npm - clawcontract - Versions diffs - 0.1.0 - Mend

clawcontract 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (158) hide show

package/README.md +222 -0
package/dist/analyzer/fallback.d.ts +28 -0
package/dist/analyzer/fallback.d.ts.map +1 -0
package/dist/analyzer/fallback.js +142 -0
package/dist/analyzer/fallback.js.map +1 -0
package/dist/analyzer/index.d.ts +24 -0
package/dist/analyzer/index.d.ts.map +1 -0
package/dist/analyzer/index.js +73 -0
package/dist/analyzer/index.js.map +1 -0
package/dist/analyzer/slither.d.ts +36 -0
package/dist/analyzer/slither.d.ts.map +1 -0
package/dist/analyzer/slither.js +92 -0
package/dist/analyzer/slither.js.map +1 -0
package/dist/cli/commands/analyze.d.ts +7 -0
package/dist/cli/commands/analyze.d.ts.map +1 -0
package/dist/cli/commands/analyze.js +74 -0
package/dist/cli/commands/analyze.js.map +1 -0
package/dist/cli/commands/delete.d.ts +5 -0
package/dist/cli/commands/delete.d.ts.map +1 -0
package/dist/cli/commands/delete.js +48 -0
package/dist/cli/commands/delete.js.map +1 -0
package/dist/cli/commands/deploy.d.ts +5 -0
package/dist/cli/commands/deploy.d.ts.map +1 -0
package/dist/cli/commands/deploy.js +88 -0
package/dist/cli/commands/deploy.js.map +1 -0
package/dist/cli/commands/full.d.ts +5 -0
package/dist/cli/commands/full.d.ts.map +1 -0
package/dist/cli/commands/full.js +83 -0
package/dist/cli/commands/full.js.map +1 -0
package/dist/cli/commands/generate.d.ts +5 -0
package/dist/cli/commands/generate.d.ts.map +1 -0
package/dist/cli/commands/generate.js +35 -0
package/dist/cli/commands/generate.js.map +1 -0
package/dist/cli/commands/interact.d.ts +6 -0
package/dist/cli/commands/interact.d.ts.map +1 -0
package/dist/cli/commands/interact.js +136 -0
package/dist/cli/commands/interact.js.map +1 -0
package/dist/cli/commands/list.d.ts +6 -0
package/dist/cli/commands/list.d.ts.map +1 -0
package/dist/cli/commands/list.js +37 -0
package/dist/cli/commands/list.js.map +1 -0
package/dist/cli/commands/setup.d.ts +8 -0
package/dist/cli/commands/setup.d.ts.map +1 -0
package/dist/cli/commands/setup.js +36 -0
package/dist/cli/commands/setup.js.map +1 -0
package/dist/cli/commands/verify.d.ts +9 -0
package/dist/cli/commands/verify.d.ts.map +1 -0
package/dist/cli/commands/verify.js +87 -0
package/dist/cli/commands/verify.js.map +1 -0
package/dist/cli/index.d.ts +3 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +104 -0
package/dist/cli/index.js.map +1 -0
package/dist/cli/utils.d.ts +6 -0
package/dist/cli/utils.d.ts.map +1 -0
package/dist/cli/utils.js +29 -0
package/dist/cli/utils.js.map +1 -0
package/dist/config/chains.d.ts +18 -0
package/dist/config/chains.d.ts.map +1 -0
package/dist/config/chains.js +52 -0
package/dist/config/chains.js.map +1 -0
package/dist/config/index.d.ts +2 -0
package/dist/config/index.d.ts.map +1 -0
package/dist/config/index.js +2 -0
package/dist/config/index.js.map +1 -0
package/dist/deployer/compiler.d.ts +10 -0
package/dist/deployer/compiler.d.ts.map +1 -0
package/dist/deployer/compiler.js +93 -0
package/dist/deployer/compiler.js.map +1 -0
package/dist/deployer/deploy.d.ts +28 -0
package/dist/deployer/deploy.d.ts.map +1 -0
package/dist/deployer/deploy.js +60 -0
package/dist/deployer/deploy.js.map +1 -0
package/dist/deployer/hardhat-config-template.d.ts +2 -0
package/dist/deployer/hardhat-config-template.d.ts.map +1 -0
package/dist/deployer/hardhat-config-template.js +20 -0
package/dist/deployer/hardhat-config-template.js.map +1 -0
package/dist/deployer/index.d.ts +7 -0
package/dist/deployer/index.d.ts.map +1 -0
package/dist/deployer/index.js +4 -0
package/dist/deployer/index.js.map +1 -0
package/dist/deployer/metadata.d.ts +16 -0
package/dist/deployer/metadata.d.ts.map +1 -0
package/dist/deployer/metadata.js +315 -0
package/dist/deployer/metadata.js.map +1 -0
package/dist/deployer/wallet.d.ts +6 -0
package/dist/deployer/wallet.d.ts.map +1 -0
package/dist/deployer/wallet.js +21 -0
package/dist/deployer/wallet.js.map +1 -0
package/dist/generator/index.d.ts +19 -0
package/dist/generator/index.d.ts.map +1 -0
package/dist/generator/index.js +33 -0
package/dist/generator/index.js.map +1 -0
package/dist/generator/llm.d.ts +10 -0
package/dist/generator/llm.d.ts.map +1 -0
package/dist/generator/llm.js +71 -0
package/dist/generator/llm.js.map +1 -0
package/dist/generator/templates/erc20.d.ts +2 -0
package/dist/generator/templates/erc20.d.ts.map +1 -0
package/dist/generator/templates/erc20.js +106 -0
package/dist/generator/templates/erc20.js.map +1 -0
package/dist/generator/templates/erc20.sol.d.ts +2 -0
package/dist/generator/templates/erc20.sol.d.ts.map +1 -0
package/dist/generator/templates/erc20.sol.js +106 -0
package/dist/generator/templates/erc20.sol.js.map +1 -0
package/dist/generator/templates/erc721.d.ts +2 -0
package/dist/generator/templates/erc721.d.ts.map +1 -0
package/dist/generator/templates/erc721.js +168 -0
package/dist/generator/templates/erc721.js.map +1 -0
package/dist/generator/templates/erc721.sol.d.ts +2 -0
package/dist/generator/templates/erc721.sol.d.ts.map +1 -0
package/dist/generator/templates/erc721.sol.js +168 -0
package/dist/generator/templates/erc721.sol.js.map +1 -0
package/dist/generator/templates/index.d.ts +21 -0
package/dist/generator/templates/index.d.ts.map +1 -0
package/dist/generator/templates/index.js +157 -0
package/dist/generator/templates/index.js.map +1 -0
package/dist/generator/templates/multisig.d.ts +2 -0
package/dist/generator/templates/multisig.d.ts.map +1 -0
package/dist/generator/templates/multisig.js +136 -0
package/dist/generator/templates/multisig.js.map +1 -0
package/dist/generator/templates/multisig.sol.d.ts +2 -0
package/dist/generator/templates/multisig.sol.d.ts.map +1 -0
package/dist/generator/templates/multisig.sol.js +136 -0
package/dist/generator/templates/multisig.sol.js.map +1 -0
package/dist/generator/templates/staking.d.ts +2 -0
package/dist/generator/templates/staking.d.ts.map +1 -0
package/dist/generator/templates/staking.js +119 -0
package/dist/generator/templates/staking.js.map +1 -0
package/dist/generator/templates/staking.sol.d.ts +2 -0
package/dist/generator/templates/staking.sol.d.ts.map +1 -0
package/dist/generator/templates/staking.sol.js +119 -0
package/dist/generator/templates/staking.sol.js.map +1 -0
package/dist/generator/templates/vesting.d.ts +2 -0
package/dist/generator/templates/vesting.d.ts.map +1 -0
package/dist/generator/templates/vesting.js +133 -0
package/dist/generator/templates/vesting.js.map +1 -0
package/dist/generator/templates/vesting.sol.d.ts +2 -0
package/dist/generator/templates/vesting.sol.d.ts.map +1 -0
package/dist/generator/templates/vesting.sol.js +133 -0
package/dist/generator/templates/vesting.sol.js.map +1 -0
package/dist/generator/utils.d.ts +5 -0
package/dist/generator/utils.d.ts.map +1 -0
package/dist/generator/utils.js +49 -0
package/dist/generator/utils.js.map +1 -0
package/dist/index.d.ts +2 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +2 -0
package/dist/index.js.map +1 -0
package/dist/verifier/explorer-api.d.ts +21 -0
package/dist/verifier/explorer-api.d.ts.map +1 -0
package/dist/verifier/explorer-api.js +92 -0
package/dist/verifier/explorer-api.js.map +1 -0
package/dist/verifier/index.d.ts +20 -0
package/dist/verifier/index.d.ts.map +1 -0
package/dist/verifier/index.js +31 -0
package/dist/verifier/index.js.map +1 -0
package/package.json +53 -0

package/README.md ADDED Viewed

@@ -0,0 +1,222 @@
+# ClawContract 🦞
+**AI-powered smart contract generator, analyzer, and deployer for BNB Chain**
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)
+[![Node.js 20+](https://img.shields.io/badge/Node.js-20%2B-green.svg)](https://nodejs.org)
+[![BNB Chain](https://img.shields.io/badge/BNB%20Chain-BSC%20%7C%20opBNB-F0B90B.svg)](https://www.bnbchain.org)
+[![Hackathon](https://img.shields.io/badge/Hackathon-Good%20Vibes%20Only-blueviolet.svg)](#hackathon)
+---
+## Overview
+ClawContract turns natural language into production-ready, deployed, and verified smart contracts on BNB Chain. Describe what you want in plain English — ClawContract generates the Solidity code using AI, runs security analysis, deploys to BSC or opBNB, and verifies the source on BscScan — all in a single command.
+## Features
+- **Security analysis** — runs Slither static analysis with an automatic regex-based fallback for environments without Python
+- **One-command deployment** — deploy to BSC and opBNB (mainnet + testnet) with gas estimation
+- **Automatic verification** — verify source code on BscScan and opBNBScan immediately after deployment
+- **Non-interactive CLI** — fully automated pipeline with gas estimates, no user prompts required
+- **OpenClaw skill integration** — register as an OpenClaw skill for chat-based contract generation and deployment
+## Quick Start
+```bash
+git clone https://github.com/your-username/ClawContract.git
+cd ClawContract
+pnpm install
+pnpm run build
+```
+Then set up your environment:
+```bash
+clawcontract setup
+clawcontract setup --openrouter-key sk-or-... --bscscan-key ABC123
+clawcontract setup --private-key 0xabc... --openrouter-key sk-or-... --openrouter-model anthropic/claude-sonnet-4-20250514
+```
+This writes a `.env` file non-interactively. A wallet is auto-generated if `--private-key` is not provided.
+## Usage
+### Generate a contract
+```bash
+clawcontract generate "ERC-20 token called VibeToken with 1M supply"
+```
+### Analyze a contract for vulnerabilities
+```bash
+clawcontract analyze ./contracts/VibeToken.sol
+```
+### Deploy to a chain
+```bash
+clawcontract deploy ./contracts/VibeToken.sol --chain bsc-testnet
+```
+### Verify on block explorer
+```bash
+clawcontract verify 0xYourContractAddress --chain bsc-testnet --file ./contracts/VibeToken.sol
+```
+### Interact with a deployed contract
+```bash
+clawcontract interact 0xYourContractAddress name --chain bsc-testnet
+```
+Call any function on a deployed contract. Read-only functions (`view`/`pure`) are called without gas. State-changing functions are sent as signed transactions.
+```bash
+# Read-only call
+clawcontract interact 0xABC... balanceOf 0xDEF... --chain bsc-testnet
+# State-changing call
+clawcontract interact 0xABC... transfer 0xDEF... 1000 --chain bsc-testnet
+# Payable call (send BNB value in wei)
+clawcontract interact 0xABC... fundTrade 1 --value 100000000000000 --chain bsc-testnet
+# Use ABI from source file instead of stored metadata
+clawcontract interact 0xABC... name --chain bsc-testnet --file ./contracts/VibeToken.sol
+```
+### List deployments
+```bash
+clawcontract list
+```
+List all stored deployment records. Shows address, contract name, chain, deployer, and deployment date.
+```bash
+# List all deployments
+clawcontract list
+# Filter by chain
+clawcontract list --chain bsc-testnet
+# Output as JSON (for scripting)
+clawcontract list --json
+```
+### Delete a deployment record
+```bash
+clawcontract delete <address>
+```
+Remove a deployment record from the local store. Shows deployment details and asks for confirmation before deleting. Orphaned ABI files are automatically cleaned up.
+```bash
+# Delete with confirmation prompt
+clawcontract delete 0xYourContractAddress
+# Skip confirmation
+clawcontract delete 0xYourContractAddress --force
+```
+### Full pipeline (generate → analyze → deploy → verify)
+```bash
+clawcontract full "staking contract for BNB with 10% APY" --chain bsc-testnet
+```
+### Global options
+| Option | Description | Default |
+|---|---|---|
+| `--chain <chain>` | Target blockchain | `bsc-testnet` |
+| `--output <dir>` | Output directory for generated contracts | `./contracts` |
+## Supported Chains
+| Chain | Chain ID | RPC | Explorer |
+|---|---|---|---|
+| BNB Smart Chain | 56 | `https://bsc-dataseed.binance.org` | [bscscan.com](https://bscscan.com) |
+| BNB Smart Chain Testnet | 97 | `https://data-seed-prebsc-1-s1.binance.org:8545` | [testnet.bscscan.com](https://testnet.bscscan.com) |
+| opBNB | 204 | `https://opbnb-mainnet-rpc.bnbchain.org` | [opbnbscan.com](https://opbnbscan.com) |
+| opBNB Testnet | 5611 | `https://opbnb-testnet-rpc.bnbchain.org` | [testnet.opbnbscan.com](https://testnet.opbnbscan.com) |
+## Architecture
+```
+src/
+├── cli/         # Commander.js CLI entry point + command handlers
+├── generator/   # Contract generation (template matching + Claude LLM)
+├── analyzer/    # Security analysis (Slither + regex fallback)
+├── deployer/    # Compilation + deployment via Hardhat + ethers.js (saves metadata)
+├── verifier/    # BscScan / opBNBScan source verification
+├── config/      # Chain configurations and constants
+└── openclaw/    # OpenClaw skill definition for chat integration
+```
+## Pipeline Flow
+The `full` command runs the entire pipeline end-to-end. If high-severity issues are found during analysis, the AI will automatically attempt to fix them (up to 3 attempts) before proceeding to deployment.
+```
+Natural Language
+       ↓
+  AI Generation ─── template matching + Claude LLM
+       ↓
+Security Analysis ── Slither / regex checks
+       ↓              ↑
+  AI Auto-Fix ────────┘  (up to 3 attempts if high-severity issues found)
+       ↓
+  Compilation ────── Hardhat + solc
+       ↓
+  Deployment ─────── ethers.js → BSC / opBNB
+       ↓
+  Verification ───── BscScan / opBNBScan API
+       ↓
+  Interaction ────── ethers.js read/write calls
+```
+## OpenClaw Integration
+ClawContract ships with an [OpenClaw skill](src/openclaw/SKILL.md) that teaches OpenClaw agents how to use the CLI for chat-based contract generation and deployment. Copy or symlink `src/openclaw/` into your OpenClaw workspace `skills/` directory to enable it.
+## Configuration
+Run `clawcontract setup` to generate a `.env` file, or copy the example and fill in manually:
+```bash
+cp .env.example .env
+```
+| Variable | Description | Required |
+|---|---|---|
+| `PRIVATE_KEY` | Wallet private key for deployment (auto-generated if not set) | No |
+| `OPENROUTER_API_KEY` | OpenRouter API key for AI contract generation | Yes |
+| `OPENROUTER_MODEL` | OpenRouter model (default: `anthropic/claude-sonnet-4-20250514`) | No |
+| `BSCSCAN_API_KEY` | BscScan / opBNBScan API key for contract verification | No |
+> **Security:** Never commit your `.env` file. The `.env.example` file is provided as a reference.
+> **Data:** Deployment metadata is saved to `contracts/.deployments/` using a directory-based store with deduplicated ABIs and an index for fast lookups. Legacy `.deployments.json` files are auto-migrated on first access. This directory is local and should not be committed.
+## Requirements
+- **Node.js** 20.0.0 or later
+- **pnpm** (recommended package manager)
+- **Python 3.8+** (optional — required for Slither static analysis; regex fallback is used if unavailable)
+## Hackathon
+Built for the **Good Vibes Only: OpenClaw Edition** hackathon.
+- **Track:** Builders' Tools
+- **Chain:** BNB Chain (BSC + opBNB)
+- **Goal:** Make smart contract development accessible to everyone through AI and natural language
+## License
+[MIT](LICENSE)

package/dist/analyzer/fallback.d.ts ADDED Viewed

@@ -0,0 +1,28 @@
+export interface Finding {
+    severity: 'High' | 'Medium' | 'Low' | 'Informational' | 'Optimization';
+    title: string;
+    description: string;
+    location: string;
+    recommendation: string;
+}
+export interface AnalysisSummary {
+    high: number;
+    medium: number;
+    low: number;
+    informational: number;
+    optimization: number;
+    total: number;
+}
+export interface AnalysisResult {
+    findings: Finding[];
+    summary: AnalysisSummary;
+    passed: boolean;
+}
+export declare function checkReentrancy(source: string): Finding[];
+export declare function checkUncheckedReturn(source: string): Finding[];
+export declare function checkTxOrigin(source: string): Finding[];
+export declare function checkSelfDestruct(source: string): Finding[];
+export declare function checkFloatingPragma(source: string): Finding[];
+export declare function runFallbackAnalysis(source: string): AnalysisResult;
+export declare function runFallbackAnalysisFromFile(filePath: string): AnalysisResult;
+//# sourceMappingURL=fallback.d.ts.map

package/dist/analyzer/fallback.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"fallback.d.ts","sourceRoot":"","sources":["../../src/analyzer/fallback.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,OAAO;IACtB,QAAQ,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,eAAe,GAAG,cAAc,CAAC;IACvE,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,OAAO,EAAE,eAAe,CAAC;IACzB,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,wBAAgB,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,EAAE,CA2BzD;AAED,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,EAAE,CAoB9D;AAED,wBAAgB,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,EAAE,CAkBvD;AAED,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,EAAE,CAkB3D;AAED,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,EAAE,CAkB7D;AAyBD,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,cAAc,CAalE;AAED,wBAAgB,2BAA2B,CAAC,QAAQ,EAAE,MAAM,GAAG,cAAc,CAG5E"}

package/dist/analyzer/fallback.js ADDED Viewed

@@ -0,0 +1,142 @@
+import { readFileSync } from 'node:fs';
+export function checkReentrancy(source) {
+    const findings = [];
+    const lines = source.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i].trim();
+        if ((line.includes('.call{') || line.includes('.call(') || line.includes('.send(') || line.includes('.transfer(')) &&
+            !line.startsWith('//')) {
+            for (let j = i + 1; j < Math.min(i + 10, lines.length); j++) {
+                const subsequent = lines[j].trim();
+                if (subsequent.includes('=') && !subsequent.startsWith('//') && !subsequent.startsWith('require') && !subsequent.startsWith('if')) {
+                    findings.push({
+                        severity: 'High',
+                        title: '[Basic Check] Potential Reentrancy',
+                        description: `External call at line ${i + 1} is followed by a state change at line ${j + 1}. This could be vulnerable to reentrancy attacks.`,
+                        location: `Line ${i + 1}`,
+                        recommendation: 'Use the checks-effects-interactions pattern or a reentrancy guard. Update state variables before making external calls.',
+                    });
+                    break;
+                }
+            }
+        }
+    }
+    return findings;
+}
+export function checkUncheckedReturn(source) {
+    const findings = [];
+    const lines = source.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i].trim();
+        if (line.includes('.call{') || line.includes('.call(')) {
+            if (!line.includes('(bool') && !line.includes('require') && !line.includes('if')) {
+                findings.push({
+                    severity: 'Medium',
+                    title: '[Basic Check] Unchecked Return Value',
+                    description: `Low-level call at line ${i + 1} does not check the return value. The call could silently fail.`,
+                    location: `Line ${i + 1}`,
+                    recommendation: 'Check the return value of low-level calls: (bool success, ) = addr.call{...}(...); require(success);',
+                });
+            }
+        }
+    }
+    return findings;
+}
+export function checkTxOrigin(source) {
+    const findings = [];
+    const lines = source.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i].trim();
+        if (line.includes('tx.origin') && !line.startsWith('//')) {
+            findings.push({
+                severity: 'Medium',
+                title: '[Basic Check] tx.origin Usage',
+                description: `tx.origin used at line ${i + 1}. Using tx.origin for authorization is vulnerable to phishing attacks.`,
+                location: `Line ${i + 1}`,
+                recommendation: 'Use msg.sender instead of tx.origin for authorization checks.',
+            });
+        }
+    }
+    return findings;
+}
+export function checkSelfDestruct(source) {
+    const findings = [];
+    const lines = source.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i].trim();
+        if ((line.includes('selfdestruct(') || line.includes('selfdestruct (')) && !line.startsWith('//')) {
+            findings.push({
+                severity: 'High',
+                title: '[Basic Check] selfdestruct Usage',
+                description: `selfdestruct found at line ${i + 1}. This can permanently destroy the contract and send remaining Ether to an address.`,
+                location: `Line ${i + 1}`,
+                recommendation: 'Remove selfdestruct or protect it with strict access control. Note: selfdestruct is deprecated in newer Solidity versions.',
+            });
+        }
+    }
+    return findings;
+}
+export function checkFloatingPragma(source) {
+    const findings = [];
+    const lines = source.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i].trim();
+        if (line.startsWith('pragma solidity') && line.includes('^')) {
+            findings.push({
+                severity: 'Informational',
+                title: '[Basic Check] Floating Pragma',
+                description: `Floating pragma found at line ${i + 1}: "${line}". Contracts should be deployed with the same compiler version they were tested with.`,
+                location: `Line ${i + 1}`,
+                recommendation: 'Lock the pragma to a specific version, e.g., "pragma solidity 0.8.20;" instead of "pragma solidity ^0.8.20;".',
+            });
+        }
+    }
+    return findings;
+}
+function buildSummary(findings) {
+    const summary = {
+        high: 0,
+        medium: 0,
+        low: 0,
+        informational: 0,
+        optimization: 0,
+        total: findings.length,
+    };
+    for (const finding of findings) {
+        switch (finding.severity) {
+            case 'High':
+                summary.high++;
+                break;
+            case 'Medium':
+                summary.medium++;
+                break;
+            case 'Low':
+                summary.low++;
+                break;
+            case 'Informational':
+                summary.informational++;
+                break;
+            case 'Optimization':
+                summary.optimization++;
+                break;
+        }
+    }
+    return summary;
+}
+export function runFallbackAnalysis(source) {
+    const findings = [
+        ...checkReentrancy(source),
+        ...checkUncheckedReturn(source),
+        ...checkTxOrigin(source),
+        ...checkSelfDestruct(source),
+        ...checkFloatingPragma(source),
+    ];
+    const summary = buildSummary(findings);
+    const passed = summary.high === 0;
+    return { findings, summary, passed };
+}
+export function runFallbackAnalysisFromFile(filePath) {
+    const source = readFileSync(filePath, 'utf-8');
+    return runFallbackAnalysis(source);
+}
+//# sourceMappingURL=fallback.js.map

package/dist/analyzer/fallback.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"fallback.js","sourceRoot":"","sources":["../../src/analyzer/fallback.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAyBvC,MAAM,UAAU,eAAe,CAAC,MAAc;IAC5C,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAEjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC7B,IACE,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;YAC9G,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EACtB,CAAC;YACD,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC5D,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBACnC,IAAI,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;oBAClI,QAAQ,CAAC,IAAI,CAAC;wBACZ,QAAQ,EAAE,MAAM;wBAChB,KAAK,EAAE,oCAAoC;wBAC3C,WAAW,EAAE,yBAAyB,CAAC,GAAG,CAAC,0CAA0C,CAAC,GAAG,CAAC,mDAAmD;wBAC7I,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE;wBACzB,cAAc,EAAE,yHAAyH;qBAC1I,CAAC,CAAC;oBACH,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,MAAc;IACjD,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAEjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvD,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBACjF,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAE,QAAQ;oBAClB,KAAK,EAAE,sCAAsC;oBAC7C,WAAW,EAAE,0BAA0B,CAAC,GAAG,CAAC,iEAAiE;oBAC7G,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE;oBACzB,cAAc,EAAE,sGAAsG;iBACvH,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,MAAc;IAC1C,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAEjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACzD,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,QAAQ;gBAClB,KAAK,EAAE,+BAA+B;gBACtC,WAAW,EAAE,0BAA0B,CAAC,GAAG,CAAC,wEAAwE;gBACpH,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE;gBACzB,cAAc,EAAE,+DAA+D;aAChF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,MAAc;IAC9C,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAEjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC7B,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YAClG,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,kCAAkC;gBACzC,WAAW,EAAE,8BAA8B,CAAC,GAAG,CAAC,qFAAqF;gBACrI,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE;gBACzB,cAAc,EAAE,4HAA4H;aAC7I,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,MAAc;IAChD,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAEjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,UAAU,CAAC,iBAAiB,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7D,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,eAAe;gBACzB,KAAK,EAAE,+BAA+B;gBACtC,WAAW,EAAE,iCAAiC,CAAC,GAAG,CAAC,MAAM,IAAI,uFAAuF;gBACpJ,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE;gBACzB,cAAc,EAAE,+GAA+G;aAChI,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,YAAY,CAAC,QAAmB;IACvC,MAAM,OAAO,GAAoB;QAC/B,IAAI,EAAE,CAAC;QACP,MAAM,EAAE,CAAC;QACT,GAAG,EAAE,CAAC;QACN,aAAa,EAAE,CAAC;QAChB,YAAY,EAAE,CAAC;QACf,KAAK,EAAE,QAAQ,CAAC,MAAM;KACvB,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,QAAQ,OAAO,CAAC,QAAQ,EAAE,CAAC;YACzB,KAAK,MAAM;gBAAE,OAAO,CAAC,IAAI,EAAE,CAAC;gBAAC,MAAM;YACnC,KAAK,QAAQ;gBAAE,OAAO,CAAC,MAAM,EAAE,CAAC;gBAAC,MAAM;YACvC,KAAK,KAAK;gBAAE,OAAO,CAAC,GAAG,EAAE,CAAC;gBAAC,MAAM;YACjC,KAAK,eAAe;gBAAE,OAAO,CAAC,aAAa,EAAE,CAAC;gBAAC,MAAM;YACrD,KAAK,cAAc;gBAAE,OAAO,CAAC,YAAY,EAAE,CAAC;gBAAC,MAAM;QACrD,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,MAAc;IAChD,MAAM,QAAQ,GAAc;QAC1B,GAAG,eAAe,CAAC,MAAM,CAAC;QAC1B,GAAG,oBAAoB,CAAC,MAAM,CAAC;QAC/B,GAAG,aAAa,CAAC,MAAM,CAAC;QACxB,GAAG,iBAAiB,CAAC,MAAM,CAAC;QAC5B,GAAG,mBAAmB,CAAC,MAAM,CAAC;KAC/B,CAAC;IAEF,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,KAAK,CAAC,CAAC;IAElC,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,2BAA2B,CAAC,QAAgB;IAC1D,MAAM,MAAM,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC/C,OAAO,mBAAmB,CAAC,MAAM,CAAC,CAAC;AACrC,CAAC"}

package/dist/analyzer/index.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+export interface Finding {
+    severity: 'High' | 'Medium' | 'Low' | 'Informational' | 'Optimization';
+    title: string;
+    description: string;
+    location: string;
+    recommendation: string;
+}
+export interface AnalysisSummary {
+    high: number;
+    medium: number;
+    low: number;
+    informational: number;
+    optimization: number;
+    total: number;
+}
+export interface AnalysisResult {
+    findings: Finding[];
+    summary: AnalysisSummary;
+    passed: boolean;
+}
+export declare function analyzeContract(filePath: string): Promise<AnalysisResult>;
+export declare function isSlitherAvailable(): boolean;
+export declare function getSlitherInstallInstructions(): string;
+//# sourceMappingURL=index.d.ts.map

package/dist/analyzer/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/analyzer/index.ts"],"names":[],"mappings":"AAKA,MAAM,WAAW,OAAO;IACtB,QAAQ,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,eAAe,GAAG,cAAc,CAAC;IACvE,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,OAAO,EAAE,eAAe,CAAC;IACzB,MAAM,EAAE,OAAO,CAAC;CACjB;AAyBD,wBAAsB,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CA4B/E;AAED,wBAAgB,kBAAkB,IAAI,OAAO,CAE5C;AAED,wBAAgB,6BAA6B,IAAI,MAAM,CAWtD"}

package/dist/analyzer/index.js ADDED Viewed

@@ -0,0 +1,73 @@
+import { existsSync, readFileSync } from 'node:fs';
+import { isSlitherInstalled, runSlither, mapSlitherResults } from './slither.js';
+import { runFallbackAnalysis } from './fallback.js';
+function buildSummary(findings) {
+    const summary = {
+        high: 0,
+        medium: 0,
+        low: 0,
+        informational: 0,
+        optimization: 0,
+        total: findings.length,
+    };
+    for (const finding of findings) {
+        switch (finding.severity) {
+            case 'High':
+                summary.high++;
+                break;
+            case 'Medium':
+                summary.medium++;
+                break;
+            case 'Low':
+                summary.low++;
+                break;
+            case 'Informational':
+                summary.informational++;
+                break;
+            case 'Optimization':
+                summary.optimization++;
+                break;
+        }
+    }
+    return summary;
+}
+export async function analyzeContract(filePath) {
+    if (!existsSync(filePath)) {
+        throw new Error(`Contract file not found: ${filePath}`);
+    }
+    if (isSlitherAvailable()) {
+        const output = runSlither(filePath);
+        const findings = mapSlitherResults(output);
+        const summary = buildSummary(findings);
+        const passed = summary.high === 0;
+        return { findings, summary, passed };
+    }
+    const source = readFileSync(filePath, 'utf-8');
+    const result = runFallbackAnalysis(source);
+    result.findings.unshift({
+        severity: 'Informational',
+        title: '[Basic Check] Slither Not Installed',
+        description: 'Slither is not installed. Only basic regex-based checks were performed. Install Slither for comprehensive analysis.',
+        location: 'N/A',
+        recommendation: getSlitherInstallInstructions(),
+    });
+    result.summary.informational++;
+    result.summary.total++;
+    return result;
+}
+export function isSlitherAvailable() {
+    return isSlitherInstalled();
+}
+export function getSlitherInstallInstructions() {
+    return [
+        'Install Slither for comprehensive smart contract analysis:',
+        '  pip3 install slither-analyzer',
+        '',
+        'Or with pipx:',
+        '  pipx install slither-analyzer',
+        '',
+        'Requires Python 3.8+ and solc (Solidity compiler).',
+        'More info: https://github.com/crytic/slither',
+    ].join('\n');
+}
+//# sourceMappingURL=index.js.map

package/dist/analyzer/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/analyzer/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,kBAAkB,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AACjF,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AA0BpD,SAAS,YAAY,CAAC,QAAmB;IACvC,MAAM,OAAO,GAAoB;QAC/B,IAAI,EAAE,CAAC;QACP,MAAM,EAAE,CAAC;QACT,GAAG,EAAE,CAAC;QACN,aAAa,EAAE,CAAC;QAChB,YAAY,EAAE,CAAC;QACf,KAAK,EAAE,QAAQ,CAAC,MAAM;KACvB,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,QAAQ,OAAO,CAAC,QAAQ,EAAE,CAAC;YACzB,KAAK,MAAM;gBAAE,OAAO,CAAC,IAAI,EAAE,CAAC;gBAAC,MAAM;YACnC,KAAK,QAAQ;gBAAE,OAAO,CAAC,MAAM,EAAE,CAAC;gBAAC,MAAM;YACvC,KAAK,KAAK;gBAAE,OAAO,CAAC,GAAG,EAAE,CAAC;gBAAC,MAAM;YACjC,KAAK,eAAe;gBAAE,OAAO,CAAC,aAAa,EAAE,CAAC;gBAAC,MAAM;YACrD,KAAK,cAAc;gBAAE,OAAO,CAAC,YAAY,EAAE,CAAC;gBAAC,MAAM;QACrD,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,QAAgB;IACpD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,4BAA4B,QAAQ,EAAE,CAAC,CAAC;IAC1D,CAAC;IAED,IAAI,kBAAkB,EAAE,EAAE,CAAC;QACzB,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;QACpC,MAAM,QAAQ,GAAc,iBAAiB,CAAC,MAAM,CAAC,CAAC;QACtD,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;QACvC,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,KAAK,CAAC,CAAC;QAClC,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;IACvC,CAAC;IAED,MAAM,MAAM,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC/C,MAAM,MAAM,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;IAE3C,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC;QACtB,QAAQ,EAAE,eAAe;QACzB,KAAK,EAAE,qCAAqC;QAC5C,WAAW,EAAE,qHAAqH;QAClI,QAAQ,EAAE,KAAK;QACf,cAAc,EAAE,6BAA6B,EAAE;KAChD,CAAC,CAAC;IAEH,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;IAC/B,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;IAEvB,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,kBAAkB;IAChC,OAAO,kBAAkB,EAAE,CAAC;AAC9B,CAAC;AAED,MAAM,UAAU,6BAA6B;IAC3C,OAAO;QACL,4DAA4D;QAC5D,iCAAiC;QACjC,EAAE;QACF,eAAe;QACf,iCAAiC;QACjC,EAAE;QACF,oDAAoD;QACpD,8CAA8C;KAC/C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC"}

package/dist/analyzer/slither.d.ts ADDED Viewed

@@ -0,0 +1,36 @@
+export interface SlitherDetector {
+    check: string;
+    impact: string;
+    confidence: string;
+    description: string;
+    elements: SlitherElement[];
+    first_markdown_element: string;
+}
+export interface SlitherElement {
+    type: string;
+    name: string;
+    source_mapping: {
+        filename_relative: string;
+        lines: number[];
+        starting_column: number;
+        ending_column: number;
+    };
+}
+export interface SlitherOutput {
+    success: boolean;
+    error: string | null;
+    results: {
+        detectors: SlitherDetector[];
+    } | null;
+}
+export interface Finding {
+    severity: 'High' | 'Medium' | 'Low' | 'Informational' | 'Optimization';
+    title: string;
+    description: string;
+    location: string;
+    recommendation: string;
+}
+export declare function isSlitherInstalled(): boolean;
+export declare function runSlither(filePath: string): SlitherOutput;
+export declare function mapSlitherResults(output: SlitherOutput): Finding[];
+//# sourceMappingURL=slither.d.ts.map

package/dist/analyzer/slither.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"slither.d.ts","sourceRoot":"","sources":["../../src/analyzer/slither.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,cAAc,EAAE,CAAC;IAC3B,sBAAsB,EAAE,MAAM,CAAC;CAChC;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,cAAc,EAAE;QACd,iBAAiB,EAAE,MAAM,CAAC;QAC1B,KAAK,EAAE,MAAM,EAAE,CAAC;QAChB,eAAe,EAAE,MAAM,CAAC;QACxB,aAAa,EAAE,MAAM,CAAC;KACvB,CAAC;CACH;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,OAAO,EAAE;QACP,SAAS,EAAE,eAAe,EAAE,CAAC;KAC9B,GAAG,IAAI,CAAC;CACV;AAED,MAAM,WAAW,OAAO;IACtB,QAAQ,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,eAAe,GAAG,cAAc,CAAC;IACvE,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;CACxB;AAcD,wBAAgB,kBAAkB,IAAI,OAAO,CAQ5C;AAED,wBAAgB,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,aAAa,CA6B1D;AAED,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,aAAa,GAAG,OAAO,EAAE,CAkBlE"}

package/dist/analyzer/slither.js ADDED Viewed

@@ -0,0 +1,92 @@
+import { execSync } from 'node:child_process';
+import { platform } from 'node:os';
+const IMPACT_MAP = {
+    High: 'High',
+    Medium: 'Medium',
+    Low: 'Low',
+    Informational: 'Informational',
+    Optimization: 'Optimization',
+};
+function mapImpact(impact) {
+    return IMPACT_MAP[impact] ?? 'Informational';
+}
+export function isSlitherInstalled() {
+    try {
+        const cmd = platform() === 'win32' ? 'where slither' : 'which slither';
+        execSync(cmd, { stdio: 'pipe' });
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+export function runSlither(filePath) {
+    try {
+        const stdout = execSync(`slither ${filePath} --json -`, {
+            encoding: 'utf-8',
+            stdio: ['pipe', 'pipe', 'pipe'],
+            timeout: 120_000,
+        });
+        const parsed = JSON.parse(stdout);
+        return parsed;
+    }
+    catch (err) {
+        if (err && typeof err === 'object' && 'stdout' in err) {
+            const stdout = err.stdout;
+            if (stdout && typeof stdout === 'string') {
+                try {
+                    const parsed = JSON.parse(stdout);
+                    return parsed;
+                }
+                catch {
+                    // JSON parse failed, fall through
+                }
+            }
+        }
+        return {
+            success: false,
+            error: err instanceof Error ? err.message : String(err),
+            results: null,
+        };
+    }
+}
+export function mapSlitherResults(output) {
+    if (!output.results?.detectors) {
+        return [];
+    }
+    return output.results.detectors.map((detector) => {
+        const location = detector.elements.length > 0
+            ? formatLocation(detector.elements[0])
+            : 'Unknown';
+        return {
+            severity: mapImpact(detector.impact),
+            title: detector.check,
+            description: detector.description,
+            location,
+            recommendation: getRecommendation(detector.check),
+        };
+    });
+}
+function formatLocation(element) {
+    const file = element.source_mapping.filename_relative;
+    const lines = element.source_mapping.lines;
+    if (lines.length > 0) {
+        return `${file}#L${lines[0]}`;
+    }
+    return file;
+}
+function getRecommendation(check) {
+    const recommendations = {
+        'reentrancy-eth': 'Use the checks-effects-interactions pattern or a reentrancy guard.',
+        'reentrancy-no-eth': 'Use the checks-effects-interactions pattern or a reentrancy guard.',
+        'unchecked-lowlevel': 'Check the return value of low-level calls.',
+        'unchecked-send': 'Check the return value of send().',
+        'tx-origin': 'Use msg.sender instead of tx.origin for authorization.',
+        'suicidal': 'Remove or protect selfdestruct with access control.',
+        'arbitrary-send': 'Restrict who can call functions that send Ether.',
+        'locked-ether': 'Add a withdrawal function for locked Ether.',
+        'solc-version': 'Use a fixed Solidity version pragma.',
+    };
+    return recommendations[check] ?? 'Review and address this finding.';
+}
+//# sourceMappingURL=slither.js.map

package/dist/analyzer/slither.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"slither.js","sourceRoot":"","sources":["../../src/analyzer/slither.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAsCnC,MAAM,UAAU,GAAwC;IACtD,IAAI,EAAE,MAAM;IACZ,MAAM,EAAE,QAAQ;IAChB,GAAG,EAAE,KAAK;IACV,aAAa,EAAE,eAAe;IAC9B,YAAY,EAAE,cAAc;CAC7B,CAAC;AAEF,SAAS,SAAS,CAAC,MAAc;IAC/B,OAAO,UAAU,CAAC,MAAM,CAAC,IAAI,eAAe,CAAC;AAC/C,CAAC;AAED,MAAM,UAAU,kBAAkB;IAChC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,QAAQ,EAAE,KAAK,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC;QACvE,QAAQ,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACjC,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,QAAgB;IACzC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,QAAQ,CAAC,WAAW,QAAQ,WAAW,EAAE;YACtD,QAAQ,EAAE,OAAO;YACjB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;YAC/B,OAAO,EAAE,OAAO;SACjB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAkB,CAAC;QACnD,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,QAAQ,IAAI,GAAG,EAAE,CAAC;YACtD,MAAM,MAAM,GAAI,GAA0B,CAAC,MAAM,CAAC;YAClD,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;gBACzC,IAAI,CAAC;oBACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAkB,CAAC;oBACnD,OAAO,MAAM,CAAC;gBAChB,CAAC;gBAAC,MAAM,CAAC;oBACP,kCAAkC;gBACpC,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;YACvD,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,MAAqB;IACrD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,SAAS,EAAE,CAAC;QAC/B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,OAAO,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAW,EAAE;QACxD,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC;YAC3C,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YACtC,CAAC,CAAC,SAAS,CAAC;QAEd,OAAO;YACL,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;YACpC,KAAK,EAAE,QAAQ,CAAC,KAAK;YACrB,WAAW,EAAE,QAAQ,CAAC,WAAW;YACjC,QAAQ;YACR,cAAc,EAAE,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC;SAClD,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,cAAc,CAAC,OAAuB;IAC7C,MAAM,IAAI,GAAG,OAAO,CAAC,cAAc,CAAC,iBAAiB,CAAC;IACtD,MAAM,KAAK,GAAG,OAAO,CAAC,cAAc,CAAC,KAAK,CAAC;IAC3C,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,OAAO,GAAG,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;IAChC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAa;IACtC,MAAM,eAAe,GAA2B;QAC9C,gBAAgB,EAAE,oEAAoE;QACtF,mBAAmB,EAAE,oEAAoE;QACzF,oBAAoB,EAAE,4CAA4C;QAClE,gBAAgB,EAAE,mCAAmC;QACrD,WAAW,EAAE,wDAAwD;QACrE,UAAU,EAAE,qDAAqD;QACjE,gBAAgB,EAAE,kDAAkD;QACpE,cAAc,EAAE,6CAA6C;QAC7D,cAAc,EAAE,sCAAsC;KACvD,CAAC;IAEF,OAAO,eAAe,CAAC,KAAK,CAAC,IAAI,kCAAkC,CAAC;AACtE,CAAC"}

package/dist/cli/commands/analyze.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import type { Finding } from '../../analyzer/index.js';
+export interface AnalyzeCommandResult {
+    passed: boolean;
+    findings: Finding[];
+}
+export declare function analyzeCommand(file: string): Promise<AnalyzeCommandResult>;
+//# sourceMappingURL=analyze.d.ts.map

package/dist/cli/commands/analyze.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"analyze.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/analyze.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAUvD,MAAM,WAAW,oBAAoB;IACnC,MAAM,EAAE,OAAO,CAAC;IAChB,QAAQ,EAAE,OAAO,EAAE,CAAC;CACrB;AAED,wBAAsB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAgEhF"}