js-confuser-vm 0.0.9 → 0.1.1

package/.gitmodules

@@ -0,0 +1,4 @@
+[submodule "test262"]
+	path = test262
+	url = https://github.com/tc39/test262
+	branch = es5-tests

package/CHANGELOG.md

@@ -1,4 +1,127 @@
-## `0.0.7` Micro Opcodes
+# Planned:
+
+- - Planned: Shuffle the order of constructor and method parameters
+- - Planned: Alias variables, and other function related obfuscations
+
+## `0.1.1` Control Flow Flattening, String Concealing, and more
+
+- Added new option `controlFlowFlattening` which flattens the control flow of your program into a convoluted state machine
+- Added new option `stringConcealing` which involves encoding strings to conceal plain-text values.
+
+- Added new API method `JSConfuserVM.disassemble(sourceCode)` which returns a partial JS representation
+- - This only works if the parameter `sourceCode` contains the original bytecode comment
+- - This shouldn't be used with any options enabled, as the disassembler only supports default patterns
+
+- Added new option `classObfuscation` which obfuscates the VM runtime classes:
+- - Shuffles the order of declarations and methods
+
+- Added new option `verbose` which `console.log`'s useful info for debugging purposes.
+
+- Removed option `microOpcodes` - this option introduced scratch registers which left runtime values exposed, and were easily traceable by deobfuscators. The cons outweighed the pros and since it conflicts with the other obfuscations already present, it was removed.
+
+- Added support for rest parameters (ES6 feature)
+
+## `0.1.0` Dispatcher, Virtual Registers, and more
+
+- Added new option `dispatcher` which creates a middleman block to process jumps.
+
+```js
+// Input Code
+if (true) {
+  console.log("Hello world!");
+}
+
+// Before
+// fn_0_0:
+// [0, 0, 0, 0],        LOAD_CONST  reg[0] = true                         1:4-1:8
+// [40, 0, 29],         JUMP_IF_FALSE  [0, if_else_1]                     1:0-3:1
+// [2, 0, 1, 0],        LOAD_GLOBAL  reg[0] = console                     2:2-2:9
+// [0, 1, 2, 0],        LOAD_CONST  reg[1] = "log"                        2:2-2:29
+// [8, 2, 0, 1],        GET_PROP  reg[2] = reg[0][reg[1]]                 2:2-2:29
+// [0, 1, 3, 0],        LOAD_CONST  reg[1] = "Hello world!"               2:14-2:28
+// [43, 3, 0, 2, 1, 1], CALL_METHOD  reg[3] = reg[2](recv=reg[0], 1 args) 2:2-2:29
+// if_else_1:
+// [0, 0, 4, 0],        LOAD_CONST  reg[0] = undefined                    
+// [45, 0],             RETURN  reg[0]              
+
+// What this looks like decompiled:
+// fn_0_0:
+r0 = true
+if (!r0) goto if_else_1
+  r0 = console
+  r1 = "log"
+  r2 = r0[r1]          // console.log
+  r1 = "Hello world!"
+  r3 = r2.call(r0, r1) // console.log("Hello world!")
+// if_else_1:
+  r0 = undefined
+  return r0            
+
+// After
+// fn_0_0:
+// [47, 2, 57, 2, 5, 0], MAKE_CLOSURE  reg[2] PC=fn_2_3 (params=2 regs=5 upvalues=0)
+// [0, 3, 0, 0],        LOAD_CONST  reg[3] = true                         1:4-1:8
+// [41, 3, 21],         JUMP_IF_TRUE  [3, if_else_1_skip_5]               
+// [1, 0, 43020],       LOAD_INT  reg[0] = if_else_1                      
+// [1, 1, 40151],       LOAD_INT  reg[1] = 40151                          
+// [39, 49],            JUMP  dispatcher_4                                
+// if_else_1_skip_5:
+// [2, 3, 1, 0],        LOAD_GLOBAL  reg[3] = console                     2:2-2:9
+// [0, 4, 2, 0],        LOAD_CONST  reg[4] = "log"                        2:2-2:29
+// [8, 5, 3, 4],        GET_PROP  reg[5] = reg[3][reg[4]]                 2:2-2:29
+// [0, 4, 3, 0],        LOAD_CONST  reg[4] = "Hello world!"               2:14-2:28
+// [43, 6, 3, 5, 1, 4], CALL_METHOD  reg[6] = reg[5](recv=reg[3], 1 args) 2:2-2:29
+// if_else_1:
+// [0, 3, 4, 0],        LOAD_CONST  reg[3] = undefined                    
+// [45, 3],             RETURN  reg[3]                                    
+// dispatcher_4:
+// [42, 0, 2, 2, 0, 1], CALL  reg[0] = reg[2](reg[0], reg[1])             
+// [58, 0],             JUMP_REG  PC = reg[0]                             
+// fn_2_3:              
+// [18, 2, 0, 1],       BXOR  [2, 0, 1]              
+// [0, 3, 5, 0],        LOAD_CONST  reg[3] = 52048                        
+// [11, 4, 2, 3],       ADD  [4, 2, 3]                                    
+// [0, 2, 6, 0],        LOAD_CONST  reg[2] = 65535                        
+// [16, 3, 4, 2],       BAND  [3, 4, 2]                                   
+// [45, 3],             RETURN  reg[3]                                    
+
+// What this looks like decompiled:
+// fn_0_0:
+r2 = MakeClosure(fn_2_3, params=2)
+r3 = true
+if (r3) goto if_else_1_skip
+  r0 = 43020
+  r1 = 40151
+  goto dispatcher
+// if_else_1_skip:
+  r3 = console
+  r4 = "log"
+  r5 = r3[r4]          // console.log
+  r4 = "Hello world!"
+  r6 = r5.call(r3, r4) // console.log("Hello world!")
+// if_else_1:
+  r3 = undefined
+  return r3
+
+// dispatcher:
+  r0 = r2(r0, r1)      // decode(encodedPC, siteKey)
+  goto *r0             // indirect jump
+
+// fn_2_3:
+function decode(x, k) {
+  return ((x ^ k) + 52048) & 65535; 
+}
+```
+
+- Improved registers:
+- - Now flattened into a single array with base/stack pointer mechanics
+- - Improved compiler to support virtual registers, allowing passes to introduce scope-specific registers, with a final pass responsible for allocation and freeing 
+
+- Added a template system to insert synthetic JavaScript as native bytecode, similar to [JS-Confuser's template system](https://github.com/MichaelXF/js-confuser/blob/b6ef304f77b7fc27cb9cc8d7d841e50a4200d7bc/docs/Template.md)
+
+
+
+## `0.0.9` Micro Opcodes
 
 - Added new option `microOpcodes` which breaks opcodes into multiple sub-opcodes.
 
@@ -34,7 +157,7 @@ case OP.LOAD_CONST:
 // [59, 2, 0],          MICRO_LOAD_CONST_1  [2, 0]                        
 // [43, 5, 1, 3, 1, 4], CALL_METHOD  reg[5] = reg[3](recv=reg[1], 1 args) 1:0-1:27
 
-// What the opcodes "MICRO_LOAD_CONST_0" (58) and "MICRO_LOAD_CONST_1" (59) looks like:
+// What the opcodes "MICRO_LOAD_CONST_0" (58) and "MICRO_LOAD_CONST_1" (59) look like:
 case 58:
     // MICRO_LOAD_CONST_0
     this._internals[0] = this._operand();

package/README.md

@@ -1,12 +1,12 @@
 # JS Confuser VM
 
-  [![NPM](https://img.shields.io/badge/NPM-%23000000.svg?style=for-the-badge&logo=npm&logoColor=white)](https://npmjs.com/package/js-confuser-vm) [![GitHub](https://img.shields.io/badge/github-%23121011.svg?style=for-the-badge&logo=github&logoColor=white)](https://github.com/MichaelXF/js-confuser-vm) [![Netlify](https://img.shields.io/badge/netlify-%23000000.svg?style=for-the-badge&logo=netlify&logoColor=#00C7B7)](https://development--confuser.netlify.app/vm)
+  [![NPM](https://img.shields.io/badge/NPM-%23000000.svg?style=for-the-badge&logo=npm&logoColor=white)](https://npmjs.com/package/js-confuser-vm) [![GitHub](https://img.shields.io/badge/github-%23121011.svg?style=for-the-badge&logo=github&logoColor=white)](https://github.com/MichaelXF/js-confuser-vm) [![Netlify](https://img.shields.io/badge/netlify-%23000000.svg?style=for-the-badge&logo=netlify&logoColor=#00C7B7)](https://js-confuser.com/vm)
 
 
 - **Requires Node v24.13.1 or higher**
 - ES5 support only. No complex features: async, generator, and even try..finally aren't supported.
 - Experimental. Expect issues.
-- [Try the web version.](https://development--confuser.netlify.app/vm)
+- [Try the web version.](https://js-confuser.com/vm)
 
 ### Installation
 
@@ -39,12 +39,13 @@ JsConfuserVM.obfuscate(`
   shuffleOpcodes: true, // shuffle order of opcode handlers in the runtime?
   encodeBytecode: true, // encode the bytecode array?
   concealConstants: true, // conceal strings and integers in the constant pool?
+  dispatcher: true, // create middleman blocks to process jumps?
   selfModifying: true, // do self-modifying bytecode for function bodies?
   macroOpcodes: true, // create combined opcodes for repeated instruction sequences?
-  microOpcodes: true, // break opcodes into sub-opcodes?
   specializedOpcodes: true, // create specialized opcodes for commonly used opcode+operand pairs?
   aliasedOpcodes: true, // create duplicate opcodes for commonly used opcodes?
   timingChecks: true, // add timing checks to detect debuggers?
+  classObfuscation: true, // obfuscate the VM runtime classes?
   minify: true // pass final output through Google Closure Compiler? (Renames VM class properties)
 }).then(result => {
   console.log(result.code)
@@ -115,6 +116,7 @@ A(new p(function(a){a=typeof Buffer!=="undefined"?Buffer.from(a,"base64"):Uint8A
 - [x] getter/setters
 - [x] debugger;
 - [x] template literals (**ES6**)
+- [x] rest parameters (**ES6**)
 
 ### Missing
 
@@ -131,13 +133,13 @@ A(new p(function(a){a=typeof Buffer!=="undefined"?Buffer.from(a,"base64"):Uint8A
 - [ ] dead handlers
 - [ ] dead bytecode insertion
 - [x] macro opcodes (Combine multiple opcodes into a "macro opcode")
-- [x] micro opcodes (Break opcodes into sub-opcodes)
 - [x] specialized opcodes (Create specific opcodes for opcode+operand pairs)
 - [x] aliased opcodes (Create duplicate opcodes, including variants with shuffled operand order)
 - [x] encoded bytecode array
 - [x] self-modifying bytecode
 - [x] timing checks
 - [ ] low-level bytecode obfuscations
+- [x] dispatcher (Encoded jumps)
 - [ ] stack protection
 - [ ] control flow integrity
 
@@ -179,6 +181,123 @@ var CONSTANTS = [/* 0 */"console", /* 1 */"log", /* 2 */"Hello world!", /* 3 */u
 var CONSTANTS = [/* 0 */"DaQApB6kAqQdpB+kEaQ=", /* 1 */"TCFOIUUh", /* 2 */"kKK8orait6Kzov2iqaKwopKijaKGosKi", /* 3 */undefined];
 ```
 
+#### `controlFlowFlattening` (true/false)
+
+Flattens the control flow of your program into a convoluted state machine.
+
+```js
+// Input Code
+var message;
+if (true) {
+  message = "Hello World";
+}
+
+// Before
+// fn_0_0:
+  r0 = undefined
+  r1 = true
+  if (!r1) goto: if_else_1
+  r1 = "Hello World"
+  r0 = r1
+// if_else_1:
+  r1 = undefined
+  return r1
+
+// After
+// fn_0_0:
+  r1 = 969
+  r2 = r1
+// while_top_5:
+  r3 = 4439
+  r4 = r2 !== r3
+  if (!r4) goto: while_exit_6
+  r5 = 969
+  r6 = r2 === r5
+  if (!r6) goto: if_else_7
+  goto: cff_block_2
+// if_else_7:
+  r7 = 1317
+  r8 = r2 === r7
+  if (!r8) goto: if_else_8
+  goto: cff_block_3
+// if_else_8:
+  r9 = 58894
+  r10 = r2 === r9
+  if (!r10) goto: if_else_9
+  goto: if_else_1
+// if_else_9:
+  goto: while_top_5
+// while_exit_6:
+// cff_block_3:
+  r11 = "Hello World"
+  r0 = r11
+  r2 = 58894
+  goto: while_top_5
+// if_else_1:
+  r11 = undefined
+  return r11
+// cff_block_2:
+  r0 = undefined
+  r11 = true
+  if (r11) goto: cff_skip_10
+  r2 = 58894
+  goto: while_top_5
+// cff_skip_10:
+  r2 = 1317
+  goto: while_top_5
+```
+
+#### `dispatcher` (true/false)
+
+Creates a middleman block to process jumps.
+
+```js
+// Input Code
+if (true) {
+  console.log("Hello world!");
+}
+
+// Before
+// fn_0_0:
+r0 = true
+if (!r0) goto if_else_1
+  r0 = console
+  r1 = "log"
+  r2 = r0[r1]          // console.log
+  r1 = "Hello world!"
+  r3 = r2.call(r0, r1) // console.log("Hello world!")
+// if_else_1:
+  r0 = undefined
+  return r0            
+
+// After
+// fn_0_0:
+r2 = MakeClosure(fn_2_3, params=2)
+r3 = true
+if (r3) goto if_else_1_skip
+  r0 = 43020
+  r1 = 40151
+  goto dispatcher
+// if_else_1_skip:
+  r3 = console
+  r4 = "log"
+  r5 = r3[r4]          // console.log
+  r4 = "Hello world!"
+  r6 = r5.call(r3, r4) // console.log("Hello world!")
+// if_else_1:
+  r3 = undefined
+  return r3
+
+// dispatcher:
+  r0 = r2(r0, r1)      // decode(encodedPC, siteKey)
+  goto *r0             // indirect jump
+
+// fn_2_3:
+function decode(x, k) {
+  return ((x ^ k) + 52048) & 65535; 
+}
+```
+
 #### `macroOpcodes` (true/false)
 
 Combines multiple opcodes commonly used from your bytecode.
@@ -246,53 +365,6 @@ case 5074:
   break;
 ```
 
-#### `microOpcodes` (true/false)
-
-Breaks opcodes into mulitple sub-opcodes.
-
-```js
-// Input Code
-console.log("Hello world!");
-
-// Before
-// [2, 1, 0, 0],        LOAD_GLOBAL  reg[1] = console                     1:0-1:7
-// [0, 2, 1, 0],        LOAD_CONST  reg[2] = "log"                        1:0-1:27
-// [8, 3, 1, 2],        GET_PROP  reg[3] = reg[1][reg[2]]                 1:0-1:27
-// [0, 4, 2, 0],        LOAD_CONST  reg[4] = "Hello world!"               1:12-1:26
-// [43, 5, 1, 3, 1, 4], CALL_METHOD  reg[5] = reg[3](recv=reg[1], 1 args) 1:0-1:27
-
-// What the opcode "LOAD_CONST" looks like:
-case OP.LOAD_CONST:
-    var dst = this._operand();
-    frame.regs[dst] = this._constant();
-    break;
-
-// After
-// [60, 1],             MICRO_LOAD_GLOBAL_0  1                            1:0-1:7
-// [61, 0, 0],          MICRO_LOAD_GLOBAL_1  [0, 0]                       
-// [62],                MICRO_LOAD_GLOBAL_2                               
-// [63],                MICRO_LOAD_GLOBAL_3                               
-// [58, 2],             MICRO_LOAD_CONST_0  2                             1:0-1:27
-// [59, 1, 0],          MICRO_LOAD_CONST_1  [1, 0]                        
-// [64, 3],             MICRO_GET_PROP_0  3                               1:0-1:27
-// [65, 1],             MICRO_GET_PROP_1  1                               
-// [66, 2],             MICRO_GET_PROP_2  2                               
-// [67],                MICRO_GET_PROP_3                                  
-// [58, 4],             MICRO_LOAD_CONST_0  4                             1:12-1:26
-// [59, 2, 0],          MICRO_LOAD_CONST_1  [2, 0]                        
-// [43, 5, 1, 3, 1, 4], CALL_METHOD  reg[5] = reg[3](recv=reg[1], 1 args) 1:0-1:27
-
-// What the opcodes "MICRO_LOAD_CONST_0" (58) and "MICRO_LOAD_CONST_1" (59) looks like:
-case 58:
-    // MICRO_LOAD_CONST_0
-    this._internals[0] = this._operand();
-    break;
-case 59:
-    // MICRO_LOAD_CONST_1
-    frame.regs[this._internals[0]] = this._constant();
-    break;
-```
-
 #### `specializedOpcodes` (true/false)
 
 Creates specialized opcodes for commonly used opcode+operand pairs.
@@ -425,6 +497,9 @@ console.log("Hello, world!");
 
 Detects the use of debuggers by checking for >1second pauses. May break code with slow sync tasks.
 
+### `classObfuscation` (true/false)
+
+Obfuscates the VM runtime classes by shuffling the order of declarations and methods.
 
 #### `minify` (true/false)
 
@@ -502,8 +577,8 @@ main().catch(console.error);
 
 ### WIP
 
-- 178 tests, 91.18% coverage
-- [Test262 (es5-tests)](https://github.com/tc39/test262/tree/es5-tests) percentage: 66.67%
+- 202 tests, 91.18% coverage
+- [Test262 (es5-tests)](https://github.com/tc39/test262/tree/es5-tests) percentage: 78.58%
 
 ### Made with AI
 

package/bench.ts

@@ -0,0 +1,146 @@
+import vm from "vm";
+import fs from "fs";
+import path from "path";
+
+const args = process.argv.slice(2);
+if (args.length === 0) {
+  console.log("Usage: node bench.js <file> [baseFile]");
+  console.log("  node bench.js output.js          - benchmark a single file");
+  console.log(
+    "  node bench.js output.js base.js   - compare output.js against base.js",
+  );
+  process.exit(1);
+}
+
+const ITERATIONS = 5_000;
+
+function getFileSize(filePath) {
+  return fs.statSync(filePath).size;
+}
+
+function formatBytes(bytes) {
+  if (bytes < 1024) return bytes + " B";
+  return (bytes / 1024).toFixed(2) + " KB";
+}
+
+function runBenchmark(filePath) {
+  const resolved = path.resolve(filePath);
+  if (!fs.existsSync(resolved)) {
+    console.error(`File not found: ${resolved}`);
+    process.exit(1);
+  }
+
+  const code = fs.readFileSync(resolved, "utf-8");
+  const script = new vm.Script(code, { filename: resolved });
+
+  // Verify the file runs successfully first
+  try {
+    const testCtx = vm.createContext({
+      window: {},
+      console,
+      process,
+      performance,
+    });
+    script.runInContext(testCtx);
+  } catch (e) {
+    console.error(`\nFile failed to execute: ${resolved}`);
+    console.error(e.message);
+    process.exit(1);
+  }
+
+  const times = [];
+
+  // Warmup
+  for (let i = 0; i < 50; i++) {
+    const ctx = vm.createContext({ window: {}, console, process, performance });
+    script.runInContext(ctx);
+  }
+
+  for (let i = 0; i < ITERATIONS; i++) {
+    const ctx = vm.createContext({ window: {}, console, process, performance });
+    const start = performance.now();
+    script.runInContext(ctx);
+    const end = performance.now();
+    times.push(end - start);
+
+    if ((i + 1) % 1000 === 0) {
+      process.stdout.write(`\r  Running... ${i + 1}/${ITERATIONS}`);
+    }
+  }
+  process.stdout.write("\r" + " ".repeat(40) + "\r");
+
+  times.sort((a, b) => a - b);
+
+  const median = times[Math.floor(times.length / 2)];
+  const q1 = times[Math.floor(times.length * 0.25)];
+  const q3 = times[Math.floor(times.length * 0.75)];
+  const min = times[0];
+  const max = times[times.length - 1];
+  const mean = times.reduce((a, b) => a + b, 0) / times.length;
+  const fileSize = getFileSize(resolved);
+
+  return { median, q1, q3, min, max, mean, fileSize, filePath: resolved };
+}
+
+function formatMs(ms) {
+  return ms.toFixed(3) + " ms";
+}
+
+function pctChange(base, compare) {
+  const pct = ((compare - base) / base) * 100;
+  const sign = pct >= 0 ? "+" : "";
+  return sign + pct.toFixed(1) + "%";
+}
+
+function printResult(label, result) {
+  console.log(`  ${label}`);
+  console.log(`  ${"=".repeat(label.length)}`);
+  console.log(`  File:       ${result.filePath}`);
+  console.log(`  File Size:  ${formatBytes(result.fileSize)}`);
+  console.log(`  Iterations: ${ITERATIONS.toLocaleString()}`);
+  console.log();
+  console.log(`  Median:     ${formatMs(result.median)}`);
+  console.log(`  Mean:       ${formatMs(result.mean)}`);
+  console.log(`  Q1:         ${formatMs(result.q1)}`);
+  console.log(`  Q3:         ${formatMs(result.q3)}`);
+  console.log(`  Min:        ${formatMs(result.min)}`);
+  console.log(`  Max:        ${formatMs(result.max)}`);
+  console.log(`  IQR:        ${formatMs(result.q3 - result.q1)}`);
+}
+
+function printComparison(base, compare) {
+  console.log("  Comparison (vs Base)");
+  console.log("  " + "=".repeat(21));
+  console.log(`  Median:     ${pctChange(base.median, compare.median)}`);
+  console.log(`  Mean:       ${pctChange(base.mean, compare.mean)}`);
+  console.log(`  Q1:         ${pctChange(base.q1, compare.q1)}`);
+  console.log(`  Q3:         ${pctChange(base.q3, compare.q3)}`);
+  console.log(`  File Size:  ${pctChange(base.fileSize, compare.fileSize)}`);
+}
+
+console.log();
+console.log("  JS-Confuser VM Benchmark");
+console.log("  " + "-".repeat(26));
+console.log();
+
+if (args.length === 1) {
+  const result = runBenchmark(args[0]);
+  printResult(path.basename(args[0]), result);
+  console.log();
+} else {
+  const baseFile = args[1];
+  const compareFile = args[0];
+
+  console.log(`  Benchmarking base: ${path.basename(baseFile)}`);
+  const baseResult = runBenchmark(baseFile);
+  console.log(`  Benchmarking compare: ${path.basename(compareFile)}`);
+  const compareResult = runBenchmark(compareFile);
+
+  console.log();
+  printResult("Base: " + path.basename(baseFile), baseResult);
+  console.log();
+  printResult("Compare: " + path.basename(compareFile), compareResult);
+  console.log();
+  printComparison(baseResult, compareResult);
+  console.log();
+}

package/disassemble.ts

@@ -0,0 +1,12 @@
+import { readFile, writeFile } from "node:fs/promises";
+import JsConfuserVM from "./src/index.ts";
+
+const fileContents = await readFile(process.argv[2], "utf-8");
+
+const outputFile =
+  process.argv[3] || process.argv[2].replace(/\.js$/, ".disassembled.js");
+
+const output = await JsConfuserVM.disassemble(fileContents);
+console.log(output);
+
+await writeFile(outputFile, output, "utf-8");

package/dist/build-runtime.js

@@ -1,13 +1,14 @@
 import { generate } from "@babel/generator";
 import { parse } from "@babel/parser";
 import { applyMacroOpcodes } from "./transforms/runtime/macroOpcodes.js";
-import { applyMicroOpcodes } from "./transforms/runtime/microOpcodes.js";
-import { applyInteralVariablesToRuntime } from "./transforms/runtime/internalVariables.js";
 import { applyShuffleOpcodes } from "./transforms/runtime/shuffleOpcodes.js";
 import { applyMinify } from "./transforms/runtime/minify.js";
 import { applySpecializedOpcodes } from "./transforms/runtime/specializedOpcodes.js";
 import { applyAliasedOpcodes } from "./transforms/runtime/aliasedOpcodes.js";
-export async function obfuscateRuntime(runtime, bytecode, options, compiler, generateBytecodeComment) {
+import { applyClassObfuscation } from "./transforms/runtime/classObfuscation.js";
+import { getSwitchStatement } from "./utils/ast-utils.js";
+import { now } from "./utils/profile-utils.js";
+export async function buildRuntime(runtime, bytecode, options, compiler, generateBytecodeComment) {
   let ast;
   try {
     ast = parse(runtime, {
@@ -18,34 +19,52 @@ export async function obfuscateRuntime(runtime, bytecode, options, compiler, gen
       cause: error
     });
   }
+  const switchStatement = getSwitchStatement(ast);
+  const getHandlerCount = () => {
+    return switchStatement.cases.length;
+  };
+  const timings = {};
+  function runAndTime(pass, name) {
+    const startedAt = now();
+    compiler.log(`Running runtime pass ${name}...`);
+    pass(ast, compiler);
+    const endedAt = now();
+    const elapsedMs = endedAt - startedAt;
+    timings[name] = elapsedMs;
+    compiler.profileData.transforms[name] = {
+      fileSize: null,
+      // TODO: Add option as doing 'generate(ast).code.length' is slow
+      transformTime: elapsedMs,
+      handlerCount: getHandlerCount()
+    };
+    compiler.log(`Runtime pass ${name} completed in ${Math.floor(elapsedMs)}ms`);
+  }
 
   // Specialized opcode cases must be applied BEFORE shuffleOpcodes
   if (options.specializedOpcodes) {
-    applySpecializedOpcodes(ast, compiler);
-  }
-  if (options.microOpcodes) {
-    applyInteralVariablesToRuntime(ast, compiler);
-  }
-
-  // Micro opcode cases must be applied BEFORE shuffleOpcodes
-  if (options.microOpcodes && Object.keys(compiler.MICRO_OPS).length > 0) {
-    applyMicroOpcodes(ast, compiler);
+    runAndTime(applySpecializedOpcodes, "applySpecializedOpcodes");
   }
 
   // Macro opcode cases must be applied BEFORE shuffleOpcodes
   if (options.macroOpcodes && Object.keys(compiler.MACRO_OPS).length > 0) {
-    applyMacroOpcodes(ast, compiler);
+    runAndTime(applyMacroOpcodes, "applyMacroOpcodes");
   }
 
   // Aliased opcode cases must be applied BEFORE shuffleOpcodes
   if (options.aliasedOpcodes) {
-    applyAliasedOpcodes(ast, compiler);
+    runAndTime(applyAliasedOpcodes, "applyAliasedOpcodes");
   }
 
   // Shuffle opcode handle order
   if (options.shuffleOpcodes) {
-    applyShuffleOpcodes(ast);
+    runAndTime(applyShuffleOpcodes, "applyShuffleOpcodes");
+  }
+
+  // Shuffle top-level var declarations and prototype method definitions
+  if (options.classObfuscation) {
+    runAndTime(applyClassObfuscation, "applyClassObfuscation");
   }
+  compiler.profileData.handlerCount = getHandlerCount();
   let generated;
   try {
     generated = generate(ast).code;
@@ -61,7 +80,14 @@ export async function obfuscateRuntime(runtime, bytecode, options, compiler, gen
   // Minify code?
   if (options.minify) {
     try {
+      let startedAt = now();
+      compiler.log("Running minify...");
       generated = await applyMinify(generated);
+      let elapsedMs = now() - startedAt;
+      compiler.log(`Minify completed in ${Math.floor(elapsedMs)}ms`);
+      compiler.profileData.transforms["minify"] = {
+        transformTime: elapsedMs
+      };
     } catch (error) {
       throw new Error("VM-Runtime final minification failed", {
         cause: error