opmsec 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.example +14 -0
- package/.pnp.cjs +9953 -0
- package/.pnp.loader.mjs +2126 -0
- package/README.md +266 -0
- package/bun.lock +620 -0
- package/bunfig.toml +6 -0
- package/docker-compose.yml +10 -0
- package/package.json +39 -0
- package/packages/cli/package.json +7 -0
- package/packages/cli/src/commands/audit.tsx +142 -0
- package/packages/cli/src/commands/author-view.tsx +247 -0
- package/packages/cli/src/commands/info.tsx +109 -0
- package/packages/cli/src/commands/install.tsx +362 -0
- package/packages/cli/src/commands/passthrough.tsx +36 -0
- package/packages/cli/src/commands/push.tsx +321 -0
- package/packages/cli/src/components/AgentScores.tsx +32 -0
- package/packages/cli/src/components/AuthorInfo.tsx +45 -0
- package/packages/cli/src/components/Header.tsx +24 -0
- package/packages/cli/src/components/PackageCard.tsx +48 -0
- package/packages/cli/src/components/RiskBadge.tsx +32 -0
- package/packages/cli/src/components/ScanReport.tsx +50 -0
- package/packages/cli/src/components/StatusLine.tsx +30 -0
- package/packages/cli/src/index.tsx +111 -0
- package/packages/cli/src/services/avatar.ts +10 -0
- package/packages/cli/src/services/chainpatrol.ts +25 -0
- package/packages/cli/src/services/contract.ts +182 -0
- package/packages/cli/src/services/ens.ts +143 -0
- package/packages/cli/src/services/fileverse.ts +36 -0
- package/packages/cli/src/services/osv.ts +141 -0
- package/packages/cli/src/services/signature.ts +22 -0
- package/packages/cli/src/services/version.ts +10 -0
- package/packages/contracts/contracts/OPMRegistry.sol +253 -0
- package/packages/contracts/hardhat.config.ts +32 -0
- package/packages/contracts/package-lock.json +7772 -0
- package/packages/contracts/package.json +10 -0
- package/packages/contracts/scripts/deploy.ts +28 -0
- package/packages/contracts/test/OPMRegistry.test.ts +101 -0
- package/packages/contracts/tsconfig.json +11 -0
- package/packages/core/package.json +7 -0
- package/packages/core/src/abi.ts +629 -0
- package/packages/core/src/constants.ts +30 -0
- package/packages/core/src/index.ts +5 -0
- package/packages/core/src/prompt.ts +111 -0
- package/packages/core/src/types.ts +104 -0
- package/packages/core/src/utils.ts +50 -0
- package/packages/scanner/package.json +6 -0
- package/packages/scanner/src/agents/agent-configs.ts +24 -0
- package/packages/scanner/src/agents/base-agent.ts +75 -0
- package/packages/scanner/src/index.ts +25 -0
- package/packages/scanner/src/queue/memory-queue.ts +91 -0
- package/packages/scanner/src/services/contract-writer.ts +34 -0
- package/packages/scanner/src/services/fileverse.ts +89 -0
- package/packages/scanner/src/services/npm-registry.ts +159 -0
- package/packages/scanner/src/services/openrouter.ts +86 -0
- package/packages/scanner/src/services/osv.ts +87 -0
- package/packages/scanner/src/services/report-formatter.ts +134 -0
- package/tsconfig.json +23 -0
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import { ethers } from "hardhat";
|
|
2
|
+
|
|
3
|
+
async function main() {
|
|
4
|
+
const [deployer] = await ethers.getSigners();
|
|
5
|
+
console.log("Deploying with:", deployer.address);
|
|
6
|
+
|
|
7
|
+
const OPMRegistry = await ethers.getContractFactory("OPMRegistry");
|
|
8
|
+
const registry = await OPMRegistry.deploy();
|
|
9
|
+
await registry.waitForDeployment();
|
|
10
|
+
|
|
11
|
+
const address = await registry.getAddress();
|
|
12
|
+
console.log("OPMRegistry deployed to:", address);
|
|
13
|
+
|
|
14
|
+
const agentKey = process.env.AGENT_PRIVATE_KEY;
|
|
15
|
+
if (agentKey) {
|
|
16
|
+
const agentWallet = new ethers.Wallet(agentKey);
|
|
17
|
+
const tx = await registry.setAgent(agentWallet.address, true);
|
|
18
|
+
await tx.wait();
|
|
19
|
+
console.log("Authorized agent:", agentWallet.address);
|
|
20
|
+
}
|
|
21
|
+
|
|
22
|
+
console.log("\nAdd to .env:\nCONTRACT_ADDRESS=" + address);
|
|
23
|
+
}
|
|
24
|
+
|
|
25
|
+
main().catch((error) => {
|
|
26
|
+
console.error(error);
|
|
27
|
+
process.exitCode = 1;
|
|
28
|
+
});
|
|
@@ -0,0 +1,101 @@
|
|
|
1
|
+
import { expect } from "chai";
|
|
2
|
+
import { ethers } from "hardhat";
|
|
3
|
+
|
|
4
|
+
describe("OPMRegistry", function () {
|
|
5
|
+
async function deploy() {
|
|
6
|
+
const [owner, agent, author, other] = await ethers.getSigners();
|
|
7
|
+
const Factory = await ethers.getContractFactory("OPMRegistry");
|
|
8
|
+
const registry = await Factory.deploy();
|
|
9
|
+
await registry.waitForDeployment();
|
|
10
|
+
await registry.setAgent(agent.address, true);
|
|
11
|
+
return { registry, owner, agent, author, other };
|
|
12
|
+
}
|
|
13
|
+
|
|
14
|
+
it("should register a package", async function () {
|
|
15
|
+
const { registry, author } = await deploy();
|
|
16
|
+
const checksum = ethers.keccak256(ethers.toUtf8Bytes("test-checksum"));
|
|
17
|
+
const sig = ethers.toUtf8Bytes("test-sig");
|
|
18
|
+
|
|
19
|
+
await registry.connect(author).registerPackage("my-pkg", "1.0.0", checksum, sig, "author.eth");
|
|
20
|
+
|
|
21
|
+
const info = await registry.getPackageInfo("my-pkg", "1.0.0");
|
|
22
|
+
expect(info.exists).to.be.true;
|
|
23
|
+
expect(info.author).to.equal(author.address);
|
|
24
|
+
expect(info.ensName).to.equal("author.eth");
|
|
25
|
+
});
|
|
26
|
+
|
|
27
|
+
it("should prevent duplicate version registration", async function () {
|
|
28
|
+
const { registry, author } = await deploy();
|
|
29
|
+
const checksum = ethers.keccak256(ethers.toUtf8Bytes("test"));
|
|
30
|
+
const sig = ethers.toUtf8Bytes("sig");
|
|
31
|
+
|
|
32
|
+
await registry.connect(author).registerPackage("my-pkg", "1.0.0", checksum, sig, "");
|
|
33
|
+
await expect(
|
|
34
|
+
registry.connect(author).registerPackage("my-pkg", "1.0.0", checksum, sig, "")
|
|
35
|
+
).to.be.revertedWith("Version already registered");
|
|
36
|
+
});
|
|
37
|
+
|
|
38
|
+
it("should submit and aggregate scores", async function () {
|
|
39
|
+
const { registry, agent, author } = await deploy();
|
|
40
|
+
const checksum = ethers.keccak256(ethers.toUtf8Bytes("test"));
|
|
41
|
+
const sig = ethers.toUtf8Bytes("sig");
|
|
42
|
+
|
|
43
|
+
await registry.connect(author).registerPackage("my-pkg", "1.0.0", checksum, sig, "");
|
|
44
|
+
await registry.connect(agent).submitScore("my-pkg", "1.0.0", 30, "Looks safe");
|
|
45
|
+
|
|
46
|
+
const score = await registry.getAggregateScore("my-pkg", "1.0.0");
|
|
47
|
+
expect(score).to.equal(30);
|
|
48
|
+
});
|
|
49
|
+
|
|
50
|
+
it("should reject score from unauthorized caller", async function () {
|
|
51
|
+
const { registry, author, other } = await deploy();
|
|
52
|
+
const checksum = ethers.keccak256(ethers.toUtf8Bytes("test"));
|
|
53
|
+
const sig = ethers.toUtf8Bytes("sig");
|
|
54
|
+
|
|
55
|
+
await registry.connect(author).registerPackage("my-pkg", "1.0.0", checksum, sig, "");
|
|
56
|
+
await expect(
|
|
57
|
+
registry.connect(other).submitScore("my-pkg", "1.0.0", 50, "test")
|
|
58
|
+
).to.be.revertedWith("Not authorized agent");
|
|
59
|
+
});
|
|
60
|
+
|
|
61
|
+
it("should find safest version", async function () {
|
|
62
|
+
const { registry, agent, author } = await deploy();
|
|
63
|
+
const checksum = ethers.keccak256(ethers.toUtf8Bytes("c"));
|
|
64
|
+
const sig = ethers.toUtf8Bytes("s");
|
|
65
|
+
|
|
66
|
+
await registry.connect(author).registerPackage("pkg", "1.0.0", checksum, sig, "");
|
|
67
|
+
await registry.connect(author).registerPackage("pkg", "1.1.0", checksum, sig, "");
|
|
68
|
+
await registry.connect(author).registerPackage("pkg", "2.0.0", checksum, sig, "");
|
|
69
|
+
|
|
70
|
+
await registry.connect(agent).submitScore("pkg", "1.0.0", 60, "risky");
|
|
71
|
+
await registry.connect(agent).submitScore("pkg", "1.1.0", 20, "clean");
|
|
72
|
+
await registry.connect(agent).submitScore("pkg", "2.0.0", 45, "moderate");
|
|
73
|
+
|
|
74
|
+
const safest = await registry.getSafestVersion("pkg", 3);
|
|
75
|
+
expect(safest).to.equal("1.1.0");
|
|
76
|
+
});
|
|
77
|
+
|
|
78
|
+
it("should set report URI", async function () {
|
|
79
|
+
const { registry, agent, author } = await deploy();
|
|
80
|
+
const checksum = ethers.keccak256(ethers.toUtf8Bytes("c"));
|
|
81
|
+
const sig = ethers.toUtf8Bytes("s");
|
|
82
|
+
|
|
83
|
+
await registry.connect(author).registerPackage("pkg", "1.0.0", checksum, sig, "");
|
|
84
|
+
await registry.connect(agent).setReportURI("pkg", "1.0.0", "ipfs://Qm123");
|
|
85
|
+
|
|
86
|
+
const info = await registry.getPackageInfo("pkg", "1.0.0");
|
|
87
|
+
expect(info.reportURI).to.equal("ipfs://Qm123");
|
|
88
|
+
});
|
|
89
|
+
|
|
90
|
+
it("should track ENS to author mapping", async function () {
|
|
91
|
+
const { registry, author } = await deploy();
|
|
92
|
+
const checksum = ethers.keccak256(ethers.toUtf8Bytes("c"));
|
|
93
|
+
const sig = ethers.toUtf8Bytes("s");
|
|
94
|
+
|
|
95
|
+
await registry.connect(author).registerPackage("pkg", "1.0.0", checksum, sig, "dev.eth");
|
|
96
|
+
|
|
97
|
+
const profile = await registry.getAuthorByENS("dev.eth");
|
|
98
|
+
expect(profile.addr).to.equal(author.address);
|
|
99
|
+
expect(profile.ensName).to.equal("dev.eth");
|
|
100
|
+
});
|
|
101
|
+
});
|