: real on-chain incidents mapped to the bundled");
+    console.log("  rule that statically detects each root-cause pattern. Pass an incident id or");
+    console.log("  rule id to see one in detail. Known ids:");
+    console.log(`    ${EXPLOIT_PATTERNS.map((e) => e.id).join(", ")}`);
+    process.exit(0);
+  }
+  const json = argv.includes("--json");
+  const id = argv.find((a) => !a.startsWith("--"));
+  if (id) {
+    const e = getExploitPattern(id);
+    if (!e) {
+      console.error(`error: no exploit pattern '${id}'. Known: ${EXPLOIT_PATTERNS.map((x) => x.id).join(", ")}`);
+      process.exit(2);
+    }
+    if (json) console.log(JSON.stringify(e, null, 2));
+    else console.log(renderExploitDetailText(e));
+    return;
+  }
+  if (json) {
+    console.log(JSON.stringify(EXPLOIT_PATTERNS, null, 2));
+    return;
+  }
+  console.log(renderExploitsText());
+  const outDir2 = join3(process.cwd(), ".agent-research");
+  mkdirSync2(outDir2, { recursive: true });
+  const mdPath = join3(outDir2, "exploit-patterns.md");
+  writeFileSync2(mdPath, renderExploitsMd());
+  console.log(`
+  database: ${mdPath}`);
+}
 function runPack(argv) {
   const sub = argv[0];
   if (sub === "init") {

package/dist/index.d.ts

@@ -156,6 +156,21 @@ interface Rule {
         kind: string;
         params?: Record<string, any>;
     };
+    /**
+     * Exploit Pattern Database provenance (v0.7.3): links this rule to the real
+     * on-chain incident whose root cause it detects. Optional; present on rules
+     * derived from a public post-mortem. The authoritative, user-facing catalog
+     * lives in src/exploitPatterns.ts — this inline block is rule-local
+     * provenance and is cross-checked against the catalog in tests.
+     */
+    exploit?: {
+        incident: string;
+        date: string;
+        lossUsd?: number;
+        chain?: string;
+        postmortemUrl: string;
+        pattern?: string;
+    };
     /**
      * Provenance for rules loaded from a third-party rule pack (see
      * src/packs.ts). Absent for bundled rules. Stamped by the pack loader from
@@ -861,4 +876,33 @@ declare function batchScan(mints: string[], opts?: BatchScanOpts): Promise<Batch
 declare function parseMintList(content: string): string[];
 declare function renderBatchText(result: BatchResult): string;
 
-export { type AccountFlow, type AnchorIdl, type AuditRef, type BatchResult, type BatchRow, type BatchScanOpts, type BuildOpts, CANONICAL_BY_MINT, CANONICAL_MINTS, type Candidate, type CanonicalMint, type ChainEvent, type ChainWatchOpts, type ChainWatchState, type ChangedRanges, type CheckOutcome, type CheckResult, type CheckResultKind, type Checker, type ConfigCandidate, type ConfigChecker, type CostReport, DEFAULT_REGISTRY_URL, DEFAULT_TTL_HOURS, type DecodedInstruction, type DecodedTx, type DiffResult, type DriftAdvisory, type DriftBaseline, type DriftPackage, type DriftResult, type FirewallFinding, type FirewallOpts, type FirewallProgram, type FirewallReport, type FirewallSeverity, type FirewallVerdict, type Grade, type GraduationEvent, type IdentityStatus, type IdlAccount, type IdlConstraintParams, type IdlInstruction, KNOWN_PROGRAMS, type MintInfo, type OnChainProgram, type OsvAdvisory, PACK_MANIFEST_FILE, type PackInitOptions, type PackManifest, type PackRuleValidation, type PackValidateResult, type ParityNote, type ParsedDiff, type PreflightCheck, type PreflightOpts, type PreflightReport, type PreflightStatus, type PreflightVerdict, type PriorityFeePosture, type ProgramCache, type ProgramCacheEntry, type Recoverability, type RicoOutcome, type RicoResult, type RicoTokenSecurity, type Rule, type RustAccountField, type RustCandidate, type RustChecker, type ScoreFactor, type Severity, type TelemetrySubmitResult, type TokenIdentity, type TrustGraph, type TrustScore, type UpgradeAuthority, type UpgradeAuthorityKind, type UpgradeAuthoritySource, type VerifiedBuildState, type VerifyOpts, type WatchEvent, type WatchOptions, analyzeCosts, analyzeInstructions, analyzeToken, applyDiffToFile, audit, auditWithRule, base58Decode, base58Encode, batchScan, buildConstraintParams, buildTrustGraph, rules as bundledRules, cacheSize, canonicalMintForSymbol, checkDrift, checkerKinds, decodeTransaction, defaultCachePath, deployerFlagsFrom, diffVersions, fileChanged, findCandidates, findConfigCandidates, generateRulesFromIdl, generateTestForResult, getCacheEntry, getCacheEntryMeta, getChangedRanges, getRepoHash, getUserHash, getWorkingTreeChanges, gradeAtLeast, gradeForScore, idlProgramName, initPack, initialChainWatchState, inspectTransaction, isCanonicalMint, isEntryExpired, isTelemetryEnabled, isValidSolanaAddress, lamportsToSol, loadDirectory, loadPack, loadPacksFromDir, loadProgramCache, loadRules, parseCpiPrograms, parseDiff, parseIdl, parseMintAccount, parseMintList, pollChainOnce, pumpPreflight, putCacheEntry, queryOsv, rangeChanged, recordGraduationEvents, renderBatchText, renderCostReportMd, renderDiffMd, renderDiffText, renderDriftText, renderFirewallText, renderPreflightText, renderRicoText, renderRulesYaml, renderScoreText, renderTest, renderTrustGraphMd, rentExemptMinimum, resolveRules, riskScore, runChecker, runIncrementalScan, saveProgramCache, scoreFromProgram, scoreProgram, seedPackages, startChainWatch, startWatch, submitTelemetry, telemetryFilePath, testKinds, toSnakeCase, validatePack, validatePackManifest, verifyTokenIdentity };
+interface ExploitPattern {
+    /** Stable slug, e.g. "wormhole". */
+    id: string;
+    /** Human title of the incident. */
+    title: string;
+    /** ISO date of the exploit (YYYY-MM-DD), or undefined for a pattern class. */
+    date?: string;
+    /** Reported loss in USD, when a single figure is meaningful. */
+    lossUsd?: number;
+    chain: string;
+    /** Public post-mortem / incident analysis URL. */
+    postmortemUrl: string;
+    /** The generalized root cause, in one sentence. */
+    rootCause: string;
+    /** Bundled rule id that detects this pattern (must exist in rules/). */
+    ruleId: string;
+    /** What that rule looks for, in plain English. */
+    detects: string;
+    /** The safe pattern that closes the hole. */
+    fix: string;
+}
+declare const EXPLOIT_PATTERNS: ExploitPattern[];
+declare function getExploitPattern(idOrRule: string): ExploitPattern | undefined;
+declare function formatUsd(n: number | undefined): string;
+declare function totalLossUsd(patterns?: ExploitPattern[]): number;
+declare function renderExploitsMd(patterns?: ExploitPattern[]): string;
+declare function renderExploitsText(patterns?: ExploitPattern[]): string;
+declare function renderExploitDetailText(e: ExploitPattern): string;
+
+export { type AccountFlow, type AnchorIdl, type AuditRef, type BatchResult, type BatchRow, type BatchScanOpts, type BuildOpts, CANONICAL_BY_MINT, CANONICAL_MINTS, type Candidate, type CanonicalMint, type ChainEvent, type ChainWatchOpts, type ChainWatchState, type ChangedRanges, type CheckOutcome, type CheckResult, type CheckResultKind, type Checker, type ConfigCandidate, type ConfigChecker, type CostReport, DEFAULT_REGISTRY_URL, DEFAULT_TTL_HOURS, type DecodedInstruction, type DecodedTx, type DiffResult, type DriftAdvisory, type DriftBaseline, type DriftPackage, type DriftResult, EXPLOIT_PATTERNS, type ExploitPattern, type FirewallFinding, type FirewallOpts, type FirewallProgram, type FirewallReport, type FirewallSeverity, type FirewallVerdict, type Grade, type GraduationEvent, type IdentityStatus, type IdlAccount, type IdlConstraintParams, type IdlInstruction, KNOWN_PROGRAMS, type MintInfo, type OnChainProgram, type OsvAdvisory, PACK_MANIFEST_FILE, type PackInitOptions, type PackManifest, type PackRuleValidation, type PackValidateResult, type ParityNote, type ParsedDiff, type PreflightCheck, type PreflightOpts, type PreflightReport, type PreflightStatus, type PreflightVerdict, type PriorityFeePosture, type ProgramCache, type ProgramCacheEntry, type Recoverability, type RicoOutcome, type RicoResult, type RicoTokenSecurity, type Rule, type RustAccountField, type RustCandidate, type RustChecker, type ScoreFactor, type Severity, type TelemetrySubmitResult, type TokenIdentity, type TrustGraph, type TrustScore, type UpgradeAuthority, type UpgradeAuthorityKind, type UpgradeAuthoritySource, type VerifiedBuildState, type VerifyOpts, type WatchEvent, type WatchOptions, analyzeCosts, analyzeInstructions, analyzeToken, applyDiffToFile, audit, auditWithRule, base58Decode, base58Encode, batchScan, buildConstraintParams, buildTrustGraph, rules as bundledRules, cacheSize, canonicalMintForSymbol, checkDrift, checkerKinds, decodeTransaction, defaultCachePath, deployerFlagsFrom, diffVersions, fileChanged, findCandidates, findConfigCandidates, formatUsd, generateRulesFromIdl, generateTestForResult, getCacheEntry, getCacheEntryMeta, getChangedRanges, getExploitPattern, getRepoHash, getUserHash, getWorkingTreeChanges, gradeAtLeast, gradeForScore, idlProgramName, initPack, initialChainWatchState, inspectTransaction, isCanonicalMint, isEntryExpired, isTelemetryEnabled, isValidSolanaAddress, lamportsToSol, loadDirectory, loadPack, loadPacksFromDir, loadProgramCache, loadRules, parseCpiPrograms, parseDiff, parseIdl, parseMintAccount, parseMintList, pollChainOnce, pumpPreflight, putCacheEntry, queryOsv, rangeChanged, recordGraduationEvents, renderBatchText, renderCostReportMd, renderDiffMd, renderDiffText, renderDriftText, renderExploitDetailText, renderExploitsMd, renderExploitsText, renderFirewallText, renderPreflightText, renderRicoText, renderRulesYaml, renderScoreText, renderTest, renderTrustGraphMd, rentExemptMinimum, resolveRules, riskScore, runChecker, runIncrementalScan, saveProgramCache, scoreFromProgram, scoreProgram, seedPackages, startChainWatch, startWatch, submitTelemetry, telemetryFilePath, testKinds, toSnakeCase, totalLossUsd, validatePack, validatePackManifest, verifyTokenIdentity };

package/dist/index.js

@@ -38,8 +38,11 @@ import {
 } from "./chunk-VI2JBH2T.js";
 import {
   DEFAULT_REGISTRY_URL,
+  EXPLOIT_PATTERNS,
   analyzeCosts,
   applyDiffToFile,
+  formatUsd,
+  getExploitPattern,
   getRepoHash,
   getUserHash,
   initPack,
@@ -48,13 +51,17 @@ import {
   parseDiff,
   recordGraduationEvents,
   renderCostReportMd,
+  renderExploitDetailText,
+  renderExploitsMd,
+  renderExploitsText,
   rentExemptMinimum,
   runIncrementalScan,
   startWatch,
   submitTelemetry,
   telemetryFilePath,
+  totalLossUsd,
   validatePack
-} from "./chunk-B2M3TZSA.js";
+} from "./chunk-5VYTURTO.js";
 import {
   renderTrustGraphMd
 } from "./chunk-2UZGWXIX.js";
@@ -91,7 +98,7 @@ import {
   runChecker,
   testKinds,
   validatePackManifest
-} from "./chunk-IY52XKWL.js";
+} from "./chunk-5H5JQXXU.js";
 import {
   CANONICAL_BY_MINT,
   CANONICAL_MINTS,
@@ -144,6 +151,7 @@ export {
   CANONICAL_MINTS,
   DEFAULT_REGISTRY_URL,
   DEFAULT_TTL_HOURS,
+  EXPLOIT_PATTERNS,
   KNOWN_PROGRAMS,
   PACK_MANIFEST_FILE,
   analyzeCosts,
@@ -169,11 +177,13 @@ export {
   fileChanged,
   findCandidates,
   findConfigCandidates,
+  formatUsd,
   generateRulesFromIdl,
   generateTestForResult,
   getCacheEntry,
   getCacheEntryMeta,
   getChangedRanges,
+  getExploitPattern,
   getRepoHash,
   getUserHash,
   getWorkingTreeChanges,
@@ -209,6 +219,9 @@ export {
   renderDiffMd,
   renderDiffText,
   renderDriftText,
+  renderExploitDetailText,
+  renderExploitsMd,
+  renderExploitsText,
   renderFirewallText,
   renderPreflightText,
   renderRicoText,
@@ -231,6 +244,7 @@ export {
   telemetryFilePath,
   testKinds,
   toSnakeCase,
+  totalLossUsd,
   validatePack,
   validatePackManifest,
   verifyTokenIdentity

package/dist/{mcp-AM7MTCSZ.js → mcp-EOTWSQK7.js}

@@ -1,7 +1,7 @@
 import {
   audit,
   resolveRules
-} from "./chunk-IY52XKWL.js";
+} from "./chunk-5H5JQXXU.js";
 import "./chunk-2XJORJPQ.js";
 import "./chunk-O5Z4ZJHC.js";
 import {

package/dist/rules/cpi-target-program-unverified.yaml

@@ -0,0 +1,41 @@
+id: cpi-target-program-unverified
+severity: critical
+title: Anchor CPI invokes a target program account whose identity is never verified (Wormhole pattern)
+component:
+  name: Anchor Framework
+  type: Blockchain
+  version: ">=0.26.0"
+  sourceUrl: https://www.anchor-lang.com/docs/the-program-module
+exploit:
+  incident: Wormhole bridge exploit
+  date: "2022-02-02"
+  lossUsd: 325000000
+  chain: Solana
+  postmortemUrl: https://rekt.news/wormhole-rekt/
+  pattern: >-
+    A cross-program invocation (or signature-verification load) was performed
+    against an account trusted by position rather than by identity. A deprecated
+    load did not verify the supplied account's address, letting an attacker
+    substitute a malicious account and forge verification. Generalized: a CPI
+    target program was used without verifying its program ID.
+detect:
+  lang: rust
+  modules:
+    - "@coral-xyz/anchor"
+    - "@project-serum/anchor"
+  nameRegex: ".*"
+  triggerCalls: []
+check:
+  kind: anchor-cpi-unverified-program
+  params:
+    programNameRegex: "(^|_)program$|^program(_id)?$"
+    cpiRegex: "invoke_signed\\s*\\(|invoke\\s*\\(|CpiContext::|\\.cpi\\(\\)"
+test:
+  kind: anchor-program-test
+  params:
+    scenario: cpi-substituted-program
+    description: >-
+      Invokes the handler with a malicious program substituted for the expected
+      target. With a raw AccountInfo program account the CPI dispatches to the
+      attacker's program; typing it Program<'info, T> (or adding address=)
+      makes Anchor reject the substitution before the handler runs.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "brainblast",
-  "version": "0.7.2",
+  "version": "0.7.3",
   "type": "module",
   "description": "Deterministic auditor for catastrophic AI-integration bugs: scan a repo, find the silent money/auth traps, and generate the behavioral test that proves they're fixed.",
   "keywords": [