solidity-argus 0.1.0

package/src/utils/project-detector.ts

@@ -0,0 +1,133 @@
+import { existsSync } from "fs";
+import { join, resolve } from "path";
+
+export interface ProjectConfig {
+  type: "foundry" | "hardhat" | "mixed" | "unknown";
+  srcDir: string;
+  testDir: string;
+  solcVersion?: string;
+  remappings: string[];
+  rootDir: string;
+}
+
+/**
+ * Detects the Solidity framework (Foundry/Hardhat) from config files
+ * @param dir Directory to scan for config files
+ * @returns ProjectConfig with detected framework type and settings
+ */
+export async function detectProject(dir: string): Promise<ProjectConfig> {
+  const rootDir = resolve(dir);
+  const foundryTomlPath = join(rootDir, "foundry.toml");
+  const hardhatConfigTsPath = join(rootDir, "hardhat.config.ts");
+  const hardhatConfigJsPath = join(rootDir, "hardhat.config.js");
+
+  const hasFoundry = existsSync(foundryTomlPath);
+  const hasHardhatTs = existsSync(hardhatConfigTsPath);
+  const hasHardhatJs = existsSync(hardhatConfigJsPath);
+  const hasHardhat = hasHardhatTs || hasHardhatJs;
+
+  // Determine project type
+  let type: "foundry" | "hardhat" | "mixed" | "unknown";
+  if (hasFoundry && hasHardhat) {
+    type = "mixed";
+  } else if (hasFoundry) {
+    type = "foundry";
+  } else if (hasHardhat) {
+    type = "hardhat";
+  } else {
+    type = "unknown";
+  }
+
+  // Default values
+  let srcDir = "src";
+  let testDir = "test";
+  let solcVersion: string | undefined;
+  let remappings: string[] = [];
+
+  // Parse Foundry config if present
+  if (hasFoundry) {
+    const foundryConfig = await parseFoundryToml(foundryTomlPath);
+    srcDir = foundryConfig.srcDir || srcDir;
+    testDir = foundryConfig.testDir || testDir;
+    solcVersion = foundryConfig.solcVersion;
+    remappings = foundryConfig.remappings;
+  }
+
+  // Set Hardhat defaults if it's a Hardhat project
+  if (hasHardhat && !hasFoundry) {
+    srcDir = "contracts";
+  }
+
+  return {
+    type,
+    srcDir,
+    testDir,
+    solcVersion,
+    remappings,
+    rootDir,
+  };
+}
+
+/**
+ * Parses foundry.toml file using regex-based parsing
+ */
+async function parseFoundryToml(
+  filePath: string
+): Promise<{
+  srcDir?: string;
+  testDir?: string;
+  solcVersion?: string;
+  remappings: string[];
+}> {
+  const content = await Bun.file(filePath).text();
+
+  const result = {
+    srcDir: undefined as string | undefined,
+    testDir: undefined as string | undefined,
+    solcVersion: undefined as string | undefined,
+    remappings: [] as string[],
+  };
+
+  // Extract [profile.default] section - stop at next section or EOF
+  const profileDefaultMatch = content.match(
+    /\[profile\.default\]([\s\S]*?)(?:\n\[|$)/
+  );
+  if (!profileDefaultMatch || !profileDefaultMatch[1]) {
+    return result;
+  }
+
+  const profileSection = profileDefaultMatch[1];
+
+  // Parse src = "..."
+  const srcMatch = profileSection.match(/^\s*src\s*=\s*["']([^"']+)["']/m);
+  if (srcMatch && srcMatch[1]) {
+    result.srcDir = srcMatch[1];
+  }
+
+  // Parse test = "..."
+  const testMatch = profileSection.match(/^\s*test\s*=\s*["']([^"']+)["']/m);
+  if (testMatch && testMatch[1]) {
+    result.testDir = testMatch[1];
+  }
+
+  // Parse solc = "..."
+  const solcMatch = profileSection.match(/^\s*solc\s*=\s*["']([^"']+)["']/m);
+  if (solcMatch && solcMatch[1]) {
+    result.solcVersion = solcMatch[1];
+  }
+
+  // Parse remappings array - handles both single line and multiline
+  const remappingsMatch = profileSection.match(
+    /remappings\s*=\s*\[([\s\S]*?)\]/
+  );
+  if (remappingsMatch && remappingsMatch[1]) {
+    const remappingsContent = remappingsMatch[1];
+    // Extract quoted strings from the array
+    const remappingMatches = remappingsContent.match(/["']([^"']+)["']/g);
+    if (remappingMatches) {
+      result.remappings = remappingMatches.map((m) => m.slice(1, -1));
+    }
+  }
+
+  return result;
+}

package/src/utils/solidity-parser.ts

@@ -0,0 +1,174 @@
+import type { ContractProfile } from "../state/types";
+
+interface ABIFunction {
+  type: string;
+  name: string;
+  inputs?: Array<{ name: string; type: string }>;
+  outputs?: Array<{ name: string; type: string }>;
+  stateMutability?: string;
+}
+
+interface StorageLayoutItem {
+  label: string;
+  type: string;
+  slot: string;
+}
+
+interface StorageLayout {
+  storage: StorageLayoutItem[];
+  types: Record<string, { label: string }>;
+}
+
+/**
+ * Extract contract information using forge inspect
+ * Runs forge inspect <contractName> abi and storage-layout
+ * Parses ABI to extract functions and state variables
+ * Detects access control patterns
+ */
+export async function extractContractInfo(
+  contractName: string,
+  projectDir: string
+): Promise<ContractProfile> {
+  const result: ContractProfile = {
+    name: contractName,
+    filePath: "",
+    functions: [],
+    stateVars: [],
+    inheritance: [],
+    accessControlPattern: "none",
+    externalCalls: [],
+    riskIndicators: [],
+  };
+
+  try {
+    // Run forge inspect abi
+    const abiResult = Bun.spawnSync(
+      ["forge", "inspect", contractName, "abi"],
+      {
+        cwd: projectDir,
+        stdout: "pipe",
+        stderr: "pipe",
+      }
+    );
+
+    if (!abiResult.success) {
+      const errorMsg = abiResult.stderr?.toString() || "Unknown error";
+      result.error = `Failed to inspect ABI: ${errorMsg}`;
+      return result;
+    }
+
+    // Run forge inspect storage-layout
+    const storageResult = Bun.spawnSync(
+      ["forge", "inspect", contractName, "storage-layout"],
+      {
+        cwd: projectDir,
+        stdout: "pipe",
+        stderr: "pipe",
+      }
+    );
+
+    if (!storageResult.success) {
+      const errorMsg = storageResult.stderr?.toString() || "Unknown error";
+      result.error = `Failed to inspect storage layout: ${errorMsg}`;
+      return result;
+    }
+
+    // Parse ABI
+    const abiOutput = abiResult.stdout?.toString() || "[]";
+    let abi: ABIFunction[] = [];
+    try {
+      abi = JSON.parse(abiOutput);
+    } catch (e) {
+      result.error = `Failed to parse ABI JSON: ${e instanceof Error ? e.message : "Unknown error"}`;
+      return result;
+    }
+
+    // Parse storage layout
+    const storageOutput = storageResult.stdout?.toString() || "{}";
+    let storageLayout: StorageLayout = { storage: [], types: {} };
+    try {
+      storageLayout = JSON.parse(storageOutput);
+    } catch (e) {
+      result.error = `Failed to parse storage layout JSON: ${e instanceof Error ? e.message : "Unknown error"}`;
+      return result;
+    }
+
+    // Extract functions from ABI
+    const functions = abi.filter((item) => item.type === "function");
+    result.functions = functions.map((func) => ({
+      name: func.name || "",
+      visibility: mapStateMutabilityToVisibility(func.stateMutability || "nonpayable"),
+      mutability: func.stateMutability || "nonpayable",
+      modifiers: [],
+    }));
+
+    // Extract state variables from storage layout
+    result.stateVars = storageLayout.storage.map((item) => {
+      const typeInfo = storageLayout.types[item.type];
+      const typeLabel = typeInfo?.label || item.type;
+
+      return {
+        name: item.label,
+        type: typeLabel,
+        visibility: "internal", // Default visibility for storage vars
+      };
+    });
+
+    // Detect access control pattern
+    result.accessControlPattern = detectAccessControlPattern(result.functions);
+
+    return result;
+  } catch (e) {
+    result.error = `Unexpected error: ${e instanceof Error ? e.message : "Unknown error"}`;
+    return result;
+  }
+}
+
+/**
+ * Map Solidity stateMutability to visibility
+ * ABI doesn't directly specify visibility, so we infer from mutability
+ */
+function mapStateMutabilityToVisibility(
+  stateMutability: string
+): string {
+  switch (stateMutability) {
+    case "pure":
+    case "view":
+      return "view";
+    case "payable":
+    case "nonpayable":
+      return "external";
+    default:
+      return "external";
+  }
+}
+
+/**
+ * Detect access control pattern from function names and signatures
+ */
+function detectAccessControlPattern(
+  functions: Array<{ name: string; visibility: string; mutability: string; modifiers: string[] }>
+): "ownable" | "access-control" | "custom" | "none" {
+  const functionNames = functions.map((f) => f.name.toLowerCase());
+
+  // Check for Ownable pattern
+  if (functionNames.includes("owner") || functionNames.includes("transferownership")) {
+    return "ownable";
+  }
+
+  // Check for AccessControl pattern (OpenZeppelin)
+  if (functionNames.includes("hasrole") || functionNames.includes("grantrole")) {
+    return "access-control";
+  }
+
+  // Check for custom access control patterns
+  if (
+    functionNames.some((name) =>
+      name.includes("onlyadmin") || name.includes("requireadmin")
+    )
+  ) {
+    return "custom";
+  }
+
+  return "none";
+}