jsguardian 1.2.0

package/layers.js

@@ -0,0 +1,136 @@
+"use strict";
+// ============================================================================
+// Criptor — Layer Configuration System
+// Every protection layer is independently toggleable. Each file processed
+// gets its own unique seed derived from (globalSeed ^ fileIndex ^ fileHash),
+// so 10 files get 10 completely different obfuscations even with the same config.
+// ============================================================================
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PRESETS = exports.PRESET_LEGACY = exports.PRESET_STEALTH = exports.PRESET_MAXIMUM = exports.PRESET_BALANCED = void 0;
+exports.deriveFileSeed = deriveFileSeed;
+exports.layerOn = layerOn;
+// ── Named Presets ────────────────────────────────────────────────────────────
+// PRESET_LIGHT has been REMOVED.
+// Reason: the light preset (no CNE flattening, no callgraph poison, no canary)
+// was shown to be trivially reversible when combined with VM virtualization.
+// An automated agent fully reconstructed both virtualised functions in under
+// 15 minutes from the output. The minimum safe preset for VM use is BALANCED.
+// Use PRESET_BALANCED as the entry-level option.
+/** Balanced — all structural layers on, zero jsobf fingerprint */
+exports.PRESET_BALANCED = {
+    banner: false,
+    aiDirective: false,
+    aiHoneypots: false,
+    aiDeepDirectives: false,
+    aiContextExhaustion: false,
+    vm: true,
+    mba: true, mbaDepth: 2, mbaThreshold: 0.8,
+    opaque: true, opaqueThreshold: 0.6,
+    stringCipher: true, stringThreshold: 0.9,
+    integrityAnchors: true,
+    moduleIife: true,
+    sandboxPoison: true,
+    canary: true, canaryPoisonRate: 0.5,
+    adversarialTokens: true, adversarialTokenRate: 0.3,
+    timingOracle: true,
+    aiCallgraphPoison: true, aiCallgraphPoisonCount: 120,
+    aiSemanticPoison: true,
+    aiAntiPattern: true, aiTemporalKeys: true,
+    // CNE settings
+    cneFlatten: true, cneFlattenRate: 0.4,
+    cneDeadCode: true,
+};
+/** Maximum — every structural layer at full strength, zero jsobf fingerprint */
+exports.PRESET_MAXIMUM = {
+    banner: false,
+    aiDirective: false,
+    aiHoneypots: false,
+    aiDeepDirectives: false,
+    aiContextExhaustion: false,
+    vm: true,
+    mba: true, mbaDepth: 3, mbaThreshold: 0.9,
+    opaque: true, opaqueThreshold: 0.7,
+    stringCipher: true, stringThreshold: 0.95,
+    integrityAnchors: true,
+    moduleIife: true,
+    sandboxPoison: true,
+    canary: true, canaryPoisonRate: 0.8,
+    adversarialTokens: true, adversarialTokenRate: 0.5,
+    timingOracle: true,
+    aiCallgraphPoison: true, aiCallgraphPoisonCount: 200,
+    aiSemanticPoison: true,
+    aiAntiPattern: true, aiTemporalKeys: true,
+    // CNE settings
+    cneFlatten: true, cneFlattenRate: 0.6,
+    cneDeadCode: true,
+};
+/** Stealth — identical to maximum (alias kept for back-compat) */
+exports.PRESET_STEALTH = {
+    banner: false,
+    aiDirective: false,
+    aiHoneypots: false,
+    aiDeepDirectives: false,
+    aiContextExhaustion: false,
+    vm: true,
+    mba: true, mbaDepth: 3, mbaThreshold: 0.9,
+    opaque: true, opaqueThreshold: 0.7,
+    stringCipher: true, stringThreshold: 0.95,
+    integrityAnchors: true,
+    moduleIife: true,
+    sandboxPoison: true,
+    canary: true, canaryPoisonRate: 0.8,
+    adversarialTokens: true, adversarialTokenRate: 0.5,
+    timingOracle: true,
+    aiCallgraphPoison: true, aiCallgraphPoisonCount: 200,
+    aiSemanticPoison: true,
+    aiAntiPattern: true, aiTemporalKeys: true,
+    cneFlatten: true, cneFlattenRate: 0.6,
+    cneDeadCode: true,
+};
+/** Legacy preset — uses javascript-obfuscator (known fingerprint, kept for testing) */
+exports.PRESET_LEGACY = {
+    banner: false,
+    aiDirective: false,
+    aiHoneypots: false,
+    aiDeepDirectives: false,
+    aiContextExhaustion: false,
+    vm: true,
+    mba: true, mbaDepth: 3, mbaThreshold: 0.9,
+    opaque: true, opaqueThreshold: 0.7,
+    stringCipher: true, stringThreshold: 0.95,
+    integrityAnchors: true,
+    jsobf: true, signatureBreak: true, moduleIife: true,
+    sandboxPoison: true,
+    canary: true, canaryPoisonRate: 0.8,
+    adversarialTokens: true, adversarialTokenRate: 0.5,
+    timingOracle: true,
+    aiCallgraphPoison: true, aiCallgraphPoisonCount: 120,
+    aiSemanticPoison: true,
+    aiAntiPattern: true, aiTemporalKeys: true,
+    legacyJsobf: true,
+};
+exports.PRESETS = {
+    // "light" removed (June 2026) — proven trivially reversible
+    // "balanced" removed (June 2026) — all users get maximum protection equally
+    maximum: exports.PRESET_MAXIMUM,
+    stealth: exports.PRESET_STEALTH,
+    legacy: exports.PRESET_LEGACY, // javascript-obfuscator path (for comparison/testing)
+};
+/** Derive a per-file seed from master seed + file index + content hash */
+function deriveFileSeed(masterSeed, fileIndex, content) {
+    // FNV-1a over first 512 chars of content for speed
+    let h = 0x811c9dc5 >>> 0;
+    const sample = content.slice(0, 512);
+    for (let i = 0; i < sample.length; i++) {
+        h = Math.imul(h ^ sample.charCodeAt(i), 0x01000193) >>> 0;
+    }
+    // XOR master seed with file index and content hash
+    return (masterSeed ^ (fileIndex * 0x9e3779b9) ^ h) >>> 0;
+}
+/** Resolve a layer option with a default value */
+function layerOn(opts, key, def = true) {
+    const v = opts[key];
+    if (v === undefined)
+        return def;
+    return Boolean(v);
+}

package/opaque-pred.js

@@ -0,0 +1,32 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.falsePredicateSource = falsePredicateSource;
+// IMPORTANT: n trebuie sa ramana MIC (<= ~1023) ca produsele n*n / n*n*n din identitati
+// sa fie intregi EXACTI (sub 2^53). Cu n mare, n*n*n e float => identitatile devin
+// nesigure => predicatul "mereu fals" devine uneori adevarat => cod mort executat.
+const SOURCES = [
+    "Date.now() & 255",
+    "Date.now() & 1023",
+    "Date.now() % 251",
+    "(Date.now() >>> 8) & 511",
+    "(Date.now() & 127) + 3",
+];
+// corp(n) -> expresie mereu FALSA
+const FALSE_BODIES = [
+    (n) => `${n}*(${n}+1)%2===1`, // produs de consecutivi: par
+    (n) => `(${n}*${n}-${n})%2===1`, // n^2-n = n(n-1): par
+    (n) => `((${n}&1)*((${n}+1)&1))===1`, // n, n+1 nu pot fi ambele impare
+    (n) => `(${n}*${n}%4)===2`, // patrate mod 4 in {0,1}
+    (n) => `((${n}|1)&1)===0`, // (impar|1) e impar
+    (n) => `(${n}*${n}*${n}-${n})%6!==0`, // n^3-n divizibil cu 6
+];
+function pick(arr, rng) {
+    return arr[Math.floor(rng.next() * arr.length)];
+}
+// Expresie sursa mereu-falsa, cu n evaluat o singura data printr-un IIFE.
+function falsePredicateSource(rng) {
+    const src = pick(SOURCES, rng);
+    const body = pick(FALSE_BODIES, rng);
+    const v = "_n" + ((rng.int32() >>> 0).toString(36));
+    return `(function () { var ${v} = ${src}; return ${body(v)}; })()`;
+}

package/package.json

@@ -0,0 +1,32 @@
+{
+  "name": "jsguardian",
+  "version": "1.2.0",
+  "description": "JSGuardian CLI — military-grade JavaScript obfuscation from the command line",
+  "main": "index.js",
+  "bin": {
+    "jsguardian": "./index.js"
+  },
+  "files": [
+    "*.js"
+  ],
+  "keywords": ["javascript", "obfuscator", "obfuscation", "protection", "cli", "jsguardian"],
+  "author": "JSGuardian <hello@jsguardian.com>",
+  "license": "MIT",
+  "homepage": "https://jsguardian.com",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/LCBO/criptor"
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "dependencies": {
+    "@babel/core": "^7.25.0",
+    "@babel/generator": "^7.25.0",
+    "@babel/parser": "^7.25.0",
+    "@babel/traverse": "^7.25.0",
+    "@babel/types": "^7.25.0",
+    "javascript-obfuscator": "^4.1.1",
+    "jsonwebtoken": "^9.0.3"
+  }
+}

package/pipeline.js

@@ -0,0 +1,327 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isAlreadyProtected = isAlreadyProtected;
+exports.obfuscateCode = obfuscateCode;
+exports.obfuscateBatch = obfuscateBatch;
+const parser_1 = require("@babel/parser");
+const traverse_1 = __importDefault(require("@babel/traverse"));
+const generator_1 = __importDefault(require("@babel/generator"));
+const t = __importStar(require("@babel/types"));
+const javascript_obfuscator_1 = __importDefault(require("javascript-obfuscator"));
+const prng_1 = require("./prng");
+const transforms_1 = require("./transforms");
+const transform_vm_1 = require("./transform-vm");
+const ai_confusion_1 = require("./ai-confusion");
+const signature_break_1 = require("./signature-break");
+const integrity_1 = require("./integrity");
+const cne_1 = require("./cne");
+const jsobf_config_1 = require("./jsobf-config");
+const vm_poison_1 = require("./vm-poison");
+const ai_callgraph_poison_1 = require("./ai-callgraph-poison");
+const ai_semantic_poison_1 = require("./ai-semantic-poison");
+const ai_antipattern_1 = require("./ai-antipattern");
+const temporal_keys_1 = require("./temporal-keys");
+const canary_1 = require("./canary");
+const adversarial_tokens_1 = require("./adversarial-tokens");
+const timing_oracle_1 = require("./timing-oracle");
+const layers_1 = require("./layers");
+// interop ESM/CJS pentru exporturile default ale lui babel
+const traverse = traverse_1.default.default || traverse_1.default;
+const generate = generator_1.default.default || generator_1.default;
+// ── Double-protection detection ──────────────────────────────────────────────
+// wrapInModuleIife (Layer 6b, on in every real preset) emits these two exact
+// substrings verbatim — they survive to the final output unchanged. Requiring
+// BOTH the head and the .call() tail makes a false positive on hand-written /
+// bundled UMD code effectively impossible.
+const CRIPTOR_IIFE_HEAD = "(function(module,exports,require,Buffer,process,global,__dirname,__filename){";
+const CRIPTOR_IIFE_TAIL = "}).call(typeof globalThis!=='undefined'?globalThis:this,typeof module!=='undefined'?module:{exports:{}}";
+/**
+ * True if `src` already carries Criptor's own structural signature, i.e. it is
+ * the output of a previous protection run. Re-protecting such code stacks a new
+ * KrakVM / integrity layer on top of the old one, whose baked-in hash no longer
+ * matches — the file then throws a tamper error at runtime and is unusable.
+ */
+function isAlreadyProtected(src) {
+    return src.includes(CRIPTOR_IIFE_HEAD) && src.includes(CRIPTOR_IIFE_TAIL);
+}
+/**
+ * Obfuscate a single source file.
+ * Every layer is independently gated by `opts`.
+ * `fileIndex` is used to derive a per-file seed — pass 0 for a single file,
+ * or the array index when processing a batch.
+ */
+function obfuscateCode(src, opts = {}, fileIndex = 0) {
+    // ── Guard: refuse to protect already-protected input ───────────────────────
+    if (!opts.allowDoubleProtect && isAlreadyProtected(src)) {
+        throw new Error("Input is already protected by Criptor — refusing to protect it again. " +
+            "Re-protecting obfuscated output stacks a second integrity/VM layer whose " +
+            "baked-in hash no longer matches, which crashes the file at runtime " +
+            "(\"Illegal Instruction\" / \"Access Violation\" tamper errors). " +
+            "Protect the ORIGINAL source instead. To override, set allowDoubleProtect=true.");
+    }
+    // ── Shebang extraction ─────────────────────────────────────────────────────
+    // A `#!/usr/bin/env node` line is only legal as the VERY FIRST bytes of a file.
+    // Layers that prepend injected source (honeypots, directives, anchors) would
+    // push it off line 1 → "Invalid or unexpected token" at runtime. Strip it now,
+    // re-attach at the very top of the final output.
+    let shebang = "";
+    const _sb = src.match(/^#![^\n]*\n?/);
+    if (_sb) {
+        shebang = _sb[0].endsWith("\n") ? _sb[0] : _sb[0] + "\n";
+        src = src.slice(_sb[0].length);
+    }
+    // ── Seed derivation ────────────────────────────────────────────────────────
+    const masterSeed = opts.seed ?? 0x9e3779b9;
+    const seed = fileIndex === 0 ? masterSeed : (0, layers_1.deriveFileSeed)(masterSeed, fileIndex, src);
+    const rng = (0, prng_1.makeRng)(seed);
+    // ── Parse ──────────────────────────────────────────────────────────────────
+    const ast = (0, parser_1.parse)(src, {
+        sourceType: "module",
+        allowReturnOutsideFunction: true,
+        plugins: opts.typescript ? ["typescript"] : [],
+    });
+    // ── ESM normalisation ──────────────────────────────────────────────────────
+    // Rewrite declaration-exports / default-exports into `decl + export {…}` form
+    // BEFORE any rename pass, working around Babel's buggy scope.rename for
+    // declaration exports (babel/babel#11591). Must run first so every downstream
+    // stage (VM, rename, wrap) sees the canonical, rename-safe shape.
+    (0, cne_1.normalizeEsmExports)(ast);
+    // ── Layer 5: Integrity anchors (compute early, all layers reference Hbuild) ─
+    const anchor = [];
+    for (let i = 0; i < 24; i++)
+        anchor.push(rng.int32());
+    const Hbuild = (0, integrity_1.hshBuild)(anchor);
+    // ── Layer 3: AI Honeypots ──────────────────────────────────────────────────
+    if ((0, layers_1.layerOn)(opts, "aiHoneypots", true)) {
+        (0, ai_confusion_1.applyAiConfusion)(ast, traverse, parser_1.parse, t, rng, opts);
+    }
+    // ── Layer 3b: AI Directive vars ────────────────────────────────────────────
+    if ((0, layers_1.layerOn)(opts, "aiDirective", true)) {
+        (0, ai_confusion_1.injectAiDirective)(ast, t);
+    }
+    // ── Layer 3c: Deep directives ─────────────────────────────────────────────
+    if ((0, layers_1.layerOn)(opts, "aiDeepDirectives", false)) {
+        (0, ai_confusion_1.injectDeepDirectives)(ast, traverse, parser_1.parse, t, rng);
+    }
+    // ── Layer 3e: Callgraph Poison (mutual-recursion cluster flood) ─────────────
+    // Inject BEFORE VM so poison functions are present when VM scans for
+    // FunctionDeclarations.  VM skips them (marked __obf); MBA/CNE run over them.
+    if ((0, layers_1.layerOn)(opts, "aiCallgraphPoison", false)) {
+        const _cgCount = opts.aiCallgraphPoisonCount ?? 120;
+        (0, ai_callgraph_poison_1.applyCallgraphPoison)(ast, t, parser_1.parse, rng, _cgCount);
+    }
+    // ── Layer 2: VM Bytecode Virtualization (KrakVM) ────────────────────────────
+    if ((0, layers_1.layerOn)(opts, "vm", true)) {
+        (0, transform_vm_1.applyVm)(ast, traverse, parser_1.parse, t, rng);
+    }
+    // Note: sandbox poison (Layer 12) removed — KrakVM does not embed VM opcodes
+    // for sandbox detection. The charCodeAt poison IIFE is still available via
+    // the legacy plain-JS path (wrapInModuleIife handles env isolation).
+    // ── Layer 9: Timing Oracle AST pass — AFTER VM ────────────────────────────
+    // Per-build random name for the drift detector — eliminates '__drift' fingerprint
+    const _driftKey = `_0x${((rng.int32() >>> 0) & 0xffffff).toString(16).padStart(6, '0')}`;
+    if ((0, layers_1.layerOn)(opts, "timingOracle", false)) {
+        (0, timing_oracle_1.applyTimingOracle)(ast, traverse, t, rng, _driftKey);
+    }
+    // ── Layer 8: Adversarial Token Injection — AFTER VM ───────────────────────
+    if ((0, layers_1.layerOn)(opts, "adversarialTokens", false)) {
+        (0, adversarial_tokens_1.applyAdversarialTokens)(ast, traverse, t, rng, opts);
+    }
+    // ── Stage A: MBA Constants ─────────────────────────────────────────────────
+    if ((0, layers_1.layerOn)(opts, "mba", true)) {
+        (0, transforms_1.applyConstMba)(ast, traverse, t, rng, opts);
+    }
+    // ── Stage B: Opaque Predicates ─────────────────────────────────────────────
+    if ((0, layers_1.layerOn)(opts, "opaque", true)) {
+        (0, transforms_1.applyOpaque)(ast, traverse, parser_1.parse, t, rng, opts);
+    }
+    // ── Stage C: String Cipher ─────────────────────────────────────────────────
+    let _cipherBuildKey = 0;
+    let _cipherEntries = [];
+    if ((0, layers_1.layerOn)(opts, "stringCipher", true)) {
+        _cipherBuildKey = rng.int32() >>> 0;
+        const effectiveH = (0, layers_1.layerOn)(opts, "integrityAnchors", true) ? Hbuild : 0;
+        _cipherEntries = (0, transforms_1.applyStringCipher)(ast, traverse, parser_1.parse, t, rng, _cipherBuildKey, effectiveH, opts);
+    }
+    // ── Layer 5: Integrity anchor emission ────────────────────────────────────
+    if ((0, layers_1.layerOn)(opts, "integrityAnchors", true)) {
+        // CNE path: base64-encoded XOR blob (no 24 plaintext int32s)
+        // Legacy path: plain array (jsobf renames further)
+        const _useLegacyAnc = (0, layers_1.layerOn)(opts, "legacyJsobf", false);
+        const anchorSrc = _useLegacyAnc
+            ? (0, integrity_1.anchorSource)("__anc", anchor) + "\n" + (0, integrity_1.hshSource)("__hsh")
+            : (0, integrity_1.anchorSourceEncoded)("__anc", "__hsh", anchor, rng);
+        const integrityAst = (0, parser_1.parse)(anchorSrc, { sourceType: "module" });
+        // Mark ALL anchor nodes __obf + __cne so no subsequent pass touches them
+        const _markAll = (node) => {
+            if (!node || typeof node !== "object")
+                return;
+            node.__obf = true;
+            node.__cne = true;
+            for (const k of Object.keys(node)) {
+                const v = node[k];
+                if (Array.isArray(v))
+                    v.forEach(_markAll);
+                else if (v && typeof v === "object" && v.type)
+                    _markAll(v);
+            }
+        };
+        integrityAst.program.body.forEach(_markAll);
+        ast.program.body.unshift(...integrityAst.program.body);
+    }
+    let code = generate(ast, { compact: false, comments: false }).code;
+    // ── Layer 4: Obfuscation engine ───────────────────────────────────────────
+    const _useLegacyJsobf = (0, layers_1.layerOn)(opts, "legacyJsobf", false);
+    if (_useLegacyJsobf && (0, layers_1.layerOn)(opts, "jsobf", true)) {
+        // ── LEGACY PATH: javascript-obfuscator ───────────────────────────────────
+        // Timing oracle + semantic poison go BEFORE jsobf so jsobf obfuscates them.
+        // Sandbox poison is now an AST node (Layer 12) injected earlier —
+        // it lives in the Babel AST and gets fed through jsobf alongside user code.
+        if ((0, layers_1.layerOn)(opts, "timingOracle", false)) {
+            code = (0, timing_oracle_1.buildDriftDetectorSource)(rng, _driftKey) + "\n" + code;
+        }
+        if ((0, layers_1.layerOn)(opts, "aiSemanticPoison", false)) {
+            code = (0, ai_semantic_poison_1.buildSemanticPoisonSource)(rng) + "\n" + code;
+        }
+        if ((0, layers_1.layerOn)(opts, "aiAntiPattern", false)) {
+            code = (0, ai_antipattern_1.buildAntiPatternSource)(rng) + "\n" + code;
+        }
+        if ((0, layers_1.layerOn)(opts, "aiTemporalKeys", false)) {
+            code = (0, temporal_keys_1.buildTemporalKeySource)(rng) + "\n" + code;
+        }
+        const _intOn = (0, layers_1.layerOn)(opts, "integrityAnchors", true);
+        code = javascript_obfuscator_1.default.obfuscate(code, (0, jsobf_config_1.nodeJsObfOptions)(rng, _intOn)).getObfuscatedCode();
+        if ((0, layers_1.layerOn)(opts, "signatureBreak", true)) {
+            code = (0, signature_break_1.breakSignatures)(code, rng);
+        }
+        if ((0, layers_1.layerOn)(opts, "moduleIife", true)) {
+            code = (0, vm_poison_1.wrapInModuleIife)(code);
+        }
+    }
+    else if (!_useLegacyJsobf) {
+        // ── CNE PATH: Criptor Native Engine — zero public deobfuscation tooling ──
+        // CNE runs on the pure Babel-generated code (which already contains the
+        // Layer 12 sandbox __vmq() call as an AST node — it gets renamed + hex-
+        // encoded + optionally flattened like any other user expression).
+        code = (0, cne_1.cneObfuscate)(code, rng, {
+            rename: opts.cneRename !== false,
+            hexLiterals: opts.cneHexLiterals !== false,
+            stringSplit: opts.cneStringSplit !== false,
+            flatten: opts.cneFlatten !== false,
+            flattenRate: opts.cneFlattenRate ?? 0.5,
+            opaqueConstants: opts.cneOpaqueConstants !== false,
+            deadCode: opts.cneDeadCode !== false,
+        });
+        // Obfuscate module.exports property names (hides validateLicense, hasFeature etc.)
+        code = (0, cne_1.obfuscateExportNames)(code, rng);
+        // Drift detector — raw string, injected after CNE (intact regex/structure)
+        if ((0, layers_1.layerOn)(opts, "timingOracle", false)) {
+            code = (0, timing_oracle_1.buildDriftDetectorSource)(rng, _driftKey) + "\n" + code;
+        }
+        // Layer 3f: Semantic Poison — raw string, post-CNE (values intact)
+        if ((0, layers_1.layerOn)(opts, "aiSemanticPoison", false)) {
+            code = (0, ai_semantic_poison_1.buildSemanticPoisonSource)(rng) + "\n" + code;
+        }
+        // Layer 3g: Anti-Pattern Injection — prototype pollution + ASI traps + homoglyphs
+        if ((0, layers_1.layerOn)(opts, "aiAntiPattern", false)) {
+            code = (0, ai_antipattern_1.buildAntiPatternSource)(rng) + "\n" + code;
+        }
+        // Layer 3h: Temporal Keys — epoch-day-keyed fake decoder (wrong in frozen sandbox)
+        if ((0, layers_1.layerOn)(opts, "aiTemporalKeys", false)) {
+            code = (0, temporal_keys_1.buildTemporalKeySource)(rng) + "\n" + code;
+        }
+        // NOTE: sandboxPoison string injection removed — replaced by Layer 12
+        // AST node injection above (buildSandboxVmCallStmt). The check and the
+        // poison now execute inside __vmq, invisible from the outer shell.
+        // Module IIFE wraps everything: CNE output + drift detector
+        if ((0, layers_1.layerOn)(opts, "moduleIife", true)) {
+            code = (0, vm_poison_1.wrapInModuleIife)(code);
+        }
+    }
+    // ── Layer 11: Canary __dec at global scope (outside IIFE) ─────────────────
+    // A fake __dec/__ca/__bk with wrong key — attacker who calls it gets garbage.
+    // In CNE mode the real decoder is also renamed — doubly hidden.
+    if ((0, layers_1.layerOn)(opts, "stringCipher", true)) {
+        const canaryRng = (0, prng_1.makeRng)((_cipherBuildKey ^ 0xc0ffee) >>> 0);
+        const canary = (0, transforms_1.buildCanaryDecoder)(_cipherBuildKey, _cipherEntries, canaryRng);
+        if (canary)
+            code = code + "\n" + canary;
+    }
+    // ── Layer 7: Differential Canary (license function shadow) ───────────────
+    // CNE path: canary source is passed through CNE rename+hex so it looks
+    // like obfuscated code rather than a readable JS block at the file tail.
+    // Legacy path: appended as-is (jsobf will have already obfuscated it).
+    if ((0, layers_1.layerOn)(opts, "canary", false)) {
+        if (!_useLegacyJsobf) {
+            const _canarySrc = (0, canary_1.buildCanarySource)(rng, opts);
+            if (_canarySrc) {
+                const _canaryObf = (0, cne_1.cneObfuscate)(_canarySrc, rng, {
+                    rename: true, hexLiterals: true, stringSplit: true,
+                    flatten: false, opaqueConstants: false, deadCode: false,
+                });
+                code = code + "\n" + _canaryObf;
+            }
+        }
+        else {
+            code = (0, canary_1.injectCanary)(code, rng, opts);
+        }
+    }
+    // ── Layer 3c-X: Context Exhaustion footer ─────────────────────────────────
+    if ((0, layers_1.layerOn)(opts, "aiContextExhaustion", false)) {
+        code = code + "\n" + ai_confusion_1.CONTEXT_EXHAUSTION_FOOTER;
+    }
+    // ── Layer 1: Copyright / AI Directive Banner ───────────────────────────────
+    if ((0, layers_1.layerOn)(opts, "banner", true)) {
+        const banner = opts.customCopyright
+            ? (0, ai_confusion_1.buildCustomBanner)(opts.customCopyright)
+            : ai_confusion_1.AI_DIRECTIVE_BANNER;
+        code = banner + "\n" + code;
+    }
+    // Re-attach the shebang as the very first line (if the source had one).
+    if (shebang)
+        code = shebang + code;
+    return code;
+}
+/**
+ * Obfuscate multiple files with the same config but unique per-file seeds.
+ * Returns array of obfuscated strings in the same order as inputs.
+ */
+function obfuscateBatch(files, opts = {}) {
+    return files.map((f, i) => obfuscateCode(f.content, opts, i));
+}

package/prng.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.makeRng = makeRng;
+exports.ksGen = ksGen;
+function makeRng(seed) {
+    let s = seed >>> 0;
+    function next() {
+        s = (s + 0x6d2b79f5) | 0;
+        let t = Math.imul(s ^ (s >>> 15), 1 | s);
+        t = (t + Math.imul(t ^ (t >>> 7), 61 | t)) ^ t;
+        return ((t ^ (t >>> 14)) >>> 0) / 4294967296;
+    }
+    return {
+        next,
+        int32: () => (next() * 4294967296) | 0,
+    };
+}
+// Generator de keystream pe octeti (folosit la criptarea stringurilor in build).
+// Trebuie sa fie BIT-IDENTIC cu bucla din runtime-ul injectat (vezi transforms.ts).
+function ksGen(seed) {
+    let s = seed >>> 0;
+    return () => {
+        s = (s + 0x6d2b79f5) | 0;
+        let t = Math.imul(s ^ (s >>> 15), 1 | s);
+        t = (t + Math.imul(t ^ (t >>> 7), 61 | t)) ^ t;
+        return ((t ^ (t >>> 14)) >>> 0) & 0xff;
+    };
+}

package/signature-break.js

@@ -0,0 +1,101 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.breakSignatures = breakSignatures;
+// Layer NOU 4 / Stage F — spargerea semnaturilor de deobfuscator.
+// webcrack / synchrony recunosc javascript-obfuscator dupa forma string-array-ului:
+// o declaratie cu un ARRAY LITERAL de N stringuri, plus un rotator IIFE. Aici luam
+// acel array literal si il reconstruim element-cu-element, in ordine permutata, intr-un
+// IIFE => extractorul "ia array-ul literal" nu mai gaseste un literal de luat.
+// Comportamentul la runtime e identic (acelasi array, aceeasi ordine finala).
+//
+// Orice eroare => returnam codul neschimbat (corectitudinea primeaza).
+const parser_1 = require("@babel/parser");
+const traverse_1 = __importDefault(require("@babel/traverse"));
+const generator_1 = __importDefault(require("@babel/generator"));
+const t = __importStar(require("@babel/types"));
+const traverse = traverse_1.default.default || traverse_1.default;
+const generate = generator_1.default.default || generator_1.default;
+function breakSignatures(code, rng) {
+    try {
+        const ast = (0, parser_1.parse)(code, { sourceType: "unambiguous" });
+        let changed = false;
+        traverse(ast, {
+            ArrayExpression(path) {
+                if (changed)
+                    return; // doar primul array mare (string-array-ul jsobf)
+                const els = path.node.elements;
+                if (!els || els.length < 6)
+                    return;
+                const strCount = els.filter((e) => e && e.type === "StringLiteral").length;
+                if (strCount < els.length * 0.6)
+                    return; // majoritar stringuri
+                // construim: (function(){ var a = new Array(N); a[i]=el_i (ordine permutata); return a; })()
+                const idx = els.map((_, i) => i);
+                for (let i = idx.length - 1; i > 0; i--) {
+                    const j = Math.floor(rng.next() * (i + 1));
+                    const tmp = idx[i];
+                    idx[i] = idx[j];
+                    idx[j] = tmp;
+                }
+                const aId = t.identifier("_sa");
+                const stmts = [
+                    t.variableDeclaration("var", [
+                        t.variableDeclarator(aId, t.newExpression(t.identifier("Array"), [
+                            t.numericLiteral(els.length),
+                        ])),
+                    ]),
+                ];
+                for (const i of idx) {
+                    stmts.push(t.expressionStatement(t.assignmentExpression("=", t.memberExpression(aId, t.numericLiteral(i), true), els[i] || t.identifier("undefined"))));
+                }
+                stmts.push(t.returnStatement(aId));
+                const iife = t.callExpression(t.functionExpression(null, [], t.blockStatement(stmts)), []);
+                path.replaceWith(iife);
+                path.skip();
+                changed = true;
+            },
+        });
+        if (!changed)
+            return code;
+        return generate(ast, { compact: true, comments: false }).code;
+    }
+    catch {
+        return code;
+    }
+}