solidity-argus 0.1.8 → 0.2.0

package/src/tools/pattern-loader.ts

@@ -0,0 +1,183 @@
+import { readdirSync, readFileSync, existsSync } from "node:fs"
+import { join, extname } from "node:path"
+import { parse as parseYaml } from "yaml"
+import { PatternPackSchema, type PatternDefinition } from "./pattern-schema"
+import { createLogger } from "../shared/logger"
+import { parseFrontmatter, SkillFrontmatterSchema } from "../skills/skill-schema"
+
+const logger = createLogger()
+
+const YAML_EXTENSIONS = new Set([".yaml", ".yml"])
+
+const SKILL_NAME_TO_PATTERN_CATEGORY: Record<string, PatternDefinition["category"]> = {
+  "reentrancy": "reentrancy",
+  "access-control": "access-control",
+  "oracle-manipulation": "oracle-manipulation",
+  "flash-loan-attacks": "flash-loan",
+  "delegatecall-untrusted-callee": "proxy",
+  "authorization-txorigin": "access-control",
+  "unchecked-return-values": "logic-error",
+  "dos-revert": "dos",
+  "overflow-underflow": "logic-error",
+  "signature-malleability": "signature",
+}
+
+export function loadPatternPacks(patternsDir: string): PatternDefinition[] {
+  if (!existsSync(patternsDir)) {
+    logger.warn(`Patterns directory does not exist: ${patternsDir}`)
+    return []
+  }
+
+  const entries = readdirSync(patternsDir).filter((f) =>
+    YAML_EXTENSIONS.has(extname(f).toLowerCase())
+  )
+
+  const allPatterns: PatternDefinition[] = []
+
+  for (const filename of entries) {
+    const filePath = join(patternsDir, filename)
+    try {
+      const raw = readFileSync(filePath, "utf-8")
+      const parsed = parseYaml(raw)
+      const result = PatternPackSchema.safeParse(parsed)
+
+      if (!result.success) {
+        logger.warn(
+          `Skipping ${filename}: schema validation failed — ${result.error.issues[0]?.message ?? "unknown"}`
+        )
+        continue
+      }
+
+      allPatterns.push(...result.data.patterns)
+    } catch (err) {
+      logger.warn(
+        `Skipping ${filename}: ${err instanceof Error ? err.message : "parse error"}`
+      )
+    }
+  }
+
+  return allPatterns
+}
+
+function listSkillMarkdownFiles(skillsDir: string): string[] {
+  if (!existsSync(skillsDir)) {
+    logger.warn(`Skills directory does not exist: ${skillsDir}`)
+    return []
+  }
+
+  const files: string[] = []
+  const stack = [skillsDir]
+
+  while (stack.length > 0) {
+    const current = stack.pop()
+    if (!current) continue
+
+    const entries = readdirSync(current, { withFileTypes: true })
+    for (const entry of entries) {
+      const fullPath = join(current, entry.name)
+      if (entry.isDirectory()) {
+        stack.push(fullPath)
+        continue
+      }
+
+      if (entry.isFile() && entry.name === "SKILL.md") {
+        files.push(fullPath)
+      }
+    }
+  }
+
+  return files
+}
+
+export function extractDetectionRulesFromSkills(skillsDir: string): PatternDefinition[] {
+  const skillFiles = listSkillMarkdownFiles(skillsDir)
+  const extracted: PatternDefinition[] = []
+
+  for (const filePath of skillFiles) {
+    try {
+      const content = readFileSync(filePath, "utf-8")
+      const frontmatter = parseFrontmatter(content)
+      if (!frontmatter) continue
+
+      const parsed = SkillFrontmatterSchema.safeParse(frontmatter)
+      if (!parsed.success) continue
+
+      const skillName = parsed.data.name
+      const category = SKILL_NAME_TO_PATTERN_CATEGORY[skillName]
+      if (!category) continue
+
+      const rules = parsed.data.detection_rules
+      if (!rules || rules.length === 0) continue
+
+      for (const [index, rule] of rules.entries()) {
+        extracted.push({
+          name: `${skillName}-rule-${index + 1}`,
+          category,
+          severity: rule.severity,
+          confidence: rule.confidence ?? "Medium",
+          version: "1.0",
+          regex: rule.regex,
+          description: rule.description ?? `Detection rule from ${skillName} SKILL.md`,
+          ...(rule.swc ? { swc: rule.swc } : {}),
+        })
+      }
+    } catch (err) {
+      logger.warn(
+        `Skipping ${filePath}: ${err instanceof Error ? err.message : "parse error"}`
+      )
+    }
+  }
+
+  return extracted
+}
+
+type BuiltinPattern = {
+  name: string
+  category: string
+  severity: string
+  regex: RegExp
+  description: string
+  exploitReference?: string
+}
+
+function isValidUrl(s: string): boolean {
+  try {
+    new URL(s)
+    return true
+  } catch {
+    return false
+  }
+}
+
+function builtinToDefinition(b: BuiltinPattern): PatternDefinition {
+  return {
+    name: b.name,
+    category: b.category as PatternDefinition["category"],
+    severity: b.severity as PatternDefinition["severity"],
+    confidence: "Medium",
+    version: "1.0",
+    regex: b.regex.source,
+    description: b.description,
+    ...(b.exploitReference && isValidUrl(b.exploitReference)
+      ? { exploit_ref: b.exploitReference }
+      : {}),
+  }
+}
+
+export function mergeWithBuiltins(
+  yamlPatterns: PatternDefinition[],
+  builtins: BuiltinPattern[],
+  skillDetectionRules: PatternDefinition[] = []
+): PatternDefinition[] {
+  const mergedInputs = [...yamlPatterns, ...skillDetectionRules]
+  const yamlByName = new Map(mergedInputs.map((p) => [p.name, p]))
+  const merged: PatternDefinition[] = [...mergedInputs]
+
+  for (const builtin of builtins) {
+    if (!yamlByName.has(builtin.name)) {
+      merged.push(builtinToDefinition(builtin))
+    }
+  }
+
+  return merged
+}

package/src/tools/pattern-schema.ts

@@ -0,0 +1,51 @@
+import { z } from "zod"
+
+/**
+ * Canonical pattern category taxonomy.
+ * Every builtin, YAML, and skill-derived pattern must belong to one of these.
+ */
+export const PATTERN_CATEGORIES = [
+  "reentrancy",
+  "oracle-manipulation",
+  "flash-loan",
+  "access-control",
+  "erc4626",
+  "proxy",
+  "signature",
+  "dos",
+  "front-running",
+  "governance",
+  "token-standard",
+  "gas-optimization",
+  "logic-error",
+  "delegatecall",
+] as const
+
+export const PatternCategorySchema = z.enum(PATTERN_CATEGORIES)
+
+export const PatternDefinitionSchema = z.object({
+  name: z.string().min(1).max(128),
+  category: PatternCategorySchema,
+  severity: z.enum(["Critical", "High", "Medium", "Low", "Informational"]),
+  swc: z
+    .string()
+    .regex(/^SWC-\d+$/)
+    .optional(),
+  confidence: z.enum(["High", "Medium", "Low"]).default("Medium"),
+  version: z.string().default("1.0"),
+  regex: z.string().min(1),
+  description: z.string().min(1),
+  exploit_ref: z.string().url().optional(),
+  remediation: z.string().optional(),
+})
+
+export type PatternDefinition = z.infer<typeof PatternDefinitionSchema>
+export type PatternCategory = z.infer<typeof PatternCategorySchema>
+
+export const PatternPackSchema = z.object({
+  pack_name: z.string().optional(),
+  pack_version: z.string().default("1.0"),
+  patterns: z.array(PatternDefinitionSchema).min(1),
+})
+
+export type PatternPack = z.infer<typeof PatternPackSchema>

package/src/tools/report-generator-tool.ts

@@ -1,5 +1,5 @@
 import { tool, type ToolContext } from "@opencode-ai/plugin";
-import type { AuditState, Finding, FindingSeverity } from "../state/types";
+import type { AuditState, Finding, FindingSeverity, ToolExecution } from "../state/types";
 
 type SeverityThreshold = "critical" | "high" | "medium" | "low" | "informational";
 
@@ -67,7 +67,20 @@ function emptyCounts(): FindingsCount {
   };
 }
 
-function parseAuditState(auditState: string): Finding[] {
+function emptyAuditState(findings: Finding[] = []): AuditState {
+  return {
+    sessionId: "",
+    projectDir: "",
+    contractsReviewed: [],
+    findings,
+    toolsExecuted: [],
+    currentPhase: "complete",
+    scope: [],
+    startTime: 0,
+  };
+}
+
+export function parseAuditState(auditState: string): AuditState {
   let parsed: unknown;
   try {
     parsed = JSON.parse(auditState);
@@ -76,14 +89,18 @@ function parseAuditState(auditState: string): Finding[] {
   }
 
   if (Array.isArray(parsed)) {
-    return parsed as Finding[];
+    return emptyAuditState(parsed as Finding[]);
   }
 
   if (typeof parsed === "object" && parsed !== null && Array.isArray((parsed as AuditState).findings)) {
-    return (parsed as AuditState).findings;
+    const state = parsed as AuditState;
+    return {
+      ...emptyAuditState(),
+      ...state,
+    };
   }
 
-  return [];
+  return emptyAuditState();
 }
 
 function normalizeTitle(check: string): string {
@@ -215,13 +232,123 @@ function buildFindingsSection(findings: Finding[]): string {
   return lines.join("\n");
 }
 
+function formatDuration(ms: number): string {
+  if (ms < 1000) return `${ms}ms`;
+  return `${(ms / 1000).toFixed(1)}s`;
+}
+
+export function buildProvenanceAppendix(
+  state: AuditState,
+  threshold: SeverityThreshold,
+  includedCount: number,
+): string {
+  const lines: string[] = ["## Appendix: Data Provenance"];
+
+  lines.push("- Data source: `audit_state` payload");
+  lines.push(`- Severity threshold applied: ${threshold}`);
+  lines.push(`- Findings included in report: ${includedCount}`);
+
+  if (state.findings.length > 0) {
+    const sourceCounts: Record<string, number> = {};
+    for (const f of state.findings) {
+      sourceCounts[f.source] = (sourceCounts[f.source] ?? 0) + 1;
+    }
+    lines.push("");
+    lines.push("### Source Breakdown");
+    lines.push("");
+    lines.push("| Source | Count |");
+    lines.push("| --- | ---: |");
+    for (const [source, count] of Object.entries(sourceCounts).sort(
+      (a, b) => b[1] - a[1],
+    )) {
+      lines.push(`| ${source} | ${count} |`);
+    }
+  }
+
+  if (state.toolsExecuted.length > 0) {
+    lines.push("");
+    lines.push("### Tool Execution Summary");
+    lines.push("");
+    lines.push("| Tool | Duration | Status | Findings |");
+    lines.push("| --- | --- | --- | ---: |");
+    for (const exec of state.toolsExecuted) {
+      const duration =
+        exec.endTime != null
+          ? formatDuration(exec.endTime - exec.startTime)
+          : "—";
+      const status = exec.success ? "✅ success" : "❌ failure";
+      lines.push(
+        `| ${exec.tool} | ${duration} | ${status} | ${exec.findingsCount} |`,
+      );
+    }
+  }
+
+  const syncExec = state.toolsExecuted.find((t) => t.tool === "argus_sync_knowledge");
+  if (state.patternVersion || syncExec) {
+    lines.push("");
+    lines.push("### Data Freshness");
+    lines.push("");
+    if (state.patternVersion) {
+      lines.push(`- Pattern pack version: \`${state.patternVersion}\``);
+    }
+    if (syncExec) {
+      lines.push(`- SCVD last synced: ${new Date(syncExec.startTime).toISOString()}`);
+    }
+  }
+
+  if (state.soloditResults && state.soloditResults.length > 0) {
+    lines.push("");
+    lines.push("### Solodit Cross-References");
+    lines.push("");
+    for (const result of state.soloditResults) {
+      lines.push(`**Query**: "${result.query}" — ${result.resultCount} results`);
+      if (result.topResults.length > 0) {
+        lines.push("");
+        lines.push("| Title | Severity | Protocol |");
+        lines.push("| --- | --- | --- |");
+        for (const top of result.topResults) {
+          lines.push(`| ${top.title} | ${top.severity} | ${top.protocol} |`);
+        }
+      }
+      lines.push("");
+    }
+  }
+
+  if (state.fuzzCounterexamples && state.fuzzCounterexamples.length > 0) {
+    lines.push("");
+    lines.push("### Fuzz Evidence");
+    lines.push("");
+    lines.push("| Test | Inputs | Runs | Revert Reason |");
+    lines.push("| --- | --- | ---: | --- |");
+    for (const cx of state.fuzzCounterexamples) {
+      const inputs = cx.inputs.join(", ");
+      const reason = cx.revertReason ?? "—";
+      lines.push(`| ${cx.testName} | ${inputs} | ${cx.runs} | ${reason} |`);
+    }
+  }
+
+  if (state.skillsLoaded && state.skillsLoaded.length > 0) {
+    lines.push("");
+    lines.push("### Knowledge Sources");
+    lines.push("");
+    lines.push("Skills loaded during this audit:");
+    lines.push("");
+    for (const skill of state.skillsLoaded) {
+      lines.push(`- ${skill}`);
+    }
+  }
+
+  return lines.join("\n");
+}
+
 export async function executeReportGeneration(
   args: ReportGeneratorArgs,
   context: ToolContext
 ): Promise<ReportGenerationResult> {
   const includeExecutiveSummary = args.include_executive_summary ?? true;
   const threshold = args.severity_threshold ?? "low";
-  const findings = parseAuditState(args.audit_state).filter((finding) =>
+  const state = parseAuditState(args.audit_state);
+  const findings = state.findings.filter((finding) =>
     shouldIncludeFinding(finding, threshold)
   );
   const counts = calculateCounts(findings);
@@ -276,11 +403,7 @@ export async function executeReportGeneration(
     sections.push(`- ${item}`);
   }
 
-  sections.push("## Appendix");
-  sections.push("Tool execution summary:");
-  sections.push("- Data source: `audit_state` payload");
-  sections.push(`- Severity threshold applied: ${threshold}`);
-  sections.push(`- Findings included in report: ${findings.length}`);
+  sections.push(buildProvenanceAppendix(state, threshold, findings.length));
 
   return {
     report: sections.join("\n\n"),

package/src/tools/slither-tool.ts

@@ -1,6 +1,6 @@
 import { createHash } from "crypto";
 import { mkdtempSync, writeFileSync, rmSync, readFileSync, existsSync } from "node:fs";
-import { join } from "node:path";
+import { join, resolve, dirname, isAbsolute } from "node:path";
 import { tmpdir } from "node:os";
 import { execSync } from "node:child_process";
 import { tool, type ToolContext } from "@opencode-ai/plugin";
@@ -44,7 +44,8 @@ export type SlitherRunResult = {
 
 export type RunSlitherCommand = (
   command: string[],
-  signal: AbortSignal
+  signal: AbortSignal,
+  cwd: string
 ) => Promise<SlitherRunResult>;
 
 export type SlitherAnalyzeResult = {
@@ -167,8 +168,9 @@ function ensureSolc(version: string): boolean {
   }
 }
 
-export const runSlitherCommand: RunSlitherCommand = async (command, signal) => {
+export const runSlitherCommand: RunSlitherCommand = async (command, signal, cwd) => {
   const child = Bun.spawn(command, {
+    cwd,
     stdout: "pipe",
     stderr: "pipe",
     signal,
@@ -194,6 +196,7 @@ export type FlattenFallbackDeps = {
   parseSolcVersion: (target: string) => string | undefined;
   extractContractNames: (filePath: string) => string[];
   execSyncFn: typeof execSync;
+  cwd: string;
 };
 
 const defaultFlattenDeps: FlattenFallbackDeps = {
@@ -203,6 +206,7 @@ const defaultFlattenDeps: FlattenFallbackDeps = {
   parseSolcVersion,
   extractContractNames,
   execSyncFn: execSync,
+  cwd: process.cwd(),
 };
 
 export async function flattenFallback(
@@ -213,12 +217,26 @@ export async function flattenFallback(
   const startedAt = Date.now();
 
   if (!deps.hasBinary("forge")) {
-    return undefined;
+    return {
+      success: false,
+      findingsCount: 0,
+      findings: [],
+      executionTime: Date.now() - startedAt,
+      errors: ["forge binary not found — required for via_ir flatten fallback"],
+      error: "forge binary not found — required for via_ir flatten fallback",
+    };
   }
 
   const solcVersion = args.solc_version ?? deps.parseSolcVersion(args.target);
   if (!solcVersion) {
-    return undefined;
+    return {
+      success: false,
+      findingsCount: 0,
+      findings: [],
+      executionTime: Date.now() - startedAt,
+      errors: ["Could not determine solc version from foundry.toml or pragma — required for flatten fallback"],
+      error: "Could not determine solc version from foundry.toml or pragma — required for flatten fallback",
+    };
   }
 
   if (!deps.ensureSolc(solcVersion)) {
@@ -241,6 +259,7 @@ export async function flattenFallback(
       solFiles = deps.execSyncFn(`find "${srcDir}" -name "*.sol" -maxdepth 3 -not -path "*/mocks/*" -not -path "*/test/*"`, {
         encoding: "utf-8",
         timeout: 5_000,
+        stdio: ["pipe", "pipe", "pipe"],
       })
         .trim()
         .split("\n")
@@ -268,7 +287,8 @@ export async function flattenFallback(
         const flattened = deps.execSyncFn(`forge flatten "${solFile}"`, {
           encoding: "utf-8",
           timeout: 30_000,
-          cwd: args.target.endsWith(".sol") ? undefined : args.target,
+          cwd: deps.cwd,
+          stdio: ["pipe", "pipe", "pipe"],
         });
         writeFileSync(flatFile, flattened);
       } catch (_e) {
@@ -286,7 +306,7 @@ export async function flattenFallback(
       ];
 
       try {
-        const runResult = await deps.runCommand(command, context.abort);
+        const runResult = await deps.runCommand(command, context.abort, deps.cwd);
 
         let payload: SlitherPayload;
         try {
@@ -358,8 +378,10 @@ function parseFindings(payload: SlitherPayload): Finding[] {
 export async function executeSlitherAnalyze(
   args: SlitherArgs,
   context: ToolContext,
-  runCommand: RunSlitherCommand = runSlitherCommand
+  runCommand: RunSlitherCommand = runSlitherCommand,
+  cwd?: string
 ): Promise<SlitherAnalyzeResult> {
+  const projectDir = cwd ?? context.directory ?? context.worktree ?? process.cwd();
   const startedAt = Date.now();
   context.metadata({ title: `Slither analysis: ${args.target}` });
 
@@ -367,6 +389,7 @@ export async function executeSlitherAnalyze(
     const fallbackResult = await flattenFallback(args, context, {
       ...defaultFlattenDeps,
       runCommand,
+      cwd: projectDir,
     });
     if (fallbackResult) return fallbackResult;
     return {
@@ -382,7 +405,7 @@ export async function executeSlitherAnalyze(
   const command = buildCommand(args);
 
   try {
-    const runResult = await runCommand(command, context.abort);
+    const runResult = await runCommand(command, context.abort, projectDir);
     const errors: string[] = [];
 
     if (runResult.exitCode !== 0) {
@@ -401,6 +424,7 @@ export async function executeSlitherAnalyze(
         const fallbackResult = await flattenFallback(args, context, {
           ...defaultFlattenDeps,
           runCommand,
+          cwd: projectDir,
         });
         if (fallbackResult) return fallbackResult;
       }
@@ -425,6 +449,7 @@ export async function executeSlitherAnalyze(
       const fallbackResult = await flattenFallback(args, context, {
         ...defaultFlattenDeps,
         runCommand,
+        cwd: projectDir,
       });
       if (fallbackResult) return fallbackResult;
     }
@@ -474,15 +499,24 @@ export async function executeSlitherAnalyze(
 }
 
 export function detectViaIr(target: string): boolean {
-  const projectDir = target.endsWith(".sol") ? join(target, "..") : target;
-  const foundryTomlPath = join(projectDir, "foundry.toml");
-  if (!existsSync(foundryTomlPath)) return false;
-  try {
-    const content = readFileSync(foundryTomlPath, "utf-8");
-    return /^\s*via[_-]ir\s*=\s*true/m.test(content);
-  } catch {
-    return false;
+  let dir = resolve(target.endsWith(".sol") ? dirname(target) : target);
+  const root = resolve("/");
+
+  while (true) {
+    const foundryTomlPath = join(dir, "foundry.toml");
+    if (existsSync(foundryTomlPath)) {
+      try {
+        const content = readFileSync(foundryTomlPath, "utf-8");
+        if (/^\s*via[_-]ir\s*=\s*true/m.test(content)) return true;
+      } catch {
+        // unreadable file — keep walking
+      }
+    }
+    if (dir === root) break;
+    dir = dirname(dir);
   }
+
+  return false;
 }
 
 export const slitherTool = tool({
@@ -493,10 +527,18 @@ export const slitherTool = tool({
     detectors: tool.schema.array(tool.schema.string()).optional(),
     exclude: tool.schema.array(tool.schema.string()).optional(),
     solc_version: tool.schema.string().optional(),
+    via_ir: tool.schema.boolean().optional(),
   },
   async execute(args, context) {
-    const viaIr = detectViaIr(args.target);
-    const result = await executeSlitherAnalyze({ ...args, via_ir: viaIr }, context);
+    const projectDir = context.directory ?? context.worktree ?? process.cwd();
+    const resolvedTarget = isAbsolute(args.target) ? args.target : resolve(projectDir, args.target);
+    const viaIr = args.via_ir ?? detectViaIr(resolvedTarget);
+    const result = await executeSlitherAnalyze(
+      { ...args, target: resolvedTarget, via_ir: viaIr },
+      context,
+      runSlitherCommand,
+      projectDir,
+    );
     return JSON.stringify(result);
   },
 });