npm - uups-checker - Versions diffs - 1.0.0 - Mend

uups-checker 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (670) hide show

package/.gitmodules +6 -0
package/AIFI_AUDIT.md +220 -0
package/ALL_AUDITS_SUMMARY.md +366 -0
package/ALPHA_PROXY_CRITICAL_FINDING.md +136 -0
package/ALPHA_PROXY_FINAL_ANALYSIS.md +213 -0
package/ALPHA_PROXY_FINAL_VERDICT.md +233 -0
package/ALPHA_PROXY_SELFDESTRUCT_EXPLOIT.md +161 -0
package/ARIA-foundry-test.txt +9 -0
package/ARIA-mythril-analysis.txt +20 -0
package/ARIA-slither-analysis.txt +38 -0
package/ARIA_AI_SECURITY_AUDIT.md +290 -0
package/ARIA_VERIFIED_AUDIT.md +259 -0
package/ARIA_VERIFIED_slither.txt +76 -0
package/ARIVA_source.txt +1 -0
package/ARK_AUDIT.md +349 -0
package/BANANA_AUDIT.md +365 -0
package/BAS_AUDIT.md +451 -0
package/BAS_TOKEN_AUDIT.md +235 -0
package/BCE_EXPLOIT_ANALYSIS.md +165 -0
package/BEEFY_BNB_CHAIN_ANALYSIS.md +488 -0
package/BEEFY_MONAD_ANALYSIS.md +239 -0
package/BEEFY_STAKING_ANALYSIS.md +136 -0
package/BEEFY_XVS_WBNB_ACTUAL_FINDINGS.md +223 -0
package/BEEFY_XVS_WBNB_CRITICAL_FINDINGS.md +269 -0
package/BLOCKSEC_ATTACK_KNOWLEDGE_BASE.md +771 -0
package/BRISE_ANALYSIS.txt +31 -0
package/BRISE_BSC_DAPPS.txt +68 -0
package/BRISE_EXPLOITS_FOUND.md +98 -0
package/BRISE_REAL_EXPLOITS.md +115 -0
package/BRISE_WHITEHAT_REPORT.md +162 -0
package/BRISEstake_Analysis.txt +95 -0
package/BSCSLOCKTOKEN_CRITICAL_FINDING.md +240 -0
package/BSW_BISWAP_SECURITY_AUDIT.md +330 -0
package/BTCST_FINAL_VERDICT.md +319 -0
package/BTCST_MINING_REBASE_ANALYSIS.md +229 -0
package/BTCST_ROUNDING_DEEP_DIVE.md +293 -0
package/BTCST_ROUNDING_FINAL_VERDICT.md +9 -0
package/BTCST_SECURITY_ANALYSIS.md +391 -0
package/BTR_AUDIT.md +210 -0
package/BeamBridge-analysis.md +226 -0
package/BeamToken-analysis.md +201 -0
package/BitgertSwap_Investigation.txt +107 -0
package/CEEK_STAKING_ANALYSIS.md +0 -0
package/CHAINBASE_AUDIT.md +422 -0
package/COMPLETE_AUDIT_SUMMARY.md +342 -0
package/CORRECTED_ANALYSIS.txt +115 -0
package/DBXEN_COMPARISON_SUMMARY.md +232 -0
package/DBXEN_EXPLOIT_ANALYSIS.md +530 -0
package/DOPFairLaunch_raw.json +29 -0
package/DOPFairLaunch_source.txt +0 -0
package/DOP_BRIDGE_FINAL_ANALYSIS.txt +86 -0
package/DOP_BUSD_LP_ANALYSIS.txt +44 -0
package/DOP_FAIRLAUNCH_ANALYSIS.txt +61 -0
package/DOP_FAIRLAUNCH_FINAL_VERDICT.txt +113 -0
package/DOP_STAKING_CONTRACT_ANALYSIS.txt +67 -0
package/DSYNC_ECOSYSTEM_ANALYSIS.md +221 -0
package/DSyncStaking-exploit-analysis.md +153 -0
package/DSyncVault-analysis.md +120 -0
package/DUSD_PROXY_AUDIT.md +407 -0
package/DXSALE_LOCK_AUDIT.md +0 -0
package/DXSaleLock_bytecode.txt +1 -0
package/ECHIDNA_QUICK_START.md +101 -0
package/ELEPHANT_ECOSYSTEM_AUDIT_PLAN.md +159 -0
package/ELEPHANT_ECOSYSTEM_COMPREHENSIVE_AUDIT.md +427 -0
package/ELEPHANT_SECURITY_ANALYSIS.md +209 -0
package/ELEPHANT_VULNERABILITIES_EXPLAINED.md +455 -0
package/EXPLOIT_FIX.md +300 -0
package/EXPLOIT_INSTRUCTIONS.md +273 -0
package/EXPLOIT_SUMMARY.md +285 -0
package/EXPLOIT_SUMMARY.txt +175 -0
package/FALCON_FINANCE_AUDIT.md +258 -0
package/FANDOM_AUDIT.md +359 -0
package/FEE_ON_TRANSFER_ANALYSIS.md +228 -0
package/FINAL_AUDIT_REPORT.md +0 -0
package/FOLIO_PROXY_AUDIT.md +299 -0
package/FOT_EXPLOIT_RESULTS.txt +110 -0
package/FOT_TOKENS_AUDITED.md +103 -0
package/HEGIC-mythril-analysis.txt +39 -0
package/HEGIC_COMPLETE_ANALYSIS.md +343 -0
package/HOTCROSS_SWAP_EXPLOIT_ANALYSIS.md +123 -0
package/ICECREAMSWAP_EXPLOITS.md +259 -0
package/IMMUNEFI_REPORT.md +314 -0
package/KCCPAD_EXPLOIT_GUIDE.md +285 -0
package/KEL_CEL_EXPLOIT_ANALYSIS.md +0 -0
package/KOGE_AUDIT.md +328 -0
package/LENDFLARE_ANALYSIS.md +239 -0
package/LENDFLARE_ECHIDNA_GUIDE.md +356 -0
package/LENDFLARE_EXPLOIT_INSTRUCTIONS.md +297 -0
package/LENDFLARE_EXPLOIT_SUMMARY.md +292 -0
package/LENDFLARE_FLASHLOAN_GUIDE.md +383 -0
package/LENDFLARE_FUZZING_RESULTS.md +252 -0
package/LENDFLARE_HONEYPOT_BYPASS_ANALYSIS.md +420 -0
package/LENDFLARE_MANUAL_FUZZING.md +324 -0
package/LENDFLARE_MYTHRIL_ANALYSIS.md +339 -0
package/LENDFLARE_V3_BYPASS.md +296 -0
package/LFTDECOMPILE.txt +14478 -0
package/LFT_ACCOUNTING_ANALYSIS.md +0 -0
package/LFT_ACCOUNTING_BUG_ANALYSIS.md +426 -0
package/LFT_BACKDOOR_DEEP_DIVE.md +0 -0
package/LFT_CRITICAL_EXPLOIT_CONFIRMED.md +428 -0
package/LFT_EXPLOIT_VISUAL.md +253 -0
package/LFT_QUICK_SUMMARY.md +124 -0
package/LFT_REVERSE_EXPLOIT_ANALYSIS.md +521 -0
package/MGO_AUDIT_REPORT.md +420 -0
package/MYTHRIL_FINAL_REPORT.md +306 -0
package/MYTHRIL_SLITHER_SUMMARY.md +244 -0
package/NETX_MIGRATION_AUDIT.md +0 -0
package/NPM_PUBLISH_GUIDE.md +0 -0
package/NRV_CRITICAL_EXPLOIT.txt +143 -0
package/NetX_Analysis.txt +76 -0
package/NetX_Migration_bytecode.txt +1 -0
package/NetX_Migration_source.txt +0 -0
package/NetX_Token_source.txt +0 -0
package/NetxWhitehatRescue +22 -0
package/OILER_ATTACK_VISUAL.md +351 -0
package/OILER_BLOCKSEC_TEST_RESULTS.md +421 -0
package/OILER_DEEP_ANALYSIS.md +212 -0
package/OILER_FINAL_EXPLOIT_REPORT.md +241 -0
package/OILER_FINAL_VERDICT.md +339 -0
package/OILER_REENTRANCY_EXPLAINED.md +638 -0
package/OILER_REENTRANCY_FINAL_SUMMARY.md +391 -0
package/OILER_REENTRANCY_REALITY_CHECK.md +393 -0
package/OILER_REENTRANCY_STEP_BY_STEP.md +597 -0
package/OILER_STAKING_MAINNET_ANALYSIS.md +366 -0
package/OILER_STAKING_SECURITY_ANALYSIS.md +409 -0
package/PANCAKESWAP_UNDERFLOW_HUNTING.md +317 -0
package/POLS_MULTICHAIN_AUDIT.md +0 -0
package/POSI_STAKING_AUDIT.md +0 -0
package/PROXY2_SECURITY_ANALYSIS.md +0 -0
package/Proxy2TACS +29748 -0
package/QUICK_START.md +240 -0
package/RAMP_SECURITY_ANALYSIS.md +0 -0
package/README.md +238 -0
package/REAUDIT_MASTER_LIST.txt +15 -0
package/RING_analysis.txt +212 -0
package/RPC +4 -0
package/RULES.txt +20 -0
package/SIREN_AUDIT.md +186 -0
package/SYNC_EXPLOIT_README.md +0 -0
package/SYNC_TOKEN_EXPLOIT_REPORT.md +224 -0
package/TLM_raw.html +0 -0
package/TLM_raw.txt +0 -0
package/TLM_response.json +1 -0
package/TRADOOR_AUDIT.md +253 -0
package/TRUNK_AUDIT.md +285 -0
package/UNIBASE_AUDIT.md +241 -0
package/UNLOCK_ANALYSIS.md +0 -0
package/UNLOCK_EXPLOIT.md +49 -0
package/UNLOCK_EXPLOIT_ANALYSIS.md +0 -0
package/UPS +232 -0
package/UUPSCHECKER +208 -0
package/VAULT_PROXY_AUDIT.md +457 -0
package/VAULT_PROXY_FINAL_VERDICT.md +0 -0
package/VERIFIED_EXPLOITS_FINAL.txt +146 -0
package/WKEYDAO2_AUDIT.md +245 -0
package/WSG_AUDIT.md +0 -0
package/XFI_DEEP_ANALYSIS.md +327 -0
package/YOOSHI_EXPLOIT_GUIDE.md +119 -0
package/YSDAO_EXPLOIT_GUIDE.md +0 -0
package/agent-4-bundle.md +22490 -0
package/alpha-proxy-echidna.txt +1 -0
package/alpha-proxy-fuzz-results.txt +81 -0
package/alpha-proxy-mythril.txt +2 -0
package/analyze-btcst-farm.js +54 -0
package/analyze-dxsale-lock.js +75 -0
package/analyze-elephant.js +69 -0
package/analyze-fara-rewards.js +109 -0
package/analyze-fara-storage.js +83 -0
package/analyze-lft-transaction.js +158 -0
package/analyze-lock-bytecode.js +59 -0
package/analyze-shegic.js +0 -0
package/analyze-staking-abi.js +0 -0
package/analyze-sxp.js +57 -0
package/analyze-tlm.js +76 -0
package/analyze-trumpet.js +98 -0
package/analyze-unlimited-nft.js +108 -0
package/analyze_elephant.sh +27 -0
package/analyze_vault.sh +32 -0
package/aria-bytecode.txt +1 -0
package/aria_response.json +1 -0
package/ark_temp/README.md +66 -0
package/ark_temp/lib/forge-std/.gitattributes +1 -0
package/ark_temp/lib/forge-std/.github/CODEOWNERS +1 -0
package/ark_temp/lib/forge-std/.github/dependabot.yml +6 -0
package/ark_temp/lib/forge-std/.github/workflows/ci.yml +125 -0
package/ark_temp/lib/forge-std/.github/workflows/sync.yml +36 -0
package/ark_temp/lib/forge-std/CONTRIBUTING.md +193 -0
package/ark_temp/lib/forge-std/LICENSE-APACHE +203 -0
package/ark_temp/lib/forge-std/LICENSE-MIT +25 -0
package/ark_temp/lib/forge-std/README.md +314 -0
package/ark_temp/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
package/ark_temp/lib/forge-std/package.json +16 -0
package/ark_temp/lib/forge-std/scripts/vm.py +636 -0
package/audits/AiFi-security-audit-20260326.md +499 -0
package/audits/BasedAI-Brains-security-audit-20260324.md +651 -0
package/audits/BinanceAlphaWallet-pashov-ai-audit-report-20260324-170000.md +362 -0
package/audits/DGToken-security-audit-20260324.md +376 -0
package/audits/DSyncStaking-audit-part1.md +161 -0
package/audits/DSyncStaking-security-audit-20260324.md +547 -0
package/audits/DecompiledERC20-security-audit-20260325.md +397 -0
package/audits/DegenVC-security-audit-20260324.md +585 -0
package/audits/DelreyInu-security-audit-20260324.md +463 -0
package/audits/DestraNetwork-security-audit-20260324.md +705 -0
package/audits/DomiToken-security-audit-20260324.md +514 -0
package/audits/LendFlareToken-security-audit-20260325.md +197 -0
package/audits/LockReleaseTokenPool-security-audit-20260324.md +482 -0
package/audits/MOG-pashov-ai-audit-report-20260324-164900.md +229 -0
package/audits/PAALAI-security-audit-20260324.md +475 -0
package/audits/PAR-security-audit-20260325.md +311 -0
package/audits/PepeCoinStaking-security-audit-20260324.md +358 -0
package/audits/StakingPool-security-audit-20260324.md +517 -0
package/audits/SyncToken-security-audit-20260324.md +778 -0
package/audits/UndeadToken-decompiled-security-audit-20260324.md +485 -0
package/audits/UnknownToken-decompiled-security-audit-20260324.md +647 -0
package/audits/XFIStaking-security-audit-20260324.md +682 -0
package/audits/Xfinance-security-audit-20260324.md +463 -0
package/audits/basedAIFarm-security-audit-20260324.md +330 -0
package/audits/pepeCoin-security-audit-20260324.md +462 -0
package/bin/ups +232 -0
package/binance-wallet-exploit/.env.example +2 -0
package/binance-wallet-exploit/EXECUTIVE_SUMMARY.md +272 -0
package/binance-wallet-exploit/EXPLOIT_SUMMARY.md +104 -0
package/binance-wallet-exploit/FINAL_ANALYSIS.md +326 -0
package/binance-wallet-exploit/FLASHLOAN_ATTACK.md +292 -0
package/binance-wallet-exploit/HONEYPOT_REPORT.md +526 -0
package/binance-wallet-exploit/INVESTIGATION_COMPLETE.md +362 -0
package/binance-wallet-exploit/LENDFLARE_EXPLOIT.md +219 -0
package/binance-wallet-exploit/LENDFLARE_FINAL_ATTACK.md +307 -0
package/binance-wallet-exploit/LENDFLARE_REAL_EXPLOIT.md +286 -0
package/binance-wallet-exploit/LENDFLARE_RUGPULL.md +269 -0
package/binance-wallet-exploit/LFT_ANALYSIS.md +206 -0
package/binance-wallet-exploit/QUICK_START.md +75 -0
package/binance-wallet-exploit/README.md +195 -0
package/binance-wallet-exploit/REAL_TX_EXPLOIT_ANALYSIS.md +271 -0
package/binance-wallet-exploit/REMIX_INSTRUCTIONS.md +223 -0
package/binance-wallet-exploit/TEST_RESULTS.md +203 -0
package/binance-wallet-exploit/cache/solidity-files-cache.json +1 -0
package/binance-wallet-exploit/cache/test-failures +1 -0
package/binance-wallet-exploit/lib/forge-std/.gitattributes +1 -0
package/binance-wallet-exploit/lib/forge-std/.github/CODEOWNERS +1 -0
package/binance-wallet-exploit/lib/forge-std/.github/dependabot.yml +6 -0
package/binance-wallet-exploit/lib/forge-std/.github/workflows/ci.yml +125 -0
package/binance-wallet-exploit/lib/forge-std/.github/workflows/sync.yml +36 -0
package/binance-wallet-exploit/lib/forge-std/CONTRIBUTING.md +193 -0
package/binance-wallet-exploit/lib/forge-std/LICENSE-APACHE +203 -0
package/binance-wallet-exploit/lib/forge-std/LICENSE-MIT +25 -0
package/binance-wallet-exploit/lib/forge-std/README.md +314 -0
package/binance-wallet-exploit/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
package/binance-wallet-exploit/lib/forge-std/package.json +16 -0
package/binance-wallet-exploit/lib/forge-std/scripts/vm.py +636 -0
package/binance-wallet-exploit/out/build-info/1e9aa7e86cf56962.json +1 -0
package/binance-wallet-exploit/out/build-info/6f56f10e9d7b56eb.json +1 -0
package/binance-wallet-exploit/out/build-info/7edba961ff697a24.json +1 -0
package/binance-wallet-exploit/out/build-info/8c27fe3efea2f2e7.json +1 -0
package/binance-wallet-exploit/out/build-info/978b680daffec63a.json +1 -0
package/binance-wallet-exploit/out/build-info/9806b900b5672d0c.json +1 -0
package/binance-wallet-exploit/out/build-info/b4b9ff36e9b3fc27.json +1 -0
package/binance-wallet-exploit/out/build-info/b6f4df9ae05c0812.json +1 -0
package/binance-wallet-exploit/out/build-info/c88dbc86551f7b5c.json +1 -0
package/binance-wallet-exploit/out/build-info/e9657504010623db.json +1 -0
package/cache/fuzz/failures/ARIAVerifiedFuzzTest/testFuzz_ApprovalRaceCondition +1 -0
package/cache/fuzz/failures/HotCrossSwapFuzzTest/testFuzz_DirectTransferExploit +1 -0
package/cache/fuzz/failures/HotCrossSwapFuzzTest/testFuzz_LargeSwapDrain +1 -0
package/cache/fuzz/failures/LendFlareFuzz/testFuzz_ApprovalExploit +1 -0
package/cache/fuzz/failures/LendFlareFuzz/testFuzz_BalanceManipulation +1 -0
package/cache/fuzz/failures/LendFlareFuzz/testFuzz_RateManipulation +1 -0
package/cache/fuzz/failures/LendFlareFuzz/testFuzz_StorageManipulation +1 -0
package/cache/fuzz/failures/PARFuzzTest/testFuzz_OverflowTransfer +1 -0
package/cache/fuzz/failures/PARFuzzTest/testFuzz_Transfer +1 -0
package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_FrontrunAddfunds +1 -0
package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_RewardOverflow +1 -0
package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_RoundingExploit +1 -0
package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_WithdrawLimit +1 -0
package/cache/solidity-files-cache.json +1 -0
package/cache/test-failures +1 -0
package/calculate-elephant-flashloan.js +195 -0
package/check-address-approval.js +112 -0
package/check-alpha-proxy.js +42 -0
package/check-arbitrage.js +155 -0
package/check-aria-token.js +47 -0
package/check-ark.sh +20 -0
package/check-btcst-mining.js +75 -0
package/check-btcst-pools.js +163 -0
package/check-btcst.js +88 -0
package/check-caller.js +26 -0
package/check-ceek-lp.js +73 -0
package/check-ceek.js +47 -0
package/check-dxsale-address.js +35 -0
package/check-fara-exploit-timing.js +56 -0
package/check-fara-real-exploit.js +73 -0
package/check-flashloan-limits.js +129 -0
package/check-kel-cel-pool.js +91 -0
package/check-lax-staking.js +41 -0
package/check-lendflare.js +165 -0
package/check-lft-accounting.js +109 -0
package/check-lft-roles.js +165 -0
package/check-lock-time.js +47 -0
package/check-min-stake.js +73 -0
package/check-mystery-contract.js +52 -0
package/check-next-token.js +50 -0
package/check-nora-lock.js +67 -0
package/check-oiler-approvals.js +116 -0
package/check-oiler-proxy.js +73 -0
package/check-oiler-staking.js +117 -0
package/check-proxy-simple.js +71 -0
package/check-recent-stakes.js +54 -0
package/check-shegic-holdings.js +67 -0
package/check-snowcrash-ecosystem.js +83 -0
package/check-sync-lp.js +97 -0
package/check-sync-stake.js +42 -0
package/check-tlm.js +37 -0
package/check-token-pools.js +146 -0
package/check-trunk-depeg.js +181 -0
package/check-tusd-decimals.js +58 -0
package/check-user-storage-deep.js +81 -0
package/check-welephant-pools.js +130 -0
package/check-xfi-pool.js +75 -0
package/check-zypher.js +32 -0
package/check_proxy.sh +36 -0
package/compare-tlm-chains.js +90 -0
package/contract_0x05f2.html +6025 -0
package/contract_0x3720.html +6361 -0
package/contract_0x928e.html +5606 -0
package/contract_0xc42d.html +5304 -0
package/contract_page.html +5789 -0
package/decode-stake-tx.js +50 -0
package/deep-analyze-lock.js +82 -0
package/dune_uups_proxy_query.sql +42 -0
package/dune_uups_vulnerable_query.sql +0 -0
package/echidna/alpha-proxy.yaml +14 -0
package/echidna/elephant.yaml +7 -0
package/echidna/lendflare.yaml +42 -0
package/echidna.config.yaml +12 -0
package/elephant_raw.json +1 -0
package/eps_raw.json +1 -0
package/exploit/.github/workflows/test.yml +38 -0
package/exploit/.gitmodules +3 -0
package/exploit/README.md +66 -0
package/exploit/foundry.lock +8 -0
package/exploit/lib/forge-std/.gitattributes +1 -0
package/exploit/lib/forge-std/.github/CODEOWNERS +1 -0
package/exploit/lib/forge-std/.github/dependabot.yml +6 -0
package/exploit/lib/forge-std/.github/workflows/ci.yml +125 -0
package/exploit/lib/forge-std/.github/workflows/sync.yml +36 -0
package/exploit/lib/forge-std/CONTRIBUTING.md +193 -0
package/exploit/lib/forge-std/LICENSE-APACHE +203 -0
package/exploit/lib/forge-std/LICENSE-MIT +25 -0
package/exploit/lib/forge-std/README.md +314 -0
package/exploit/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
package/exploit/lib/forge-std/package.json +16 -0
package/exploit/lib/forge-std/scripts/vm.py +636 -0
package/exploit_analysis.txt +51 -0
package/extract_contract.py +21 -0
package/extract_elephant_contracts.py +24 -0
package/fara-staking-bytecode.txt +1 -0
package/fara-staking-raw.txt +1 -0
package/fetch-aria.js +46 -0
package/fetch-contract.js +50 -0
package/fetch-shegic-source.js +86 -0
package/fetch-snowcrash.js +44 -0
package/fetch-staking-source.js +53 -0
package/fetch-tlm.js +60 -0
package/fetch_elephant_source.py +32 -0
package/find-ceek-staking.js +21 -0
package/find-exploit-tx.js +88 -0
package/find-oiler-holders.js +100 -0
package/find-tlm-holder.js +36 -0
package/find-vulnerable-fund.js +94 -0
package/foundry.lock +8 -0
package/fuzz-all.sh +53 -0
package/get-aria-contract.py +40 -0
package/get-lft-holders.js +89 -0
package/get-tlm-source.sh +8 -0
package/harvest_txs.json +1 -0
package/lft-bytecode-raw.txt +1 -0
package/lft-bytecode.json +1 -0
package/lft-impl.bin +1 -0
package/lft-implementation-bytecode.txt +1 -0
package/lib/forge-std/.gitattributes +1 -0
package/lib/forge-std/.github/CODEOWNERS +1 -0
package/lib/forge-std/.github/dependabot.yml +6 -0
package/lib/forge-std/.github/workflows/ci.yml +125 -0
package/lib/forge-std/.github/workflows/sync.yml +36 -0
package/lib/forge-std/CONTRIBUTING.md +193 -0
package/lib/forge-std/LICENSE-APACHE +203 -0
package/lib/forge-std/LICENSE-MIT +25 -0
package/lib/forge-std/README.md +314 -0
package/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
package/lib/forge-std/package.json +16 -0
package/lib/forge-std/scripts/vm.py +636 -0
package/lib/openzeppelin-contracts/.changeset/config.json +12 -0
package/lib/openzeppelin-contracts/.codecov.yml +12 -0
package/lib/openzeppelin-contracts/.editorconfig +21 -0
package/lib/openzeppelin-contracts/.eslintrc +20 -0
package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/bug_report.md +21 -0
package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/config.yml +4 -0
package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/feature_request.md +14 -0
package/lib/openzeppelin-contracts/.github/PULL_REQUEST_TEMPLATE.md +20 -0
package/lib/openzeppelin-contracts/.github/actions/gas-compare/action.yml +49 -0
package/lib/openzeppelin-contracts/.github/actions/setup/action.yml +21 -0
package/lib/openzeppelin-contracts/.github/actions/storage-layout/action.yml +55 -0
package/lib/openzeppelin-contracts/.github/workflows/actionlint.yml +18 -0
package/lib/openzeppelin-contracts/.github/workflows/changeset.yml +28 -0
package/lib/openzeppelin-contracts/.github/workflows/checks.yml +118 -0
package/lib/openzeppelin-contracts/.github/workflows/docs.yml +19 -0
package/lib/openzeppelin-contracts/.github/workflows/formal-verification.yml +68 -0
package/lib/openzeppelin-contracts/.github/workflows/release-cycle.yml +214 -0
package/lib/openzeppelin-contracts/.github/workflows/upgradeable.yml +34 -0
package/lib/openzeppelin-contracts/.gitmodules +7 -0
package/lib/openzeppelin-contracts/.mocharc.js +4 -0
package/lib/openzeppelin-contracts/.prettierrc +15 -0
package/lib/openzeppelin-contracts/.solcover.js +13 -0
package/lib/openzeppelin-contracts/CHANGELOG.md +972 -0
package/lib/openzeppelin-contracts/CODE_OF_CONDUCT.md +73 -0
package/lib/openzeppelin-contracts/CONTRIBUTING.md +36 -0
package/lib/openzeppelin-contracts/GUIDELINES.md +148 -0
package/lib/openzeppelin-contracts/LICENSE +22 -0
package/lib/openzeppelin-contracts/README.md +107 -0
package/lib/openzeppelin-contracts/RELEASING.md +45 -0
package/lib/openzeppelin-contracts/SECURITY.md +42 -0
package/lib/openzeppelin-contracts/audits/2017-03.md +292 -0
package/lib/openzeppelin-contracts/audits/2018-10.pdf +0 -0
package/lib/openzeppelin-contracts/audits/2022-10-Checkpoints.pdf +0 -0
package/lib/openzeppelin-contracts/audits/2022-10-ERC4626.pdf +0 -0
package/lib/openzeppelin-contracts/audits/2023-05-v4.9.pdf +0 -0
package/lib/openzeppelin-contracts/audits/2023-10-v5.0.pdf +0 -0
package/lib/openzeppelin-contracts/audits/README.md +17 -0
package/lib/openzeppelin-contracts/certora/Makefile +54 -0
package/lib/openzeppelin-contracts/certora/README.md +60 -0
package/lib/openzeppelin-contracts/certora/diff/access_manager_AccessManager.sol.patch +97 -0
package/lib/openzeppelin-contracts/certora/reports/2021-10.pdf +0 -0
package/lib/openzeppelin-contracts/certora/reports/2022-03.pdf +0 -0
package/lib/openzeppelin-contracts/certora/reports/2022-05.pdf +0 -0
package/lib/openzeppelin-contracts/certora/run.js +160 -0
package/lib/openzeppelin-contracts/certora/specs/AccessControl.spec +119 -0
package/lib/openzeppelin-contracts/certora/specs/AccessControlDefaultAdminRules.spec +464 -0
package/lib/openzeppelin-contracts/certora/specs/DoubleEndedQueue.spec +300 -0
package/lib/openzeppelin-contracts/certora/specs/ERC20.spec +352 -0
package/lib/openzeppelin-contracts/certora/specs/ERC20FlashMint.spec +55 -0
package/lib/openzeppelin-contracts/certora/specs/ERC20Wrapper.spec +198 -0
package/lib/openzeppelin-contracts/certora/specs/ERC721.spec +679 -0
package/lib/openzeppelin-contracts/certora/specs/EnumerableMap.spec +333 -0
package/lib/openzeppelin-contracts/certora/specs/EnumerableSet.spec +246 -0
package/lib/openzeppelin-contracts/certora/specs/Initializable.spec +165 -0
package/lib/openzeppelin-contracts/certora/specs/Ownable.spec +77 -0
package/lib/openzeppelin-contracts/certora/specs/Ownable2Step.spec +108 -0
package/lib/openzeppelin-contracts/certora/specs/Pausable.spec +96 -0
package/lib/openzeppelin-contracts/certora/specs/TimelockController.spec +274 -0
package/lib/openzeppelin-contracts/certora/specs/helpers/helpers.spec +7 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IAccessControl.spec +8 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IAccessControlDefaultAdminRules.spec +36 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC20.spec +11 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC2612.spec +5 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC3156FlashBorrower.spec +3 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC3156FlashLender.spec +5 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC5313.spec +3 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC721.spec +17 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC721Receiver.spec +3 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IOwnable.spec +5 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IOwnable2Step.spec +7 -0
package/lib/openzeppelin-contracts/certora/specs.json +86 -0
package/lib/openzeppelin-contracts/contracts/access/README.adoc +43 -0
package/lib/openzeppelin-contracts/contracts/finance/README.adoc +14 -0
package/lib/openzeppelin-contracts/contracts/governance/README.adoc +167 -0
package/lib/openzeppelin-contracts/contracts/interfaces/README.adoc +82 -0
package/lib/openzeppelin-contracts/contracts/metatx/README.adoc +12 -0
package/lib/openzeppelin-contracts/contracts/package.json +32 -0
package/lib/openzeppelin-contracts/contracts/proxy/README.adoc +87 -0
package/lib/openzeppelin-contracts/contracts/token/ERC1155/README.adoc +41 -0
package/lib/openzeppelin-contracts/contracts/token/ERC20/README.adoc +67 -0
package/lib/openzeppelin-contracts/contracts/token/ERC721/README.adoc +67 -0
package/lib/openzeppelin-contracts/contracts/token/common/README.adoc +10 -0
package/lib/openzeppelin-contracts/contracts/utils/README.adoc +88 -0
package/lib/openzeppelin-contracts/contracts/vendor/compound/LICENSE +11 -0
package/lib/openzeppelin-contracts/docs/README.md +16 -0
package/lib/openzeppelin-contracts/docs/antora.yml +7 -0
package/lib/openzeppelin-contracts/docs/config.js +21 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-3a.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-3b.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-6.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-deposit.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-mint.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-linear.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-loglog.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-loglogext.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/tally-exec.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/tally-vote.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/nav.adoc +23 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/access-control.adoc +204 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/backwards-compatibility.adoc +48 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/crowdsales.adoc +11 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/drafts.adoc +19 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc1155.adoc +145 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc20-supply.adoc +71 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc20.adoc +77 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc4626.adoc +214 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc721.adoc +79 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/extending-contracts.adoc +77 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/faq.adoc +13 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/governance.adoc +240 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/index.adoc +79 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/tokens.adoc +31 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/upgradeable.adoc +77 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/utilities.adoc +185 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/wizard.adoc +15 -0
package/lib/openzeppelin-contracts/docs/templates/contract.hbs +111 -0
package/lib/openzeppelin-contracts/docs/templates/helpers.js +46 -0
package/lib/openzeppelin-contracts/docs/templates/page.hbs +4 -0
package/lib/openzeppelin-contracts/docs/templates/properties.js +64 -0
package/lib/openzeppelin-contracts/hardhat/env-artifacts.js +24 -0
package/lib/openzeppelin-contracts/hardhat/env-contract.js +25 -0
package/lib/openzeppelin-contracts/hardhat/ignore-unreachable-warnings.js +45 -0
package/lib/openzeppelin-contracts/hardhat/skip-foundry-tests.js +6 -0
package/lib/openzeppelin-contracts/hardhat/task-test-get-files.js +25 -0
package/lib/openzeppelin-contracts/hardhat.config.js +131 -0
package/lib/openzeppelin-contracts/lib/erc4626-tests/LICENSE +661 -0
package/lib/openzeppelin-contracts/lib/erc4626-tests/README.md +116 -0
package/lib/openzeppelin-contracts/lib/forge-std/.github/workflows/ci.yml +92 -0
package/lib/openzeppelin-contracts/lib/forge-std/.gitmodules +3 -0
package/lib/openzeppelin-contracts/lib/forge-std/LICENSE-APACHE +203 -0
package/lib/openzeppelin-contracts/lib/forge-std/LICENSE-MIT +25 -0
package/lib/openzeppelin-contracts/lib/forge-std/README.md +250 -0
package/lib/openzeppelin-contracts/lib/forge-std/package.json +16 -0
package/lib/openzeppelin-contracts/logo.svg +15 -0
package/lib/openzeppelin-contracts/netlify.toml +3 -0
package/lib/openzeppelin-contracts/package-lock.json +16544 -0
package/lib/openzeppelin-contracts/package.json +96 -0
package/lib/openzeppelin-contracts/remappings.txt +1 -0
package/lib/openzeppelin-contracts/renovate.json +4 -0
package/lib/openzeppelin-contracts/requirements.txt +1 -0
package/lib/openzeppelin-contracts/scripts/checks/compare-layout.js +20 -0
package/lib/openzeppelin-contracts/scripts/checks/compareGasReports.js +243 -0
package/lib/openzeppelin-contracts/scripts/checks/extract-layout.js +38 -0
package/lib/openzeppelin-contracts/scripts/checks/generation.sh +6 -0
package/lib/openzeppelin-contracts/scripts/checks/inheritance-ordering.js +54 -0
package/lib/openzeppelin-contracts/scripts/gen-nav.js +41 -0
package/lib/openzeppelin-contracts/scripts/generate/format-lines.js +16 -0
package/lib/openzeppelin-contracts/scripts/generate/run.js +49 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.js +247 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.opts.js +17 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.t.js +146 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/EnumerableMap.js +283 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/EnumerableSet.js +250 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/SafeCast.js +126 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/StorageSlot.js +78 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/conversion.js +30 -0
package/lib/openzeppelin-contracts/scripts/git-user-config.sh +6 -0
package/lib/openzeppelin-contracts/scripts/helpers.js +37 -0
package/lib/openzeppelin-contracts/scripts/prepack.sh +23 -0
package/lib/openzeppelin-contracts/scripts/prepare-docs.sh +26 -0
package/lib/openzeppelin-contracts/scripts/release/format-changelog.js +33 -0
package/lib/openzeppelin-contracts/scripts/release/synchronize-versions.js +15 -0
package/lib/openzeppelin-contracts/scripts/release/update-comment.js +34 -0
package/lib/openzeppelin-contracts/scripts/release/version.sh +11 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/exit-prerelease.sh +8 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/github-release.js +48 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/integrity-check.sh +20 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/pack.sh +26 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/publish.sh +26 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/rerun.js +7 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/set-changesets-pr-title.js +17 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/start.sh +35 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/state.js +112 -0
package/lib/openzeppelin-contracts/scripts/remove-ignored-artifacts.js +45 -0
package/lib/openzeppelin-contracts/scripts/solhint-custom/index.js +84 -0
package/lib/openzeppelin-contracts/scripts/solhint-custom/package.json +5 -0
package/lib/openzeppelin-contracts/scripts/update-docs-branch.js +65 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/README.md +21 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/patch-apply.sh +19 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/patch-save.sh +18 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/transpile-onto.sh +54 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/transpile.sh +47 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/upgradeable.patch +360 -0
package/lib/openzeppelin-contracts/slither.config.json +5 -0
package/lib/openzeppelin-contracts/solhint.config.js +20 -0
package/mythril-lft-output.txt +1 -0
package/mythril-lft-symbolic.txt +18 -0
package/mythril-lft.sh +20 -0
package/mythril-symbolic-output.txt +1 -0
package/mythril-symbolic.sh +42 -0
package/out/build-info/0026b78428192979.json +1 -0
package/out/build-info/03c4fc3b88486eba.json +1 -0
package/out/build-info/0540afa9b9a5c5a6.json +1 -0
package/out/build-info/081932f505bc08b9.json +1 -0
package/out/build-info/0da104ba0d6642d5.json +1 -0
package/out/build-info/197281971dbb5f23.json +1 -0
package/out/build-info/197e7e332832a232.json +1 -0
package/out/build-info/1a1cab9136eb5f94.json +1 -0
package/out/build-info/1b320204eb162aa2.json +1 -0
package/out/build-info/1e03f94398052674.json +1 -0
package/out/build-info/22ac085949602937.json +1 -0
package/out/build-info/234ef37453a9fa64.json +1 -0
package/out/build-info/2447db7b1878fa8e.json +1 -0
package/out/build-info/25568daeb484f5ff.json +1 -0
package/out/build-info/27465853244c49ce.json +1 -0
package/out/build-info/2c57a9e0f087453b.json +1 -0
package/out/build-info/3c62ae7de8da68c4.json +1 -0
package/out/build-info/3e771ae109e97bb3.json +1 -0
package/out/build-info/460499bc0a3465c4.json +1 -0
package/out/build-info/47ce37e50a4f115e.json +1 -0
package/out/build-info/4fcce5c63cf427d6.json +1 -0
package/out/build-info/4fd0a53fe63fddbb.json +1 -0
package/out/build-info/50f1247db9d769cc.json +1 -0
package/out/build-info/5317d0181a7a5e02.json +1 -0
package/out/build-info/594df509275ceb5b.json +1 -0
package/out/build-info/61983ac3f6141719.json +1 -0
package/out/build-info/638c4548307122fe.json +1 -0
package/out/build-info/67c2c43bdb7c0ded.json +1 -0
package/out/build-info/777f42643aad37b7.json +1 -0
package/out/build-info/7d7856f19e845354.json +1 -0
package/out/build-info/83976260b6f71e94.json +1 -0
package/out/build-info/83c23882000b963d.json +1 -0
package/out/build-info/84b2cce8f70b36be.json +1 -0
package/out/build-info/8bc13d31d7c3206a.json +1 -0
package/out/build-info/8e183bd4d9d8cf88.json +1 -0
package/out/build-info/94bfe1e7cafa8ff5.json +1 -0
package/out/build-info/99ec7d5e8d8ff360.json +1 -0
package/out/build-info/9ac044b29daa7d5e.json +1 -0
package/out/build-info/9b203227ff5d2e63.json +1 -0
package/out/build-info/9d18c5872c4282dd.json +1 -0
package/out/build-info/9f77f04f33baf9a3.json +1 -0
package/out/build-info/a6e1caf974787982.json +1 -0
package/out/build-info/a94b6348867a62d6.json +1 -0
package/out/build-info/ad93721947a8b195.json +1 -0
package/out/build-info/b42daddb5aa4b19f.json +1 -0
package/out/build-info/bf13512ae899f7e8.json +1 -0
package/out/build-info/c39f86c20a548c4a.json +1 -0
package/out/build-info/cb12bb975a2f4e65.json +1 -0
package/out/build-info/d0c6788fadc2aa60.json +1 -0
package/out/build-info/d2726bf94ed5b845.json +1 -0
package/out/build-info/d4eb00da50cce5cb.json +1 -0
package/out/build-info/db931924a3bc8bdd.json +1 -0
package/out/build-info/e1a503d49bc77401.json +1 -0
package/out/build-info/efe5396f8892ce77.json +1 -0
package/out/build-info/f536d90ced745969.json +1 -0
package/out/build-info/fed38823c7019b82.json +1 -0
package/package.json +51 -0
package/page.html +5384 -0
package/pancakeswap-simple-tvl.sql +15 -0
package/pancakeswap-top-pools.sql +29 -0
package/pancakeswap-tvl-optimized.sql +57 -0
package/pancakeswap-tvl-query.sql +60 -0
package/pancakeswap-underflow-hunting.sql +51 -0
package/pancakeswap-vulnerability-queries.sql +200 -0
package/posi_page.html +6369 -0
package/posi_response.json +29 -0
package/proxy_page.html +500 -0
package/run_mythril_elephant.sh +18 -0
package/sHEGIC-bytecode.bin +6 -0
package/sHEGIC-mythril-analysis.txt +1 -0
package/sHEGIC-mythril-full.txt +134 -0
package/sHEGIC_ANALYSIS.md +135 -0
package/sHEGIC_EXPLOIT_ANALYSIS.md +317 -0
package/sHEGIC_MYTHRIL_ANALYSIS.md +361 -0
package/scrape-snowcrash.js +28 -0
package/scripts/yooshi_drain.sh +154 -0
package/shi_raw.json +1 -0
package/temp.json +1 -0
package/temp_harvest.json +1 -0
package/temp_pika.json +1 -0
package/temp_posi.json +1 -0
package/temp_response.json +1 -0
package/test-lft-hidden-balance.js +108 -0
package/test-xfi-exploit.js +140 -0
package/trunk-liquidity-rescue.js +164 -0
package/vBABY_page.html +6153 -0
package/vBABY_response.json +29 -0
package/wsg_response.json +1 -0
package/yooldo_page.html +10371 -0

package/BCE_EXPLOIT_ANALYSIS.md ADDED Viewed

@@ -0,0 +1,165 @@
+# BCE Token Exploit Analysis - ACTUAL ROOT CAUSE
+## CORRECTED UNDERSTANDING
+The BCE exploit was NOT a flashloan price manipulation. It was a **TOKEN DESIGN FLAW** - a deferred burn mechanism that allowed burning tokens directly from the PancakeSwap LP pool.
+## THE REAL EXPLOIT MECHANISM
+### Root Cause: Flawed Burn Mechanism
+BCE token had a **deferred burn mechanism** with a critical flaw:
+1. **Global `scheduledDestruction` variable** - Stored on sells
+2. **Transfer hook allowed burning tokens FROM THE PANCAKESWAP PAIR**
+3. **Non-pair transfers could trigger the deferred burn**
+4. **Attacker could call `sync()` after burning pair's tokens**
+### Attack Flow (Actual)
+```
+1. Attacker borrows capital from Venus Protocol (NOT flashloan)
+2. Buy BCE from PancakeSwap pool
+3. Sell BCE → This LOADS the scheduledDestruction variable
+4. Use helper contract to trigger a normal transfer
+5. Transfer hook BURNS BCE directly from PancakeSwap pair
+6. Call sync() on the pair
+7. Pool reserves now: reserve0 = 36575519358323350250416289 USDT, reserve1 = 10000 BCE
+8. BCE side pushed to DUST (10000 tokens)
+9. Price completely distorted
+10. Final BCE sale extracts almost all USDT (~$679k)
+11. Repay Venus loan, keep profit
+```
+### Key Insight
+**This is NOT about low liquidity. This is about a TOKEN BUG that lets you burn tokens FROM THE LP POOL.**
+Normal AMM flow: Tokens only leave pool via swaps
+BCE bug: Transfer hook can burn pool's tokens directly → breaks AMM invariant
+### The Vulnerability Pattern
+```solidity
+// VULNERABLE PATTERN (hypothetical BCE code)
+address public scheduledDestruction;
+function _transfer(address from, address to, uint256 amount) internal {
+    // On sell to pair
+    if (to == pancakePair) {
+        scheduledDestruction = from; // Store for later burn
+    }
+    // On any transfer (including non-pair transfers)
+    if (scheduledDestruction != address(0)) {
+        // BUG: This burns from the PAIR, not from the seller!
+        _burn(pancakePair, someAmount);
+        scheduledDestruction = address(0);
+    }
+    // Normal transfer logic
+    super._transfer(from, to, amount);
+}
+```
+### Why This Matters
+**NONE of the 5 tokens (TITANO, RISE, POSI, TSC, CATE) have this vulnerability** because:
+- They use standard OpenZeppelin ERC20
+- No deferred burn mechanisms
+- No transfer hooks that can burn from arbitrary addresses
+- No global state that affects LP pools
+## Checking the 5 Tokens for Similar Bugs
+Need to check if any have:
+1. ✓ Deferred burn/destruction mechanisms
+2. ✓ Transfer hooks that modify balances of non-participants
+3. ✓ Global state variables that affect transfers
+4. ✓ Ability to burn tokens from LP pairs
+## Conclusion
+BCE exploit was a **CODE VULNERABILITY**, not an economic attack. The token design allowed:
+- Burning tokens from the LP pool
+- Manipulating pool reserves via sync()
+- Breaking AMM invariant (x * y = k)
+This is similar to the SyncToken exploit we analyzed before, where fee-on-transfer tokens can drain LP pools.
+## TESTED TOKENS - ALL SAFE
+Ran comprehensive analysis on 5 similar tokens:
+### 1. TITANO (0xBA96731324dE188ebC1eD87ca74544dDEbC07D7f)
+- Mechanism: Rebase with _gonsPerFragment
+- Transfer: Standard deduction/addition to _gonBalances
+- Burn: None (only rebase() by owner)
+- Result: **SAFE** - No deferred burn mechanism
+### 2. POSI (0x5CA42204cDaa70d5c773946e69dE942b85CA6706)
+- Mechanism: Reflection with _rOwned/_tOwned
+- Transfer: Standard reflection with genesis bonus
+- Burn: _burn() only callable by treasury contract
+- Result: **SAFE** - Burn restricted to treasury, no deferred mechanism
+### 3. RISE/EverRise
+- Mechanism: Standard RFI reflection
+- Transfer: 2% reflection + 9% buyback/marketing
+- Burn: Standard burn to dead address
+- Result: **SAFE** - Standard RFI implementation
+### 4. TSC (TrusterCoin)
+- Mechanism: Standard RFI reflection
+- Transfer: 5% reflection + 2% liquidity
+- Burn: Standard burn to dead address
+- Result: **SAFE** - Standard RFI implementation
+### 5. CATE
+- Mechanism: Standard RFI reflection
+- Transfer: Reflection + liquidity fees
+- Burn: Standard burn
+- Result: **SAFE** - Standard RFI implementation
+## Vulnerability Checklist Results
+| Token | Deferred Burn | scheduledDestruction | Burns from Arbitrary | Can Burn LP | Vulnerable |
+|-------|---------------|---------------------|---------------------|-------------|------------|
+| BCE | ✓ YES | ✓ YES | ✓ YES | ✓ YES | **YES** |
+| TITANO | ✗ NO | ✗ NO | ✗ NO | ✗ NO | NO |
+| POSI | ✗ NO | ✗ NO | ✗ NO | ✗ NO | NO |
+| RISE | ✗ NO | ✗ NO | ✗ NO | ✗ NO | NO |
+| TSC | ✗ NO | ✗ NO | ✗ NO | ✗ NO | NO |
+| CATE | ✗ NO | ✗ NO | ✗ NO | ✗ NO | NO |
+## Key Findings
+1. **BCE was unique** - None of the 5 tested tokens have the deferred burn vulnerability
+2. **All use standard patterns** - Rebase (TITANO) or Reflection (others)
+3. **No LP pool manipulation** - None can burn tokens from liquidity pools
+4. **No global state attacks** - No scheduledDestruction or similar variables
+## Test Results
+```
+Ran 6 tests for test/BCE_DeferredBurnExploit.t.sol
+✓ testTITANO_DeferredBurn() - SAFE
+✓ testPOSI_DeferredBurn() - SAFE
+✓ testRISE_DeferredBurn() - SAFE
+✓ testTSC_DeferredBurn() - SAFE
+✓ testCATE_DeferredBurn() - SAFE
+✓ testSummary() - All tokens safe
+All tests passed
+```
+## Conclusion
+BCE's $679k exploit was caused by a unique token design flaw that allowed:
+1. Storing a deferred burn target (scheduledDestruction)
+2. Triggering burns from the LP pool via transfer hooks
+3. Calling sync() to update reserves with burned tokens
+4. Draining USDT from the skewed pool
+**NONE of the 5 tested tokens (TITANO, POSI, RISE, TSC, CATE) have this vulnerability.** They all use standard, safe token mechanisms without deferred burns or LP pool manipulation capabilities.

package/BEEFY_BNB_CHAIN_ANALYSIS.md ADDED Viewed

@@ -0,0 +1,488 @@
+# Beefy Finance BNB Chain Analysis
+## Overview
+Analyzing Beefy Finance vaults on BNB Chain (formerly BSC) with focus on high-yield opportunities and security considerations.
+## Vault Rankings by Priority
+### 🚨 CRITICAL ALERT: 4-USDT Pool (1,299% APY)
+**Performance:**
+- APY: **1,299%** ⚠️
+- Daily APY: 0.7255%
+- TVL: $12,953
+- Liquidity: $38,385
+**Strategy Type:** PancakeSwap CLM Pool
+**Risk Assessment:** EXTREME - Investigate immediately
+**Red Flags:**
+1. Unsustainably high APY (1,299%)
+2. Low TVL relative to APY suggests:
+   - New pool with temporary incentives
+   - Potential rug pull setup
+   - Exploit opportunity
+   - Broken reward calculation
+3. Token "4" is suspicious - likely a meme/scam token
+4. Low liquidity ($38k) makes this highly manipulable
+**Investigation Priority:** HIGHEST
+**Action Items:**
+- Verify token "4" contract and legitimacy
+- Check for honeypot characteristics
+- Analyze reward distribution mechanism
+- Test deposit/withdrawal functionality
+- Check for hidden fees or locks
+---
+## High-Value Targets (By TVL)
+### 1. USDT-USDC PancakeSwap CLM Vault
+**Performance:**
+- APY: 0.42%
+- Daily APY: 0.0011%
+- TVL: $20,032
+- Liquidity: $45.93M
+**Strategy Type:** Stablecoin CLM Vault
+**Risk Level:** Very Low
+**Notes:**
+- Safest option - stablecoin pair
+- Excellent liquidity depth
+- Low but stable returns
+- Minimal IL risk
+**Security Focus:**
+- Fee extraction mechanisms
+- Rounding errors in large transactions
+- Oracle manipulation (though stablecoins are safer)
+### 2. CAKE-WBNB PancakeSwap CLM Pool
+**Performance:**
+- APY: 0.8%
+- Daily APY: 0.0021%
+- TVL: $22,495
+- Liquidity: $5.09M
+**Strategy Type:** Native DEX token pair
+**Risk Level:** Low-Medium
+**Notes:**
+- CAKE is PancakeSwap's native token
+- Good liquidity
+- Low APY but stable
+- Established pair
+### 3. ASTER-WBNB Uniswap CLM Pool
+**Performance:**
+- APY: 35.19%
+- Daily APY: 0.0826%
+- TVL: $20,116
+- Liquidity: $287,023
+**Strategy Type:** Uniswap V3 CLM
+**Risk Level:** Medium-High
+**Notes:**
+- ASTER token needs investigation
+- Decent APY without being suspicious
+- Moderate liquidity
+- Uniswap integration on BSC
+**Investigation:**
+- What is ASTER token?
+- Token contract verification
+- Holder distribution
+- Trading volume analysis
+### 4. ETH-BTCB PancakeSwap CLM Vault
+**Performance:**
+- APY: 0.26%
+- Daily APY: 0.0007%
+- TVL: $20,007
+- Liquidity: $1.10M
+**Strategy Type:** Blue-chip crypto pair
+**Risk Level:** Low
+**Notes:**
+- Safest volatile pair
+- BTCB is Binance-pegged Bitcoin
+- Low APY reflects low risk
+- Good for conservative strategies
+### 5. XVS-WBNB PancakeSwap CLM Vault
+**Performance:**
+- APY: 39.78%
+- Daily APY: 0.0918%
+- TVL: $16,938
+- Liquidity: $170,481
+**Strategy Type:** Venus Protocol token pair
+**Risk Level:** Medium
+**Notes:**
+- XVS is Venus Protocol governance token
+- Reasonable APY for DeFi token
+- Established protocol
+- Moderate liquidity
+### 6. ETH-WBNB PancakeSwap CLM Vault
+**Performance:**
+- APY: 0.48%
+- Daily APY: 0.0013%
+- TVL: $13,489
+- Liquidity: $8.34M
+**Strategy Type:** Major crypto pair
+**Risk Level:** Low
+**Notes:**
+- Excellent liquidity
+- Low but stable returns
+- Minimal IL risk between correlated assets
+### 7. DOGE-WBNB PancakeSwap CLM Pool
+**Performance:**
+- APY: 0.28%
+- Daily APY: 0.0007%
+- TVL: $16,265
+- Liquidity: $742,546
+**Strategy Type:** Meme coin pair
+**Risk Level:** Medium
+**Notes:**
+- DOGE is established meme coin
+- Good liquidity
+- Low APY reflects stability
+- Higher volatility than blue chips
+### 8. axlUSDC-USDT PancakeSwap CLM Pool
+**Performance:**
+- APY: 0%
+- Daily APY: 0%
+- TVL: $15,450
+- Liquidity: $233,873
+**Strategy Type:** Cross-chain stablecoin pair
+**Risk Level:** Low-Medium
+**Notes:**
+- axlUSDC is Axelar-bridged USDC
+- 0% APY is concerning - pool may be inactive
+- Good liquidity despite no rewards
+- Bridge risk consideration
+---
+## Security Analysis Priority List
+### Tier 1: Immediate Investigation
+1. **4-USDT (1,299% APY)** - Potential scam/exploit
+   - Token contract analysis
+   - Honeypot testing
+   - Reward mechanism audit
+### Tier 2: High-Value Targets
+2. **USDT-USDC ($20k TVL, $45M liquidity)** - Large liquidity pool
+3. **CAKE-WBNB ($22k TVL, $5M liquidity)** - Core PancakeSwap pair
+4. **ASTER-WBNB (35% APY)** - Unknown token investigation
+### Tier 3: Established Protocols
+5. **XVS-WBNB (40% APY)** - Venus Protocol integration
+6. **ETH-WBNB ($8.3M liquidity)** - High liquidity target
+7. **ETH-BTCB** - Blue chip pair
+### Tier 4: Lower Priority
+8. **DOGE-WBNB** - Meme coin pair
+9. **axlUSDC-USDT (0% APY)** - Inactive pool
+---
+## Common Vulnerability Patterns to Test
+### 1. CLM-Specific Vulnerabilities
+```solidity
+// Concentrated Liquidity Market risks:
+- Range manipulation attacks
+- Rebalancing front-running
+- Tick spacing exploits
+- Liquidity concentration attacks
+```
+### 2. Cross-Protocol Risks
+```solidity
+// PancakeSwap integration:
+- Router approval exploits
+- Swap slippage manipulation
+- LP token accounting errors
+// Uniswap V3 on BSC:
+- Position NFT handling
+- Fee tier manipulation
+```
+### 3. Reward Distribution
+```solidity
+// Common issues:
+- Reward calculation overflow
+- First depositor advantage
+- Rounding errors favoring attacker
+- Stale reward rate exploitation
+```
+### 4. Bridge Token Risks (axlUSDC)
+```solidity
+// Axelar bridge considerations:
+- Bridge pause scenarios
+- Peg deviation exploitation
+- Cross-chain message replay
+```
+---
+## Exploit Test Plan
+### Phase 1: Token Analysis
+```solidity
+// Test: Token "4" Analysis
+contract Token4Analysis is Test {
+    function testToken4Legitimacy() public {
+        // 1. Check contract source code
+        // 2. Test buy/sell functionality
+        // 3. Check for hidden fees
+        // 4. Verify holder distribution
+        // 5. Test transfer restrictions
+    }
+    function testASTERToken() public {
+        // 1. Verify token contract
+        // 2. Check liquidity depth
+        // 3. Test price impact
+        // 4. Analyze holder concentration
+    }
+}
+```
+### Phase 2: Vault Contract Security
+```solidity
+// Test: Deposit/Withdrawal Flows
+contract BeefyVaultExploit is Test {
+    function testReentrancyAttack() public {
+        // Test reentrancy in deposit/withdraw
+    }
+    function testFirstDepositorAdvantage() public {
+        // Test share calculation with minimal deposits
+    }
+    function testFlashLoanPriceManipulation() public {
+        // Manipulate pool price during harvest
+    }
+    function testEmergencyWithdrawAbuse() public {
+        // Test emergency function access controls
+    }
+}
+```
+### Phase 3: CLM Strategy Testing
+```solidity
+// Test: Concentrated Liquidity Manipulation
+contract CLMExploit is Test {
+    function testRangeManipulation() public {
+        // Force rebalancing at unfavorable prices
+    }
+    function testTickSpacingExploit() public {
+        // Exploit tick spacing in position management
+    }
+    function testRebalancingFrontrun() public {
+        // Front-run rebalancing transactions
+    }
+}
+```
+### Phase 4: Economic Attacks
+```solidity
+// Test: Reward and Fee Exploitation
+contract EconomicExploit is Test {
+    function testRewardCalculationOverflow() public {
+        // Test for overflow in reward calculations
+    }
+    function testFeeExtraction() public {
+        // Analyze actual vs advertised fees
+    }
+    function testCompoundingManipulation() public {
+        // Exploit auto-compounding mechanism
+    }
+}
+```
+---
+## Recommended Testing Sequence
+### Step 1: Quick Wins (1-2 hours)
+1. Analyze token "4" contract on BSCScan
+2. Test deposit/withdrawal on 4-USDT pool with small amount
+3. Check ASTER token legitimacy
+4. Verify axlUSDC-USDT 0% APY reason
+### Step 2: Contract Fetching (2-3 hours)
+```bash
+# Fetch vault contracts from Beefy API
+curl -s 'https://api.beefy.finance/vaults' | \
+  jq '.[] | select(.chain == "bsc") | {id, earnContractAddress, strategy}'
+# Get contract source from BSCScan API
+# Verify on BSCScan explorer
+```
+### Step 3: Static Analysis (3-4 hours)
+```bash
+# Run Slither on each vault
+slither BeefyVault.sol --detect all
+# Check for common patterns
+slither BeefyVault.sol --detect reentrancy-eth,arbitrary-send-eth
+# Run Mythril for deeper analysis
+myth analyze BeefyVault.sol --execution-timeout 300
+```
+### Step 4: Dynamic Testing (5-8 hours)
+```solidity
+// Create comprehensive Foundry test suite
+// Test each identified vulnerability
+// Document findings
+```
+---
+## Risk Matrix
+| Vault | TVL | APY | Risk Level | Priority |
+|-------|-----|-----|------------|----------|
+| 4-USDT | $12,953 | 1,299% | EXTREME | 🔴 CRITICAL |
+| ASTER-WBNB | $20,116 | 35.19% | HIGH | 🟠 HIGH |
+| XVS-WBNB | $16,938 | 39.78% | MEDIUM | 🟡 MEDIUM |
+| USDT-USDC | $20,032 | 0.42% | LOW | 🟢 LOW |
+| ETH-BTCB | $20,007 | 0.26% | LOW | 🟢 LOW |
+| ETH-WBNB | $13,489 | 0.48% | LOW | 🟢 LOW |
+| CAKE-WBNB | $22,495 | 0.8% | LOW | 🟢 LOW |
+| DOGE-WBNB | $16,265 | 0.28% | MEDIUM | 🟡 MEDIUM |
+| axlUSDC-USDT | $15,450 | 0% | MEDIUM | 🟡 MEDIUM |
+---
+## Key Questions to Answer
+### About 4-USDT Pool:
+1. What is token "4"? Contract address?
+2. Why is APY 1,299%?
+3. Can we actually withdraw after depositing?
+4. Are there hidden fees or locks?
+5. Is this a honeypot?
+### About ASTER Token:
+1. What project is ASTER?
+2. Is it audited?
+3. Why Uniswap instead of PancakeSwap?
+4. Token holder distribution?
+5. Is 35% APY sustainable?
+### About axlUSDC-USDT:
+1. Why 0% APY?
+2. Is the pool active?
+3. Why is there $15k TVL with no rewards?
+4. Bridge security considerations?
+### General Vault Questions:
+1. What are the actual fee structures?
+2. How often do strategies rebalance?
+3. What are the emergency procedures?
+4. Who controls strategy upgrades?
+5. Are there any timelocks?
+---
+## Immediate Action Items
+### Priority 1: Investigate 4-USDT
+```solidity
+// Create test file: test/BeefyBNB4USDTAnalysis.t.sol
+// 1. Get token "4" contract address
+// 2. Analyze token contract
+// 3. Test small deposit
+// 4. Attempt withdrawal
+// 5. Document findings
+```
+### Priority 2: Fetch All Vault Contracts
+```bash
+# Get vault addresses for all 9 pools
+# Download verified source code
+# Set up Foundry project structure
+```
+### Priority 3: Run Automated Scans
+```bash
+# Slither on all contracts
+# Mythril on high-priority targets
+# Check for known vulnerability patterns
+```
+### Priority 4: Manual Code Review
+```solidity
+// Focus on:
+// - Access controls
+// - Reward calculations
+// - Emergency functions
+// - Upgrade mechanisms
+```
+---
+## Expected Findings
+### High Probability Issues:
+1. **4-USDT is likely a scam** - 1,299% APY is not sustainable
+2. **Rounding errors** in share calculations
+3. **Front-running opportunities** during rebalancing
+4. **Fee discrepancies** between advertised and actual
+### Medium Probability Issues:
+1. **Access control weaknesses** in strategy contracts
+2. **Oracle manipulation** possibilities
+3. **Slippage exploitation** during harvests
+4. **Emergency function abuse**
+### Low Probability (But High Impact):
+1. **Reentrancy vulnerabilities**
+2. **Integer overflow/underflow**
+3. **Proxy upgrade exploits**
+4. **Cross-contract call manipulation**
+---
+## Conclusion
+BNB Chain Beefy vaults present a mix of opportunities:
+**Safe Plays:**
+- USDT-USDC (0.42% APY) - Stable, low risk
+- ETH-BTCB (0.26% APY) - Blue chip pair
+- ETH-WBNB (0.48% APY) - High liquidity
+**Moderate Risk/Reward:**
+- XVS-WBNB (39.78% APY) - Established DeFi protocol
+- ASTER-WBNB (35.19% APY) - Needs investigation
+**High Risk:**
+- 4-USDT (1,299% APY) - Almost certainly a scam/exploit
+**Investigation Needed:**
+- axlUSDC-USDT (0% APY) - Why no rewards?
+The 4-USDT pool should be the immediate focus - either it's an exploit opportunity or a trap. Either way, it's the most interesting target for security research.