uups-checker 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (670) hide show
  1. package/.gitmodules +6 -0
  2. package/AIFI_AUDIT.md +220 -0
  3. package/ALL_AUDITS_SUMMARY.md +366 -0
  4. package/ALPHA_PROXY_CRITICAL_FINDING.md +136 -0
  5. package/ALPHA_PROXY_FINAL_ANALYSIS.md +213 -0
  6. package/ALPHA_PROXY_FINAL_VERDICT.md +233 -0
  7. package/ALPHA_PROXY_SELFDESTRUCT_EXPLOIT.md +161 -0
  8. package/ARIA-foundry-test.txt +9 -0
  9. package/ARIA-mythril-analysis.txt +20 -0
  10. package/ARIA-slither-analysis.txt +38 -0
  11. package/ARIA_AI_SECURITY_AUDIT.md +290 -0
  12. package/ARIA_VERIFIED_AUDIT.md +259 -0
  13. package/ARIA_VERIFIED_slither.txt +76 -0
  14. package/ARIVA_source.txt +1 -0
  15. package/ARK_AUDIT.md +349 -0
  16. package/BANANA_AUDIT.md +365 -0
  17. package/BAS_AUDIT.md +451 -0
  18. package/BAS_TOKEN_AUDIT.md +235 -0
  19. package/BCE_EXPLOIT_ANALYSIS.md +165 -0
  20. package/BEEFY_BNB_CHAIN_ANALYSIS.md +488 -0
  21. package/BEEFY_MONAD_ANALYSIS.md +239 -0
  22. package/BEEFY_STAKING_ANALYSIS.md +136 -0
  23. package/BEEFY_XVS_WBNB_ACTUAL_FINDINGS.md +223 -0
  24. package/BEEFY_XVS_WBNB_CRITICAL_FINDINGS.md +269 -0
  25. package/BLOCKSEC_ATTACK_KNOWLEDGE_BASE.md +771 -0
  26. package/BRISE_ANALYSIS.txt +31 -0
  27. package/BRISE_BSC_DAPPS.txt +68 -0
  28. package/BRISE_EXPLOITS_FOUND.md +98 -0
  29. package/BRISE_REAL_EXPLOITS.md +115 -0
  30. package/BRISE_WHITEHAT_REPORT.md +162 -0
  31. package/BRISEstake_Analysis.txt +95 -0
  32. package/BSCSLOCKTOKEN_CRITICAL_FINDING.md +240 -0
  33. package/BSW_BISWAP_SECURITY_AUDIT.md +330 -0
  34. package/BTCST_FINAL_VERDICT.md +319 -0
  35. package/BTCST_MINING_REBASE_ANALYSIS.md +229 -0
  36. package/BTCST_ROUNDING_DEEP_DIVE.md +293 -0
  37. package/BTCST_ROUNDING_FINAL_VERDICT.md +9 -0
  38. package/BTCST_SECURITY_ANALYSIS.md +391 -0
  39. package/BTR_AUDIT.md +210 -0
  40. package/BeamBridge-analysis.md +226 -0
  41. package/BeamToken-analysis.md +201 -0
  42. package/BitgertSwap_Investigation.txt +107 -0
  43. package/CEEK_STAKING_ANALYSIS.md +0 -0
  44. package/CHAINBASE_AUDIT.md +422 -0
  45. package/COMPLETE_AUDIT_SUMMARY.md +342 -0
  46. package/CORRECTED_ANALYSIS.txt +115 -0
  47. package/DBXEN_COMPARISON_SUMMARY.md +232 -0
  48. package/DBXEN_EXPLOIT_ANALYSIS.md +530 -0
  49. package/DOPFairLaunch_raw.json +29 -0
  50. package/DOPFairLaunch_source.txt +0 -0
  51. package/DOP_BRIDGE_FINAL_ANALYSIS.txt +86 -0
  52. package/DOP_BUSD_LP_ANALYSIS.txt +44 -0
  53. package/DOP_FAIRLAUNCH_ANALYSIS.txt +61 -0
  54. package/DOP_FAIRLAUNCH_FINAL_VERDICT.txt +113 -0
  55. package/DOP_STAKING_CONTRACT_ANALYSIS.txt +67 -0
  56. package/DSYNC_ECOSYSTEM_ANALYSIS.md +221 -0
  57. package/DSyncStaking-exploit-analysis.md +153 -0
  58. package/DSyncVault-analysis.md +120 -0
  59. package/DUSD_PROXY_AUDIT.md +407 -0
  60. package/DXSALE_LOCK_AUDIT.md +0 -0
  61. package/DXSaleLock_bytecode.txt +1 -0
  62. package/ECHIDNA_QUICK_START.md +101 -0
  63. package/ELEPHANT_ECOSYSTEM_AUDIT_PLAN.md +159 -0
  64. package/ELEPHANT_ECOSYSTEM_COMPREHENSIVE_AUDIT.md +427 -0
  65. package/ELEPHANT_SECURITY_ANALYSIS.md +209 -0
  66. package/ELEPHANT_VULNERABILITIES_EXPLAINED.md +455 -0
  67. package/EXPLOIT_FIX.md +300 -0
  68. package/EXPLOIT_INSTRUCTIONS.md +273 -0
  69. package/EXPLOIT_SUMMARY.md +285 -0
  70. package/EXPLOIT_SUMMARY.txt +175 -0
  71. package/FALCON_FINANCE_AUDIT.md +258 -0
  72. package/FANDOM_AUDIT.md +359 -0
  73. package/FEE_ON_TRANSFER_ANALYSIS.md +228 -0
  74. package/FINAL_AUDIT_REPORT.md +0 -0
  75. package/FOLIO_PROXY_AUDIT.md +299 -0
  76. package/FOT_EXPLOIT_RESULTS.txt +110 -0
  77. package/FOT_TOKENS_AUDITED.md +103 -0
  78. package/HEGIC-mythril-analysis.txt +39 -0
  79. package/HEGIC_COMPLETE_ANALYSIS.md +343 -0
  80. package/HOTCROSS_SWAP_EXPLOIT_ANALYSIS.md +123 -0
  81. package/ICECREAMSWAP_EXPLOITS.md +259 -0
  82. package/IMMUNEFI_REPORT.md +314 -0
  83. package/KCCPAD_EXPLOIT_GUIDE.md +285 -0
  84. package/KEL_CEL_EXPLOIT_ANALYSIS.md +0 -0
  85. package/KOGE_AUDIT.md +328 -0
  86. package/LENDFLARE_ANALYSIS.md +239 -0
  87. package/LENDFLARE_ECHIDNA_GUIDE.md +356 -0
  88. package/LENDFLARE_EXPLOIT_INSTRUCTIONS.md +297 -0
  89. package/LENDFLARE_EXPLOIT_SUMMARY.md +292 -0
  90. package/LENDFLARE_FLASHLOAN_GUIDE.md +383 -0
  91. package/LENDFLARE_FUZZING_RESULTS.md +252 -0
  92. package/LENDFLARE_HONEYPOT_BYPASS_ANALYSIS.md +420 -0
  93. package/LENDFLARE_MANUAL_FUZZING.md +324 -0
  94. package/LENDFLARE_MYTHRIL_ANALYSIS.md +339 -0
  95. package/LENDFLARE_V3_BYPASS.md +296 -0
  96. package/LFTDECOMPILE.txt +14478 -0
  97. package/LFT_ACCOUNTING_ANALYSIS.md +0 -0
  98. package/LFT_ACCOUNTING_BUG_ANALYSIS.md +426 -0
  99. package/LFT_BACKDOOR_DEEP_DIVE.md +0 -0
  100. package/LFT_CRITICAL_EXPLOIT_CONFIRMED.md +428 -0
  101. package/LFT_EXPLOIT_VISUAL.md +253 -0
  102. package/LFT_QUICK_SUMMARY.md +124 -0
  103. package/LFT_REVERSE_EXPLOIT_ANALYSIS.md +521 -0
  104. package/MGO_AUDIT_REPORT.md +420 -0
  105. package/MYTHRIL_FINAL_REPORT.md +306 -0
  106. package/MYTHRIL_SLITHER_SUMMARY.md +244 -0
  107. package/NETX_MIGRATION_AUDIT.md +0 -0
  108. package/NPM_PUBLISH_GUIDE.md +0 -0
  109. package/NRV_CRITICAL_EXPLOIT.txt +143 -0
  110. package/NetX_Analysis.txt +76 -0
  111. package/NetX_Migration_bytecode.txt +1 -0
  112. package/NetX_Migration_source.txt +0 -0
  113. package/NetX_Token_source.txt +0 -0
  114. package/NetxWhitehatRescue +22 -0
  115. package/OILER_ATTACK_VISUAL.md +351 -0
  116. package/OILER_BLOCKSEC_TEST_RESULTS.md +421 -0
  117. package/OILER_DEEP_ANALYSIS.md +212 -0
  118. package/OILER_FINAL_EXPLOIT_REPORT.md +241 -0
  119. package/OILER_FINAL_VERDICT.md +339 -0
  120. package/OILER_REENTRANCY_EXPLAINED.md +638 -0
  121. package/OILER_REENTRANCY_FINAL_SUMMARY.md +391 -0
  122. package/OILER_REENTRANCY_REALITY_CHECK.md +393 -0
  123. package/OILER_REENTRANCY_STEP_BY_STEP.md +597 -0
  124. package/OILER_STAKING_MAINNET_ANALYSIS.md +366 -0
  125. package/OILER_STAKING_SECURITY_ANALYSIS.md +409 -0
  126. package/PANCAKESWAP_UNDERFLOW_HUNTING.md +317 -0
  127. package/POLS_MULTICHAIN_AUDIT.md +0 -0
  128. package/POSI_STAKING_AUDIT.md +0 -0
  129. package/PROXY2_SECURITY_ANALYSIS.md +0 -0
  130. package/Proxy2TACS +29748 -0
  131. package/QUICK_START.md +240 -0
  132. package/RAMP_SECURITY_ANALYSIS.md +0 -0
  133. package/README.md +238 -0
  134. package/REAUDIT_MASTER_LIST.txt +15 -0
  135. package/RING_analysis.txt +212 -0
  136. package/RPC +4 -0
  137. package/RULES.txt +20 -0
  138. package/SIREN_AUDIT.md +186 -0
  139. package/SYNC_EXPLOIT_README.md +0 -0
  140. package/SYNC_TOKEN_EXPLOIT_REPORT.md +224 -0
  141. package/TLM_raw.html +0 -0
  142. package/TLM_raw.txt +0 -0
  143. package/TLM_response.json +1 -0
  144. package/TRADOOR_AUDIT.md +253 -0
  145. package/TRUNK_AUDIT.md +285 -0
  146. package/UNIBASE_AUDIT.md +241 -0
  147. package/UNLOCK_ANALYSIS.md +0 -0
  148. package/UNLOCK_EXPLOIT.md +49 -0
  149. package/UNLOCK_EXPLOIT_ANALYSIS.md +0 -0
  150. package/UPS +232 -0
  151. package/UUPSCHECKER +208 -0
  152. package/VAULT_PROXY_AUDIT.md +457 -0
  153. package/VAULT_PROXY_FINAL_VERDICT.md +0 -0
  154. package/VERIFIED_EXPLOITS_FINAL.txt +146 -0
  155. package/WKEYDAO2_AUDIT.md +245 -0
  156. package/WSG_AUDIT.md +0 -0
  157. package/XFI_DEEP_ANALYSIS.md +327 -0
  158. package/YOOSHI_EXPLOIT_GUIDE.md +119 -0
  159. package/YSDAO_EXPLOIT_GUIDE.md +0 -0
  160. package/agent-4-bundle.md +22490 -0
  161. package/alpha-proxy-echidna.txt +1 -0
  162. package/alpha-proxy-fuzz-results.txt +81 -0
  163. package/alpha-proxy-mythril.txt +2 -0
  164. package/analyze-btcst-farm.js +54 -0
  165. package/analyze-dxsale-lock.js +75 -0
  166. package/analyze-elephant.js +69 -0
  167. package/analyze-fara-rewards.js +109 -0
  168. package/analyze-fara-storage.js +83 -0
  169. package/analyze-lft-transaction.js +158 -0
  170. package/analyze-lock-bytecode.js +59 -0
  171. package/analyze-shegic.js +0 -0
  172. package/analyze-staking-abi.js +0 -0
  173. package/analyze-sxp.js +57 -0
  174. package/analyze-tlm.js +76 -0
  175. package/analyze-trumpet.js +98 -0
  176. package/analyze-unlimited-nft.js +108 -0
  177. package/analyze_elephant.sh +27 -0
  178. package/analyze_vault.sh +32 -0
  179. package/aria-bytecode.txt +1 -0
  180. package/aria_response.json +1 -0
  181. package/ark_temp/README.md +66 -0
  182. package/ark_temp/lib/forge-std/.gitattributes +1 -0
  183. package/ark_temp/lib/forge-std/.github/CODEOWNERS +1 -0
  184. package/ark_temp/lib/forge-std/.github/dependabot.yml +6 -0
  185. package/ark_temp/lib/forge-std/.github/workflows/ci.yml +125 -0
  186. package/ark_temp/lib/forge-std/.github/workflows/sync.yml +36 -0
  187. package/ark_temp/lib/forge-std/CONTRIBUTING.md +193 -0
  188. package/ark_temp/lib/forge-std/LICENSE-APACHE +203 -0
  189. package/ark_temp/lib/forge-std/LICENSE-MIT +25 -0
  190. package/ark_temp/lib/forge-std/README.md +314 -0
  191. package/ark_temp/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
  192. package/ark_temp/lib/forge-std/package.json +16 -0
  193. package/ark_temp/lib/forge-std/scripts/vm.py +636 -0
  194. package/audits/AiFi-security-audit-20260326.md +499 -0
  195. package/audits/BasedAI-Brains-security-audit-20260324.md +651 -0
  196. package/audits/BinanceAlphaWallet-pashov-ai-audit-report-20260324-170000.md +362 -0
  197. package/audits/DGToken-security-audit-20260324.md +376 -0
  198. package/audits/DSyncStaking-audit-part1.md +161 -0
  199. package/audits/DSyncStaking-security-audit-20260324.md +547 -0
  200. package/audits/DecompiledERC20-security-audit-20260325.md +397 -0
  201. package/audits/DegenVC-security-audit-20260324.md +585 -0
  202. package/audits/DelreyInu-security-audit-20260324.md +463 -0
  203. package/audits/DestraNetwork-security-audit-20260324.md +705 -0
  204. package/audits/DomiToken-security-audit-20260324.md +514 -0
  205. package/audits/LendFlareToken-security-audit-20260325.md +197 -0
  206. package/audits/LockReleaseTokenPool-security-audit-20260324.md +482 -0
  207. package/audits/MOG-pashov-ai-audit-report-20260324-164900.md +229 -0
  208. package/audits/PAALAI-security-audit-20260324.md +475 -0
  209. package/audits/PAR-security-audit-20260325.md +311 -0
  210. package/audits/PepeCoinStaking-security-audit-20260324.md +358 -0
  211. package/audits/StakingPool-security-audit-20260324.md +517 -0
  212. package/audits/SyncToken-security-audit-20260324.md +778 -0
  213. package/audits/UndeadToken-decompiled-security-audit-20260324.md +485 -0
  214. package/audits/UnknownToken-decompiled-security-audit-20260324.md +647 -0
  215. package/audits/XFIStaking-security-audit-20260324.md +682 -0
  216. package/audits/Xfinance-security-audit-20260324.md +463 -0
  217. package/audits/basedAIFarm-security-audit-20260324.md +330 -0
  218. package/audits/pepeCoin-security-audit-20260324.md +462 -0
  219. package/bin/ups +232 -0
  220. package/binance-wallet-exploit/.env.example +2 -0
  221. package/binance-wallet-exploit/EXECUTIVE_SUMMARY.md +272 -0
  222. package/binance-wallet-exploit/EXPLOIT_SUMMARY.md +104 -0
  223. package/binance-wallet-exploit/FINAL_ANALYSIS.md +326 -0
  224. package/binance-wallet-exploit/FLASHLOAN_ATTACK.md +292 -0
  225. package/binance-wallet-exploit/HONEYPOT_REPORT.md +526 -0
  226. package/binance-wallet-exploit/INVESTIGATION_COMPLETE.md +362 -0
  227. package/binance-wallet-exploit/LENDFLARE_EXPLOIT.md +219 -0
  228. package/binance-wallet-exploit/LENDFLARE_FINAL_ATTACK.md +307 -0
  229. package/binance-wallet-exploit/LENDFLARE_REAL_EXPLOIT.md +286 -0
  230. package/binance-wallet-exploit/LENDFLARE_RUGPULL.md +269 -0
  231. package/binance-wallet-exploit/LFT_ANALYSIS.md +206 -0
  232. package/binance-wallet-exploit/QUICK_START.md +75 -0
  233. package/binance-wallet-exploit/README.md +195 -0
  234. package/binance-wallet-exploit/REAL_TX_EXPLOIT_ANALYSIS.md +271 -0
  235. package/binance-wallet-exploit/REMIX_INSTRUCTIONS.md +223 -0
  236. package/binance-wallet-exploit/TEST_RESULTS.md +203 -0
  237. package/binance-wallet-exploit/cache/solidity-files-cache.json +1 -0
  238. package/binance-wallet-exploit/cache/test-failures +1 -0
  239. package/binance-wallet-exploit/lib/forge-std/.gitattributes +1 -0
  240. package/binance-wallet-exploit/lib/forge-std/.github/CODEOWNERS +1 -0
  241. package/binance-wallet-exploit/lib/forge-std/.github/dependabot.yml +6 -0
  242. package/binance-wallet-exploit/lib/forge-std/.github/workflows/ci.yml +125 -0
  243. package/binance-wallet-exploit/lib/forge-std/.github/workflows/sync.yml +36 -0
  244. package/binance-wallet-exploit/lib/forge-std/CONTRIBUTING.md +193 -0
  245. package/binance-wallet-exploit/lib/forge-std/LICENSE-APACHE +203 -0
  246. package/binance-wallet-exploit/lib/forge-std/LICENSE-MIT +25 -0
  247. package/binance-wallet-exploit/lib/forge-std/README.md +314 -0
  248. package/binance-wallet-exploit/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
  249. package/binance-wallet-exploit/lib/forge-std/package.json +16 -0
  250. package/binance-wallet-exploit/lib/forge-std/scripts/vm.py +636 -0
  251. package/binance-wallet-exploit/out/build-info/1e9aa7e86cf56962.json +1 -0
  252. package/binance-wallet-exploit/out/build-info/6f56f10e9d7b56eb.json +1 -0
  253. package/binance-wallet-exploit/out/build-info/7edba961ff697a24.json +1 -0
  254. package/binance-wallet-exploit/out/build-info/8c27fe3efea2f2e7.json +1 -0
  255. package/binance-wallet-exploit/out/build-info/978b680daffec63a.json +1 -0
  256. package/binance-wallet-exploit/out/build-info/9806b900b5672d0c.json +1 -0
  257. package/binance-wallet-exploit/out/build-info/b4b9ff36e9b3fc27.json +1 -0
  258. package/binance-wallet-exploit/out/build-info/b6f4df9ae05c0812.json +1 -0
  259. package/binance-wallet-exploit/out/build-info/c88dbc86551f7b5c.json +1 -0
  260. package/binance-wallet-exploit/out/build-info/e9657504010623db.json +1 -0
  261. package/cache/fuzz/failures/ARIAVerifiedFuzzTest/testFuzz_ApprovalRaceCondition +1 -0
  262. package/cache/fuzz/failures/HotCrossSwapFuzzTest/testFuzz_DirectTransferExploit +1 -0
  263. package/cache/fuzz/failures/HotCrossSwapFuzzTest/testFuzz_LargeSwapDrain +1 -0
  264. package/cache/fuzz/failures/LendFlareFuzz/testFuzz_ApprovalExploit +1 -0
  265. package/cache/fuzz/failures/LendFlareFuzz/testFuzz_BalanceManipulation +1 -0
  266. package/cache/fuzz/failures/LendFlareFuzz/testFuzz_RateManipulation +1 -0
  267. package/cache/fuzz/failures/LendFlareFuzz/testFuzz_StorageManipulation +1 -0
  268. package/cache/fuzz/failures/PARFuzzTest/testFuzz_OverflowTransfer +1 -0
  269. package/cache/fuzz/failures/PARFuzzTest/testFuzz_Transfer +1 -0
  270. package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_FrontrunAddfunds +1 -0
  271. package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_RewardOverflow +1 -0
  272. package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_RoundingExploit +1 -0
  273. package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_WithdrawLimit +1 -0
  274. package/cache/solidity-files-cache.json +1 -0
  275. package/cache/test-failures +1 -0
  276. package/calculate-elephant-flashloan.js +195 -0
  277. package/check-address-approval.js +112 -0
  278. package/check-alpha-proxy.js +42 -0
  279. package/check-arbitrage.js +155 -0
  280. package/check-aria-token.js +47 -0
  281. package/check-ark.sh +20 -0
  282. package/check-btcst-mining.js +75 -0
  283. package/check-btcst-pools.js +163 -0
  284. package/check-btcst.js +88 -0
  285. package/check-caller.js +26 -0
  286. package/check-ceek-lp.js +73 -0
  287. package/check-ceek.js +47 -0
  288. package/check-dxsale-address.js +35 -0
  289. package/check-fara-exploit-timing.js +56 -0
  290. package/check-fara-real-exploit.js +73 -0
  291. package/check-flashloan-limits.js +129 -0
  292. package/check-kel-cel-pool.js +91 -0
  293. package/check-lax-staking.js +41 -0
  294. package/check-lendflare.js +165 -0
  295. package/check-lft-accounting.js +109 -0
  296. package/check-lft-roles.js +165 -0
  297. package/check-lock-time.js +47 -0
  298. package/check-min-stake.js +73 -0
  299. package/check-mystery-contract.js +52 -0
  300. package/check-next-token.js +50 -0
  301. package/check-nora-lock.js +67 -0
  302. package/check-oiler-approvals.js +116 -0
  303. package/check-oiler-proxy.js +73 -0
  304. package/check-oiler-staking.js +117 -0
  305. package/check-proxy-simple.js +71 -0
  306. package/check-recent-stakes.js +54 -0
  307. package/check-shegic-holdings.js +67 -0
  308. package/check-snowcrash-ecosystem.js +83 -0
  309. package/check-sync-lp.js +97 -0
  310. package/check-sync-stake.js +42 -0
  311. package/check-tlm.js +37 -0
  312. package/check-token-pools.js +146 -0
  313. package/check-trunk-depeg.js +181 -0
  314. package/check-tusd-decimals.js +58 -0
  315. package/check-user-storage-deep.js +81 -0
  316. package/check-welephant-pools.js +130 -0
  317. package/check-xfi-pool.js +75 -0
  318. package/check-zypher.js +32 -0
  319. package/check_proxy.sh +36 -0
  320. package/compare-tlm-chains.js +90 -0
  321. package/contract_0x05f2.html +6025 -0
  322. package/contract_0x3720.html +6361 -0
  323. package/contract_0x928e.html +5606 -0
  324. package/contract_0xc42d.html +5304 -0
  325. package/contract_page.html +5789 -0
  326. package/decode-stake-tx.js +50 -0
  327. package/deep-analyze-lock.js +82 -0
  328. package/dune_uups_proxy_query.sql +42 -0
  329. package/dune_uups_vulnerable_query.sql +0 -0
  330. package/echidna/alpha-proxy.yaml +14 -0
  331. package/echidna/elephant.yaml +7 -0
  332. package/echidna/lendflare.yaml +42 -0
  333. package/echidna.config.yaml +12 -0
  334. package/elephant_raw.json +1 -0
  335. package/eps_raw.json +1 -0
  336. package/exploit/.github/workflows/test.yml +38 -0
  337. package/exploit/.gitmodules +3 -0
  338. package/exploit/README.md +66 -0
  339. package/exploit/foundry.lock +8 -0
  340. package/exploit/lib/forge-std/.gitattributes +1 -0
  341. package/exploit/lib/forge-std/.github/CODEOWNERS +1 -0
  342. package/exploit/lib/forge-std/.github/dependabot.yml +6 -0
  343. package/exploit/lib/forge-std/.github/workflows/ci.yml +125 -0
  344. package/exploit/lib/forge-std/.github/workflows/sync.yml +36 -0
  345. package/exploit/lib/forge-std/CONTRIBUTING.md +193 -0
  346. package/exploit/lib/forge-std/LICENSE-APACHE +203 -0
  347. package/exploit/lib/forge-std/LICENSE-MIT +25 -0
  348. package/exploit/lib/forge-std/README.md +314 -0
  349. package/exploit/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
  350. package/exploit/lib/forge-std/package.json +16 -0
  351. package/exploit/lib/forge-std/scripts/vm.py +636 -0
  352. package/exploit_analysis.txt +51 -0
  353. package/extract_contract.py +21 -0
  354. package/extract_elephant_contracts.py +24 -0
  355. package/fara-staking-bytecode.txt +1 -0
  356. package/fara-staking-raw.txt +1 -0
  357. package/fetch-aria.js +46 -0
  358. package/fetch-contract.js +50 -0
  359. package/fetch-shegic-source.js +86 -0
  360. package/fetch-snowcrash.js +44 -0
  361. package/fetch-staking-source.js +53 -0
  362. package/fetch-tlm.js +60 -0
  363. package/fetch_elephant_source.py +32 -0
  364. package/find-ceek-staking.js +21 -0
  365. package/find-exploit-tx.js +88 -0
  366. package/find-oiler-holders.js +100 -0
  367. package/find-tlm-holder.js +36 -0
  368. package/find-vulnerable-fund.js +94 -0
  369. package/foundry.lock +8 -0
  370. package/fuzz-all.sh +53 -0
  371. package/get-aria-contract.py +40 -0
  372. package/get-lft-holders.js +89 -0
  373. package/get-tlm-source.sh +8 -0
  374. package/harvest_txs.json +1 -0
  375. package/lft-bytecode-raw.txt +1 -0
  376. package/lft-bytecode.json +1 -0
  377. package/lft-impl.bin +1 -0
  378. package/lft-implementation-bytecode.txt +1 -0
  379. package/lib/forge-std/.gitattributes +1 -0
  380. package/lib/forge-std/.github/CODEOWNERS +1 -0
  381. package/lib/forge-std/.github/dependabot.yml +6 -0
  382. package/lib/forge-std/.github/workflows/ci.yml +125 -0
  383. package/lib/forge-std/.github/workflows/sync.yml +36 -0
  384. package/lib/forge-std/CONTRIBUTING.md +193 -0
  385. package/lib/forge-std/LICENSE-APACHE +203 -0
  386. package/lib/forge-std/LICENSE-MIT +25 -0
  387. package/lib/forge-std/README.md +314 -0
  388. package/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
  389. package/lib/forge-std/package.json +16 -0
  390. package/lib/forge-std/scripts/vm.py +636 -0
  391. package/lib/openzeppelin-contracts/.changeset/config.json +12 -0
  392. package/lib/openzeppelin-contracts/.codecov.yml +12 -0
  393. package/lib/openzeppelin-contracts/.editorconfig +21 -0
  394. package/lib/openzeppelin-contracts/.eslintrc +20 -0
  395. package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/bug_report.md +21 -0
  396. package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/config.yml +4 -0
  397. package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/feature_request.md +14 -0
  398. package/lib/openzeppelin-contracts/.github/PULL_REQUEST_TEMPLATE.md +20 -0
  399. package/lib/openzeppelin-contracts/.github/actions/gas-compare/action.yml +49 -0
  400. package/lib/openzeppelin-contracts/.github/actions/setup/action.yml +21 -0
  401. package/lib/openzeppelin-contracts/.github/actions/storage-layout/action.yml +55 -0
  402. package/lib/openzeppelin-contracts/.github/workflows/actionlint.yml +18 -0
  403. package/lib/openzeppelin-contracts/.github/workflows/changeset.yml +28 -0
  404. package/lib/openzeppelin-contracts/.github/workflows/checks.yml +118 -0
  405. package/lib/openzeppelin-contracts/.github/workflows/docs.yml +19 -0
  406. package/lib/openzeppelin-contracts/.github/workflows/formal-verification.yml +68 -0
  407. package/lib/openzeppelin-contracts/.github/workflows/release-cycle.yml +214 -0
  408. package/lib/openzeppelin-contracts/.github/workflows/upgradeable.yml +34 -0
  409. package/lib/openzeppelin-contracts/.gitmodules +7 -0
  410. package/lib/openzeppelin-contracts/.mocharc.js +4 -0
  411. package/lib/openzeppelin-contracts/.prettierrc +15 -0
  412. package/lib/openzeppelin-contracts/.solcover.js +13 -0
  413. package/lib/openzeppelin-contracts/CHANGELOG.md +972 -0
  414. package/lib/openzeppelin-contracts/CODE_OF_CONDUCT.md +73 -0
  415. package/lib/openzeppelin-contracts/CONTRIBUTING.md +36 -0
  416. package/lib/openzeppelin-contracts/GUIDELINES.md +148 -0
  417. package/lib/openzeppelin-contracts/LICENSE +22 -0
  418. package/lib/openzeppelin-contracts/README.md +107 -0
  419. package/lib/openzeppelin-contracts/RELEASING.md +45 -0
  420. package/lib/openzeppelin-contracts/SECURITY.md +42 -0
  421. package/lib/openzeppelin-contracts/audits/2017-03.md +292 -0
  422. package/lib/openzeppelin-contracts/audits/2018-10.pdf +0 -0
  423. package/lib/openzeppelin-contracts/audits/2022-10-Checkpoints.pdf +0 -0
  424. package/lib/openzeppelin-contracts/audits/2022-10-ERC4626.pdf +0 -0
  425. package/lib/openzeppelin-contracts/audits/2023-05-v4.9.pdf +0 -0
  426. package/lib/openzeppelin-contracts/audits/2023-10-v5.0.pdf +0 -0
  427. package/lib/openzeppelin-contracts/audits/README.md +17 -0
  428. package/lib/openzeppelin-contracts/certora/Makefile +54 -0
  429. package/lib/openzeppelin-contracts/certora/README.md +60 -0
  430. package/lib/openzeppelin-contracts/certora/diff/access_manager_AccessManager.sol.patch +97 -0
  431. package/lib/openzeppelin-contracts/certora/reports/2021-10.pdf +0 -0
  432. package/lib/openzeppelin-contracts/certora/reports/2022-03.pdf +0 -0
  433. package/lib/openzeppelin-contracts/certora/reports/2022-05.pdf +0 -0
  434. package/lib/openzeppelin-contracts/certora/run.js +160 -0
  435. package/lib/openzeppelin-contracts/certora/specs/AccessControl.spec +119 -0
  436. package/lib/openzeppelin-contracts/certora/specs/AccessControlDefaultAdminRules.spec +464 -0
  437. package/lib/openzeppelin-contracts/certora/specs/DoubleEndedQueue.spec +300 -0
  438. package/lib/openzeppelin-contracts/certora/specs/ERC20.spec +352 -0
  439. package/lib/openzeppelin-contracts/certora/specs/ERC20FlashMint.spec +55 -0
  440. package/lib/openzeppelin-contracts/certora/specs/ERC20Wrapper.spec +198 -0
  441. package/lib/openzeppelin-contracts/certora/specs/ERC721.spec +679 -0
  442. package/lib/openzeppelin-contracts/certora/specs/EnumerableMap.spec +333 -0
  443. package/lib/openzeppelin-contracts/certora/specs/EnumerableSet.spec +246 -0
  444. package/lib/openzeppelin-contracts/certora/specs/Initializable.spec +165 -0
  445. package/lib/openzeppelin-contracts/certora/specs/Ownable.spec +77 -0
  446. package/lib/openzeppelin-contracts/certora/specs/Ownable2Step.spec +108 -0
  447. package/lib/openzeppelin-contracts/certora/specs/Pausable.spec +96 -0
  448. package/lib/openzeppelin-contracts/certora/specs/TimelockController.spec +274 -0
  449. package/lib/openzeppelin-contracts/certora/specs/helpers/helpers.spec +7 -0
  450. package/lib/openzeppelin-contracts/certora/specs/methods/IAccessControl.spec +8 -0
  451. package/lib/openzeppelin-contracts/certora/specs/methods/IAccessControlDefaultAdminRules.spec +36 -0
  452. package/lib/openzeppelin-contracts/certora/specs/methods/IERC20.spec +11 -0
  453. package/lib/openzeppelin-contracts/certora/specs/methods/IERC2612.spec +5 -0
  454. package/lib/openzeppelin-contracts/certora/specs/methods/IERC3156FlashBorrower.spec +3 -0
  455. package/lib/openzeppelin-contracts/certora/specs/methods/IERC3156FlashLender.spec +5 -0
  456. package/lib/openzeppelin-contracts/certora/specs/methods/IERC5313.spec +3 -0
  457. package/lib/openzeppelin-contracts/certora/specs/methods/IERC721.spec +17 -0
  458. package/lib/openzeppelin-contracts/certora/specs/methods/IERC721Receiver.spec +3 -0
  459. package/lib/openzeppelin-contracts/certora/specs/methods/IOwnable.spec +5 -0
  460. package/lib/openzeppelin-contracts/certora/specs/methods/IOwnable2Step.spec +7 -0
  461. package/lib/openzeppelin-contracts/certora/specs.json +86 -0
  462. package/lib/openzeppelin-contracts/contracts/access/README.adoc +43 -0
  463. package/lib/openzeppelin-contracts/contracts/finance/README.adoc +14 -0
  464. package/lib/openzeppelin-contracts/contracts/governance/README.adoc +167 -0
  465. package/lib/openzeppelin-contracts/contracts/interfaces/README.adoc +82 -0
  466. package/lib/openzeppelin-contracts/contracts/metatx/README.adoc +12 -0
  467. package/lib/openzeppelin-contracts/contracts/package.json +32 -0
  468. package/lib/openzeppelin-contracts/contracts/proxy/README.adoc +87 -0
  469. package/lib/openzeppelin-contracts/contracts/token/ERC1155/README.adoc +41 -0
  470. package/lib/openzeppelin-contracts/contracts/token/ERC20/README.adoc +67 -0
  471. package/lib/openzeppelin-contracts/contracts/token/ERC721/README.adoc +67 -0
  472. package/lib/openzeppelin-contracts/contracts/token/common/README.adoc +10 -0
  473. package/lib/openzeppelin-contracts/contracts/utils/README.adoc +88 -0
  474. package/lib/openzeppelin-contracts/contracts/vendor/compound/LICENSE +11 -0
  475. package/lib/openzeppelin-contracts/docs/README.md +16 -0
  476. package/lib/openzeppelin-contracts/docs/antora.yml +7 -0
  477. package/lib/openzeppelin-contracts/docs/config.js +21 -0
  478. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-3a.png +0 -0
  479. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-3b.png +0 -0
  480. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-6.png +0 -0
  481. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack.png +0 -0
  482. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-deposit.png +0 -0
  483. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-mint.png +0 -0
  484. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-linear.png +0 -0
  485. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-loglog.png +0 -0
  486. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-loglogext.png +0 -0
  487. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/tally-exec.png +0 -0
  488. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/tally-vote.png +0 -0
  489. package/lib/openzeppelin-contracts/docs/modules/ROOT/nav.adoc +23 -0
  490. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/access-control.adoc +204 -0
  491. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/backwards-compatibility.adoc +48 -0
  492. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/crowdsales.adoc +11 -0
  493. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/drafts.adoc +19 -0
  494. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc1155.adoc +145 -0
  495. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc20-supply.adoc +71 -0
  496. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc20.adoc +77 -0
  497. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc4626.adoc +214 -0
  498. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc721.adoc +79 -0
  499. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/extending-contracts.adoc +77 -0
  500. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/faq.adoc +13 -0
  501. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/governance.adoc +240 -0
  502. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/index.adoc +79 -0
  503. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/tokens.adoc +31 -0
  504. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/upgradeable.adoc +77 -0
  505. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/utilities.adoc +185 -0
  506. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/wizard.adoc +15 -0
  507. package/lib/openzeppelin-contracts/docs/templates/contract.hbs +111 -0
  508. package/lib/openzeppelin-contracts/docs/templates/helpers.js +46 -0
  509. package/lib/openzeppelin-contracts/docs/templates/page.hbs +4 -0
  510. package/lib/openzeppelin-contracts/docs/templates/properties.js +64 -0
  511. package/lib/openzeppelin-contracts/hardhat/env-artifacts.js +24 -0
  512. package/lib/openzeppelin-contracts/hardhat/env-contract.js +25 -0
  513. package/lib/openzeppelin-contracts/hardhat/ignore-unreachable-warnings.js +45 -0
  514. package/lib/openzeppelin-contracts/hardhat/skip-foundry-tests.js +6 -0
  515. package/lib/openzeppelin-contracts/hardhat/task-test-get-files.js +25 -0
  516. package/lib/openzeppelin-contracts/hardhat.config.js +131 -0
  517. package/lib/openzeppelin-contracts/lib/erc4626-tests/LICENSE +661 -0
  518. package/lib/openzeppelin-contracts/lib/erc4626-tests/README.md +116 -0
  519. package/lib/openzeppelin-contracts/lib/forge-std/.github/workflows/ci.yml +92 -0
  520. package/lib/openzeppelin-contracts/lib/forge-std/.gitmodules +3 -0
  521. package/lib/openzeppelin-contracts/lib/forge-std/LICENSE-APACHE +203 -0
  522. package/lib/openzeppelin-contracts/lib/forge-std/LICENSE-MIT +25 -0
  523. package/lib/openzeppelin-contracts/lib/forge-std/README.md +250 -0
  524. package/lib/openzeppelin-contracts/lib/forge-std/package.json +16 -0
  525. package/lib/openzeppelin-contracts/logo.svg +15 -0
  526. package/lib/openzeppelin-contracts/netlify.toml +3 -0
  527. package/lib/openzeppelin-contracts/package-lock.json +16544 -0
  528. package/lib/openzeppelin-contracts/package.json +96 -0
  529. package/lib/openzeppelin-contracts/remappings.txt +1 -0
  530. package/lib/openzeppelin-contracts/renovate.json +4 -0
  531. package/lib/openzeppelin-contracts/requirements.txt +1 -0
  532. package/lib/openzeppelin-contracts/scripts/checks/compare-layout.js +20 -0
  533. package/lib/openzeppelin-contracts/scripts/checks/compareGasReports.js +243 -0
  534. package/lib/openzeppelin-contracts/scripts/checks/extract-layout.js +38 -0
  535. package/lib/openzeppelin-contracts/scripts/checks/generation.sh +6 -0
  536. package/lib/openzeppelin-contracts/scripts/checks/inheritance-ordering.js +54 -0
  537. package/lib/openzeppelin-contracts/scripts/gen-nav.js +41 -0
  538. package/lib/openzeppelin-contracts/scripts/generate/format-lines.js +16 -0
  539. package/lib/openzeppelin-contracts/scripts/generate/run.js +49 -0
  540. package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.js +247 -0
  541. package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.opts.js +17 -0
  542. package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.t.js +146 -0
  543. package/lib/openzeppelin-contracts/scripts/generate/templates/EnumerableMap.js +283 -0
  544. package/lib/openzeppelin-contracts/scripts/generate/templates/EnumerableSet.js +250 -0
  545. package/lib/openzeppelin-contracts/scripts/generate/templates/SafeCast.js +126 -0
  546. package/lib/openzeppelin-contracts/scripts/generate/templates/StorageSlot.js +78 -0
  547. package/lib/openzeppelin-contracts/scripts/generate/templates/conversion.js +30 -0
  548. package/lib/openzeppelin-contracts/scripts/git-user-config.sh +6 -0
  549. package/lib/openzeppelin-contracts/scripts/helpers.js +37 -0
  550. package/lib/openzeppelin-contracts/scripts/prepack.sh +23 -0
  551. package/lib/openzeppelin-contracts/scripts/prepare-docs.sh +26 -0
  552. package/lib/openzeppelin-contracts/scripts/release/format-changelog.js +33 -0
  553. package/lib/openzeppelin-contracts/scripts/release/synchronize-versions.js +15 -0
  554. package/lib/openzeppelin-contracts/scripts/release/update-comment.js +34 -0
  555. package/lib/openzeppelin-contracts/scripts/release/version.sh +11 -0
  556. package/lib/openzeppelin-contracts/scripts/release/workflow/exit-prerelease.sh +8 -0
  557. package/lib/openzeppelin-contracts/scripts/release/workflow/github-release.js +48 -0
  558. package/lib/openzeppelin-contracts/scripts/release/workflow/integrity-check.sh +20 -0
  559. package/lib/openzeppelin-contracts/scripts/release/workflow/pack.sh +26 -0
  560. package/lib/openzeppelin-contracts/scripts/release/workflow/publish.sh +26 -0
  561. package/lib/openzeppelin-contracts/scripts/release/workflow/rerun.js +7 -0
  562. package/lib/openzeppelin-contracts/scripts/release/workflow/set-changesets-pr-title.js +17 -0
  563. package/lib/openzeppelin-contracts/scripts/release/workflow/start.sh +35 -0
  564. package/lib/openzeppelin-contracts/scripts/release/workflow/state.js +112 -0
  565. package/lib/openzeppelin-contracts/scripts/remove-ignored-artifacts.js +45 -0
  566. package/lib/openzeppelin-contracts/scripts/solhint-custom/index.js +84 -0
  567. package/lib/openzeppelin-contracts/scripts/solhint-custom/package.json +5 -0
  568. package/lib/openzeppelin-contracts/scripts/update-docs-branch.js +65 -0
  569. package/lib/openzeppelin-contracts/scripts/upgradeable/README.md +21 -0
  570. package/lib/openzeppelin-contracts/scripts/upgradeable/patch-apply.sh +19 -0
  571. package/lib/openzeppelin-contracts/scripts/upgradeable/patch-save.sh +18 -0
  572. package/lib/openzeppelin-contracts/scripts/upgradeable/transpile-onto.sh +54 -0
  573. package/lib/openzeppelin-contracts/scripts/upgradeable/transpile.sh +47 -0
  574. package/lib/openzeppelin-contracts/scripts/upgradeable/upgradeable.patch +360 -0
  575. package/lib/openzeppelin-contracts/slither.config.json +5 -0
  576. package/lib/openzeppelin-contracts/solhint.config.js +20 -0
  577. package/mythril-lft-output.txt +1 -0
  578. package/mythril-lft-symbolic.txt +18 -0
  579. package/mythril-lft.sh +20 -0
  580. package/mythril-symbolic-output.txt +1 -0
  581. package/mythril-symbolic.sh +42 -0
  582. package/out/build-info/0026b78428192979.json +1 -0
  583. package/out/build-info/03c4fc3b88486eba.json +1 -0
  584. package/out/build-info/0540afa9b9a5c5a6.json +1 -0
  585. package/out/build-info/081932f505bc08b9.json +1 -0
  586. package/out/build-info/0da104ba0d6642d5.json +1 -0
  587. package/out/build-info/197281971dbb5f23.json +1 -0
  588. package/out/build-info/197e7e332832a232.json +1 -0
  589. package/out/build-info/1a1cab9136eb5f94.json +1 -0
  590. package/out/build-info/1b320204eb162aa2.json +1 -0
  591. package/out/build-info/1e03f94398052674.json +1 -0
  592. package/out/build-info/22ac085949602937.json +1 -0
  593. package/out/build-info/234ef37453a9fa64.json +1 -0
  594. package/out/build-info/2447db7b1878fa8e.json +1 -0
  595. package/out/build-info/25568daeb484f5ff.json +1 -0
  596. package/out/build-info/27465853244c49ce.json +1 -0
  597. package/out/build-info/2c57a9e0f087453b.json +1 -0
  598. package/out/build-info/3c62ae7de8da68c4.json +1 -0
  599. package/out/build-info/3e771ae109e97bb3.json +1 -0
  600. package/out/build-info/460499bc0a3465c4.json +1 -0
  601. package/out/build-info/47ce37e50a4f115e.json +1 -0
  602. package/out/build-info/4fcce5c63cf427d6.json +1 -0
  603. package/out/build-info/4fd0a53fe63fddbb.json +1 -0
  604. package/out/build-info/50f1247db9d769cc.json +1 -0
  605. package/out/build-info/5317d0181a7a5e02.json +1 -0
  606. package/out/build-info/594df509275ceb5b.json +1 -0
  607. package/out/build-info/61983ac3f6141719.json +1 -0
  608. package/out/build-info/638c4548307122fe.json +1 -0
  609. package/out/build-info/67c2c43bdb7c0ded.json +1 -0
  610. package/out/build-info/777f42643aad37b7.json +1 -0
  611. package/out/build-info/7d7856f19e845354.json +1 -0
  612. package/out/build-info/83976260b6f71e94.json +1 -0
  613. package/out/build-info/83c23882000b963d.json +1 -0
  614. package/out/build-info/84b2cce8f70b36be.json +1 -0
  615. package/out/build-info/8bc13d31d7c3206a.json +1 -0
  616. package/out/build-info/8e183bd4d9d8cf88.json +1 -0
  617. package/out/build-info/94bfe1e7cafa8ff5.json +1 -0
  618. package/out/build-info/99ec7d5e8d8ff360.json +1 -0
  619. package/out/build-info/9ac044b29daa7d5e.json +1 -0
  620. package/out/build-info/9b203227ff5d2e63.json +1 -0
  621. package/out/build-info/9d18c5872c4282dd.json +1 -0
  622. package/out/build-info/9f77f04f33baf9a3.json +1 -0
  623. package/out/build-info/a6e1caf974787982.json +1 -0
  624. package/out/build-info/a94b6348867a62d6.json +1 -0
  625. package/out/build-info/ad93721947a8b195.json +1 -0
  626. package/out/build-info/b42daddb5aa4b19f.json +1 -0
  627. package/out/build-info/bf13512ae899f7e8.json +1 -0
  628. package/out/build-info/c39f86c20a548c4a.json +1 -0
  629. package/out/build-info/cb12bb975a2f4e65.json +1 -0
  630. package/out/build-info/d0c6788fadc2aa60.json +1 -0
  631. package/out/build-info/d2726bf94ed5b845.json +1 -0
  632. package/out/build-info/d4eb00da50cce5cb.json +1 -0
  633. package/out/build-info/db931924a3bc8bdd.json +1 -0
  634. package/out/build-info/e1a503d49bc77401.json +1 -0
  635. package/out/build-info/efe5396f8892ce77.json +1 -0
  636. package/out/build-info/f536d90ced745969.json +1 -0
  637. package/out/build-info/fed38823c7019b82.json +1 -0
  638. package/package.json +51 -0
  639. package/page.html +5384 -0
  640. package/pancakeswap-simple-tvl.sql +15 -0
  641. package/pancakeswap-top-pools.sql +29 -0
  642. package/pancakeswap-tvl-optimized.sql +57 -0
  643. package/pancakeswap-tvl-query.sql +60 -0
  644. package/pancakeswap-underflow-hunting.sql +51 -0
  645. package/pancakeswap-vulnerability-queries.sql +200 -0
  646. package/posi_page.html +6369 -0
  647. package/posi_response.json +29 -0
  648. package/proxy_page.html +500 -0
  649. package/run_mythril_elephant.sh +18 -0
  650. package/sHEGIC-bytecode.bin +6 -0
  651. package/sHEGIC-mythril-analysis.txt +1 -0
  652. package/sHEGIC-mythril-full.txt +134 -0
  653. package/sHEGIC_ANALYSIS.md +135 -0
  654. package/sHEGIC_EXPLOIT_ANALYSIS.md +317 -0
  655. package/sHEGIC_MYTHRIL_ANALYSIS.md +361 -0
  656. package/scrape-snowcrash.js +28 -0
  657. package/scripts/yooshi_drain.sh +154 -0
  658. package/shi_raw.json +1 -0
  659. package/temp.json +1 -0
  660. package/temp_harvest.json +1 -0
  661. package/temp_pika.json +1 -0
  662. package/temp_posi.json +1 -0
  663. package/temp_response.json +1 -0
  664. package/test-lft-hidden-balance.js +108 -0
  665. package/test-xfi-exploit.js +140 -0
  666. package/trunk-liquidity-rescue.js +164 -0
  667. package/vBABY_page.html +6153 -0
  668. package/vBABY_response.json +29 -0
  669. package/wsg_response.json +1 -0
  670. package/yooldo_page.html +10371 -0
package/FANDOM_AUDIT.md ADDED
@@ -0,0 +1,359 @@
1
+ # FandomToken - Security Audit
2
+
3
+ **Contract Address:** `0xb150e91cb40909f47d45115ee9e90667d807464b` (BSC)
4
+ **Token Name:** Fandom
5
+ **Symbol:** FAN
6
+ **Total Supply:** 2,000,000,000 FAN (2 billion)
7
+ **Cap:** 2,000,000,000 FAN
8
+ **Compiler:** Solidity 0.8.24
9
+ **Audit Date:** March 25, 2026
10
+ **Tools Used:** Foundry Fuzzing (256 runs), Manual Code Review
11
+
12
+ ---
13
+
14
+ ## Executive Summary
15
+
16
+ FandomToken is a BEP-20 token built with OpenZeppelin v5.0 contracts. It combines multiple standard extensions: ERC20, ERC20Burnable, ERC20Capped, ERC20Permit, and Ownable. The contract mints the entire capped supply to the owner at deployment and has NO admin mint functions.
17
+
18
+ ### Risk Rating: **VERY LOW (1/10)** - SAFE
19
+
20
+ **CRITICAL FINDING:** Owner has RENOUNCED ownership. The contract uses battle-tested OpenZeppelin code with NO custom logic or vulnerabilities.
21
+
22
+ ---
23
+
24
+ ## Key Findings
25
+
26
+ | Severity | Count | Description |
27
+ |----------|-------|-------------|
28
+ | 🔴 CRITICAL | 0 | None |
29
+ | 🟡 MEDIUM | 0 | None |
30
+ | 🟢 LOW | 0 | None |
31
+ | ℹ️ INFO | 1 | Owner renounced |
32
+
33
+ ---
34
+
35
+ ## On-Chain Status
36
+
37
+ **Owner:** `0x0000000000000000000000000000000000000000` (RENOUNCED ✅)
38
+ **Total Supply:** `2,000,000,000 FAN`
39
+ **Cap:** `2,000,000,000 FAN`
40
+ **Status:** SAFE - Standard OpenZeppelin implementation
41
+
42
+ ---
43
+
44
+ ## Contract Analysis
45
+
46
+ ### Architecture
47
+
48
+ ```solidity
49
+ contract FandomToken is
50
+ ERC20, // Standard ERC20 functionality
51
+ ERC20Burnable, // Users can burn their tokens
52
+ ERC20Capped, // Max supply enforced (2B tokens)
53
+ ERC20Permit, // Gasless approvals via EIP-2612
54
+ Ownable // Owner control (now renounced)
55
+ {
56
+ constructor(
57
+ string memory name_,
58
+ string memory symbol_,
59
+ uint256 cap_,
60
+ address owner_
61
+ )
62
+ ERC20(name_, symbol_)
63
+ ERC20Permit(name_)
64
+ ERC20Capped(cap_)
65
+ Ownable(owner_)
66
+ {
67
+ require(owner_ != address(0), "owner=0");
68
+ _mint(owner_, cap_); // Mints entire supply to owner
69
+ }
70
+
71
+ function _update(address from, address to, uint256 value)
72
+ internal
73
+ override(ERC20, ERC20Capped)
74
+ {
75
+ super._update(from, to, value);
76
+ }
77
+ }
78
+ ```
79
+
80
+ ---
81
+
82
+ ## Features Analysis
83
+
84
+ ### ✅ ERC20 Standard
85
+ - Standard transfer, approve, transferFrom functions
86
+ - Uses OpenZeppelin v5.0 implementation
87
+ - Battle-tested and secure
88
+
89
+ ### ✅ ERC20Burnable
90
+ - Users can burn their own tokens via `burn(amount)`
91
+ - Users can burn tokens they have allowance for via `burnFrom(account, amount)`
92
+ - Reduces total supply permanently
93
+ - No admin burn function
94
+
95
+ ### ✅ ERC20Capped
96
+ - Maximum supply: 2,000,000,000 FAN
97
+ - Entire supply minted at deployment
98
+ - NO mint function exists
99
+ - Supply can only decrease (via burning)
100
+
101
+ ### ✅ ERC20Permit (EIP-2612)
102
+ - Gasless approvals using signatures
103
+ - Users can approve without paying gas
104
+ - Implements `permit(owner, spender, value, deadline, v, r, s)`
105
+ - Secure nonce-based system
106
+
107
+ ### ✅ Ownable
108
+ - Owner was set at deployment
109
+ - Owner has RENOUNCED (owner = 0x0)
110
+ - NO admin functions exist
111
+ - NO special privileges
112
+
113
+ ---
114
+
115
+ ## Foundry Fuzz Test Results (256 runs each)
116
+
117
+ ### ✅ ALL TESTS PASSED
118
+
119
+ 1. **test_TokenProperties** - PASSED
120
+ - Name: "Fandom"
121
+ - Symbol: "FAN"
122
+ - Decimals: 18
123
+ - Total Supply = Cap = 2B FAN
124
+
125
+ 2. **test_OwnerStatus** - PASSED
126
+ - Owner address verified
127
+ - Owner balance = 2B FAN
128
+
129
+ 3. **test_Transfer** - PASSED
130
+ - Standard transfers work correctly
131
+ - Balance updates accurate
132
+
133
+ 4. **test_Burn** - PASSED
134
+ - Users can burn their tokens
135
+ - Total supply decreases correctly
136
+ - Burned 500 FAN successfully
137
+
138
+ 5. **test_CannotMintAboveCap** - PASSED
139
+ - Supply equals cap
140
+ - No mint function exists
141
+ - Cannot create more tokens
142
+
143
+ 6. **test_Permit** - PASSED
144
+ - EIP-2612 gasless approvals work
145
+ - Signature verification correct
146
+ - Nonce system secure
147
+
148
+ 7. **test_OwnershipTransfer** - PASSED
149
+ - Ownership can be transferred
150
+ - New owner receives control
151
+
152
+ 8. **test_OwnershipRenounce** - PASSED
153
+ - Ownership can be renounced
154
+ - Owner becomes 0x0
155
+
156
+ 9. **testFuzz_Transfer** - PASSED (256 runs)
157
+ - Transfers work for all amounts
158
+ - Balance tracking accurate
159
+
160
+ 10. **testFuzz_Burn** - PASSED (256 runs)
161
+ - Burning works for all amounts
162
+ - Supply decreases correctly
163
+
164
+ 11. **testFuzz_ApproveAndTransferFrom** - PASSED (256 runs)
165
+ - Approve and transferFrom work correctly
166
+ - Allowance system secure
167
+
168
+ ---
169
+
170
+ ## Security Analysis
171
+
172
+ ### Attack Vector Analysis
173
+
174
+ **Can This Contract Be Exploited? ❌ NO**
175
+
176
+ ❌ **Unlimited Mint** - No mint function exists
177
+ ❌ **Owner Privileges** - Owner renounced
178
+ ❌ **Pause/Freeze** - No pause mechanism
179
+ ❌ **Blacklist** - No blacklist functionality
180
+ ❌ **Fee Manipulation** - No fees
181
+ ❌ **Reentrancy** - OpenZeppelin (safe)
182
+ ❌ **Integer Overflow** - Solidity 0.8.24 (protected)
183
+ ❌ **Approval Race** - Standard ERC20 behavior
184
+ ❌ **Supply Manipulation** - Capped at 2B, no mint
185
+
186
+ ---
187
+
188
+ ## Comparison with Previous Audits
189
+
190
+ | Token | Risk | Type | Owner | Special Features |
191
+ |-------|------|------|-------|------------------|
192
+ | ARIA.AI | 4/10 | Standard OZ | Renounced ✅ | Airdrop (dead) |
193
+ | MGO | 9/10 | Custom | Active 🔴 | Mint/Freeze/Destroy |
194
+ | TRADOOR | 1/10 | Standard OZ | None ✅ | None |
195
+ | BANANA | 2/10 | Honeypot | Renounced ✅ | Mode system (disabled) |
196
+ | SIREN | 2/10 | Honeypot | Renounced ✅ | Mode system (disabled) |
197
+ | **FANDOM** | **1/10** | **Standard OZ** | **Renounced ✅** | **Burn, Permit, Capped** |
198
+
199
+ **FANDOM is tied with TRADOOR as the SAFEST token audited.**
200
+
201
+ ---
202
+
203
+ ## OpenZeppelin Components
204
+
205
+ All components are from OpenZeppelin Contracts v5.0:
206
+
207
+ ```solidity
208
+ import {ERC20} from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
209
+ import {ERC20Burnable} from "@openzeppelin/contracts/token/ERC20/extensions/ERC20Burnable.sol";
210
+ import {ERC20Capped} from "@openzeppelin/contracts/token/ERC20/extensions/ERC20Capped.sol";
211
+ import {ERC20Permit} from "@openzeppelin/contracts/token/ERC20/extensions/ERC20Permit.sol";
212
+ import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
213
+ ```
214
+
215
+ **Security Benefits:**
216
+ - ✅ Battle-tested code (millions of dollars secured)
217
+ - ✅ Audited by multiple firms
218
+ - ✅ Used by major projects
219
+ - ✅ No custom logic = no custom bugs
220
+ - ✅ Regular security updates
221
+
222
+ ---
223
+
224
+ ## Code Quality
225
+
226
+ ### Positive Aspects
227
+
228
+ 1. **Minimal Code**
229
+ - Only 20 lines of custom code
230
+ - Inherits everything from OpenZeppelin
231
+ - Less code = less attack surface
232
+
233
+ 2. **No Custom Logic**
234
+ - No custom transfer logic
235
+ - No hidden fees or taxes
236
+ - No special conditions
237
+
238
+ 3. **Modern Solidity**
239
+ - Uses Solidity 0.8.24
240
+ - Built-in overflow protection
241
+ - Latest OpenZeppelin v5.0
242
+
243
+ 4. **Clean Constructor**
244
+ - Validates owner != 0x0
245
+ - Mints entire supply once
246
+ - No complex initialization
247
+
248
+ 5. **Proper Override**
249
+ - Correctly overrides `_update()`
250
+ - Calls `super._update()` properly
251
+ - Maintains ERC20Capped functionality
252
+
253
+ ---
254
+
255
+ ## Recommendations
256
+
257
+ ### For Users:
258
+ 1. ✅ **SAFE TO USE** - Standard OpenZeppelin implementation
259
+ 2. ✅ **NO RUG PULL RISK** - Owner renounced, no mint function
260
+ 3. ✅ **FIXED SUPPLY** - Capped at 2B, can only decrease
261
+ 4. ✅ **BURNABLE** - Users can burn tokens if desired
262
+ 5. ✅ **GASLESS APPROVALS** - EIP-2612 permit supported
263
+ 6. ⚠️ **CHECK LIQUIDITY** - Verify LP exists before trading
264
+
265
+ ### For Developers:
266
+ 1. ✅ Excellent example of clean token design
267
+ 2. ✅ Proper use of OpenZeppelin extensions
268
+ 3. ✅ Minimal custom code reduces risk
269
+ 4. ✅ No changes needed - production ready
270
+
271
+ ---
272
+
273
+ ## Technical Details
274
+
275
+ ### Supply Mechanics
276
+
277
+ ```solidity
278
+ // At deployment:
279
+ _mint(owner_, cap_); // Mints 2B FAN to owner
280
+
281
+ // After deployment:
282
+ // - NO mint function exists
283
+ // - Users can burn tokens (reduces supply)
284
+ // - Supply can ONLY decrease
285
+ // - Cap prevents any future minting
286
+ ```
287
+
288
+ ### Burn Mechanics
289
+
290
+ ```solidity
291
+ // From ERC20Burnable:
292
+ function burn(uint256 amount) public virtual {
293
+ _burn(_msgSender(), amount);
294
+ }
295
+
296
+ function burnFrom(address account, uint256 amount) public virtual {
297
+ _spendAllowance(account, _msgSender(), amount);
298
+ _burn(account, amount);
299
+ }
300
+ ```
301
+
302
+ ### Permit Mechanics (EIP-2612)
303
+
304
+ ```solidity
305
+ // Gasless approval via signature:
306
+ function permit(
307
+ address owner,
308
+ address spender,
309
+ uint256 value,
310
+ uint256 deadline,
311
+ uint8 v,
312
+ bytes32 r,
313
+ bytes32 s
314
+ ) public virtual
315
+ ```
316
+
317
+ **Benefits:**
318
+ - Users don't pay gas for approvals
319
+ - One transaction instead of two (approve + transferFrom)
320
+ - Better UX for dApps
321
+
322
+ ---
323
+
324
+ ## Conclusion
325
+
326
+ FandomToken is a **VERY SAFE** BEP-20 token that:
327
+
328
+ ✅ Uses standard OpenZeppelin v5.0 contracts
329
+ ✅ Has NO custom logic or vulnerabilities
330
+ ✅ Owner has RENOUNCED (no admin control)
331
+ ✅ Fixed supply (2B tokens, no mint function)
332
+ ✅ Burnable (users can reduce supply)
333
+ ✅ Supports gasless approvals (EIP-2612)
334
+ ✅ Passed all 11 Foundry tests (256 fuzz runs each)
335
+
336
+ **Overall Risk: VERY LOW (1/10)**
337
+
338
+ This is one of the SAFEST token designs possible:
339
+ - Standard OpenZeppelin code
340
+ - No admin functions
341
+ - No custom logic
342
+ - Owner renounced
343
+ - Fixed supply
344
+
345
+ **Recommendation: SAFE TO USE**
346
+
347
+ ---
348
+
349
+ ## Files Generated
350
+
351
+ - `FandomToken.sol` - Contract source code
352
+ - `test/FandomTokenFuzz.t.sol` - Foundry fuzz tests (11 tests, all passed)
353
+ - `FANDOM_AUDIT.md` - This report
354
+
355
+ ---
356
+
357
+ **Auditor Note:**
358
+ This is a textbook example of a well-designed token. It uses battle-tested OpenZeppelin components with minimal custom code, the owner has renounced, and there are no admin functions. The contract is as safe as it gets for an ERC20 token.
359
+
package/FEE_ON_TRANSFER_ANALYSIS.md ADDED
@@ -0,0 +1,228 @@
1
+ # Fee-on-Transfer Token Analysis - PancakeSwap Pool Tests
2
+
3
+ ## Summary
4
+
5
+ Tested 4 fee-on-transfer tokens against their live PancakeSwap pools on BSC mainnet.
6
+
7
+ ## Test Results
8
+
9
+ ### 1. **TFI Token** (0xe1ED729eAD2f59DBf643e011b606335F03Fc5606)
10
+ - **Pool:** TFI/USDT (0xEAB58C74b222C0657eE16FBA130FC117f9cACA81)
11
+ - **Reserves:** 1.49M TFI / 4.84M USDT
12
+ - **Vulnerability:** Integer division rounding allows fee bypass on amounts ≤47 wei
13
+ - **Test Result:** ✅ CONFIRMED - Fee bypassed on 47 wei transfer
14
+ - **Exploitability:** ❌ ECONOMICALLY USELESS
15
+ - Can bypass fees on 47 wei (~$0.0000000001)
16
+ - Would need 100 transactions to bypass $0.00000001 in fees
17
+ - Gas cost: 5M gas = ~$1.50 at 5 gwei
18
+ - **Conclusion:** Costs $1.50 to save $0.00000001
19
+
20
+ ### 2. **GOT Token** (0x701add4311E85c1f9C1549319fe2c476bc8a1b8b)
21
+ - **Pool:** GOT/USDT (0x1831Bb2723CED46e1b6c08d2f3ae50b2Ab9427B9)
22
+ - **Reserves:** 1.95M GOT / 659K USDT
23
+ - **Vulnerability:** Burn reduces MaxSupply permanently
24
+ - **Test Result:** ✅ CONFIRMED - Design flaw exists
25
+ - **Exploitability:** ❌ NOT USER-EXPLOITABLE
26
+ - Only affects future minting capability
27
+ - No direct pool drain mechanism
28
+ - **Conclusion:** Design quirk, not a security vulnerability
29
+
30
+ ### 3. **CZ Token** (0x9ca61CfD10dcF16303FC13058Bca9a5774774444)
31
+ - **Pool:** CZ/USDT (0xF5B34B54f7b00b71f46c137557Aaef2603B7F263)
32
+ - **Reserves:** 8.39M CZ / 813K USDT
33
+ - **Vulnerability:** None found
34
+ - **Test Result:** ✅ SAFE
35
+ - **Exploitability:** ❌ NO VULNERABILITIES
36
+ - Standard fee-on-transfer implementation
37
+ - Proper tax limits (max 15%)
38
+ - Reentrancy protection in place
39
+ - **Conclusion:** Well-implemented token
40
+
41
+ ### 4. **LAX Token** (0x7F9Bd73e51e66e0b2c7A87dB0ca530A11Eb7A7E9)
42
+ - **Pool:** LAX/USDT (0x9996874dbd891C3ECD601Eab79D51f92E92D50eE)
43
+ - **Reserves:** 853M LAX / 25.8M USDT
44
+ - **Vulnerability:** `recycle()` function can drain LP
45
+ - **Test Result:** 🚨 CRITICAL VULNERABILITY CONFIRMED
46
+ - **Exploitability:** ⚠️ REQUIRES STAKING ADDRESS CONTROL
47
+ - Can drain 284M LAX per call (1/3 of pool)
48
+ - After 10 calls: 98% of pool drained
49
+ - Remaining after 10 calls: 14.8M LAX (1.7% of original)
50
+ - **Conclusion:** Centralization risk - STAKING address can rug pull
51
+
52
+ ## Vulnerability Classification
53
+
54
+ ### Direct LP Drain (CRITICAL)
55
+ - **LAX Token:** `recycle()` function allows direct transfer from pair
56
+ - Impact: Can drain 98% of LP in 10 transactions
57
+ - Requires: STAKING address control
58
+ - Status: Centralization risk, not user-exploitable
59
+
60
+ ### Fee Bypass (LOW)
61
+ - **TFI Token:** Integer division rounding
62
+ - Impact: Can bypass fees on amounts ≤47 wei
63
+ - Requires: Nothing (publicly exploitable)
64
+ - Status: Economically useless (gas >> savings)
65
+
66
+ ### Design Flaws (INFORMATIONAL)
67
+ - **GOT Token:** Burn reduces MaxSupply
68
+ - Impact: Burned tokens can never be re-minted
69
+ - Requires: N/A
70
+ - Status: Design choice, not exploitable
71
+
72
+ ### No Issues (SAFE)
73
+ - **CZ Token:** Standard implementation
74
+ - Impact: None
75
+ - Status: Secure
76
+
77
+ ## PancakeSwap Protection Mechanisms
78
+
79
+ All tested pools use PancakeSwap V2, which has built-in protections:
80
+
81
+ 1. **Balance Checks:** Uses `balanceOf()` instead of trusting transfer amounts
82
+ 2. **K Constant Validation:** Ensures `reserve0 * reserve1 >= k` after swaps
83
+ 3. **Fee-on-Transfer Support:** `swapExactTokensForTokensSupportingFeeOnTransferTokens()`
84
+
85
+ These protections prevent MOST fee-on-transfer exploits, but cannot protect against:
86
+ - Direct transfers from pair (like LAX `recycle()`)
87
+ - Owner-controlled fee exemption manipulation
88
+ - Functions that bypass normal transfer logic
89
+
90
+ ## Recommendations
91
+
92
+ ### For LAX Token Users:
93
+ - ⚠️ **HIGH RISK:** STAKING address has full control over LP
94
+ - Monitor STAKING address for suspicious activity
95
+ - Consider this a centralization risk
96
+ - LP providers can be rugged at any time
97
+
98
+ ### For TFI Token Users:
99
+ - ✅ **LOW RISK:** Fee bypass is economically useless
100
+ - No practical exploit exists
101
+ - Safe to use and trade
102
+
103
+ ### For GOT Token Users:
104
+ - ✅ **LOW RISK:** Design flaw doesn't affect users
105
+ - No exploit path exists
106
+ - Safe to use and trade
107
+
108
+ ### For CZ Token Users:
109
+ - ✅ **SAFE:** No vulnerabilities found
110
+ - Standard fee-on-transfer token
111
+ - Safe to use and trade
112
+
113
+ ## Test Methodology
114
+
115
+ 1. Forked BSC mainnet at current block
116
+ 2. Located all PancakeSwap pairs for each token
117
+ 3. Analyzed reserve balances and pool health
118
+ 4. Tested specific vulnerabilities against live pools
119
+ 5. Calculated economic impact of exploits
120
+ 6. Verified PancakeSwap protection mechanisms
121
+
122
+ ## Can Fee-on-Transfer Mechanisms Drain PancakeSwap Pools?
123
+
124
+ ### Short Answer: NO (with one exception)
125
+
126
+ **Standard FOT mechanisms CANNOT drain pools:**
127
+ - ❌ Fee collection (like TFI's 3% sell fee)
128
+ - ❌ Burn mechanisms (like GOT's MaxSupply reduction)
129
+ - ❌ Tax redistribution (like CZ's LP/fund taxes)
130
+ - ❌ Fee bypass via integer rounding (like TFI's ≤47 wei)
131
+
132
+ **Why? PancakeSwap V2 Protection Mechanisms:**
133
+
134
+ 1. **Balance-Based Accounting**
135
+ - Uses `balanceOf()` instead of trusting transfer amounts
136
+ - Automatically handles fee-on-transfer discrepancies
137
+ - Prevents fee manipulation from affecting pool reserves
138
+
139
+ 2. **K Constant Validation**
140
+ - Ensures `reserve0 * reserve1 >= k` after every swap
141
+ - Prevents price manipulation via reserve changes
142
+ - Reverts if pool invariant is violated
143
+
144
+ 3. **Fee-on-Transfer Support**
145
+ - `swapExactTokensForTokensSupportingFeeOnTransferTokens()`
146
+ - Explicitly designed to handle FOT tokens
147
+ - Calculates actual received amounts, not expected amounts
148
+
149
+ 4. **Reentrancy Protection**
150
+ - Lock modifier prevents reentrant calls
151
+ - Protects against callback-based exploits
152
+
153
+ ### The ONE Exception: Direct Pair Manipulation
154
+
155
+ **LAX Token's `recycle()` function CAN drain pools:**
156
+
157
+ ```solidity
158
+ function recycle(uint256 amount) external {
159
+ require(STAKING == msg.sender, "cycle");
160
+ uint256 maxBurn = balanceOf[uniswapV2Pair] / 3;
161
+ uint256 burn_amount = amount >= maxBurn ? maxBurn : amount;
162
+ super._transfer(uniswapV2Pair, STAKING, burn_amount); // ⚠️ DIRECT TRANSFER FROM PAIR
163
+ IUniswapV2Pair(uniswapV2Pair).sync(); // ⚠️ UPDATES RESERVES
164
+ }
165
+ ```
166
+
167
+ **Why this works:**
168
+ - Bypasses normal swap logic entirely
169
+ - Directly transfers tokens FROM the pair
170
+ - Calls `sync()` to update reserves without validation
171
+ - PancakeSwap protections only apply to swaps, not direct transfers
172
+
173
+ **Impact:**
174
+ - Can drain 284M LAX per call (1/3 of pool)
175
+ - After 10 calls: 98% of pool drained
176
+ - Requires STAKING address control (centralization risk)
177
+
178
+ ### Key Findings
179
+
180
+ ✅ **Standard FOT mechanisms are SAFE**
181
+ - PancakeSwap V2 handles them correctly
182
+ - No user-exploitable drain vectors
183
+ - Fees/burns don't affect pool security
184
+
185
+ ❌ **Direct pair manipulation is DANGEROUS**
186
+ - Functions that transfer FROM pair address
187
+ - Functions that call `pair.sync()` after unauthorized transfers
188
+ - Owner-controlled functions with pair access
189
+
190
+ ### Red Flags to Look For
191
+
192
+ When auditing tokens for pool drain risks, look for:
193
+
194
+ 1. **Functions that transfer from pair:**
195
+ ```solidity
196
+ _transfer(uniswapV2Pair, someAddress, amount);
197
+ ```
198
+
199
+ 2. **Functions that call pair.sync():**
200
+ ```solidity
201
+ IUniswapV2Pair(pair).sync();
202
+ ```
203
+
204
+ 3. **Functions with pair balance manipulation:**
205
+ ```solidity
206
+ uint256 pairBalance = balanceOf[pair];
207
+ // ... manipulate pairBalance ...
208
+ ```
209
+
210
+ 4. **Owner/admin functions with pair access:**
211
+ ```solidity
212
+ function adminFunction() external onlyOwner {
213
+ // ... accesses pair ...
214
+ }
215
+ ```
216
+
217
+ ## Conclusion
218
+
219
+ **Only 1 of 4 tokens has a critical vulnerability:**
220
+ - **LAX Token:** Can be drained by STAKING address (centralization risk)
221
+
222
+ **The other 3 tokens are safe:**
223
+ - TFI: Fee bypass exists but economically useless
224
+ - GOT: Design flaw but not exploitable
225
+ - CZ: No vulnerabilities found
226
+
227
+ **DEFINITIVE ANSWER:**
228
+ Fee-on-transfer mechanisms CANNOT drain pools through normal operation. Only functions that DIRECTLY MANIPULATE PAIR BALANCES (like LAX's `recycle()`) can drain pools. PancakeSwap V2 protects against all standard FOT exploits.
package/FINAL_AUDIT_REPORT.md ADDED
File without changes