solana-privacy-scanner 0.3.1 → 0.3.2

package/dist/index.js

@@ -6,2541 +6,13 @@ import * as dotenv from "dotenv";
 
 // src/commands/wallet.ts
 import { writeFileSync } from "fs";
-
-// ../core/dist/index.js
-import { Connection } from "@solana/web3.js";
-import { readFileSync } from "fs";
-import { fileURLToPath } from "url";
-import { dirname, join } from "path";
-var DEFAULT_RPC_URL = "https://late-hardworking-waterfall.solana-mainnet.quiknode.pro/4017b48acf3a2a1665603cac096822ce4bec3a90/";
-var VERSION = "0.4.0";
-var RateLimiter = class {
-  constructor(maxConcurrency) {
-    this.maxConcurrency = maxConcurrency;
-  }
-  activeRequests = 0;
-  queue = [];
-  async acquire() {
-    if (this.activeRequests < this.maxConcurrency) {
-      this.activeRequests++;
-      return;
-    }
-    return new Promise((resolve) => {
-      this.queue.push(() => {
-        this.activeRequests++;
-        resolve();
-      });
-    });
-  }
-  release() {
-    this.activeRequests--;
-    const next = this.queue.shift();
-    if (next) {
-      next();
-    }
-  }
-  getActiveCount() {
-    return this.activeRequests;
-  }
-  getQueueLength() {
-    return this.queue.length;
-  }
-};
-function sleep(ms) {
-  return new Promise((resolve) => setTimeout(resolve, ms));
-}
-var RPCClient = class {
-  connection;
-  config;
-  rateLimiter;
-  constructor(configOrUrl) {
-    const config2 = !configOrUrl ? {} : typeof configOrUrl === "string" ? { rpcUrl: configOrUrl } : configOrUrl;
-    const rpcUrl = (config2.rpcUrl || DEFAULT_RPC_URL).trim();
-    this.config = {
-      maxRetries: config2.maxRetries ?? 3,
-      retryDelay: config2.retryDelay ?? 1e3,
-      timeout: config2.timeout ?? 3e4,
-      maxConcurrency: config2.maxConcurrency ?? 10,
-      debug: config2.debug ?? false,
-      rpcUrl
-    };
-    const connectionConfig = {
-      commitment: "confirmed",
-      confirmTransactionInitialTimeout: this.config.timeout
-    };
-    this.connection = new Connection(this.config.rpcUrl, connectionConfig);
-    this.rateLimiter = new RateLimiter(this.config.maxConcurrency);
-    if (this.config.debug) {
-      console.log(`[RPCClient] Initialized with URL: ${this.config.rpcUrl}`);
-      console.log(`[RPCClient] Max concurrency: ${this.config.maxConcurrency}`);
-      console.log(`[RPCClient] Max retries: ${this.config.maxRetries}`);
-    }
-  }
-  /**
-   * Execute an RPC call with retry logic and rate limiting
-   */
-  async executeWithRetry(operation, operationName) {
-    await this.rateLimiter.acquire();
-    let lastError = null;
-    for (let attempt = 0; attempt <= this.config.maxRetries; attempt++) {
-      try {
-        if (this.config.debug && attempt > 0) {
-          console.log(`[RPCClient] Retry attempt ${attempt} for ${operationName}`);
-        }
-        const result = await operation();
-        this.rateLimiter.release();
-        return result;
-      } catch (error) {
-        lastError = error;
-        if (this.config.debug) {
-          console.error(
-            `[RPCClient] Error in ${operationName} (attempt ${attempt + 1}/${this.config.maxRetries + 1}):`,
-            error
-          );
-        }
-        if (attempt < this.config.maxRetries) {
-          const delay = this.config.retryDelay * Math.pow(2, attempt);
-          await sleep(delay);
-        }
-      }
-    }
-    this.rateLimiter.release();
-    throw new Error(
-      `RPC operation ${operationName} failed after ${this.config.maxRetries + 1} attempts: ${lastError?.message}`
-    );
-  }
-  /**
-   * Get the underlying Solana Connection
-   * Use this sparingly - prefer the wrapped methods for automatic retry/rate limiting
-   */
-  getConnection() {
-    return this.connection;
-  }
-  /**
-   * Get current rate limiter stats
-   */
-  getStats() {
-    return {
-      activeRequests: this.rateLimiter.getActiveCount(),
-      queueLength: this.rateLimiter.getQueueLength()
-    };
-  }
-  /**
-   * Get signatures for an address with retry and rate limiting
-   */
-  async getSignaturesForAddress(address, options) {
-    return this.executeWithRetry(
-      async () => {
-        const { PublicKey } = await import("@solana/web3.js");
-        return this.connection.getSignaturesForAddress(
-          new PublicKey(address),
-          options
-        );
-      },
-      `getSignaturesForAddress(${address})`
-    );
-  }
-  /**
-   * Get transaction details with retry and rate limiting
-   */
-  async getTransaction(signature, options) {
-    return this.executeWithRetry(
-      async () => {
-        return this.connection.getTransaction(signature, {
-          maxSupportedTransactionVersion: options?.maxSupportedTransactionVersion ?? 0
-        });
-      },
-      `getTransaction(${signature})`
-    );
-  }
-  /**
-   * Get multiple transactions in parallel (respects rate limiting)
-   */
-  async getTransactions(signatures, options) {
-    const promises = signatures.map((sig) => this.getTransaction(sig, options));
-    return Promise.all(promises);
-  }
-  /**
-   * Get token accounts by owner with retry and rate limiting
-   */
-  async getTokenAccountsByOwner(ownerAddress, mintAddress) {
-    return this.executeWithRetry(
-      async () => {
-        const { PublicKey } = await import("@solana/web3.js");
-        const owner = new PublicKey(ownerAddress);
-        const TOKEN_PROGRAM_ID = new PublicKey("TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA");
-        if (mintAddress) {
-          const mint = new PublicKey(mintAddress);
-          return this.connection.getTokenAccountsByOwner(owner, { mint });
-        } else {
-          return this.connection.getTokenAccountsByOwner(owner, {
-            programId: TOKEN_PROGRAM_ID
-          });
-        }
-      },
-      `getTokenAccountsByOwner(${ownerAddress})`
-    );
-  }
-  /**
-   * Get program accounts with retry and rate limiting
-   */
-  async getProgramAccounts(programId, config2) {
-    return this.executeWithRetry(
-      async () => {
-        const { PublicKey } = await import("@solana/web3.js");
-        return this.connection.getProgramAccounts(new PublicKey(programId), config2);
-      },
-      `getProgramAccounts(${programId})`
-    );
-  }
-  /**
-   * Get account info with retry and rate limiting
-   */
-  async getAccountInfo(address) {
-    return this.executeWithRetry(
-      async () => {
-        const { PublicKey } = await import("@solana/web3.js");
-        return this.connection.getAccountInfo(new PublicKey(address));
-      },
-      `getAccountInfo(${address})`
-    );
-  }
-  /**
-   * Get multiple account infos in parallel (respects rate limiting)
-   */
-  async getMultipleAccountsInfo(addresses) {
-    return this.executeWithRetry(
-      async () => {
-        const { PublicKey } = await import("@solana/web3.js");
-        const pubkeys = addresses.map((addr) => new PublicKey(addr));
-        return this.connection.getMultipleAccountsInfo(pubkeys);
-      },
-      `getMultipleAccountsInfo(${addresses.length} addresses)`
-    );
-  }
-  /**
-   * Check if the RPC connection is healthy
-   */
-  async healthCheck() {
-    try {
-      const version = await this.executeWithRetry(
-        () => this.connection.getVersion(),
-        "healthCheck"
-      );
-      return !!version;
-    } catch {
-      return false;
-    }
-  }
-};
-async function collectWalletData(client, address, options = {}) {
-  const maxSignatures = options.maxSignatures ?? 100;
-  const includeTokenAccounts = options.includeTokenAccounts ?? true;
-  let signatures = [];
-  try {
-    signatures = await client.getSignaturesForAddress(address, {
-      limit: maxSignatures
-    });
-  } catch (error) {
-    console.warn(`Failed to fetch signatures for ${address}:`, error);
-  }
-  const transactions = [];
-  const BATCH_SIZE = 10;
-  for (let i = 0; i < signatures.length; i += BATCH_SIZE) {
-    const batch = signatures.slice(i, i + BATCH_SIZE);
-    const batchSignatures = batch.map((sig) => sig.signature);
-    try {
-      const txs = await client.getTransactions(batchSignatures, {
-        maxSupportedTransactionVersion: 0
-      });
-      for (let j = 0; j < batch.length; j++) {
-        transactions.push({
-          signature: batch[j].signature,
-          transaction: txs[j],
-          blockTime: batch[j].blockTime
-        });
-      }
-    } catch (error) {
-      console.warn(`Failed to fetch transaction batch for ${address}:`, error);
-    }
-  }
-  let tokenAccounts = [];
-  if (includeTokenAccounts) {
-    try {
-      const response = await client.getTokenAccountsByOwner(address);
-      tokenAccounts = response.value;
-    } catch (error) {
-      console.warn(`Failed to fetch token accounts for ${address}:`, error);
-    }
-  }
-  return {
-    address,
-    signatures,
-    transactions,
-    tokenAccounts
-  };
-}
-async function collectTransactionData(client, signature) {
-  let transaction = null;
-  try {
-    transaction = await client.getTransaction(signature, {
-      maxSupportedTransactionVersion: 0
-    });
-  } catch (error) {
-    console.warn(`Failed to fetch transaction ${signature}:`, error);
-  }
-  return {
-    signature,
-    transaction,
-    blockTime: transaction?.blockTime ?? null
-  };
-}
-async function collectProgramData(client, programId, options = {}) {
-  const maxAccounts = options.maxAccounts ?? 100;
-  const maxTransactions = options.maxTransactions ?? 50;
-  let accounts = [];
-  try {
-    const response = await client.getProgramAccounts(programId, {
-      encoding: "jsonParsed",
-      dataSlice: { offset: 0, length: 0 }
-      // Don't fetch full account data
-    });
-    accounts = response.slice(0, maxAccounts).map((acc) => ({
-      pubkey: acc.pubkey.toString(),
-      account: acc.account
-    }));
-  } catch (error) {
-    console.warn(`Failed to fetch program accounts for ${programId}:`, error);
-  }
-  let signatures = [];
-  try {
-    signatures = await client.getSignaturesForAddress(programId, {
-      limit: maxTransactions
-    });
-  } catch (error) {
-    console.warn(`Failed to fetch signatures for program ${programId}:`, error);
-  }
-  const relatedTransactions = [];
-  const BATCH_SIZE = 10;
-  for (let i = 0; i < Math.min(signatures.length, maxTransactions); i += BATCH_SIZE) {
-    const batch = signatures.slice(i, i + BATCH_SIZE);
-    const batchSignatures = batch.map((sig) => sig.signature);
-    try {
-      const txs = await client.getTransactions(batchSignatures, {
-        maxSupportedTransactionVersion: 0
-      });
-      for (let j = 0; j < batch.length; j++) {
-        relatedTransactions.push({
-          signature: batch[j].signature,
-          transaction: txs[j],
-          blockTime: batch[j].blockTime
-        });
-      }
-    } catch (error) {
-      console.warn(`Failed to fetch transaction batch for program ${programId}:`, error);
-    }
-  }
-  return {
-    programId,
-    accounts,
-    relatedTransactions
-  };
-}
-var PROGRAM_IDS = {
-  SYSTEM: "11111111111111111111111111111111",
-  TOKEN: "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA",
-  ASSOCIATED_TOKEN: "ATokenGPvbdGVxr1b2hvZbsiqW5xWH25efTNsLJA8knL",
-  STAKE: "Stake11111111111111111111111111111111111111",
-  VOTE: "Vote111111111111111111111111111111111111111",
-  MEMO: "MemoSq4gqABAXKb96qnH8TysNcWxMyWCqXgDLGmfcHr",
-  MEMO_V1: "Memo1UhkJRfHyvLMcVucJwxXeuD728EqVDDwQDxFMNo"
-};
-function extractTransactionMetadata(tx, signature) {
-  if (!tx || !tx.transaction || !tx.transaction.message || !tx.transaction.message.accountKeys) {
-    return {
-      signature,
-      blockTime: tx?.blockTime || null,
-      feePayer: "unknown",
-      signers: []
-    };
-  }
-  const feePayer = tx.transaction.message.accountKeys[0];
-  const feePayerAddress = typeof feePayer === "string" ? feePayer : feePayer.pubkey.toString();
-  const signers = [];
-  const accountKeys = tx.transaction.message.accountKeys;
-  signers.push(feePayerAddress);
-  if (accountKeys && Array.isArray(accountKeys)) {
-    for (let i = 1; i < accountKeys.length; i++) {
-      const key = accountKeys[i];
-      const address = typeof key === "string" ? key : key.pubkey?.toString();
-      if (typeof key !== "string" && key.signer) {
-        if (address && !signers.includes(address)) {
-          signers.push(address);
-        }
-      }
-    }
-  }
-  let memo;
-  const instructions = tx.transaction.message.instructions;
-  if (instructions && Array.isArray(instructions)) {
-    for (const instruction of instructions) {
-      if (!instruction || !instruction.programId) continue;
-      const programId = instruction.programId.toString();
-      if (programId === PROGRAM_IDS.MEMO || programId === PROGRAM_IDS.MEMO_V1) {
-        if ("parsed" in instruction && instruction.parsed) {
-          const parsed = instruction.parsed;
-          if (parsed.type === "memo" && typeof parsed.info === "string") {
-            memo = parsed.info;
-          }
-        } else if ("data" in instruction && typeof instruction.data === "string") {
-          try {
-            memo = Buffer.from(instruction.data, "base64").toString("utf8");
-          } catch {
-            memo = instruction.data;
-          }
-        }
-        break;
-      }
-    }
-  }
-  let computeUnitsUsed;
-  let priorityFee;
-  if (tx.meta) {
-    computeUnitsUsed = tx.meta.computeUnitsConsumed;
-    if (tx.meta.fee !== void 0 && tx.meta.fee > 5e3) {
-      priorityFee = tx.meta.fee - 5e3;
-    }
-  }
-  return {
-    signature,
-    blockTime: tx.blockTime,
-    feePayer: feePayerAddress,
-    signers,
-    computeUnitsUsed,
-    priorityFee,
-    memo
-  };
-}
-function extractTokenAccountEvents(tx, signature) {
-  const events = [];
-  if (!tx.transaction?.message?.instructions) {
-    return events;
-  }
-  for (const instruction of tx.transaction.message.instructions) {
-    if (!instruction || !instruction.programId) continue;
-    const programId = instruction.programId.toString();
-    if (programId === PROGRAM_IDS.TOKEN || programId === PROGRAM_IDS.ASSOCIATED_TOKEN) {
-      if ("parsed" in instruction && instruction.parsed) {
-        const parsed = instruction.parsed;
-        if (parsed.type === "initializeAccount" || parsed.type === "create") {
-          const info = parsed.info;
-          events.push({
-            type: "create",
-            tokenAccount: info.account || info.newAccount,
-            owner: info.owner,
-            mint: info.mint,
-            signature,
-            blockTime: tx.blockTime
-          });
-        }
-        if (parsed.type === "closeAccount") {
-          const info = parsed.info;
-          let rentRefund;
-          if (tx.meta?.postBalances && tx.meta?.preBalances) {
-            const accountKeys = tx.transaction.message.accountKeys;
-            for (let i = 0; i < accountKeys.length; i++) {
-              const key = accountKeys[i];
-              const address = typeof key === "string" ? key : key.pubkey.toString();
-              if (address === info.destination) {
-                const diff = tx.meta.postBalances[i] - tx.meta.preBalances[i];
-                if (diff > 0) {
-                  rentRefund = diff / 1e9;
-                }
-                break;
-              }
-            }
-          }
-          events.push({
-            type: "close",
-            tokenAccount: info.account,
-            owner: info.owner || info.destination,
-            signature,
-            blockTime: tx.blockTime,
-            rentRefund
-          });
-        }
-      }
-    }
-  }
-  return events;
-}
-function extractPDAInteractions(tx, signature) {
-  const interactions = [];
-  if (!tx.transaction?.message?.accountKeys) {
-    return interactions;
-  }
-  const accountProgramMap = /* @__PURE__ */ new Map();
-  for (const instruction of tx.transaction.message.instructions) {
-    if (!instruction || !instruction.programId) continue;
-    const programId = instruction.programId.toString();
-    const accounts = [];
-    if ("accounts" in instruction && Array.isArray(instruction.accounts)) {
-      for (const acc of instruction.accounts) {
-        const address = typeof acc === "string" ? acc : acc.toString();
-        accounts.push(address);
-      }
-    }
-    for (const account of accounts) {
-      if (!accountProgramMap.has(account)) {
-        accountProgramMap.set(account, /* @__PURE__ */ new Set());
-      }
-      accountProgramMap.get(account).add(programId);
-    }
-  }
-  for (const [address, programs] of accountProgramMap) {
-    for (const programId of programs) {
-      if (programId === PROGRAM_IDS.SYSTEM || programId === PROGRAM_IDS.MEMO || programId === PROGRAM_IDS.MEMO_V1) {
-        continue;
-      }
-      interactions.push({
-        pda: address,
-        programId,
-        signature
-      });
-    }
-  }
-  return interactions;
-}
-function extractSOLTransfers(tx, signature) {
-  const transfers = [];
-  if (!tx.meta || !tx.transaction) {
-    return transfers;
-  }
-  const preBalances = tx.meta.preBalances;
-  const postBalances = tx.meta.postBalances;
-  const accountKeys = tx.transaction.message.accountKeys;
-  if (!accountKeys || !Array.isArray(accountKeys) || accountKeys.length === 0) {
-    return transfers;
-  }
-  if (!preBalances || !postBalances) {
-    return transfers;
-  }
-  for (let i = 0; i < accountKeys.length; i++) {
-    const pre = preBalances[i];
-    const post = postBalances[i];
-    if (pre === void 0 || post === void 0) {
-      continue;
-    }
-    const diff = post - pre;
-    if (diff === 0) continue;
-    const account = accountKeys[i];
-    if (!account) continue;
-    const address = typeof account === "string" ? account : account.pubkey?.toString();
-    if (!address) continue;
-    if (diff > 0) {
-      for (let j = 0; j < accountKeys.length; j++) {
-        const preSender = preBalances[j];
-        const postSender = postBalances[j];
-        if (preSender === void 0 || postSender === void 0) {
-          continue;
-        }
-        if (postSender < preSender) {
-          const sender = accountKeys[j];
-          if (!sender) continue;
-          const senderAddress = typeof sender === "string" ? sender : sender.pubkey?.toString();
-          if (!senderAddress) continue;
-          transfers.push({
-            from: senderAddress,
-            to: address,
-            amount: diff / 1e9,
-            // Convert lamports to SOL
-            token: void 0,
-            signature,
-            blockTime: tx.blockTime
-          });
-          break;
-        }
-      }
-    }
-  }
-  return transfers;
-}
-function extractSPLTransfers(tx, signature) {
-  const transfers = [];
-  if (!tx.meta || !tx.meta.postTokenBalances || !tx.meta.preTokenBalances) {
-    return transfers;
-  }
-  const preTokenBalances = tx.meta.preTokenBalances;
-  const postTokenBalances = tx.meta.postTokenBalances;
-  const balanceChanges = /* @__PURE__ */ new Map();
-  for (const post of postTokenBalances) {
-    const pre = preTokenBalances.find(
-      (p) => p.accountIndex === post.accountIndex && p.mint === post.mint
-    );
-    const preAmount = pre?.uiTokenAmount.uiAmount ?? 0;
-    const postAmount = post.uiTokenAmount.uiAmount ?? 0;
-    const change = postAmount - preAmount;
-    if (change !== 0) {
-      balanceChanges.set(post.accountIndex, {
-        mint: post.mint,
-        change,
-        decimals: post.uiTokenAmount.decimals
-      });
-    }
-  }
-  const accountKeys = tx.transaction.message.accountKeys;
-  if (!accountKeys || !Array.isArray(accountKeys)) {
-    return transfers;
-  }
-  balanceChanges.forEach((info, accountIndex) => {
-    if (accountIndex >= accountKeys.length) {
-      return;
-    }
-    const account = accountKeys[accountIndex];
-    if (!account) return;
-    const address = typeof account === "string" ? account : account.pubkey?.toString();
-    if (!address) return;
-    if (info.change > 0) {
-      balanceChanges.forEach((senderInfo, senderIndex) => {
-        if (senderInfo.mint === info.mint && senderInfo.change < 0 && senderIndex !== accountIndex && senderIndex < accountKeys.length) {
-          const sender = accountKeys[senderIndex];
-          if (!sender) return;
-          const senderAddress = typeof sender === "string" ? sender : sender.pubkey?.toString();
-          if (!senderAddress) return;
-          transfers.push({
-            from: senderAddress,
-            to: address,
-            amount: info.change,
-            token: info.mint,
-            signature,
-            blockTime: tx.blockTime
-          });
-        }
-      });
-    }
-  });
-  return transfers;
-}
-function categorizeInstruction(instruction) {
-  const programId = instruction.programId.toString();
-  if (programId === PROGRAM_IDS.SYSTEM) {
-    if ("parsed" in instruction && instruction.parsed.type) {
-      const type = instruction.parsed.type;
-      if (type === "transfer" || type === "transferWithSeed") {
-        return "transfer";
-      }
-    }
-    return "transfer";
-  }
-  if (programId === PROGRAM_IDS.TOKEN || programId === PROGRAM_IDS.ASSOCIATED_TOKEN) {
-    if ("parsed" in instruction && instruction.parsed.type) {
-      const type = instruction.parsed.type;
-      if (type === "transfer" || type === "transferChecked") {
-        return "transfer";
-      }
-      return "token_operation";
-    }
-    return "token_operation";
-  }
-  if (programId === PROGRAM_IDS.STAKE) {
-    return "stake";
-  }
-  if (programId === PROGRAM_IDS.VOTE) {
-    return "vote";
-  }
-  if (programId.includes("Swap") || programId.includes("swap") || programId === "JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4" || // Jupiter
-  programId === "whirLbMiicVdio4qvUfM5KAg6Ct8VwpYzGff3uctyCc") {
-    return "swap";
-  }
-  return "program_interaction";
-}
-function extractInstructions(tx, signature) {
-  const instructions = [];
-  if (!tx.transaction || !tx.transaction.message) {
-    return instructions;
-  }
-  const message = tx.transaction.message;
-  const allInstructions = message.instructions;
-  if (!allInstructions || !Array.isArray(allInstructions)) {
-    return instructions;
-  }
-  for (const instruction of allInstructions) {
-    if (!instruction || !instruction.programId) {
-      continue;
-    }
-    const programId = instruction.programId.toString();
-    const category = categorizeInstruction(instruction);
-    let data;
-    if ("parsed" in instruction) {
-      data = instruction.parsed;
-    }
-    const accounts = [];
-    if ("accounts" in instruction && Array.isArray(instruction.accounts)) {
-      for (const acc of instruction.accounts) {
-        const address = typeof acc === "string" ? acc : acc.toString();
-        accounts.push(address);
-      }
-    }
-    instructions.push({
-      programId,
-      category,
-      signature,
-      blockTime: tx.blockTime,
-      data,
-      accounts: accounts.length > 0 ? accounts : void 0
-    });
-  }
-  return instructions;
-}
-function extractCounterparties(transfers, targetAddress) {
-  const counterparties = /* @__PURE__ */ new Set();
-  for (const transfer of transfers) {
-    if (transfer.from === targetAddress) {
-      counterparties.add(transfer.to);
-    } else if (transfer.to === targetAddress) {
-      counterparties.add(transfer.from);
-    }
-  }
-  return counterparties;
-}
-function calculateTimeRange(transactions) {
-  let earliest = null;
-  let latest = null;
-  for (const tx of transactions) {
-    if (tx.blockTime) {
-      if (earliest === null || tx.blockTime < earliest) {
-        earliest = tx.blockTime;
-      }
-      if (latest === null || tx.blockTime > latest) {
-        latest = tx.blockTime;
-      }
-    }
-  }
-  return { earliest, latest };
-}
-function normalizeWalletData(rawData, labelProvider) {
-  const allTransfers = [];
-  const allInstructions = [];
-  const allTransactionMetadata = [];
-  const allTokenAccountEvents = [];
-  const allPDAInteractions = [];
-  const transactions = rawData.transactions || [];
-  for (const rawTx of transactions) {
-    if (!rawTx.transaction) continue;
-    try {
-      const solTransfers = extractSOLTransfers(rawTx.transaction, rawTx.signature);
-      const splTransfers = extractSPLTransfers(rawTx.transaction, rawTx.signature);
-      allTransfers.push(...solTransfers, ...splTransfers);
-      const instructions = extractInstructions(rawTx.transaction, rawTx.signature);
-      allInstructions.push(...instructions);
-      const metadata = extractTransactionMetadata(rawTx.transaction, rawTx.signature);
-      allTransactionMetadata.push(metadata);
-      const tokenEvents = extractTokenAccountEvents(rawTx.transaction, rawTx.signature);
-      allTokenAccountEvents.push(...tokenEvents);
-      const pdaInteractions = extractPDAInteractions(rawTx.transaction, rawTx.signature);
-      allPDAInteractions.push(...pdaInteractions);
-    } catch (error) {
-      console.warn(`Failed to normalize transaction ${rawTx.signature}:`, error);
-      continue;
-    }
-  }
-  const counterparties = extractCounterparties(allTransfers, rawData.address);
-  const labels = labelProvider ? labelProvider.lookupMany(Array.from(counterparties)) : /* @__PURE__ */ new Map();
-  const timeRange = calculateTimeRange(transactions);
-  const tokenAccounts = rawData.tokenAccounts.map((ta) => {
-    try {
-      return {
-        mint: ta.account.data.parsed.info.mint,
-        address: ta.pubkey.toString(),
-        balance: ta.account.data.parsed.info.tokenAmount.uiAmount ?? 0
-      };
-    } catch (error) {
-      return null;
-    }
-  }).filter((ta) => ta !== null);
-  const feePayers = /* @__PURE__ */ new Set();
-  const signers = /* @__PURE__ */ new Set();
-  const programs = /* @__PURE__ */ new Set();
-  for (const metadata of allTransactionMetadata) {
-    feePayers.add(metadata.feePayer);
-    for (const signer of metadata.signers) {
-      signers.add(signer);
-    }
-  }
-  for (const instruction of allInstructions) {
-    programs.add(instruction.programId);
-  }
-  return {
-    target: rawData.address,
-    targetType: "wallet",
-    transfers: allTransfers,
-    instructions: allInstructions,
-    counterparties,
-    labels,
-    tokenAccounts,
-    timeRange,
-    transactionCount: transactions.length,
-    // Solana-specific fields
-    transactions: allTransactionMetadata,
-    tokenAccountEvents: allTokenAccountEvents,
-    pdaInteractions: allPDAInteractions,
-    feePayers,
-    signers,
-    programs
-  };
-}
-function normalizeTransactionData(rawData, labelProvider) {
-  const allTransfers = [];
-  const allInstructions = [];
-  const counterparties = /* @__PURE__ */ new Set();
-  const allTransactionMetadata = [];
-  const allTokenAccountEvents = [];
-  const allPDAInteractions = [];
-  const feePayers = /* @__PURE__ */ new Set();
-  const signers = /* @__PURE__ */ new Set();
-  const programs = /* @__PURE__ */ new Set();
-  if (rawData.transaction) {
-    try {
-      const solTransfers = extractSOLTransfers(rawData.transaction, rawData.signature);
-      const splTransfers = extractSPLTransfers(rawData.transaction, rawData.signature);
-      allTransfers.push(...solTransfers, ...splTransfers);
-      const instructions = extractInstructions(rawData.transaction, rawData.signature);
-      allInstructions.push(...instructions);
-      const metadata = extractTransactionMetadata(rawData.transaction, rawData.signature);
-      allTransactionMetadata.push(metadata);
-      feePayers.add(metadata.feePayer);
-      for (const signer of metadata.signers) {
-        signers.add(signer);
-      }
-      const tokenEvents = extractTokenAccountEvents(rawData.transaction, rawData.signature);
-      allTokenAccountEvents.push(...tokenEvents);
-      const pdaInteractions = extractPDAInteractions(rawData.transaction, rawData.signature);
-      allPDAInteractions.push(...pdaInteractions);
-      const accountKeys = rawData.transaction.transaction.message.accountKeys;
-      if (accountKeys && Array.isArray(accountKeys)) {
-        for (const key of accountKeys) {
-          const address = typeof key === "string" ? key : key.pubkey.toString();
-          counterparties.add(address);
-        }
-      }
-      for (const instruction of instructions) {
-        programs.add(instruction.programId);
-      }
-    } catch (error) {
-      console.warn(`Failed to normalize transaction ${rawData.signature}:`, error);
-    }
-  }
-  const labels = labelProvider ? labelProvider.lookupMany(Array.from(counterparties)) : /* @__PURE__ */ new Map();
-  return {
-    target: rawData.signature,
-    targetType: "transaction",
-    transfers: allTransfers,
-    instructions: allInstructions,
-    counterparties,
-    labels,
-    tokenAccounts: [],
-    timeRange: {
-      earliest: rawData.transaction ? rawData.blockTime : null,
-      latest: rawData.transaction ? rawData.blockTime : null
-    },
-    transactionCount: rawData.transaction ? 1 : 0,
-    // Solana-specific fields
-    transactions: allTransactionMetadata,
-    tokenAccountEvents: allTokenAccountEvents,
-    pdaInteractions: allPDAInteractions,
-    feePayers,
-    signers,
-    programs
-  };
-}
-function normalizeProgramData(rawData, labelProvider) {
-  const allTransfers = [];
-  const allInstructions = [];
-  const counterparties = /* @__PURE__ */ new Set();
-  const allTransactionMetadata = [];
-  const allTokenAccountEvents = [];
-  const allPDAInteractions = [];
-  const feePayers = /* @__PURE__ */ new Set();
-  const signers = /* @__PURE__ */ new Set();
-  const programs = /* @__PURE__ */ new Set();
-  const transactions = rawData.relatedTransactions || [];
-  for (const rawTx of transactions) {
-    if (!rawTx.transaction) continue;
-    try {
-      const solTransfers = extractSOLTransfers(rawTx.transaction, rawTx.signature);
-      const splTransfers = extractSPLTransfers(rawTx.transaction, rawTx.signature);
-      allTransfers.push(...solTransfers, ...splTransfers);
-      const instructions = extractInstructions(rawTx.transaction, rawTx.signature);
-      allInstructions.push(...instructions);
-      const metadata = extractTransactionMetadata(rawTx.transaction, rawTx.signature);
-      allTransactionMetadata.push(metadata);
-      feePayers.add(metadata.feePayer);
-      for (const signer of metadata.signers) {
-        signers.add(signer);
-      }
-      const tokenEvents = extractTokenAccountEvents(rawTx.transaction, rawTx.signature);
-      allTokenAccountEvents.push(...tokenEvents);
-      const pdaInteractions = extractPDAInteractions(rawTx.transaction, rawTx.signature);
-      allPDAInteractions.push(...pdaInteractions);
-      const accountKeys = rawTx.transaction.transaction.message.accountKeys;
-      if (accountKeys && Array.isArray(accountKeys)) {
-        for (const key of accountKeys) {
-          const address = typeof key === "string" ? key : key.pubkey.toString();
-          counterparties.add(address);
-        }
-      }
-      for (const instruction of instructions) {
-        programs.add(instruction.programId);
-      }
-    } catch (error) {
-      console.warn(`Failed to normalize program transaction ${rawTx.signature}:`, error);
-      continue;
-    }
-  }
-  const timeRange = calculateTimeRange(transactions);
-  const labels = labelProvider ? labelProvider.lookupMany(Array.from(counterparties)) : /* @__PURE__ */ new Map();
-  return {
-    target: rawData.programId,
-    targetType: "program",
-    transfers: allTransfers,
-    instructions: allInstructions,
-    counterparties,
-    labels,
-    tokenAccounts: [],
-    timeRange,
-    transactionCount: transactions.length,
-    // Solana-specific fields
-    transactions: allTransactionMetadata,
-    tokenAccountEvents: allTokenAccountEvents,
-    pdaInteractions: allPDAInteractions,
-    feePayers,
-    signers,
-    programs
-  };
-}
-function detectCounterpartyReuse(context) {
-  const signals = [];
-  if (context.targetType !== "wallet" || context.transactionCount < 2) {
-    return signals;
-  }
-  if (context.transfers.length > 0) {
-    const interactionCounts = /* @__PURE__ */ new Map();
-    for (const transfer of context.transfers) {
-      const counterparty = transfer.from === context.target ? transfer.to : transfer.from;
-      if (counterparty === context.target) continue;
-      interactionCounts.set(counterparty, (interactionCounts.get(counterparty) || 0) + 1);
-    }
-    const reusedCounterparties = Array.from(interactionCounts.entries()).filter(([_, count]) => count >= 3).sort((a, b) => b[1] - a[1]);
-    if (reusedCounterparties.length > 0) {
-      const totalInteractions = context.transfers.length;
-      const topCounterpartyInteractions = reusedCounterparties[0][1];
-      const concentration = topCounterpartyInteractions / totalInteractions;
-      let severity = "LOW";
-      if (concentration > 0.5 || reusedCounterparties.length >= 5) {
-        severity = "HIGH";
-      } else if (concentration > 0.3 || reusedCounterparties.length >= 3) {
-        severity = "MEDIUM";
-      }
-      const evidence = reusedCounterparties.slice(0, 5).map(([addr, count]) => {
-        const label = context.labels.get(addr);
-        return {
-          description: `${count} transfers with ${addr.slice(0, 8)}...${addr.slice(-8)}${label ? ` (${label.name})` : ""}`,
-          severity: count > totalInteractions * 0.3 ? "HIGH" : count > totalInteractions * 0.15 ? "MEDIUM" : "LOW",
-          type: "address",
-          data: { address: addr, interactionCount: count }
-        };
-      });
-      signals.push({
-        id: "counterparty-reuse",
-        name: "Repeated Transfer Counterparties",
-        severity,
-        category: "linkability",
-        reason: `Wallet repeatedly transfers with ${reusedCounterparties.length} address(es). Top counterparty: ${topCounterpartyInteractions}/${totalInteractions} transfers.`,
-        impact: "Repeated interactions with the same addresses can be used to cluster wallets and build transaction graphs.",
-        evidence,
-        mitigation: "Use different wallets for different counterparties, or use privacy-preserving protocols."
-      });
-    }
-  }
-  if (context.programs && context.programs.size > 0) {
-    const programUsage = /* @__PURE__ */ new Map();
-    for (const instruction of context.instructions) {
-      programUsage.set(instruction.programId, (programUsage.get(instruction.programId) || 0) + 1);
-    }
-    const SYSTEM_PROGRAMS = [
-      "11111111111111111111111111111111",
-      "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA",
-      "ATokenGPvbdGVxr1b2hvZbsiqW5xWH25efTNsLJA8knL",
-      "ComputeBudget111111111111111111111111111111"
-    ];
-    const significantPrograms = Array.from(programUsage.entries()).filter(([programId]) => !SYSTEM_PROGRAMS.includes(programId)).filter(([_, count]) => count >= Math.min(3, Math.ceil(context.instructions.length * 0.1))).sort((a, b) => b[1] - a[1]);
-    if (significantPrograms.length >= 2) {
-      const evidence = significantPrograms.slice(0, 5).map(([programId, count]) => {
-        const label = context.labels.get(programId);
-        return {
-          description: `${programId.slice(0, 8)}...${label ? ` (${label.name})` : ""} used in ${count} instruction(s)`,
-          severity: "LOW",
-          reference: `https://solscan.io/account/${programId}`
-        };
-      });
-      signals.push({
-        id: "program-reuse",
-        name: "Repeated Program Interactions",
-        severity: "LOW",
-        category: "behavioral",
-        reason: `Wallet interacts with ${significantPrograms.length} non-system program(s) repeatedly.`,
-        impact: "Program usage patterns create a behavioral fingerprint. Addresses with similar patterns are likely related.",
-        mitigation: "This is generally unavoidable when using DeFi. Diversifying protocols can reduce fingerprinting.",
-        evidence
-      });
-    }
-  }
-  if (context.pdaInteractions && context.pdaInteractions.length > 0) {
-    const pdaUsage = /* @__PURE__ */ new Map();
-    for (const pda of context.pdaInteractions) {
-      if (!pdaUsage.has(pda.pda)) {
-        pdaUsage.set(pda.pda, { count: 0, programId: pda.programId });
-      }
-      pdaUsage.get(pda.pda).count++;
-    }
-    const repeatedPDAs = Array.from(pdaUsage.entries()).filter(([_, { count }]) => count >= 2).sort((a, b) => b[1].count - a[1].count);
-    if (repeatedPDAs.length > 0) {
-      const evidence = repeatedPDAs.slice(0, 5).map(([pda, { count, programId }]) => ({
-        description: `PDA ${pda.slice(0, 8)}... (program: ${programId.slice(0, 8)}...) used ${count} times`,
-        severity: count > 3 ? "MEDIUM" : "LOW",
-        reference: `https://solscan.io/account/${pda}`
-      }));
-      const maxCount = repeatedPDAs[0][1].count;
-      const severity = maxCount > 5 ? "MEDIUM" : "LOW";
-      signals.push({
-        id: "pda-reuse",
-        name: "Repeated PDA Interactions",
-        severity,
-        category: "linkability",
-        reason: `${repeatedPDAs.length} Program-Derived Address(es) are used repeatedly. Max usage: ${maxCount} times.`,
-        impact: "PDAs often represent user-specific accounts (e.g., your position in a protocol). Repeated usage links all interactions.",
-        mitigation: "Some PDA reuse is inherent to Solana protocols. For sensitive operations, use fresh wallets.",
-        evidence
-      });
-    }
-  }
-  if (context.transfers.length > 0 && context.instructions.length > 0) {
-    const combos = /* @__PURE__ */ new Map();
-    for (const transfer of context.transfers) {
-      const counterparty = transfer.from === context.target ? transfer.to : transfer.from;
-      if (counterparty === context.target) continue;
-      const txInstructions = context.instructions.filter((inst) => inst.signature === transfer.signature);
-      for (const inst of txInstructions) {
-        const combo = `${counterparty}:${inst.programId}`;
-        combos.set(combo, (combos.get(combo) || 0) + 1);
-      }
-    }
-    const repeatedCombos = Array.from(combos.entries()).filter(([_, count]) => count >= 2).sort((a, b) => b[1] - a[1]);
-    if (repeatedCombos.length > 0) {
-      const evidence = repeatedCombos.slice(0, 3).map(([combo, count]) => {
-        const [counterparty, programId] = combo.split(":");
-        const label = context.labels.get(counterparty);
-        return {
-          description: `${counterparty.slice(0, 8)}...${label ? ` (${label.name})` : ""} + program ${programId.slice(0, 8)}... used ${count} times`,
-          severity: "MEDIUM"
-        };
-      });
-      signals.push({
-        id: "counterparty-program-combo",
-        name: "Repeated Counterparty-Program Combination",
-        severity: "MEDIUM",
-        category: "linkability",
-        reason: `${repeatedCombos.length} specific counterparty-program combination(s) are reused.`,
-        impact: "This creates a very specific fingerprint. The combination of WHO you interact with and WHAT program is highly identifying.",
-        mitigation: "Rotate both counterparties and programs if privacy is critical.",
-        evidence
-      });
-    }
-  }
-  return signals;
-}
-function detectAmountReuse(context) {
-  const signals = [];
-  if (context.transfers.length < 5) {
-    return signals;
-  }
-  const amountCounts = /* @__PURE__ */ new Map();
-  const roundNumbers = [];
-  for (const transfer of context.transfers) {
-    if (transfer.amount > 0 && Number.isInteger(transfer.amount) && transfer.amount >= 1) {
-      roundNumbers.push(transfer.amount);
-    }
-    const amountKey = `${transfer.amount.toFixed(9)}-${transfer.token || "SOL"}`;
-    if (!amountCounts.has(amountKey)) {
-      amountCounts.set(amountKey, { count: 0, counterparties: /* @__PURE__ */ new Set(), signers: /* @__PURE__ */ new Set() });
-    }
-    const data = amountCounts.get(amountKey);
-    data.count++;
-    const counterparty = transfer.from === context.target ? transfer.to : transfer.from;
-    if (counterparty !== context.target) {
-      data.counterparties.add(counterparty);
-    }
-    const tx = context.transactions ? context.transactions.find((t) => t.signature === transfer.signature) : null;
-    if (tx) {
-      tx.signers.forEach((s) => data.signers.add(s));
-    }
-  }
-  const reusedAmounts = Array.from(amountCounts.entries()).filter(([_, data]) => data.count >= 3).sort((a, b) => b[1].count - a[1].count);
-  const hasRoundNumbers = roundNumbers.length >= 3;
-  const hasReusedAmounts = reusedAmounts.length >= 2;
-  if (hasRoundNumbers && roundNumbers.length >= 5) {
-    signals.push({
-      id: "amount-round-numbers",
-      name: "Frequent Round Number Transfers",
-      severity: "LOW",
-      category: "behavioral",
-      reason: `${roundNumbers.length} round-number transfers detected (e.g., 1 SOL, 10 SOL).`,
-      impact: "Round numbers are common on Solana. Combined with other patterns, they can contribute to fingerprinting.",
-      mitigation: "Vary amounts slightly if possible, but this is low priority.",
-      evidence: [{
-        description: `${roundNumbers.length} round-number transfers: ${roundNumbers.slice(0, 5).join(", ")}...`,
-        severity: "LOW",
-        type: "amount",
-        data: { roundNumbers: roundNumbers.slice(0, 5) }
-      }]
-    });
-  }
-  const suspiciousReuse = reusedAmounts.filter(([_, data]) => {
-    return data.counterparties.size === 1 && data.count >= 3;
-  });
-  if (suspiciousReuse.length > 0) {
-    const evidence = suspiciousReuse.slice(0, 3).map(([amountKey, data]) => {
-      const [amount, token] = amountKey.split("-");
-      const counterparty = Array.from(data.counterparties)[0];
-      return {
-        description: `${amount} ${token} sent to ${counterparty.slice(0, 8)}... ${data.count} times`,
-        severity: "MEDIUM",
-        type: "amount",
-        data: { amount: parseFloat(amount), token, count: data.count, counterparty }
-      };
-    });
-    signals.push({
-      id: "amount-reuse-counterparty",
-      name: "Same Amount to Same Counterparty",
-      severity: "MEDIUM",
-      category: "behavioral",
-      reason: `${suspiciousReuse.length} amount(s) repeatedly sent to the same counterparty.`,
-      impact: "Sending the same amount to the same address multiple times creates a strong pattern. This is likely automated or habitual behavior.",
-      mitigation: "Vary amounts when sending to the same address, or use privacy protocols.",
-      evidence
-    });
-  }
-  const signerReuse = reusedAmounts.filter(([_, data]) => {
-    return data.signers.size <= 2 && data.count >= 3;
-  });
-  if (signerReuse.length > 0 && suspiciousReuse.length === 0) {
-    const evidence = signerReuse.slice(0, 3).map(([amountKey, data]) => {
-      const [amount, token] = amountKey.split("-");
-      return {
-        description: `${amount} ${token} used ${data.count} times with ${data.signers.size} signer(s)`,
-        severity: "LOW",
-        type: "amount",
-        data: { amount: parseFloat(amount), token, count: data.count }
-      };
-    });
-    signals.push({
-      id: "amount-reuse-pattern",
-      name: "Repeated Amount Pattern",
-      severity: "LOW",
-      category: "behavioral",
-      reason: `${signerReuse.length} amount(s) are reused multiple times with consistent signers.`,
-      impact: "Amount reuse alone is relatively weak, but combined with other signals it contributes to behavioral fingerprinting.",
-      mitigation: "Vary transaction amounts to reduce pattern visibility.",
-      evidence
-    });
-  }
-  const veryReused = reusedAmounts.filter(([_, data]) => data.count >= 5);
-  if (veryReused.length > 0 && suspiciousReuse.length === 0 && signerReuse.length === 0) {
-    const evidence = veryReused.slice(0, 3).map(([amountKey, data]) => {
-      const [amount, token] = amountKey.split("-");
-      return {
-        description: `${amount} ${token} used ${data.count} times across ${data.counterparties.size} counterparties`,
-        severity: data.count > 10 ? "MEDIUM" : "LOW",
-        type: "amount",
-        data: { amount: parseFloat(amount), token, count: data.count }
-      };
-    });
-    const maxCount = veryReused[0][1].count;
-    const severity = maxCount > 10 ? "MEDIUM" : "LOW";
-    signals.push({
-      id: "amount-reuse-frequency",
-      name: "High-Frequency Amount Reuse",
-      severity,
-      category: "behavioral",
-      reason: `${veryReused.length} amount(s) are used very frequently (${maxCount} times for top amount).`,
-      impact: "Extremely frequent reuse of specific amounts suggests automation or habitual behavior, creating a detectable pattern.",
-      mitigation: "If running automated systems, add randomization to amounts.",
-      evidence
-    });
-  }
-  return signals;
-}
-function detectTimingPatterns(context) {
-  const signals = [];
-  if (!context.timeRange.earliest || !context.timeRange.latest) {
-    return signals;
-  }
-  if (context.transactionCount < 3) {
-    return signals;
-  }
-  const timeSpanSeconds = context.timeRange.latest - context.timeRange.earliest;
-  const timeSpanHours = timeSpanSeconds / 3600;
-  if (timeSpanHours === 0) {
-    return signals;
-  }
-  const txRate = context.transactionCount / timeSpanHours;
-  let isBurst = false;
-  let burstSeverity = "LOW";
-  if (txRate > 10) {
-    burstSeverity = "HIGH";
-    isBurst = true;
-  } else if (txRate > 5) {
-    burstSeverity = "MEDIUM";
-    isBurst = true;
-  } else if (timeSpanHours < 1 && context.transactionCount >= 3) {
-    burstSeverity = "MEDIUM";
-    isBurst = true;
-  }
-  if (isBurst) {
-    signals.push({
-      id: "timing-burst",
-      name: "Transaction Burst Pattern",
-      severity: burstSeverity,
-      confidence: 0.8,
-      category: "behavioral",
-      reason: `Concentrated activity: ${context.transactionCount} transactions in ${timeSpanHours.toFixed(1)} hours`,
-      impact: "Concentrated transaction activity creates timing fingerprints that can be used to correlate your transactions and link them to specific events or behaviors.",
-      mitigation: "Spread transactions over longer time periods, use scheduled transactions, or batch operations to reduce timing correlation.",
-      evidence: [{
-        description: `${context.transactionCount} transactions in ${timeSpanHours.toFixed(1)} hours (${txRate.toFixed(2)} tx/hour)`,
-        severity: burstSeverity,
-        reference: void 0
-      }]
-    });
-  }
-  if (context.transactions && context.transactions.length >= 5) {
-    const timestamps = context.transactions.map((tx) => tx.blockTime).filter((time) => time !== void 0).sort((a, b) => a - b);
-    if (timestamps.length >= 5) {
-      const gaps = [];
-      for (let i = 1; i < timestamps.length; i++) {
-        gaps.push(timestamps[i] - timestamps[i - 1]);
-      }
-      const avgGap = gaps.reduce((sum, gap) => sum + gap, 0) / gaps.length;
-      const variance = gaps.reduce((sum, gap) => sum + Math.pow(gap - avgGap, 2), 0) / gaps.length;
-      const stdDev = Math.sqrt(variance);
-      const coefficientOfVariation = stdDev / avgGap;
-      if (coefficientOfVariation < 0.3 && avgGap > 60) {
-        const intervalMinutes = Math.round(avgGap / 60);
-        const intervalHours = avgGap / 3600;
-        let severity = "LOW";
-        if (intervalHours >= 23 && intervalHours <= 25) {
-          severity = "HIGH";
-        } else if (intervalHours >= 0.9 && intervalHours <= 1.1) {
-          severity = "HIGH";
-        } else if (gaps.length >= 10) {
-          severity = "MEDIUM";
-        }
-        signals.push({
-          id: "timing-regular-interval",
-          name: "Regular Transaction Interval",
-          severity,
-          confidence: 0.85,
-          category: "behavioral",
-          reason: `Transactions occur at regular ${intervalMinutes < 60 ? `${intervalMinutes}-minute` : `${intervalHours.toFixed(1)}-hour`} intervals.`,
-          impact: "Regular timing patterns are highly distinctive fingerprints. They suggest automated behavior and can reveal timezone, schedule, or bot configuration.",
-          mitigation: "Add random delays between transactions. Vary the timing to avoid predictable patterns.",
-          evidence: [{
-            description: `${gaps.length} transactions with average ${intervalMinutes}-minute intervals (${(coefficientOfVariation * 100).toFixed(1)}% variation)`,
-            severity,
-            reference: void 0
-          }]
-        });
-      }
-    }
-  }
-  if (context.transactions && context.transactions.length >= 10) {
-    const timestamps = context.transactions.map((tx) => tx.blockTime).filter((time) => time !== void 0);
-    if (timestamps.length >= 10) {
-      const hours = timestamps.map((ts) => new Date(ts * 1e3).getUTCHours());
-      const hourCounts = /* @__PURE__ */ new Map();
-      hours.forEach((hour) => {
-        hourCounts.set(hour, (hourCounts.get(hour) || 0) + 1);
-      });
-      const maxCount = Math.max(...Array.from(hourCounts.values()));
-      const concentration = maxCount / hours.length;
-      if (concentration > 0.4) {
-        const mostActiveHours = Array.from(hourCounts.entries()).filter(([_, count]) => count >= maxCount * 0.8).map(([hour]) => hour).sort((a, b) => a - b);
-        signals.push({
-          id: "timing-timezone-pattern",
-          name: "Consistent Time-of-Day Pattern",
-          severity: "MEDIUM",
-          confidence: 0.7,
-          category: "behavioral",
-          reason: `${Math.round(concentration * 100)}% of transactions occur during specific hours (${mostActiveHours.map((h) => `${h}:00`).join(", ")} UTC).`,
-          impact: "Time-of-day patterns can reveal timezone or daily schedule, contributing to identity fingerprinting.",
-          mitigation: "Vary transaction times across different hours of the day. Use scheduled transactions or automation to obscure your timezone.",
-          evidence: [{
-            description: `${maxCount}/${hours.length} transactions during ${mostActiveHours.length} hour(s)`,
-            severity: "MEDIUM",
-            reference: void 0
-          }]
-        });
-      }
-    }
-  }
-  return signals;
-}
-function detectKnownEntityInteraction(context) {
-  const signals = [];
-  if (context.labels.size === 0) {
-    return signals;
-  }
-  const entityTypeGroups = /* @__PURE__ */ new Map();
-  for (const [address, label] of context.labels.entries()) {
-    let interactionCount = 0;
-    const relatedTxs = [];
-    for (const transfer of context.transfers) {
-      if (transfer.from === address || transfer.to === address) {
-        interactionCount++;
-        if (relatedTxs.length < 3) {
-          relatedTxs.push(transfer.signature);
-        }
-      }
-    }
-    if (interactionCount > 0) {
-      if (!entityTypeGroups.has(label.type)) {
-        entityTypeGroups.set(label.type, []);
-      }
-      entityTypeGroups.get(label.type).push({
-        address,
-        label,
-        count: interactionCount,
-        txs: relatedTxs
-      });
-    }
-  }
-  if (entityTypeGroups.size === 0) {
-    return signals;
-  }
-  const exchanges = entityTypeGroups.get("exchange");
-  if (exchanges && exchanges.length > 0) {
-    const evidence = exchanges.map((entity) => ({
-      description: `${entity.count} interaction(s) with ${entity.label.name}`,
-      severity: "HIGH",
-      reference: entity.address
-    }));
-    const totalExchangeTxs = exchanges.reduce((sum, e) => sum + e.count, 0);
-    signals.push({
-      id: "known-entity-exchange",
-      name: "Centralized Exchange Interaction",
-      severity: "HIGH",
-      confidence: 0.95,
-      category: "identity-linkage",
-      reason: `Wallet interacted with ${exchanges.length} centralized exchange(s) in ${totalExchangeTxs} transaction(s).`,
-      impact: "Centralized exchanges have KYC data. Direct interactions can link your on-chain address to your real-world identity through account records, IP addresses, and withdrawal/deposit patterns.",
-      mitigation: "Use intermediate wallets to break the direct link. Deposit to privacy protocols before going to CEX. Consider DEXs for better privacy.",
-      evidence
-    });
-  }
-  const bridges = entityTypeGroups.get("bridge");
-  if (bridges && bridges.length > 0) {
-    const evidence = bridges.map((entity) => ({
-      description: `${entity.count} interaction(s) with ${entity.label.name}`,
-      severity: "MEDIUM",
-      reference: entity.address
-    }));
-    signals.push({
-      id: "known-entity-bridge",
-      name: "Bridge Protocol Interaction",
-      severity: "MEDIUM",
-      confidence: 0.85,
-      category: "identity-linkage",
-      reason: `Wallet interacted with ${bridges.length} bridge protocol(s).`,
-      impact: "Bridge transactions can link your Solana address to addresses on other chains, expanding the tracking surface.",
-      mitigation: "Use privacy-preserving bridges when available. Create separate addresses for cross-chain activity.",
-      evidence
-    });
-  }
-  const others = Array.from(entityTypeGroups.entries()).filter(([type]) => type !== "exchange" && type !== "bridge");
-  if (others.length > 0) {
-    const allOtherEntities = others.flatMap(([_, entities]) => entities);
-    const evidence = allOtherEntities.slice(0, 5).map((entity) => ({
-      description: `${entity.count} interaction(s) with ${entity.label.name} (${entity.label.type})`,
-      severity: "LOW",
-      reference: entity.address
-    }));
-    const totalOtherTxs = allOtherEntities.reduce((sum, e) => sum + e.count, 0);
-    signals.push({
-      id: "known-entity-other",
-      name: "Known Entity Interactions",
-      severity: "LOW",
-      confidence: 0.75,
-      category: "behavioral",
-      reason: `Wallet interacted with ${allOtherEntities.length} known entit${allOtherEntities.length === 1 ? "y" : "ies"} (${totalOtherTxs} transactions).`,
-      impact: "Interactions with known entities create reference points in your transaction history. These can be used to correlate activity and build behavioral profiles.",
-      mitigation: "While interacting with known protocols is often necessary, be aware it creates public association with those services.",
-      evidence
-    });
-  }
-  for (const [address, label] of context.labels.entries()) {
-    let interactionCount = 0;
-    for (const transfer of context.transfers) {
-      if (transfer.from === address || transfer.to === address) {
-        interactionCount++;
-      }
-    }
-    const concentration = interactionCount / context.transfers.length;
-    if (concentration > 0.3 && interactionCount >= 5) {
-      signals.push({
-        id: `known-entity-frequent-${address.slice(0, 8)}`,
-        name: "Frequent Single Entity Interaction",
-        severity: label.type === "exchange" ? "HIGH" : "MEDIUM",
-        confidence: 0.85,
-        category: "behavioral",
-        reason: `${Math.round(concentration * 100)}% of transfers (${interactionCount}/${context.transfers.length}) involve ${label.name}.`,
-        impact: "Heavy concentration of activity with one entity creates a strong link and behavioral dependency that is easily identified.",
-        mitigation: "Diversify your interactions across multiple services. Use different addresses for different service providers.",
-        evidence: [{
-          description: `${interactionCount} transfers with ${label.name} (${label.type})`,
-          severity: label.type === "exchange" ? "HIGH" : "MEDIUM",
-          reference: address
-        }]
-      });
-    }
-  }
-  return signals;
-}
-function detectBalanceTraceability(context) {
-  const signals = [];
-  if (context.targetType !== "wallet" || context.transfers.length < 2) {
-    return signals;
-  }
-  const amountPairs = /* @__PURE__ */ new Map();
-  for (const transfer of context.transfers) {
-    const amountKey = transfer.amount.toFixed(6);
-    amountPairs.set(amountKey, (amountPairs.get(amountKey) || 0) + 1);
-  }
-  const matchingPairs = Array.from(amountPairs.entries()).filter(([_, count]) => count >= 2).sort((a, b) => b[1] - a[1]);
-  if (matchingPairs.length >= 2) {
-    const evidence = matchingPairs.slice(0, 5).map(([amount, count]) => ({
-      description: `Amount ${amount} appears in ${count} transfers`,
-      severity: count >= 4 ? "HIGH" : "MEDIUM",
-      reference: void 0
-    }));
-    const severity = matchingPairs.length >= 4 ? "HIGH" : matchingPairs.length >= 3 ? "MEDIUM" : "LOW";
-    signals.push({
-      id: "balance-matching-pairs",
-      name: "Matching Send/Receive Amounts",
-      severity,
-      confidence: 0.7,
-      category: "traceability",
-      reason: `${matchingPairs.length} amount(s) appear in multiple transfers, suggesting balance movements.`,
-      impact: "Matching amounts can be used to trace balance flows. If you receive X and later send X, observers can link these transactions.",
-      mitigation: "Split large transfers into multiple smaller ones with varied amounts. Avoid sending exact amounts you received.",
-      evidence
-    });
-  }
-  const sequentialPairs = [];
-  for (let i = 0; i < context.transfers.length - 1; i++) {
-    const current = context.transfers[i];
-    const next = context.transfers[i + 1];
-    if (current.blockTime && next.blockTime) {
-      const timeDiff = Math.abs(next.blockTime - current.blockTime);
-      const amountDiff = Math.abs(current.amount - next.amount);
-      const percentDiff = amountDiff / Math.max(current.amount, next.amount);
-      if (timeDiff < 3600 && percentDiff < 0.1 && current.amount > 0.1) {
-        sequentialPairs.push({
-          index: i,
-          amount1: current.amount,
-          amount2: next.amount,
-          timeDiff
-        });
-      }
-    }
-  }
-  if (sequentialPairs.length >= 2) {
-    const evidence = sequentialPairs.slice(0, 3).map((pair) => ({
-      description: `${pair.amount1.toFixed(4)} \u2192 ${pair.amount2.toFixed(4)} (${Math.round(pair.timeDiff / 60)} minutes apart)`,
-      severity: pair.timeDiff < 600 ? "HIGH" : "MEDIUM",
-      reference: void 0
-    }));
-    signals.push({
-      id: "balance-sequential-similar",
-      name: "Sequential Similar Amount Transfers",
-      severity: "MEDIUM",
-      confidence: 0.65,
-      category: "traceability",
-      reason: `${sequentialPairs.length} instance(s) of similar amounts transferred in quick succession.`,
-      impact: "Sequential similar amounts suggest balance movements and make it easy to trace funds through intermediate addresses.",
-      mitigation: "Add random delays between transactions. Vary amounts to obscure the flow path.",
-      evidence
-    });
-  }
-  const roundNumbers = context.transfers.filter((t) => {
-    const amount = t.amount;
-    if (amount === 0) return false;
-    return (amount === Math.floor(amount) || // Whole number
-    amount * 10 === Math.floor(amount * 10) || // One decimal
-    amount * 100 === Math.floor(amount * 100)) && (amount % 1 === 0 || // 1, 10, 100
-    amount * 10 % 1 === 0 || // 0.1, 0.5
-    amount * 100 % 1 === 0);
-  });
-  const roundNumberRatio = roundNumbers.length / context.transfers.length;
-  if (roundNumberRatio > 0.7 && context.transfers.length >= 5) {
-    signals.push({
-      id: "balance-round-numbers",
-      name: "High Proportion of Round Number Transfers",
-      severity: "LOW",
-      confidence: 0.6,
-      category: "behavioral",
-      reason: `${Math.round(roundNumberRatio * 100)}% of transfers use round numbers.`,
-      impact: "Round numbers are easier to remember and track. They can contribute to balance traceability when combined with other patterns.",
-      mitigation: "Use more varied amounts. Add small random values to make amounts less predictable.",
-      evidence: [{
-        description: `${roundNumbers.length}/${context.transfers.length} transfers are round numbers`,
-        severity: "LOW",
-        reference: void 0
-      }]
-    });
-  }
-  const tokenTransfers = /* @__PURE__ */ new Map();
-  for (const transfer of context.transfers) {
-    const token = transfer.token || "SOL";
-    if (!tokenTransfers.has(token)) {
-      tokenTransfers.set(token, []);
-    }
-    tokenTransfers.get(token).push(transfer);
-  }
-  for (const [token, transfers] of tokenTransfers) {
-    if (transfers.length < 2) continue;
-    const receives = transfers.filter((t) => t.to === context.target);
-    const sends = transfers.filter((t) => t.from === context.target);
-    for (const receive of receives) {
-      for (const send of sends) {
-        if (!receive.blockTime || !send.blockTime) continue;
-        if (send.blockTime <= receive.blockTime) continue;
-        const timeDiff = send.blockTime - receive.blockTime;
-        const percentDiff = Math.abs(send.amount - receive.amount) / receive.amount;
-        if (percentDiff < 0.05 && timeDiff < 86400 && receive.amount > 1) {
-          signals.push({
-            id: `balance-full-movement-${token}`,
-            name: "Full Balance Movement Detected",
-            severity: "HIGH",
-            confidence: 0.8,
-            category: "traceability",
-            reason: `Received ${receive.amount.toFixed(4)} ${token}, then sent ${send.amount.toFixed(4)} ${token} shortly after.`,
-            impact: "Moving entire received balances makes fund flow trivially traceable. The path from source to destination is clear.",
-            mitigation: "Split received funds before sending. Mix with other funds. Add delays and intermediate steps.",
-            evidence: [{
-              description: `Received ${receive.amount.toFixed(4)} \u2192 Sent ${send.amount.toFixed(4)} (${Math.round(timeDiff / 60)} minutes later)`,
-              severity: "HIGH",
-              reference: void 0
-            }]
-          });
-          break;
-        }
-      }
-    }
-  }
-  return signals;
-}
-function detectFeePayerReuse(context) {
-  const signals = [];
-  if (context.targetType === "transaction") {
-    return signals;
-  }
-  if (!context.feePayers || !context.transactions || context.transactions.length === 0) {
-    return signals;
-  }
-  const feePayers = context.feePayers;
-  const target = context.target;
-  const targetIsFeePayer = feePayers.has(target);
-  const onlyTargetPays = feePayers.size === 1 && targetIsFeePayer;
-  if (onlyTargetPays) {
-    return signals;
-  }
-  if (feePayers.size > 1 && targetIsFeePayer) {
-    const externalFeePayers = Array.from(feePayers).filter((fp) => fp !== target);
-    const feePayerCounts = /* @__PURE__ */ new Map();
-    for (const tx of context.transactions) {
-      if (tx.feePayer !== target) {
-        feePayerCounts.set(tx.feePayer, (feePayerCounts.get(tx.feePayer) || 0) + 1);
-      }
-    }
-    const evidence = [];
-    for (const [feePayer, count] of feePayerCounts) {
-      evidence.push({
-        description: `${feePayer} paid fees for ${count} transaction(s)`,
-        severity: count > 1 ? "HIGH" : "MEDIUM",
-        reference: void 0
-      });
-    }
-    const knownFeePayerLabel = externalFeePayers.find((fp) => context.labels.has(fp));
-    const knownLabel = knownFeePayerLabel ? context.labels.get(knownFeePayerLabel) : null;
-    signals.push({
-      id: "fee-payer-external",
-      name: "External Fee Payer Detected",
-      severity: knownLabel ? "HIGH" : "MEDIUM",
-      category: "linkability",
-      reason: `${externalFeePayers.length} external wallet(s) paid fees for transactions involving this address${knownLabel ? `, including known entity: ${knownLabel.name}` : ""}.`,
-      impact: "This address is linked to the fee payer(s). Anyone observing the blockchain can see this relationship. If the fee payer is identified, this address is also compromised.",
-      mitigation: "Always pay your own transaction fees. Never allow third parties to pay fees for your transactions unless absolutely necessary. If using a relayer, understand that this creates a permanent on-chain link.",
-      evidence
-    });
-  }
-  if (!targetIsFeePayer && feePayers.size > 0) {
-    const allFeePayers = Array.from(feePayers);
-    const feePayerCounts = /* @__PURE__ */ new Map();
-    for (const tx of context.transactions) {
-      feePayerCounts.set(tx.feePayer, (feePayerCounts.get(tx.feePayer) || 0) + 1);
-    }
-    const evidence = [];
-    for (const [feePayer, count] of feePayerCounts) {
-      const label = context.labels.get(feePayer);
-      evidence.push({
-        description: `${feePayer}${label ? ` (${label.name})` : ""} paid fees for ${count} transaction(s)`,
-        severity: "HIGH",
-        reference: void 0
-      });
-    }
-    const maxCount = Math.max(...Array.from(feePayerCounts.values()));
-    const repeatedFeePayer = maxCount > 1;
-    signals.push({
-      id: "fee-payer-never-self",
-      name: "Never Self-Pays Transaction Fees",
-      severity: repeatedFeePayer ? "HIGH" : "HIGH",
-      // Always HIGH - this is critical
-      category: "linkability",
-      reason: `This address has NEVER paid its own transaction fees. All ${context.transactionCount} transaction(s) were paid by ${allFeePayers.length} external wallet(s).`,
-      impact: "This is a CRITICAL privacy leak. This address is trivially linked to all fee payer(s). This pattern suggests a managed account, hot wallet, or program-controlled address. The controlling entity is fully exposed.",
-      mitigation: "This account model fundamentally compromises privacy. To improve: (1) Fund this address with SOL and pay your own fees, or (2) Use a fresh address for each operation, or (3) Accept that this address is permanently linked to its fee payer(s).",
-      evidence
-    });
-  }
-  if (context.targetType === "program") {
-    const feePayerCounts = /* @__PURE__ */ new Map();
-    for (const tx of context.transactions) {
-      if (!feePayerCounts.has(tx.feePayer)) {
-        feePayerCounts.set(tx.feePayer, /* @__PURE__ */ new Set());
-      }
-      for (const signer of tx.signers) {
-        feePayerCounts.get(tx.feePayer).add(signer);
-      }
-    }
-    const multiFeePayerOperators = [];
-    for (const [feePayer, signers] of feePayerCounts) {
-      if (signers.size > 1) {
-        const txCount = context.transactions.filter((tx) => tx.feePayer === feePayer).length;
-        multiFeePayerOperators.push({
-          feePayer,
-          signerCount: signers.size,
-          txCount
-        });
-      }
-    }
-    if (multiFeePayerOperators.length > 0) {
-      const evidence = multiFeePayerOperators.map((op) => ({
-        description: `${op.feePayer} paid fees for ${op.txCount} transaction(s) involving ${op.signerCount} different signer(s)`,
-        severity: "HIGH",
-        reference: void 0
-      }));
-      signals.push({
-        id: "fee-payer-multi-signer",
-        name: "Fee Payer Controls Multiple Signers",
-        severity: "HIGH",
-        category: "linkability",
-        reason: `${multiFeePayerOperators.length} fee payer(s) are paying fees for multiple different signers, suggesting centralized control or bot operation.`,
-        impact: "All addresses funded by the same fee payer are linkable. This pattern exposes operational infrastructure.",
-        mitigation: "If running bots or managing multiple accounts, use a unique fee payer for each to avoid linking them on-chain.",
-        evidence
-      });
-    }
-  }
-  return signals;
-}
-function detectSignerOverlap(context) {
-  const signals = [];
-  if (context.transactionCount < 2) {
-    return signals;
-  }
-  if (!context.transactions || context.transactions.length === 0) {
-    return signals;
-  }
-  const signerFrequency = /* @__PURE__ */ new Map();
-  const signerTransactions = /* @__PURE__ */ new Map();
-  for (const tx of context.transactions) {
-    for (const signer of tx.signers) {
-      signerFrequency.set(signer, (signerFrequency.get(signer) || 0) + 1);
-      if (!signerTransactions.has(signer)) {
-        signerTransactions.set(signer, []);
-      }
-      signerTransactions.get(signer).push(tx.signature);
-    }
-  }
-  const target = context.target;
-  const frequentSigners = Array.from(signerFrequency.entries()).filter(([signer]) => signer !== target).filter(([_, count]) => count >= Math.min(3, Math.ceil(context.transactionCount * 0.3))).sort((a, b) => b[1] - a[1]);
-  if (frequentSigners.length > 0) {
-    const evidence = frequentSigners.map(([signer, count]) => {
-      const label = context.labels.get(signer);
-      return {
-        description: `${signer}${label ? ` (${label.name})` : ""} signed ${count}/${context.transactionCount} transactions`,
-        severity: count > context.transactionCount * 0.7 ? "HIGH" : "MEDIUM",
-        reference: void 0
-      };
-    });
-    const topSignerCount = frequentSigners[0][1];
-    const severity = topSignerCount > context.transactionCount * 0.7 ? "HIGH" : "MEDIUM";
-    signals.push({
-      id: "signer-repeated",
-      name: "Repeated Signer Across Transactions",
-      severity,
-      category: "linkability",
-      reason: `${frequentSigners.length} address(es) repeatedly sign transactions involving the target. The most frequent signer appears in ${topSignerCount}/${context.transactionCount} transactions.`,
-      impact: "Repeated signers create hard links between transactions. All transactions signed by the same address are trivially linkable.",
-      mitigation: "If you control multiple addresses that sign together, they are permanently linked. Use separate signing keys for unrelated activities.",
-      evidence
-    });
-  }
-  const signerSets = /* @__PURE__ */ new Map();
-  const signerSetExamples = /* @__PURE__ */ new Map();
-  for (const tx of context.transactions) {
-    const sortedSigners = [...tx.signers].sort();
-    const setKey = JSON.stringify(sortedSigners);
-    signerSets.set(setKey, (signerSets.get(setKey) || 0) + 1);
-    if (!signerSetExamples.has(setKey)) {
-      signerSetExamples.set(setKey, tx.signature);
-    }
-  }
-  const repeatedSets = Array.from(signerSets.entries()).filter(([_, count]) => count > 1).sort((a, b) => b[1] - a[1]);
-  if (repeatedSets.length > 0) {
-    const evidence = repeatedSets.map(([setKey, count]) => {
-      const signers = JSON.parse(setKey);
-      const exampleSig = signerSetExamples.get(setKey);
-      return {
-        description: `${count} transactions with identical signer set: [${signers.map((s) => s.slice(0, 8)).join(", ")}...]`,
-        severity: count > 2 ? "MEDIUM" : "LOW",
-        reference: `https://solscan.io/tx/${exampleSig}`
-      };
-    });
-    signals.push({
-      id: "signer-set-reuse",
-      name: "Repeated Multi-Signature Pattern",
-      severity: "MEDIUM",
-      category: "linkability",
-      reason: `${repeatedSets.length} distinct signer set(s) are reused multiple times. This creates a unique fingerprint.`,
-      impact: "Reused multi-sig patterns are highly unique and easily linkable. Even if addresses differ, the signer set pattern can identify related activity.",
-      mitigation: "If using multi-sig for multiple transactions, rotate signing keys or use threshold signatures to vary the signer set.",
-      evidence
-    });
-  }
-  if (context.targetType === "program" || context.transactionCount > 10) {
-    const signerCoSigners = /* @__PURE__ */ new Map();
-    for (const tx of context.transactions) {
-      for (const signer of tx.signers) {
-        if (!signerCoSigners.has(signer)) {
-          signerCoSigners.set(signer, /* @__PURE__ */ new Set());
-        }
-        for (const otherSigner of tx.signers) {
-          if (otherSigner !== signer) {
-            signerCoSigners.get(signer).add(otherSigner);
-          }
-        }
-      }
-    }
-    const authorityCandidates = Array.from(signerCoSigners.entries()).filter(([_, coSigners]) => coSigners.size >= 3).sort((a, b) => b[1].size - a[1].size);
-    if (authorityCandidates.length > 0) {
-      const evidence = authorityCandidates.slice(0, 3).map(([signer, coSigners]) => {
-        const label = context.labels.get(signer);
-        const txCount = signerFrequency.get(signer) || 0;
-        return {
-          description: `${signer}${label ? ` (${label.name})` : ""} co-signed with ${coSigners.size} different addresses across ${txCount} transactions`,
-          severity: "HIGH",
-          reference: void 0
-        };
-      });
-      signals.push({
-        id: "signer-authority-hub",
-        name: "Authority Signer Detected",
-        severity: "HIGH",
-        category: "linkability",
-        reason: `${authorityCandidates.length} address(es) act as an authority, co-signing with multiple different wallets. This exposes a control hub.`,
-        impact: "An authority signer links all accounts it co-signs with. This reveals organizational structure or bot infrastructure.",
-        mitigation: 'Use unique authority keys for each logical group of accounts. Avoid having a single "master" signer.',
-        evidence
-      });
-    }
-  }
-  return signals;
-}
-function detectInstructionFingerprinting(context) {
-  const signals = [];
-  if (context.transactionCount < 3) {
-    return signals;
-  }
-  if (!context.transactions || context.transactions.length === 0) {
-    return signals;
-  }
-  const sequenceFingerprints = /* @__PURE__ */ new Map();
-  const sequenceExamples = /* @__PURE__ */ new Map();
-  for (const tx of context.transactions) {
-    const txInstructions = context.instructions.filter((inst) => inst.signature === tx.signature).map((inst) => inst.programId);
-    if (txInstructions.length === 0) continue;
-    const sequence = txInstructions.join("->");
-    sequenceFingerprints.set(sequence, (sequenceFingerprints.get(sequence) || 0) + 1);
-    if (!sequenceExamples.has(sequence)) {
-      sequenceExamples.set(sequence, []);
-    }
-    sequenceExamples.get(sequence).push(tx.signature);
-  }
-  const repeatedSequences = Array.from(sequenceFingerprints.entries()).filter(([_, count]) => count >= Math.min(3, Math.ceil(context.transactionCount * 0.2))).sort((a, b) => b[1] - a[1]);
-  if (repeatedSequences.length > 0) {
-    const evidence = repeatedSequences.slice(0, 5).map(([sequence, count]) => {
-      const exampleSigs = sequenceExamples.get(sequence).slice(0, 2);
-      const programs = sequence.split("->").map((p) => p.slice(0, 8) + "...").join(" \u2192 ");
-      return {
-        description: `Instruction sequence repeated ${count} times: ${programs}`,
-        severity: count > context.transactionCount * 0.5 ? "MEDIUM" : "LOW",
-        reference: `https://solscan.io/tx/${exampleSigs[0]}`
-      };
-    });
-    const topSequenceCount = repeatedSequences[0][1];
-    const severity = topSequenceCount > context.transactionCount * 0.5 ? "MEDIUM" : "LOW";
-    signals.push({
-      id: "instruction-sequence-pattern",
-      name: "Repeated Instruction Sequence Pattern",
-      severity,
-      category: "behavioral",
-      reason: `${repeatedSequences.length} distinct instruction sequence(s) are repeated multiple times. The most common pattern appears in ${topSequenceCount}/${context.transactionCount} transactions.`,
-      impact: "Repeated instruction patterns create a behavioral fingerprint. Even with different addresses, these patterns can link related activity.",
-      mitigation: "Vary the order or combination of operations. Add dummy instructions or randomize transaction structure where possible.",
-      evidence
-    });
-  }
-  const programUsage = /* @__PURE__ */ new Map();
-  for (const inst of context.instructions) {
-    programUsage.set(inst.programId, (programUsage.get(inst.programId) || 0) + 1);
-  }
-  const COMMON_PROGRAMS = [
-    "11111111111111111111111111111111",
-    // System
-    "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA",
-    // SPL Token
-    "ATokenGPvbdGVxr1b2hvZbsiqW5xWH25efTNsLJA8knL",
-    // Associated Token
-    "MemoSq4gqABAXKb96qnH8TysNcWxMyWCqXgDLGmfcHr",
-    // Memo
-    "ComputeBudget111111111111111111111111111111"
-    // Compute Budget
-  ];
-  const uniquePrograms = Array.from(programUsage.entries()).filter(([programId]) => !COMMON_PROGRAMS.includes(programId)).filter(([_, count]) => count >= Math.min(2, Math.ceil(context.transactionCount * 0.15))).sort((a, b) => b[1] - a[1]);
-  if (uniquePrograms.length >= 2) {
-    const evidence = uniquePrograms.slice(0, 5).map(([programId, count]) => {
-      const label = context.labels.get(programId);
-      return {
-        description: `${programId.slice(0, 8)}...${label ? ` (${label.name})` : ""} used in ${count} transactions`,
-        severity: "LOW",
-        reference: `https://solscan.io/account/${programId}`
-      };
-    });
-    signals.push({
-      id: "program-usage-profile",
-      name: "Distinctive Program Usage Profile",
-      severity: "LOW",
-      category: "behavioral",
-      reason: `This address uses ${uniquePrograms.length} less-common programs repeatedly. This creates a unique usage profile.`,
-      impact: "Program usage patterns can fingerprint wallet behavior. Addresses with similar program usage profiles are likely related.",
-      mitigation: "Using niche protocols creates a fingerprint. This is difficult to mitigate without changing your DeFi strategy.",
-      evidence
-    });
-  }
-  if (context.pdaInteractions.length > 0) {
-    const pdaUsage = /* @__PURE__ */ new Map();
-    for (const pda of context.pdaInteractions) {
-      if (!pdaUsage.has(pda.pda)) {
-        pdaUsage.set(pda.pda, { count: 0, programId: pda.programId });
-      }
-      pdaUsage.get(pda.pda).count++;
-    }
-    const repeatedPDAs = Array.from(pdaUsage.entries()).filter(([_, { count }]) => count > 1).sort((a, b) => b[1].count - a[1].count);
-    if (repeatedPDAs.length > 0) {
-      const evidence = repeatedPDAs.slice(0, 5).map(([pda, { count, programId }]) => ({
-        description: `PDA ${pda.slice(0, 8)}... used ${count} times (program: ${programId.slice(0, 8)}...)`,
-        severity: count > 3 ? "MEDIUM" : "LOW",
-        reference: `https://solscan.io/account/${pda}`
-      }));
-      const maxPDAUsage = repeatedPDAs[0][1].count;
-      const severity = maxPDAUsage > 3 ? "MEDIUM" : "LOW";
-      signals.push({
-        id: "pda-reuse-pattern",
-        name: "Repeated PDA Interaction",
-        severity,
-        category: "behavioral",
-        reason: `${repeatedPDAs.length} Program-Derived Address(es) are used repeatedly. The most common PDA appears in ${maxPDAUsage} transactions.`,
-        impact: "Repeated PDA usage links transactions. If the PDA is specific to you (e.g., a user account), all interactions with it are linked.",
-        mitigation: "Some PDA reuse is unavoidable (e.g., your DEX pool position). For sensitive operations, consider using fresh accounts or different protocols.",
-        evidence
-      });
-    }
-  }
-  const programInstructions = /* @__PURE__ */ new Map();
-  for (const inst of context.instructions) {
-    if (!programInstructions.has(inst.programId)) {
-      programInstructions.set(inst.programId, []);
-    }
-    if (inst.data) {
-      programInstructions.get(inst.programId).push(inst.data);
-    }
-  }
-  for (const [programId, dataList] of programInstructions) {
-    if (dataList.length < 2) continue;
-    const typeMap = /* @__PURE__ */ new Map();
-    for (const data of dataList) {
-      if (data && typeof data === "object" && "type" in data) {
-        const type = String(data.type);
-        typeMap.set(type, (typeMap.get(type) || 0) + 1);
-      }
-    }
-    const repeatedTypes = Array.from(typeMap.entries()).filter(([_, count]) => count >= 2).sort((a, b) => b[1] - a[1]);
-    if (repeatedTypes.length > 0 && repeatedTypes[0][1] >= 3) {
-      const [instructionType, count] = repeatedTypes[0];
-      const label = context.labels.get(programId);
-      signals.push({
-        id: `instruction-type-${programId.slice(0, 8)}`,
-        name: "Repeated Instruction Type",
-        severity: "LOW",
-        category: "behavioral",
-        reason: `The instruction type "${instructionType}" on program ${programId.slice(0, 8)}...${label ? ` (${label.name})` : ""} is used ${count} times.`,
-        impact: "Repeated instruction types on the same program suggest automated behavior or specific strategy execution.",
-        mitigation: "This is generally low-risk but contributes to behavioral fingerprinting. Diversify your transaction types if possible.",
-        evidence: [{
-          description: `"${instructionType}" instruction used ${count} times`,
-          severity: "LOW",
-          reference: void 0
-        }]
-      });
-    }
-  }
-  return signals;
-}
-function detectTokenAccountLifecycle(context) {
-  const signals = [];
-  if (!context.tokenAccountEvents || context.tokenAccountEvents.length === 0) {
-    return signals;
-  }
-  const accountEvents = /* @__PURE__ */ new Map();
-  for (const event of context.tokenAccountEvents) {
-    if (!accountEvents.has(event.tokenAccount)) {
-      accountEvents.set(event.tokenAccount, []);
-    }
-    accountEvents.get(event.tokenAccount).push(event);
-  }
-  const createEvents = context.tokenAccountEvents.filter((e) => e.type === "create");
-  const closeEvents = context.tokenAccountEvents.filter((e) => e.type === "close");
-  if (createEvents.length >= 2 && closeEvents.length >= 2) {
-    const refundDestinations = /* @__PURE__ */ new Map();
-    const totalRefunded = closeEvents.reduce((sum, event) => {
-      if (event.rentRefund) {
-        refundDestinations.set(event.owner, (refundDestinations.get(event.owner) || 0) + event.rentRefund);
-        return sum + event.rentRefund;
-      }
-      return sum;
-    }, 0);
-    if (refundDestinations.size > 0) {
-      const evidence = Array.from(refundDestinations.entries()).map(([owner, amount]) => ({
-        description: `${amount.toFixed(4)} SOL refunded to ${owner.slice(0, 8)}... from ${closeEvents.filter((e) => e.owner === owner).length} closed account(s)`,
-        severity: "MEDIUM",
-        reference: void 0
-      }));
-      signals.push({
-        id: "token-account-churn",
-        name: "Frequent Token Account Creation/Closure",
-        severity: "MEDIUM",
-        category: "behavioral",
-        reason: `${createEvents.length} token account(s) created and ${closeEvents.length} closed. Rent refunds totaling ${totalRefunded.toFixed(4)} SOL expose ownership.`,
-        impact: 'Rent refunds link temporary token accounts back to the owner wallet. This pattern defeats the purpose of using "burner" accounts.',
-        mitigation: "If using temporary token accounts for privacy, leave them open (accept the small rent cost) rather than closing and refunding to your main wallet.",
-        evidence
-      });
-    }
-  }
-  const completeLifecycles = [];
-  for (const [tokenAccount, events] of accountEvents) {
-    const creates = events.filter((e) => e.type === "create");
-    const closes = events.filter((e) => e.type === "close");
-    if (creates.length > 0 && closes.length > 0) {
-      const createTime = creates[0].blockTime;
-      const closeTime = closes[closes.length - 1].blockTime;
-      if (createTime && closeTime) {
-        const duration = closeTime - createTime;
-        completeLifecycles.push({ tokenAccount, events, duration });
-      }
-    }
-  }
-  const shortLived = completeLifecycles.filter((lc) => lc.duration < 3600);
-  if (shortLived.length >= 2) {
-    const evidence = shortLived.slice(0, 5).map((lc) => {
-      const durationMin = Math.floor(lc.duration / 60);
-      const closeEvent = lc.events.find((e) => e.type === "close");
-      return {
-        description: `${lc.tokenAccount.slice(0, 8)}... lived for ${durationMin} minute(s)${closeEvent?.rentRefund ? `, refunded ${closeEvent.rentRefund.toFixed(4)} SOL` : ""}`,
-        severity: "LOW",
-        reference: void 0
-      };
-    });
-    signals.push({
-      id: "token-account-short-lived",
-      name: "Short-Lived Token Accounts",
-      severity: "LOW",
-      category: "behavioral",
-      reason: `${shortLived.length} token account(s) were created and closed within an hour, suggesting burner account usage.`,
-      impact: "Short-lived accounts suggest privacy-conscious behavior, but rent refunds still create linkage.",
-      mitigation: "For true privacy, do not close accounts immediately. The rent refund links the burner back to you.",
-      evidence
-    });
-  }
-  const ownerAccounts = /* @__PURE__ */ new Map();
-  for (const event of context.tokenAccountEvents) {
-    if (event.type === "create") {
-      if (!ownerAccounts.has(event.owner)) {
-        ownerAccounts.set(event.owner, /* @__PURE__ */ new Set());
-      }
-      ownerAccounts.get(event.owner).add(event.tokenAccount);
-    }
-  }
-  const multiAccountOwners = Array.from(ownerAccounts.entries()).filter(([_, accounts]) => accounts.size >= 2).sort((a, b) => b[1].size - a[1].size);
-  if (multiAccountOwners.length > 0) {
-    const [owner, accounts] = multiAccountOwners[0];
-    const isTarget = owner === context.target;
-    if (!isTarget || multiAccountOwners.length > 1) {
-      const evidence = multiAccountOwners.slice(0, 3).map(([own, accs]) => {
-        const label = context.labels.get(own);
-        return {
-          description: `${own.slice(0, 8)}...${label ? ` (${label.name})` : ""} owns ${accs.size} token account(s)`,
-          severity: "LOW",
-          reference: void 0
-        };
-      });
-      signals.push({
-        id: "token-account-common-owner",
-        name: "Common Owner Across Token Accounts",
-        severity: "LOW",
-        category: "linkability",
-        reason: `${multiAccountOwners.length} wallet(s) control multiple token accounts. The top owner controls ${accounts.size} accounts.`,
-        impact: "All token accounts with the same owner are trivially linked.",
-        mitigation: "This is inherent to Solana's token account model and cannot be avoided.",
-        evidence
-      });
-    }
-  }
-  const rentRefundReceivers = /* @__PURE__ */ new Map();
-  for (const event of context.tokenAccountEvents) {
-    if (event.type === "close" && event.rentRefund) {
-      const current = rentRefundReceivers.get(event.owner) || { count: 0, total: 0 };
-      current.count++;
-      current.total += event.rentRefund;
-      rentRefundReceivers.set(event.owner, current);
-    }
-  }
-  const significantRefunds = Array.from(rentRefundReceivers.entries()).filter(([_, { count }]) => count >= 3).sort((a, b) => b[1].count - a[1].count);
-  if (significantRefunds.length > 0) {
-    const evidence = significantRefunds.slice(0, 3).map(([owner, { count, total }]) => ({
-      description: `${owner.slice(0, 8)}... received ${count} rent refunds totaling ${total.toFixed(4)} SOL`,
-      severity: "MEDIUM",
-      reference: void 0
-    }));
-    const [topOwner, topData] = significantRefunds[0];
-    signals.push({
-      id: "rent-refund-clustering",
-      name: "Rent Refund Clustering",
-      severity: "MEDIUM",
-      category: "linkability",
-      reason: `${significantRefunds.length} address(es) receive multiple rent refunds. ${topOwner.slice(0, 8)}... received ${topData.count} refunds.`,
-      impact: "Rent refunds link closed token accounts back to a central wallet. This exposes the control structure.",
-      mitigation: "Do not close token accounts if privacy is important. The small rent cost (~0.002 SOL) is cheaper than the privacy loss.",
-      evidence
-    });
-  }
-  return signals;
-}
-function detectMemoExposure(context) {
-  const signals = [];
-  if (context.transactionCount === 0) {
-    return signals;
-  }
-  if (!context.transactions || context.transactions.length === 0) {
-    return signals;
-  }
-  const MEMO_PROGRAM = "MemoSq4gqABAXKb96qnH8TysNcWxMyWCqXgDLGmfcHr";
-  const MEMO_PROGRAM_V1 = "Memo1UhkJRfHyvLMcVucJwxXeuD728EqVDDwQDxFMNo";
-  const memoInstructions = context.instructions.filter(
-    (inst) => inst.programId === MEMO_PROGRAM || inst.programId === MEMO_PROGRAM_V1
-  );
-  if (memoInstructions.length === 0) {
-    return signals;
-  }
-  const suspiciousMemos = [];
-  for (const inst of memoInstructions) {
-    if (!inst.data || typeof inst.data !== "string") continue;
-    const memoText = inst.data.trim();
-    if (memoText.length === 0) continue;
-    let severity = "LOW";
-    const patterns = [];
-    if (/[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/.test(memoText)) {
-      patterns.push("email address");
-      severity = "HIGH";
-    }
-    if (/https?:\/\/[^\s]+/.test(memoText)) {
-      patterns.push("URL");
-      severity = severity === "HIGH" ? "HIGH" : "MEDIUM";
-    }
-    if (/(\+\d{1,3}[-.\s]?)?\(?\d{3}\)?[-.\s]?\d{3}[-.\s]?\d{4}/.test(memoText)) {
-      patterns.push("phone number");
-      severity = "HIGH";
-    }
-    const capitalizedWords = memoText.match(/\b[A-Z][a-z]+(\s+[A-Z][a-z]+)+\b/g);
-    if (capitalizedWords && capitalizedWords.length > 0) {
-      patterns.push("likely name(s)");
-      severity = severity === "HIGH" ? "HIGH" : "MEDIUM";
-    }
-    if (memoText.length > 50 && !patterns.length) {
-      patterns.push("long descriptive text");
-      severity = "MEDIUM";
-    }
-    if (/invoice|payment|order|transaction|ref|reference|id|bill/i.test(memoText)) {
-      patterns.push("payment reference");
-      severity = severity === "HIGH" ? "HIGH" : "MEDIUM";
-    }
-    if (patterns.length > 0) {
-      suspiciousMemos.push({
-        content: memoText.length > 100 ? memoText.slice(0, 100) + "..." : memoText,
-        signature: inst.signature,
-        severity
-      });
-    }
-  }
-  if (suspiciousMemos.length === 0) {
-    signals.push({
-      id: "memo-usage",
-      name: "Memo Program Usage",
-      severity: "LOW",
-      confidence: 0.6,
-      category: "information-leak",
-      reason: `${memoInstructions.length} transaction(s) use memo program. Memos are permanently visible on-chain.`,
-      impact: "Memo data is public and permanent. Even non-sensitive memos can contribute to behavioral fingerprinting.",
-      mitigation: "Avoid using memos unless necessary. Never include personal information.",
-      evidence: [{
-        description: `${memoInstructions.length} transaction(s) with memos`,
-        severity: "LOW",
-        reference: void 0
-      }]
-    });
-  } else {
-    const highSeverity = suspiciousMemos.filter((m) => m.severity === "HIGH");
-    const mediumSeverity = suspiciousMemos.filter((m) => m.severity === "MEDIUM");
-    if (highSeverity.length > 0) {
-      const evidence = highSeverity.map((memo) => ({
-        description: `"${memo.content}"`,
-        severity: "HIGH",
-        reference: `https://solscan.io/tx/${memo.signature}`
-      }));
-      signals.push({
-        id: "memo-pii-exposure",
-        name: "Personal Information in Memo",
-        severity: "HIGH",
-        confidence: 0.9,
-        category: "information-leak",
-        reason: `${highSeverity.length} memo(s) contain personal identifying information (email, phone, name).`,
-        impact: "CRITICAL: Personal information in memos is permanently public. This can directly link your wallet to your real-world identity.",
-        mitigation: "Never put personal information in memos. Contact addresses involved to stop this practice if possible.",
-        evidence
-      });
-    }
-    if (mediumSeverity.length > 0) {
-      const evidence = mediumSeverity.slice(0, 5).map((memo) => ({
-        description: `"${memo.content}"`,
-        severity: "MEDIUM",
-        reference: `https://solscan.io/tx/${memo.signature}`
-      }));
-      signals.push({
-        id: "memo-descriptive-content",
-        name: "Descriptive Content in Memo",
-        severity: "MEDIUM",
-        confidence: 0.7,
-        category: "information-leak",
-        reason: `${mediumSeverity.length} memo(s) contain descriptive or identifying content.`,
-        impact: "Descriptive memos create behavioral fingerprints and can indirectly reveal identity or transaction purpose.",
-        mitigation: "Minimize memo usage. Use generic or coded references instead of descriptive text.",
-        evidence
-      });
-    }
-  }
-  return signals;
-}
-function detectAddressReuse(context) {
-  const signals = [];
-  if (context.targetType !== "wallet" || context.transactionCount < 5) {
-    return signals;
-  }
-  const activityTypes = /* @__PURE__ */ new Set();
-  const activityDetails = /* @__PURE__ */ new Map();
-  const DEFI_PROGRAMS = /* @__PURE__ */ new Set([
-    "JUP",
-    "Raydium",
-    "Orca",
-    "Marinade",
-    "Lido",
-    "Lifinity",
-    "Serum"
-    // Add more as needed
-  ]);
-  const NFT_PROGRAMS = /* @__PURE__ */ new Set([
-    "Magic Eden",
-    "Tensor",
-    "OpenSea",
-    "Metaplex"
-  ]);
-  const GAMING_PROGRAMS = /* @__PURE__ */ new Set([
-    "Star Atlas",
-    "Genopets",
-    "Aurory"
-  ]);
-  const DAO_PROGRAMS = /* @__PURE__ */ new Set([
-    "Realms",
-    "Squads",
-    "Tribeca"
-  ]);
-  for (const inst of context.instructions) {
-    const label = context.labels.get(inst.programId);
-    const programName = label?.name || "";
-    if (DEFI_PROGRAMS.has(programName) || /swap|pool|stake|lend|borrow/i.test(programName)) {
-      activityTypes.add("DeFi");
-      if (!activityDetails.has("DeFi")) {
-        activityDetails.set("DeFi", { count: 0, programs: /* @__PURE__ */ new Set() });
-      }
-      const details = activityDetails.get("DeFi");
-      details.count++;
-      details.programs.add(programName || inst.programId.slice(0, 8));
-    }
-    if (NFT_PROGRAMS.has(programName) || /nft|marketplace|mint/i.test(programName)) {
-      activityTypes.add("NFT");
-      if (!activityDetails.has("NFT")) {
-        activityDetails.set("NFT", { count: 0, programs: /* @__PURE__ */ new Set() });
-      }
-      const details = activityDetails.get("NFT");
-      details.count++;
-      details.programs.add(programName || inst.programId.slice(0, 8));
-    }
-    if (GAMING_PROGRAMS.has(programName) || /game|play/i.test(programName)) {
-      activityTypes.add("Gaming");
-      if (!activityDetails.has("Gaming")) {
-        activityDetails.set("Gaming", { count: 0, programs: /* @__PURE__ */ new Set() });
-      }
-      const details = activityDetails.get("Gaming");
-      details.count++;
-      details.programs.add(programName || inst.programId.slice(0, 8));
-    }
-    if (DAO_PROGRAMS.has(programName) || /dao|governance|vote/i.test(programName)) {
-      activityTypes.add("DAO");
-      if (!activityDetails.has("DAO")) {
-        activityDetails.set("DAO", { count: 0, programs: /* @__PURE__ */ new Set() });
-      }
-      const details = activityDetails.get("DAO");
-      details.count++;
-      details.programs.add(programName || inst.programId.slice(0, 8));
-    }
-  }
-  const hasExchangeInteraction = Array.from(context.labels.values()).some((label) => label.type === "exchange");
-  if (hasExchangeInteraction) {
-    activityTypes.add("Exchange");
-    activityDetails.set("Exchange", {
-      count: context.transfers.filter(
-        (t) => context.labels.has(t.from) || context.labels.has(t.to)
-      ).length,
-      programs: /* @__PURE__ */ new Set(["CEX"])
-    });
-  }
-  const simpleTransfers = context.transfers.filter((t) => {
-    const tx = context.transactions?.find((tx2) => tx2.signature === t.signature);
-    return tx && tx.programs && tx.programs.length <= 2;
-  });
-  if (simpleTransfers.length >= 3) {
-    activityTypes.add("P2P Transfers");
-    activityDetails.set("P2P Transfers", {
-      count: simpleTransfers.length,
-      programs: /* @__PURE__ */ new Set(["Direct"])
-    });
-  }
-  const diversityCount = activityTypes.size;
-  if (diversityCount >= 4) {
-    const evidence = Array.from(activityDetails.entries()).map(([type, details]) => ({
-      description: `${type}: ${details.count} transaction(s) across ${details.programs.size} program(s)`,
-      severity: "HIGH",
-      reference: void 0
-    }));
-    signals.push({
-      id: "address-high-diversity",
-      name: "High Activity Diversity on Single Address",
-      severity: "HIGH",
-      confidence: 0.85,
-      category: "linkability",
-      reason: `This address is used for ${diversityCount} distinct activity types: ${Array.from(activityTypes).join(", ")}.`,
-      impact: "Using one address for multiple unrelated activities links them all together. This creates a comprehensive behavioral profile.",
-      mitigation: "Use separate addresses for different purposes: one for DeFi, one for NFTs, one for DAO participation, etc. This isolates activities and prevents cross-linkage.",
-      evidence
-    });
-  } else if (diversityCount === 3) {
-    const evidence = Array.from(activityDetails.entries()).map(([type, details]) => ({
-      description: `${type}: ${details.count} transaction(s)`,
-      severity: "MEDIUM",
-      reference: void 0
-    }));
-    signals.push({
-      id: "address-moderate-diversity",
-      name: "Moderate Activity Diversity on Single Address",
-      severity: "MEDIUM",
-      confidence: 0.7,
-      category: "linkability",
-      reason: `This address is used for ${diversityCount} activity types: ${Array.from(activityTypes).join(", ")}.`,
-      impact: "Multiple activity types on one address create linkage between otherwise separate behaviors.",
-      mitigation: "Consider using separate addresses for different activities to improve privacy compartmentalization.",
-      evidence
-    });
-  }
-  if (context.timeRange.earliest && context.timeRange.latest) {
-    const timeSpanDays = (context.timeRange.latest - context.timeRange.earliest) / (60 * 60 * 24);
-    if (timeSpanDays > 180 && context.transactionCount > 50) {
-      signals.push({
-        id: "address-long-term-usage",
-        name: "Long-Term Single Address Usage",
-        severity: "MEDIUM",
-        confidence: 0.75,
-        category: "behavioral",
-        reason: `This address has been actively used for ${Math.round(timeSpanDays)} days with ${context.transactionCount} transactions.`,
-        impact: "Long-term address usage accumulates a rich behavioral history. All activities over time are permanently linked.",
-        mitigation: "Periodically rotate to new addresses to compartmentalize different time periods of activity.",
-        evidence: [{
-          description: `${context.transactionCount} transactions over ${Math.round(timeSpanDays)} days`,
-          severity: "MEDIUM",
-          reference: void 0
-        }]
-      });
-    }
-  }
-  return signals;
-}
-var REPORT_VERSION = "1.0.0";
-var HEURISTICS = [
-  // Solana-specific (highest priority)
-  detectFeePayerReuse,
-  detectSignerOverlap,
-  detectMemoExposure,
-  detectAddressReuse,
-  detectKnownEntityInteraction,
-  detectCounterpartyReuse,
-  detectInstructionFingerprinting,
-  detectTokenAccountLifecycle,
-  // Traditional heuristics
-  detectTimingPatterns,
-  detectAmountReuse,
-  detectBalanceTraceability
-];
-function calculateOverallRisk(signals) {
-  if (signals.length === 0) {
-    return "LOW";
-  }
-  const highCount = signals.filter((s) => s.severity === "HIGH").length;
-  const mediumCount = signals.filter((s) => s.severity === "MEDIUM").length;
-  const lowCount = signals.filter((s) => s.severity === "LOW").length;
-  if (highCount >= 2 || highCount >= 1 && mediumCount >= 2) {
-    return "HIGH";
-  }
-  if (highCount >= 1 || mediumCount >= 2 || mediumCount >= 1 && lowCount >= 2) {
-    return "MEDIUM";
-  }
-  return "LOW";
-}
-function generateMitigations(signals) {
-  const mitigations = /* @__PURE__ */ new Set();
-  if (signals.length === 0) {
-    return ["Continue practicing good privacy hygiene to maintain low exposure."];
-  }
-  mitigations.add("Consider using multiple wallets to compartmentalize different activities.");
-  const signalIds = new Set(signals.map((s) => s.id));
-  if (signalIds.has("fee-payer-never-self") || signalIds.has("fee-payer-external")) {
-    mitigations.add("Always pay your own transaction fees to avoid linkage.");
-  }
-  if (signalIds.has("signer-repeated") || signalIds.has("signer-set-reuse")) {
-    mitigations.add("Use separate signing keys for unrelated activities.");
-  }
-  if (signalIds.has("instruction-sequence-pattern") || signalIds.has("program-usage-profile")) {
-    mitigations.add("Diversify transaction patterns and protocols to reduce behavioral fingerprinting.");
-  }
-  if (signalIds.has("token-account-churn") || signalIds.has("rent-refund-clustering")) {
-    mitigations.add("Avoid closing token accounts if privacy is important - the rent refund creates linkage.");
-  }
-  if (signalIds.has("memo-pii-exposure") || signalIds.has("memo-descriptive-content") || signalIds.has("memo-usage")) {
-    mitigations.add("Never include personal information in transaction memos - they are permanently public.");
-  }
-  if (signalIds.has("address-high-diversity") || signalIds.has("address-moderate-diversity") || signalIds.has("address-long-term-usage")) {
-    mitigations.add("Use separate addresses for different activity types to compartmentalize your behavior.");
-  }
-  if (signalIds.has("known-entity-exchange") || signalIds.has("known-entity-bridge") || signalIds.has("known-entity-other") || signalIds.has("known-entity-interaction")) {
-    mitigations.add("Avoid direct interactions between privacy-sensitive wallets and KYC services.");
-  }
-  if (signalIds.has("counterparty-reuse") || signalIds.has("pda-reuse")) {
-    mitigations.add("Use different addresses for different counterparties or contexts.");
-  }
-  if (signalIds.has("timing-burst") || signalIds.has("timing-regular-interval") || signalIds.has("timing-timezone-pattern") || signalIds.has("timing-correlation")) {
-    mitigations.add("Introduce timing delays and vary transaction patterns to reduce correlation.");
-  }
-  if (signalIds.has("balance-matching-pairs") || signalIds.has("balance-sequential-similar") || signalIds.has("balance-full-movement") || signalIds.has("balance-traceability")) {
-    mitigations.add("Vary transfer amounts and add delays to reduce balance traceability.");
-  }
-  if (signalIds.has("amount-reuse")) {
-    mitigations.add("Vary transaction amounts to avoid creating fingerprints.");
-  }
-  mitigations.add("Research and consider privacy-preserving protocols when available.");
-  return Array.from(mitigations);
-}
-function evaluateHeuristics(context) {
-  const signals = [];
-  for (const heuristic of HEURISTICS) {
-    try {
-      const result = heuristic(context);
-      if (Array.isArray(result)) {
-        signals.push(...result);
-      } else if (result) {
-        signals.push(result);
-      }
-    } catch (error) {
-      console.warn(`Heuristic evaluation failed:`, error);
-    }
-  }
-  signals.sort((a, b) => {
-    const severityOrder = { HIGH: 0, MEDIUM: 1, LOW: 2 };
-    return severityOrder[a.severity] - severityOrder[b.severity];
-  });
-  return signals;
-}
-function generateReport(context) {
-  const signals = evaluateHeuristics(context);
-  const overallRisk = calculateOverallRisk(signals);
-  const highRiskSignals = signals.filter((s) => s.severity === "HIGH").length;
-  const mediumRiskSignals = signals.filter((s) => s.severity === "MEDIUM").length;
-  const lowRiskSignals = signals.filter((s) => s.severity === "LOW").length;
-  const mitigations = generateMitigations(signals);
-  const knownEntities = Array.from(context.labels.values());
-  return {
-    version: REPORT_VERSION,
-    timestamp: Date.now(),
-    targetType: context.targetType,
-    target: context.target,
-    overallRisk,
-    signals,
-    summary: {
-      totalSignals: signals.length,
-      highRiskSignals,
-      mediumRiskSignals,
-      lowRiskSignals,
-      transactionsAnalyzed: context.transactionCount
-    },
-    mitigations,
-    knownEntities
-  };
-}
-var __filename = fileURLToPath(import.meta.url);
-var __dirname = dirname(__filename);
-var StaticLabelProvider = class {
-  labels;
-  constructor(labelsPath) {
-    this.labels = /* @__PURE__ */ new Map();
-    this.loadLabels(labelsPath);
-  }
-  /**
-   * Load labels from JSON file
-   */
-  loadLabels(customPath) {
-    try {
-      let path;
-      if (customPath) {
-        path = customPath;
-      } else {
-        const locations = [
-          join(__dirname, "known-addresses.json"),
-          join(__dirname, "../../..", "known-addresses.json")
-          // From src/labels to repo root
-        ];
-        path = locations.find((loc) => {
-          try {
-            readFileSync(loc, "utf-8");
-            return true;
-          } catch {
-            return false;
-          }
-        }) || locations[0];
-      }
-      const data = readFileSync(path, "utf-8");
-      const parsed = JSON.parse(data);
-      if (!parsed.labels || !Array.isArray(parsed.labels)) {
-        console.warn("Invalid labels file format");
-        return;
-      }
-      for (const label of parsed.labels) {
-        if (label.address && label.name && label.type) {
-          this.labels.set(label.address, {
-            address: label.address,
-            name: label.name,
-            type: label.type,
-            description: label.description,
-            relatedAddresses: label.relatedAddresses
-          });
-        }
-      }
-      console.debug(`Loaded ${this.labels.size} address labels`);
-    } catch (error) {
-      console.warn("Failed to load labels file:", error);
-    }
-  }
-  /**
-   * Look up a label for an address
-   */
-  lookup(address) {
-    return this.labels.get(address) || null;
-  }
-  /**
-   * Look up multiple addresses at once
-   */
-  lookupMany(addresses) {
-    const results = /* @__PURE__ */ new Map();
-    for (const address of addresses) {
-      const label = this.lookup(address);
-      if (label) {
-        results.set(address, label);
-      }
-    }
-    return results;
-  }
-  /**
-   * Get all loaded labels
-   */
-  getAllLabels() {
-    return Array.from(this.labels.values());
-  }
-  /**
-   * Get count of loaded labels
-   */
-  getCount() {
-    return this.labels.size;
-  }
-};
-function createDefaultLabelProvider() {
-  return new StaticLabelProvider();
-}
+import {
+  RPCClient,
+  collectWalletData,
+  normalizeWalletData,
+  generateReport,
+  createDefaultLabelProvider
+} from "solana-privacy-scanner-core";
 
 // src/formatter.js
 import chalk from "chalk";
@@ -2737,11 +209,18 @@ async function scanWallet(address, options) {
 
 // src/commands/transaction.ts
 import { writeFileSync as writeFileSync2 } from "fs";
+import {
+  RPCClient as RPCClient2,
+  collectTransactionData,
+  normalizeTransactionData,
+  generateReport as generateReport2,
+  createDefaultLabelProvider as createDefaultLabelProvider2
+} from "solana-privacy-scanner-core";
 async function scanTransaction(signature, options) {
   try {
     console.error(`Scanning transaction: ${signature}`);
     console.error("");
-    const client = new RPCClient(
+    const client = new RPCClient2(
       options.rpc ? {
         rpcUrl: options.rpc,
         maxConcurrency: 5,
@@ -2759,9 +238,9 @@ async function scanTransaction(signature, options) {
     }
     console.error("Analyzing transaction...");
     console.error("");
-    const labelProvider = createDefaultLabelProvider();
+    const labelProvider = createDefaultLabelProvider2();
     const context = normalizeTransactionData(rawData, labelProvider);
-    const report = generateReport(context);
+    const report = generateReport2(context);
     if (options.json) {
       const output = JSON.stringify(report, null, 2);
       if (options.output) {
@@ -2788,11 +267,18 @@ async function scanTransaction(signature, options) {
 
 // src/commands/program.ts
 import { writeFileSync as writeFileSync3 } from "fs";
+import {
+  RPCClient as RPCClient3,
+  collectProgramData,
+  normalizeProgramData,
+  generateReport as generateReport3,
+  createDefaultLabelProvider as createDefaultLabelProvider3
+} from "solana-privacy-scanner-core";
 async function scanProgram(programId, options) {
   try {
     console.error(`Scanning program: ${programId}`);
     console.error("");
-    const client = new RPCClient(
+    const client = new RPCClient3(
       options.rpc ? {
         rpcUrl: options.rpc,
         maxConcurrency: 5,
@@ -2812,9 +298,9 @@ async function scanProgram(programId, options) {
     console.error(`Found ${rawData.accounts.length} accounts, ${rawData.relatedTransactions.length} transactions`);
     console.error("");
     console.error("Analyzing program activity...");
-    const labelProvider = createDefaultLabelProvider();
+    const labelProvider = createDefaultLabelProvider3();
     const context = normalizeProgramData(rawData, labelProvider);
-    const report = generateReport(context);
+    const report = generateReport3(context);
     if (options.json) {
       const output = JSON.stringify(report, null, 2);
       if (options.output) {
@@ -2840,6 +326,7 @@ async function scanProgram(programId, options) {
 }
 
 // src/index.ts
+import { VERSION } from "solana-privacy-scanner-core";
 dotenv.config({ path: ".env.local" });
 dotenv.config();
 var program = new Command();