solidity-argus 0.1.8 → 0.3.0

package/src/hooks/tool-tracking-hook.ts

@@ -1,6 +1,6 @@
-import type { AuditState, FindingSeverity } from "../state/types"
 import type { FindingStore } from "../state/finding-store"
 import { createFindingStore } from "../state/finding-store"
+import type { AuditState, FindingSeverity, FuzzCounterexample, SoloditResult } from "../state/types"
 
 type ToolHookInput = {
   tool: string
@@ -8,6 +8,11 @@ type ToolHookInput = {
   result: string
 }
 
+type ToolExecutionMetadata = {
+  tool: string
+  findingsCount: number
+}
+
 const VALID_SEVERITIES: ReadonlySet<string> = new Set([
   "Critical",
   "High",
@@ -16,11 +21,7 @@ const VALID_SEVERITIES: ReadonlySet<string> = new Set([
   "Informational",
 ])
 
-const VALID_CONFIDENCES: ReadonlySet<string> = new Set([
-  "High",
-  "Medium",
-  "Low",
-])
+const VALID_CONFIDENCES: ReadonlySet<string> = new Set(["High", "Medium", "Low"])
 
 function toSeverity(value: unknown): FindingSeverity {
   if (typeof value === "string" && VALID_SEVERITIES.has(value)) {
@@ -55,10 +56,7 @@ function toRecord(value: unknown): Record<string, unknown> | undefined {
   return undefined
 }
 
-function processSlitherResult(
-  parsed: Record<string, unknown>,
-  store: FindingStore
-): number {
+function processSlitherResult(parsed: Record<string, unknown>, store: FindingStore): number {
   const findings = parsed.findings
   if (!Array.isArray(findings)) return 0
 
@@ -96,10 +94,7 @@ function processSlitherResult(
   return count
 }
 
-function processPatternResult(
-  parsed: Record<string, unknown>,
-  store: FindingStore
-): number {
+function processPatternResult(parsed: Record<string, unknown>, store: FindingStore): number {
   const sources = parsed.sources
   if (!Array.isArray(sources)) return 0
 
@@ -145,10 +140,7 @@ function processPatternResult(
   return count
 }
 
-function processContractAnalyzerResult(
-  parsed: Record<string, unknown>,
-  state: AuditState
-): void {
+function processContractAnalyzerResult(parsed: Record<string, unknown>, state: AuditState): void {
   // Handle direct ContractProfile format (actual tool output)
   if (typeof parsed.filePath === "string") {
     if (!state.contractsReviewed.includes(parsed.filePath)) {
@@ -166,16 +158,82 @@ function processContractAnalyzerResult(
   }
 }
 
-function recordToolExecution(
-  state: AuditState,
-  toolName: string,
-  findingsCount: number
-): void {
-  const alreadyRecorded = state.toolsExecuted.some(
-    (execution) => execution.tool === toolName
-  )
-  if (alreadyRecorded) return
+function processFuzzResult(parsed: Record<string, unknown>, state: AuditState): void {
+  const counterexamples = parsed.counterexamples
+  if (!Array.isArray(counterexamples) || counterexamples.length === 0) return
+
+  const totalRuns = typeof parsed.totalRuns === "number" ? parsed.totalRuns : 0
+
+  state.fuzzCounterexamples ??= []
+
+  for (const raw of counterexamples) {
+    const ce = toRecord(raw)
+    if (!ce) continue
+
+    const testName = ce.testName
+    if (typeof testName !== "string") continue
+
+    const rawInputs = ce.inputs
+    const inputs = Array.isArray(rawInputs)
+      ? rawInputs.map(String)
+      : (() => {
+          const rec = toRecord(rawInputs)
+          return rec ? Object.values(rec).map(String) : []
+        })()
+
+    const entry: FuzzCounterexample = {
+      testName,
+      inputs,
+      runs: totalRuns,
+      timestamp: Date.now(),
+    }
+
+    if (typeof ce.revertReason === "string") {
+      entry.revertReason = ce.revertReason
+    }
+
+    state.fuzzCounterexamples.push(entry)
+  }
+}
+
+function processSoloditResult(parsed: Record<string, unknown>, state: AuditState): void {
+  const query = typeof parsed.query === "string" ? parsed.query : ""
+  const results = Array.isArray(parsed.results) ? parsed.results : []
+  const totalFound = typeof parsed.totalFound === "number" ? parsed.totalFound : results.length
+
+  const topResults: SoloditResult["topResults"] = results.slice(0, 5).map((raw) => {
+    const r = toRecord(raw)
+    return {
+      title: typeof r?.title === "string" ? r.title : "",
+      severity: typeof r?.severity === "string" ? r.severity : "",
+      url: typeof r?.url === "string" ? r.url : "",
+      protocol: typeof r?.protocol === "string" ? r.protocol : "",
+    }
+  })
 
+  state.soloditResults ??= []
+  state.soloditResults.push({
+    query,
+    timestamp: Date.now(),
+    resultCount: totalFound,
+    topResults,
+  })
+}
+
+/**
+ * Records a tool execution in the audit state.
+ *
+ * Multiple entries per tool name are allowed — if the same tool runs multiple times
+ * (e.g., argus_slither_analyze on different targets), each execution is recorded
+ * with its own findingsCount.
+ *
+ * Timing limitation: startTime and endTime are both set to Date.now() because this
+ * hook fires in the tool.execute.after phase, after execution has already completed.
+ * We cannot capture the actual start time. This is a known limitation of the hook
+ * architecture. For accurate timing, the hook would need to fire in tool.execute.before
+ * and tool.execute.after phases separately.
+ */
+function recordToolExecution(state: AuditState, toolName: string, findingsCount: number): void {
   const now = Date.now()
   state.toolsExecuted.push({
     tool: toolName,
@@ -194,7 +252,8 @@ function recordToolExecution(
  * Findings are deduplicated via the FindingStore (by check+file+lines).
  */
 export function createToolTrackingHook(
-  getAuditState: () => AuditState | null
+  getAuditState: () => AuditState | null,
+  onStateChanged?: (metadata: ToolExecutionMetadata) => void,
 ): (input: ToolHookInput) => Promise<void> {
   const storesByState = new WeakMap<AuditState, FindingStore>()
 
@@ -221,6 +280,22 @@ export function createToolTrackingHook(
 
     const { state: auditState, store } = resolved
 
+    // Handle argus_skill_load first — it returns markdown, not JSON
+    if (input.tool === "argus_skill_load") {
+      // Extract skill name from markdown header: "## Argus Skill: {name} [Source: ...]"
+      const nameMatch = input.result.match(/^##\s+Argus Skill:\s+(.+?)(?:\s+\[|$)/m)
+      const skillName = nameMatch?.[1]?.trim()
+      if (skillName) {
+        auditState.skillsLoaded ??= []
+        if (!auditState.skillsLoaded.includes(skillName)) {
+          auditState.skillsLoaded.push(skillName)
+        }
+      }
+      recordToolExecution(auditState, input.tool, 0)
+      onStateChanged?.({ tool: input.tool, findingsCount: 0 })
+      return
+    }
+
     let parsed: unknown
     try {
       parsed = JSON.parse(input.result)
@@ -243,12 +318,70 @@ export function createToolTrackingHook(
       case "argus_analyze_contract":
         processContractAnalyzerResult(record, auditState)
         break
+      case "argus_solodit_search":
+        processSoloditResult(record, auditState)
+        break
       case "argus_forge_test":
+        break
       case "argus_forge_fuzz":
-        // No findings to extract — counterexamples are informational
+        processFuzzResult(record, auditState)
+        break
+      case "argus_generate_report": {
+        auditState.reportGenerated = true
+        break
+      }
+      case "argus_sync_knowledge": {
+        const success = record.success === true
+        auditState.knowledgeSynced = { success, timestamp: Date.now() }
+        break
+      }
+      case "argus_forge_coverage": {
+        const reportObj = toRecord(record.report)
+        const files = reportObj?.files
+        if (Array.isArray(files)) {
+          auditState.coverageReport = {
+            files: files
+              .filter((f): f is Record<string, unknown> => !!f && typeof f === "object")
+              .map((f) => ({
+                path: typeof f.path === "string" ? f.path : "unknown",
+                linesPct: typeof f.linesPct === "number" ? f.linesPct : 0,
+                statementsPct: typeof f.statementsPct === "number" ? f.statementsPct : 0,
+                branchesPct: typeof f.branchesPct === "number" ? f.branchesPct : 0,
+                functionsPct: typeof f.functionsPct === "number" ? f.functionsPct : 0,
+              })),
+          }
+        }
         break
+      }
+      case "argus_proxy_detection": {
+        if (record.isProxy === true) {
+          auditState.proxyContracts ??= []
+          auditState.proxyContracts.push({
+            file: typeof record.file === "string" ? record.file : "unknown",
+            proxyType: typeof record.proxyType === "string" ? record.proxyType : "unknown",
+            indicators: Array.isArray(record.indicators)
+              ? record.indicators.filter((i): i is string => typeof i === "string")
+              : [],
+          })
+        }
+        break
+      }
+      case "argus_gas_analysis": {
+        const hotspots = record.hotspots
+        if (Array.isArray(hotspots)) {
+          auditState.gasHotspots = hotspots
+            .filter((h): h is Record<string, unknown> => !!h && typeof h === "object")
+            .map((h) => ({
+              contract: typeof h.contract === "string" ? h.contract : "unknown",
+              function: typeof h.function === "string" ? h.function : "unknown",
+              avgGas: typeof h.avgGas === "number" ? h.avgGas : 0,
+            }))
+        }
+        break
+      }
     }
 
     recordToolExecution(auditState, input.tool, findingsCount)
+    onStateChanged?.({ tool: input.tool, findingsCount })
   }
 }

package/src/hooks/types.ts

@@ -12,4 +12,5 @@ export type HookName =
   | "tool-error-recovery"
   | "context-window-monitor"
   | "tool-output-truncator"
-  | "audit-continuation";
+  | "audit-continuation"
+  | "system-prompt"

package/src/index.ts

@@ -1,20 +1,12 @@
 import type { Plugin } from "@opencode-ai/plugin"
 import { loadArgusConfig } from "./config/loader"
-import { createHookGuard } from "./hooks/hook-system"
-import { createTools } from "./create-tools"
 import { createHooks } from "./create-hooks"
 import { createManagers } from "./create-managers"
+import { createTools } from "./create-tools"
+import type { Dispatcher } from "./features/background-agent/background-manager"
+import { createHookGuard } from "./hooks/hook-system"
 import { createPluginInterface } from "./plugin-interface"
-
-function startSoloditMcp(port: number): void {
-  const child = Bun.spawn(["npx", "-y", "@lyuboslavlyubenov/solodit-mcp"], {
-    stdin: "ignore",
-    stdout: "ignore",
-    stderr: "ignore",
-    env: { ...process.env, PORT: String(port) },
-  })
-  child.unref()
-}
+import { startSoloditMcp } from "./solodit-lifecycle"
 
 const ArgusPlugin: Plugin = async (ctx) => {
   const projectDir = ctx.directory ?? process.cwd()
@@ -25,7 +17,25 @@ const ArgusPlugin: Plugin = async (ctx) => {
   }
 
   const isHookEnabled = createHookGuard(config.disabled_hooks)
-  const managers = createManagers({ projectDir, config })
+  const taskCandidate = (ctx as Record<string, unknown>).task
+  const backgroundDispatcher: Dispatcher | undefined =
+    typeof taskCandidate === "function"
+      ? async (agentName: string, prompt: string) => {
+          const result = await taskCandidate(agentName, prompt)
+          if (typeof result === "string") {
+            return result
+          }
+          if (typeof result === "object" && result !== null) {
+            const taskId = (result as Record<string, unknown>).task_id
+            if (typeof taskId === "string") {
+              return taskId
+            }
+          }
+          return `task-${Date.now()}`
+        }
+      : undefined
+
+  const managers = createManagers({ projectDir, config, backgroundDispatcher })
   const tools = createTools(config)
   const hooks = createHooks({ config, managers, projectDir, isHookEnabled })
 

package/src/knowledge/retry.ts

@@ -0,0 +1,53 @@
+export interface RetryOptions<T> {
+  maxAttempts: number
+  baseDelayMs: number
+  shouldRetry: (error: unknown) => boolean
+  onRetry?: (attempt: number, error: unknown) => void
+  _valueType?: T
+}
+
+export interface RetryResult<T> {
+  success: boolean
+  value?: T
+  error?: unknown
+  attempts: number
+}
+
+function sleep(delayMs: number): Promise<void> {
+  return new Promise((resolve) => setTimeout(resolve, delayMs))
+}
+
+export async function withRetry<T>(
+  fn: () => Promise<T>,
+  options: RetryOptions<T>,
+): Promise<RetryResult<T>> {
+  const maxAttempts = options.maxAttempts > 0 ? options.maxAttempts : 1
+  let lastError: unknown
+
+  for (let attempt = 1; attempt <= maxAttempts; attempt += 1) {
+    try {
+      const value = await fn()
+      return { success: true, value, attempts: attempt }
+    } catch (error) {
+      lastError = error
+      const canRetry = attempt < maxAttempts && options.shouldRetry(error)
+
+      if (!canRetry) {
+        return { success: false, error, attempts: attempt }
+      }
+
+      if (options.onRetry) {
+        options.onRetry(attempt, error)
+      }
+
+      const delay = options.baseDelayMs * 2 ** (attempt - 1)
+      await sleep(delay)
+    }
+  }
+
+  return {
+    success: false,
+    error: lastError,
+    attempts: maxAttempts,
+  }
+}