uups-checker 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (670) hide show
  1. package/.gitmodules +6 -0
  2. package/AIFI_AUDIT.md +220 -0
  3. package/ALL_AUDITS_SUMMARY.md +366 -0
  4. package/ALPHA_PROXY_CRITICAL_FINDING.md +136 -0
  5. package/ALPHA_PROXY_FINAL_ANALYSIS.md +213 -0
  6. package/ALPHA_PROXY_FINAL_VERDICT.md +233 -0
  7. package/ALPHA_PROXY_SELFDESTRUCT_EXPLOIT.md +161 -0
  8. package/ARIA-foundry-test.txt +9 -0
  9. package/ARIA-mythril-analysis.txt +20 -0
  10. package/ARIA-slither-analysis.txt +38 -0
  11. package/ARIA_AI_SECURITY_AUDIT.md +290 -0
  12. package/ARIA_VERIFIED_AUDIT.md +259 -0
  13. package/ARIA_VERIFIED_slither.txt +76 -0
  14. package/ARIVA_source.txt +1 -0
  15. package/ARK_AUDIT.md +349 -0
  16. package/BANANA_AUDIT.md +365 -0
  17. package/BAS_AUDIT.md +451 -0
  18. package/BAS_TOKEN_AUDIT.md +235 -0
  19. package/BCE_EXPLOIT_ANALYSIS.md +165 -0
  20. package/BEEFY_BNB_CHAIN_ANALYSIS.md +488 -0
  21. package/BEEFY_MONAD_ANALYSIS.md +239 -0
  22. package/BEEFY_STAKING_ANALYSIS.md +136 -0
  23. package/BEEFY_XVS_WBNB_ACTUAL_FINDINGS.md +223 -0
  24. package/BEEFY_XVS_WBNB_CRITICAL_FINDINGS.md +269 -0
  25. package/BLOCKSEC_ATTACK_KNOWLEDGE_BASE.md +771 -0
  26. package/BRISE_ANALYSIS.txt +31 -0
  27. package/BRISE_BSC_DAPPS.txt +68 -0
  28. package/BRISE_EXPLOITS_FOUND.md +98 -0
  29. package/BRISE_REAL_EXPLOITS.md +115 -0
  30. package/BRISE_WHITEHAT_REPORT.md +162 -0
  31. package/BRISEstake_Analysis.txt +95 -0
  32. package/BSCSLOCKTOKEN_CRITICAL_FINDING.md +240 -0
  33. package/BSW_BISWAP_SECURITY_AUDIT.md +330 -0
  34. package/BTCST_FINAL_VERDICT.md +319 -0
  35. package/BTCST_MINING_REBASE_ANALYSIS.md +229 -0
  36. package/BTCST_ROUNDING_DEEP_DIVE.md +293 -0
  37. package/BTCST_ROUNDING_FINAL_VERDICT.md +9 -0
  38. package/BTCST_SECURITY_ANALYSIS.md +391 -0
  39. package/BTR_AUDIT.md +210 -0
  40. package/BeamBridge-analysis.md +226 -0
  41. package/BeamToken-analysis.md +201 -0
  42. package/BitgertSwap_Investigation.txt +107 -0
  43. package/CEEK_STAKING_ANALYSIS.md +0 -0
  44. package/CHAINBASE_AUDIT.md +422 -0
  45. package/COMPLETE_AUDIT_SUMMARY.md +342 -0
  46. package/CORRECTED_ANALYSIS.txt +115 -0
  47. package/DBXEN_COMPARISON_SUMMARY.md +232 -0
  48. package/DBXEN_EXPLOIT_ANALYSIS.md +530 -0
  49. package/DOPFairLaunch_raw.json +29 -0
  50. package/DOPFairLaunch_source.txt +0 -0
  51. package/DOP_BRIDGE_FINAL_ANALYSIS.txt +86 -0
  52. package/DOP_BUSD_LP_ANALYSIS.txt +44 -0
  53. package/DOP_FAIRLAUNCH_ANALYSIS.txt +61 -0
  54. package/DOP_FAIRLAUNCH_FINAL_VERDICT.txt +113 -0
  55. package/DOP_STAKING_CONTRACT_ANALYSIS.txt +67 -0
  56. package/DSYNC_ECOSYSTEM_ANALYSIS.md +221 -0
  57. package/DSyncStaking-exploit-analysis.md +153 -0
  58. package/DSyncVault-analysis.md +120 -0
  59. package/DUSD_PROXY_AUDIT.md +407 -0
  60. package/DXSALE_LOCK_AUDIT.md +0 -0
  61. package/DXSaleLock_bytecode.txt +1 -0
  62. package/ECHIDNA_QUICK_START.md +101 -0
  63. package/ELEPHANT_ECOSYSTEM_AUDIT_PLAN.md +159 -0
  64. package/ELEPHANT_ECOSYSTEM_COMPREHENSIVE_AUDIT.md +427 -0
  65. package/ELEPHANT_SECURITY_ANALYSIS.md +209 -0
  66. package/ELEPHANT_VULNERABILITIES_EXPLAINED.md +455 -0
  67. package/EXPLOIT_FIX.md +300 -0
  68. package/EXPLOIT_INSTRUCTIONS.md +273 -0
  69. package/EXPLOIT_SUMMARY.md +285 -0
  70. package/EXPLOIT_SUMMARY.txt +175 -0
  71. package/FALCON_FINANCE_AUDIT.md +258 -0
  72. package/FANDOM_AUDIT.md +359 -0
  73. package/FEE_ON_TRANSFER_ANALYSIS.md +228 -0
  74. package/FINAL_AUDIT_REPORT.md +0 -0
  75. package/FOLIO_PROXY_AUDIT.md +299 -0
  76. package/FOT_EXPLOIT_RESULTS.txt +110 -0
  77. package/FOT_TOKENS_AUDITED.md +103 -0
  78. package/HEGIC-mythril-analysis.txt +39 -0
  79. package/HEGIC_COMPLETE_ANALYSIS.md +343 -0
  80. package/HOTCROSS_SWAP_EXPLOIT_ANALYSIS.md +123 -0
  81. package/ICECREAMSWAP_EXPLOITS.md +259 -0
  82. package/IMMUNEFI_REPORT.md +314 -0
  83. package/KCCPAD_EXPLOIT_GUIDE.md +285 -0
  84. package/KEL_CEL_EXPLOIT_ANALYSIS.md +0 -0
  85. package/KOGE_AUDIT.md +328 -0
  86. package/LENDFLARE_ANALYSIS.md +239 -0
  87. package/LENDFLARE_ECHIDNA_GUIDE.md +356 -0
  88. package/LENDFLARE_EXPLOIT_INSTRUCTIONS.md +297 -0
  89. package/LENDFLARE_EXPLOIT_SUMMARY.md +292 -0
  90. package/LENDFLARE_FLASHLOAN_GUIDE.md +383 -0
  91. package/LENDFLARE_FUZZING_RESULTS.md +252 -0
  92. package/LENDFLARE_HONEYPOT_BYPASS_ANALYSIS.md +420 -0
  93. package/LENDFLARE_MANUAL_FUZZING.md +324 -0
  94. package/LENDFLARE_MYTHRIL_ANALYSIS.md +339 -0
  95. package/LENDFLARE_V3_BYPASS.md +296 -0
  96. package/LFTDECOMPILE.txt +14478 -0
  97. package/LFT_ACCOUNTING_ANALYSIS.md +0 -0
  98. package/LFT_ACCOUNTING_BUG_ANALYSIS.md +426 -0
  99. package/LFT_BACKDOOR_DEEP_DIVE.md +0 -0
  100. package/LFT_CRITICAL_EXPLOIT_CONFIRMED.md +428 -0
  101. package/LFT_EXPLOIT_VISUAL.md +253 -0
  102. package/LFT_QUICK_SUMMARY.md +124 -0
  103. package/LFT_REVERSE_EXPLOIT_ANALYSIS.md +521 -0
  104. package/MGO_AUDIT_REPORT.md +420 -0
  105. package/MYTHRIL_FINAL_REPORT.md +306 -0
  106. package/MYTHRIL_SLITHER_SUMMARY.md +244 -0
  107. package/NETX_MIGRATION_AUDIT.md +0 -0
  108. package/NPM_PUBLISH_GUIDE.md +0 -0
  109. package/NRV_CRITICAL_EXPLOIT.txt +143 -0
  110. package/NetX_Analysis.txt +76 -0
  111. package/NetX_Migration_bytecode.txt +1 -0
  112. package/NetX_Migration_source.txt +0 -0
  113. package/NetX_Token_source.txt +0 -0
  114. package/NetxWhitehatRescue +22 -0
  115. package/OILER_ATTACK_VISUAL.md +351 -0
  116. package/OILER_BLOCKSEC_TEST_RESULTS.md +421 -0
  117. package/OILER_DEEP_ANALYSIS.md +212 -0
  118. package/OILER_FINAL_EXPLOIT_REPORT.md +241 -0
  119. package/OILER_FINAL_VERDICT.md +339 -0
  120. package/OILER_REENTRANCY_EXPLAINED.md +638 -0
  121. package/OILER_REENTRANCY_FINAL_SUMMARY.md +391 -0
  122. package/OILER_REENTRANCY_REALITY_CHECK.md +393 -0
  123. package/OILER_REENTRANCY_STEP_BY_STEP.md +597 -0
  124. package/OILER_STAKING_MAINNET_ANALYSIS.md +366 -0
  125. package/OILER_STAKING_SECURITY_ANALYSIS.md +409 -0
  126. package/PANCAKESWAP_UNDERFLOW_HUNTING.md +317 -0
  127. package/POLS_MULTICHAIN_AUDIT.md +0 -0
  128. package/POSI_STAKING_AUDIT.md +0 -0
  129. package/PROXY2_SECURITY_ANALYSIS.md +0 -0
  130. package/Proxy2TACS +29748 -0
  131. package/QUICK_START.md +240 -0
  132. package/RAMP_SECURITY_ANALYSIS.md +0 -0
  133. package/README.md +238 -0
  134. package/REAUDIT_MASTER_LIST.txt +15 -0
  135. package/RING_analysis.txt +212 -0
  136. package/RPC +4 -0
  137. package/RULES.txt +20 -0
  138. package/SIREN_AUDIT.md +186 -0
  139. package/SYNC_EXPLOIT_README.md +0 -0
  140. package/SYNC_TOKEN_EXPLOIT_REPORT.md +224 -0
  141. package/TLM_raw.html +0 -0
  142. package/TLM_raw.txt +0 -0
  143. package/TLM_response.json +1 -0
  144. package/TRADOOR_AUDIT.md +253 -0
  145. package/TRUNK_AUDIT.md +285 -0
  146. package/UNIBASE_AUDIT.md +241 -0
  147. package/UNLOCK_ANALYSIS.md +0 -0
  148. package/UNLOCK_EXPLOIT.md +49 -0
  149. package/UNLOCK_EXPLOIT_ANALYSIS.md +0 -0
  150. package/UPS +232 -0
  151. package/UUPSCHECKER +208 -0
  152. package/VAULT_PROXY_AUDIT.md +457 -0
  153. package/VAULT_PROXY_FINAL_VERDICT.md +0 -0
  154. package/VERIFIED_EXPLOITS_FINAL.txt +146 -0
  155. package/WKEYDAO2_AUDIT.md +245 -0
  156. package/WSG_AUDIT.md +0 -0
  157. package/XFI_DEEP_ANALYSIS.md +327 -0
  158. package/YOOSHI_EXPLOIT_GUIDE.md +119 -0
  159. package/YSDAO_EXPLOIT_GUIDE.md +0 -0
  160. package/agent-4-bundle.md +22490 -0
  161. package/alpha-proxy-echidna.txt +1 -0
  162. package/alpha-proxy-fuzz-results.txt +81 -0
  163. package/alpha-proxy-mythril.txt +2 -0
  164. package/analyze-btcst-farm.js +54 -0
  165. package/analyze-dxsale-lock.js +75 -0
  166. package/analyze-elephant.js +69 -0
  167. package/analyze-fara-rewards.js +109 -0
  168. package/analyze-fara-storage.js +83 -0
  169. package/analyze-lft-transaction.js +158 -0
  170. package/analyze-lock-bytecode.js +59 -0
  171. package/analyze-shegic.js +0 -0
  172. package/analyze-staking-abi.js +0 -0
  173. package/analyze-sxp.js +57 -0
  174. package/analyze-tlm.js +76 -0
  175. package/analyze-trumpet.js +98 -0
  176. package/analyze-unlimited-nft.js +108 -0
  177. package/analyze_elephant.sh +27 -0
  178. package/analyze_vault.sh +32 -0
  179. package/aria-bytecode.txt +1 -0
  180. package/aria_response.json +1 -0
  181. package/ark_temp/README.md +66 -0
  182. package/ark_temp/lib/forge-std/.gitattributes +1 -0
  183. package/ark_temp/lib/forge-std/.github/CODEOWNERS +1 -0
  184. package/ark_temp/lib/forge-std/.github/dependabot.yml +6 -0
  185. package/ark_temp/lib/forge-std/.github/workflows/ci.yml +125 -0
  186. package/ark_temp/lib/forge-std/.github/workflows/sync.yml +36 -0
  187. package/ark_temp/lib/forge-std/CONTRIBUTING.md +193 -0
  188. package/ark_temp/lib/forge-std/LICENSE-APACHE +203 -0
  189. package/ark_temp/lib/forge-std/LICENSE-MIT +25 -0
  190. package/ark_temp/lib/forge-std/README.md +314 -0
  191. package/ark_temp/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
  192. package/ark_temp/lib/forge-std/package.json +16 -0
  193. package/ark_temp/lib/forge-std/scripts/vm.py +636 -0
  194. package/audits/AiFi-security-audit-20260326.md +499 -0
  195. package/audits/BasedAI-Brains-security-audit-20260324.md +651 -0
  196. package/audits/BinanceAlphaWallet-pashov-ai-audit-report-20260324-170000.md +362 -0
  197. package/audits/DGToken-security-audit-20260324.md +376 -0
  198. package/audits/DSyncStaking-audit-part1.md +161 -0
  199. package/audits/DSyncStaking-security-audit-20260324.md +547 -0
  200. package/audits/DecompiledERC20-security-audit-20260325.md +397 -0
  201. package/audits/DegenVC-security-audit-20260324.md +585 -0
  202. package/audits/DelreyInu-security-audit-20260324.md +463 -0
  203. package/audits/DestraNetwork-security-audit-20260324.md +705 -0
  204. package/audits/DomiToken-security-audit-20260324.md +514 -0
  205. package/audits/LendFlareToken-security-audit-20260325.md +197 -0
  206. package/audits/LockReleaseTokenPool-security-audit-20260324.md +482 -0
  207. package/audits/MOG-pashov-ai-audit-report-20260324-164900.md +229 -0
  208. package/audits/PAALAI-security-audit-20260324.md +475 -0
  209. package/audits/PAR-security-audit-20260325.md +311 -0
  210. package/audits/PepeCoinStaking-security-audit-20260324.md +358 -0
  211. package/audits/StakingPool-security-audit-20260324.md +517 -0
  212. package/audits/SyncToken-security-audit-20260324.md +778 -0
  213. package/audits/UndeadToken-decompiled-security-audit-20260324.md +485 -0
  214. package/audits/UnknownToken-decompiled-security-audit-20260324.md +647 -0
  215. package/audits/XFIStaking-security-audit-20260324.md +682 -0
  216. package/audits/Xfinance-security-audit-20260324.md +463 -0
  217. package/audits/basedAIFarm-security-audit-20260324.md +330 -0
  218. package/audits/pepeCoin-security-audit-20260324.md +462 -0
  219. package/bin/ups +232 -0
  220. package/binance-wallet-exploit/.env.example +2 -0
  221. package/binance-wallet-exploit/EXECUTIVE_SUMMARY.md +272 -0
  222. package/binance-wallet-exploit/EXPLOIT_SUMMARY.md +104 -0
  223. package/binance-wallet-exploit/FINAL_ANALYSIS.md +326 -0
  224. package/binance-wallet-exploit/FLASHLOAN_ATTACK.md +292 -0
  225. package/binance-wallet-exploit/HONEYPOT_REPORT.md +526 -0
  226. package/binance-wallet-exploit/INVESTIGATION_COMPLETE.md +362 -0
  227. package/binance-wallet-exploit/LENDFLARE_EXPLOIT.md +219 -0
  228. package/binance-wallet-exploit/LENDFLARE_FINAL_ATTACK.md +307 -0
  229. package/binance-wallet-exploit/LENDFLARE_REAL_EXPLOIT.md +286 -0
  230. package/binance-wallet-exploit/LENDFLARE_RUGPULL.md +269 -0
  231. package/binance-wallet-exploit/LFT_ANALYSIS.md +206 -0
  232. package/binance-wallet-exploit/QUICK_START.md +75 -0
  233. package/binance-wallet-exploit/README.md +195 -0
  234. package/binance-wallet-exploit/REAL_TX_EXPLOIT_ANALYSIS.md +271 -0
  235. package/binance-wallet-exploit/REMIX_INSTRUCTIONS.md +223 -0
  236. package/binance-wallet-exploit/TEST_RESULTS.md +203 -0
  237. package/binance-wallet-exploit/cache/solidity-files-cache.json +1 -0
  238. package/binance-wallet-exploit/cache/test-failures +1 -0
  239. package/binance-wallet-exploit/lib/forge-std/.gitattributes +1 -0
  240. package/binance-wallet-exploit/lib/forge-std/.github/CODEOWNERS +1 -0
  241. package/binance-wallet-exploit/lib/forge-std/.github/dependabot.yml +6 -0
  242. package/binance-wallet-exploit/lib/forge-std/.github/workflows/ci.yml +125 -0
  243. package/binance-wallet-exploit/lib/forge-std/.github/workflows/sync.yml +36 -0
  244. package/binance-wallet-exploit/lib/forge-std/CONTRIBUTING.md +193 -0
  245. package/binance-wallet-exploit/lib/forge-std/LICENSE-APACHE +203 -0
  246. package/binance-wallet-exploit/lib/forge-std/LICENSE-MIT +25 -0
  247. package/binance-wallet-exploit/lib/forge-std/README.md +314 -0
  248. package/binance-wallet-exploit/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
  249. package/binance-wallet-exploit/lib/forge-std/package.json +16 -0
  250. package/binance-wallet-exploit/lib/forge-std/scripts/vm.py +636 -0
  251. package/binance-wallet-exploit/out/build-info/1e9aa7e86cf56962.json +1 -0
  252. package/binance-wallet-exploit/out/build-info/6f56f10e9d7b56eb.json +1 -0
  253. package/binance-wallet-exploit/out/build-info/7edba961ff697a24.json +1 -0
  254. package/binance-wallet-exploit/out/build-info/8c27fe3efea2f2e7.json +1 -0
  255. package/binance-wallet-exploit/out/build-info/978b680daffec63a.json +1 -0
  256. package/binance-wallet-exploit/out/build-info/9806b900b5672d0c.json +1 -0
  257. package/binance-wallet-exploit/out/build-info/b4b9ff36e9b3fc27.json +1 -0
  258. package/binance-wallet-exploit/out/build-info/b6f4df9ae05c0812.json +1 -0
  259. package/binance-wallet-exploit/out/build-info/c88dbc86551f7b5c.json +1 -0
  260. package/binance-wallet-exploit/out/build-info/e9657504010623db.json +1 -0
  261. package/cache/fuzz/failures/ARIAVerifiedFuzzTest/testFuzz_ApprovalRaceCondition +1 -0
  262. package/cache/fuzz/failures/HotCrossSwapFuzzTest/testFuzz_DirectTransferExploit +1 -0
  263. package/cache/fuzz/failures/HotCrossSwapFuzzTest/testFuzz_LargeSwapDrain +1 -0
  264. package/cache/fuzz/failures/LendFlareFuzz/testFuzz_ApprovalExploit +1 -0
  265. package/cache/fuzz/failures/LendFlareFuzz/testFuzz_BalanceManipulation +1 -0
  266. package/cache/fuzz/failures/LendFlareFuzz/testFuzz_RateManipulation +1 -0
  267. package/cache/fuzz/failures/LendFlareFuzz/testFuzz_StorageManipulation +1 -0
  268. package/cache/fuzz/failures/PARFuzzTest/testFuzz_OverflowTransfer +1 -0
  269. package/cache/fuzz/failures/PARFuzzTest/testFuzz_Transfer +1 -0
  270. package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_FrontrunAddfunds +1 -0
  271. package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_RewardOverflow +1 -0
  272. package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_RoundingExploit +1 -0
  273. package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_WithdrawLimit +1 -0
  274. package/cache/solidity-files-cache.json +1 -0
  275. package/cache/test-failures +1 -0
  276. package/calculate-elephant-flashloan.js +195 -0
  277. package/check-address-approval.js +112 -0
  278. package/check-alpha-proxy.js +42 -0
  279. package/check-arbitrage.js +155 -0
  280. package/check-aria-token.js +47 -0
  281. package/check-ark.sh +20 -0
  282. package/check-btcst-mining.js +75 -0
  283. package/check-btcst-pools.js +163 -0
  284. package/check-btcst.js +88 -0
  285. package/check-caller.js +26 -0
  286. package/check-ceek-lp.js +73 -0
  287. package/check-ceek.js +47 -0
  288. package/check-dxsale-address.js +35 -0
  289. package/check-fara-exploit-timing.js +56 -0
  290. package/check-fara-real-exploit.js +73 -0
  291. package/check-flashloan-limits.js +129 -0
  292. package/check-kel-cel-pool.js +91 -0
  293. package/check-lax-staking.js +41 -0
  294. package/check-lendflare.js +165 -0
  295. package/check-lft-accounting.js +109 -0
  296. package/check-lft-roles.js +165 -0
  297. package/check-lock-time.js +47 -0
  298. package/check-min-stake.js +73 -0
  299. package/check-mystery-contract.js +52 -0
  300. package/check-next-token.js +50 -0
  301. package/check-nora-lock.js +67 -0
  302. package/check-oiler-approvals.js +116 -0
  303. package/check-oiler-proxy.js +73 -0
  304. package/check-oiler-staking.js +117 -0
  305. package/check-proxy-simple.js +71 -0
  306. package/check-recent-stakes.js +54 -0
  307. package/check-shegic-holdings.js +67 -0
  308. package/check-snowcrash-ecosystem.js +83 -0
  309. package/check-sync-lp.js +97 -0
  310. package/check-sync-stake.js +42 -0
  311. package/check-tlm.js +37 -0
  312. package/check-token-pools.js +146 -0
  313. package/check-trunk-depeg.js +181 -0
  314. package/check-tusd-decimals.js +58 -0
  315. package/check-user-storage-deep.js +81 -0
  316. package/check-welephant-pools.js +130 -0
  317. package/check-xfi-pool.js +75 -0
  318. package/check-zypher.js +32 -0
  319. package/check_proxy.sh +36 -0
  320. package/compare-tlm-chains.js +90 -0
  321. package/contract_0x05f2.html +6025 -0
  322. package/contract_0x3720.html +6361 -0
  323. package/contract_0x928e.html +5606 -0
  324. package/contract_0xc42d.html +5304 -0
  325. package/contract_page.html +5789 -0
  326. package/decode-stake-tx.js +50 -0
  327. package/deep-analyze-lock.js +82 -0
  328. package/dune_uups_proxy_query.sql +42 -0
  329. package/dune_uups_vulnerable_query.sql +0 -0
  330. package/echidna/alpha-proxy.yaml +14 -0
  331. package/echidna/elephant.yaml +7 -0
  332. package/echidna/lendflare.yaml +42 -0
  333. package/echidna.config.yaml +12 -0
  334. package/elephant_raw.json +1 -0
  335. package/eps_raw.json +1 -0
  336. package/exploit/.github/workflows/test.yml +38 -0
  337. package/exploit/.gitmodules +3 -0
  338. package/exploit/README.md +66 -0
  339. package/exploit/foundry.lock +8 -0
  340. package/exploit/lib/forge-std/.gitattributes +1 -0
  341. package/exploit/lib/forge-std/.github/CODEOWNERS +1 -0
  342. package/exploit/lib/forge-std/.github/dependabot.yml +6 -0
  343. package/exploit/lib/forge-std/.github/workflows/ci.yml +125 -0
  344. package/exploit/lib/forge-std/.github/workflows/sync.yml +36 -0
  345. package/exploit/lib/forge-std/CONTRIBUTING.md +193 -0
  346. package/exploit/lib/forge-std/LICENSE-APACHE +203 -0
  347. package/exploit/lib/forge-std/LICENSE-MIT +25 -0
  348. package/exploit/lib/forge-std/README.md +314 -0
  349. package/exploit/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
  350. package/exploit/lib/forge-std/package.json +16 -0
  351. package/exploit/lib/forge-std/scripts/vm.py +636 -0
  352. package/exploit_analysis.txt +51 -0
  353. package/extract_contract.py +21 -0
  354. package/extract_elephant_contracts.py +24 -0
  355. package/fara-staking-bytecode.txt +1 -0
  356. package/fara-staking-raw.txt +1 -0
  357. package/fetch-aria.js +46 -0
  358. package/fetch-contract.js +50 -0
  359. package/fetch-shegic-source.js +86 -0
  360. package/fetch-snowcrash.js +44 -0
  361. package/fetch-staking-source.js +53 -0
  362. package/fetch-tlm.js +60 -0
  363. package/fetch_elephant_source.py +32 -0
  364. package/find-ceek-staking.js +21 -0
  365. package/find-exploit-tx.js +88 -0
  366. package/find-oiler-holders.js +100 -0
  367. package/find-tlm-holder.js +36 -0
  368. package/find-vulnerable-fund.js +94 -0
  369. package/foundry.lock +8 -0
  370. package/fuzz-all.sh +53 -0
  371. package/get-aria-contract.py +40 -0
  372. package/get-lft-holders.js +89 -0
  373. package/get-tlm-source.sh +8 -0
  374. package/harvest_txs.json +1 -0
  375. package/lft-bytecode-raw.txt +1 -0
  376. package/lft-bytecode.json +1 -0
  377. package/lft-impl.bin +1 -0
  378. package/lft-implementation-bytecode.txt +1 -0
  379. package/lib/forge-std/.gitattributes +1 -0
  380. package/lib/forge-std/.github/CODEOWNERS +1 -0
  381. package/lib/forge-std/.github/dependabot.yml +6 -0
  382. package/lib/forge-std/.github/workflows/ci.yml +125 -0
  383. package/lib/forge-std/.github/workflows/sync.yml +36 -0
  384. package/lib/forge-std/CONTRIBUTING.md +193 -0
  385. package/lib/forge-std/LICENSE-APACHE +203 -0
  386. package/lib/forge-std/LICENSE-MIT +25 -0
  387. package/lib/forge-std/README.md +314 -0
  388. package/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
  389. package/lib/forge-std/package.json +16 -0
  390. package/lib/forge-std/scripts/vm.py +636 -0
  391. package/lib/openzeppelin-contracts/.changeset/config.json +12 -0
  392. package/lib/openzeppelin-contracts/.codecov.yml +12 -0
  393. package/lib/openzeppelin-contracts/.editorconfig +21 -0
  394. package/lib/openzeppelin-contracts/.eslintrc +20 -0
  395. package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/bug_report.md +21 -0
  396. package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/config.yml +4 -0
  397. package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/feature_request.md +14 -0
  398. package/lib/openzeppelin-contracts/.github/PULL_REQUEST_TEMPLATE.md +20 -0
  399. package/lib/openzeppelin-contracts/.github/actions/gas-compare/action.yml +49 -0
  400. package/lib/openzeppelin-contracts/.github/actions/setup/action.yml +21 -0
  401. package/lib/openzeppelin-contracts/.github/actions/storage-layout/action.yml +55 -0
  402. package/lib/openzeppelin-contracts/.github/workflows/actionlint.yml +18 -0
  403. package/lib/openzeppelin-contracts/.github/workflows/changeset.yml +28 -0
  404. package/lib/openzeppelin-contracts/.github/workflows/checks.yml +118 -0
  405. package/lib/openzeppelin-contracts/.github/workflows/docs.yml +19 -0
  406. package/lib/openzeppelin-contracts/.github/workflows/formal-verification.yml +68 -0
  407. package/lib/openzeppelin-contracts/.github/workflows/release-cycle.yml +214 -0
  408. package/lib/openzeppelin-contracts/.github/workflows/upgradeable.yml +34 -0
  409. package/lib/openzeppelin-contracts/.gitmodules +7 -0
  410. package/lib/openzeppelin-contracts/.mocharc.js +4 -0
  411. package/lib/openzeppelin-contracts/.prettierrc +15 -0
  412. package/lib/openzeppelin-contracts/.solcover.js +13 -0
  413. package/lib/openzeppelin-contracts/CHANGELOG.md +972 -0
  414. package/lib/openzeppelin-contracts/CODE_OF_CONDUCT.md +73 -0
  415. package/lib/openzeppelin-contracts/CONTRIBUTING.md +36 -0
  416. package/lib/openzeppelin-contracts/GUIDELINES.md +148 -0
  417. package/lib/openzeppelin-contracts/LICENSE +22 -0
  418. package/lib/openzeppelin-contracts/README.md +107 -0
  419. package/lib/openzeppelin-contracts/RELEASING.md +45 -0
  420. package/lib/openzeppelin-contracts/SECURITY.md +42 -0
  421. package/lib/openzeppelin-contracts/audits/2017-03.md +292 -0
  422. package/lib/openzeppelin-contracts/audits/2018-10.pdf +0 -0
  423. package/lib/openzeppelin-contracts/audits/2022-10-Checkpoints.pdf +0 -0
  424. package/lib/openzeppelin-contracts/audits/2022-10-ERC4626.pdf +0 -0
  425. package/lib/openzeppelin-contracts/audits/2023-05-v4.9.pdf +0 -0
  426. package/lib/openzeppelin-contracts/audits/2023-10-v5.0.pdf +0 -0
  427. package/lib/openzeppelin-contracts/audits/README.md +17 -0
  428. package/lib/openzeppelin-contracts/certora/Makefile +54 -0
  429. package/lib/openzeppelin-contracts/certora/README.md +60 -0
  430. package/lib/openzeppelin-contracts/certora/diff/access_manager_AccessManager.sol.patch +97 -0
  431. package/lib/openzeppelin-contracts/certora/reports/2021-10.pdf +0 -0
  432. package/lib/openzeppelin-contracts/certora/reports/2022-03.pdf +0 -0
  433. package/lib/openzeppelin-contracts/certora/reports/2022-05.pdf +0 -0
  434. package/lib/openzeppelin-contracts/certora/run.js +160 -0
  435. package/lib/openzeppelin-contracts/certora/specs/AccessControl.spec +119 -0
  436. package/lib/openzeppelin-contracts/certora/specs/AccessControlDefaultAdminRules.spec +464 -0
  437. package/lib/openzeppelin-contracts/certora/specs/DoubleEndedQueue.spec +300 -0
  438. package/lib/openzeppelin-contracts/certora/specs/ERC20.spec +352 -0
  439. package/lib/openzeppelin-contracts/certora/specs/ERC20FlashMint.spec +55 -0
  440. package/lib/openzeppelin-contracts/certora/specs/ERC20Wrapper.spec +198 -0
  441. package/lib/openzeppelin-contracts/certora/specs/ERC721.spec +679 -0
  442. package/lib/openzeppelin-contracts/certora/specs/EnumerableMap.spec +333 -0
  443. package/lib/openzeppelin-contracts/certora/specs/EnumerableSet.spec +246 -0
  444. package/lib/openzeppelin-contracts/certora/specs/Initializable.spec +165 -0
  445. package/lib/openzeppelin-contracts/certora/specs/Ownable.spec +77 -0
  446. package/lib/openzeppelin-contracts/certora/specs/Ownable2Step.spec +108 -0
  447. package/lib/openzeppelin-contracts/certora/specs/Pausable.spec +96 -0
  448. package/lib/openzeppelin-contracts/certora/specs/TimelockController.spec +274 -0
  449. package/lib/openzeppelin-contracts/certora/specs/helpers/helpers.spec +7 -0
  450. package/lib/openzeppelin-contracts/certora/specs/methods/IAccessControl.spec +8 -0
  451. package/lib/openzeppelin-contracts/certora/specs/methods/IAccessControlDefaultAdminRules.spec +36 -0
  452. package/lib/openzeppelin-contracts/certora/specs/methods/IERC20.spec +11 -0
  453. package/lib/openzeppelin-contracts/certora/specs/methods/IERC2612.spec +5 -0
  454. package/lib/openzeppelin-contracts/certora/specs/methods/IERC3156FlashBorrower.spec +3 -0
  455. package/lib/openzeppelin-contracts/certora/specs/methods/IERC3156FlashLender.spec +5 -0
  456. package/lib/openzeppelin-contracts/certora/specs/methods/IERC5313.spec +3 -0
  457. package/lib/openzeppelin-contracts/certora/specs/methods/IERC721.spec +17 -0
  458. package/lib/openzeppelin-contracts/certora/specs/methods/IERC721Receiver.spec +3 -0
  459. package/lib/openzeppelin-contracts/certora/specs/methods/IOwnable.spec +5 -0
  460. package/lib/openzeppelin-contracts/certora/specs/methods/IOwnable2Step.spec +7 -0
  461. package/lib/openzeppelin-contracts/certora/specs.json +86 -0
  462. package/lib/openzeppelin-contracts/contracts/access/README.adoc +43 -0
  463. package/lib/openzeppelin-contracts/contracts/finance/README.adoc +14 -0
  464. package/lib/openzeppelin-contracts/contracts/governance/README.adoc +167 -0
  465. package/lib/openzeppelin-contracts/contracts/interfaces/README.adoc +82 -0
  466. package/lib/openzeppelin-contracts/contracts/metatx/README.adoc +12 -0
  467. package/lib/openzeppelin-contracts/contracts/package.json +32 -0
  468. package/lib/openzeppelin-contracts/contracts/proxy/README.adoc +87 -0
  469. package/lib/openzeppelin-contracts/contracts/token/ERC1155/README.adoc +41 -0
  470. package/lib/openzeppelin-contracts/contracts/token/ERC20/README.adoc +67 -0
  471. package/lib/openzeppelin-contracts/contracts/token/ERC721/README.adoc +67 -0
  472. package/lib/openzeppelin-contracts/contracts/token/common/README.adoc +10 -0
  473. package/lib/openzeppelin-contracts/contracts/utils/README.adoc +88 -0
  474. package/lib/openzeppelin-contracts/contracts/vendor/compound/LICENSE +11 -0
  475. package/lib/openzeppelin-contracts/docs/README.md +16 -0
  476. package/lib/openzeppelin-contracts/docs/antora.yml +7 -0
  477. package/lib/openzeppelin-contracts/docs/config.js +21 -0
  478. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-3a.png +0 -0
  479. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-3b.png +0 -0
  480. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-6.png +0 -0
  481. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack.png +0 -0
  482. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-deposit.png +0 -0
  483. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-mint.png +0 -0
  484. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-linear.png +0 -0
  485. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-loglog.png +0 -0
  486. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-loglogext.png +0 -0
  487. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/tally-exec.png +0 -0
  488. package/lib/openzeppelin-contracts/docs/modules/ROOT/images/tally-vote.png +0 -0
  489. package/lib/openzeppelin-contracts/docs/modules/ROOT/nav.adoc +23 -0
  490. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/access-control.adoc +204 -0
  491. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/backwards-compatibility.adoc +48 -0
  492. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/crowdsales.adoc +11 -0
  493. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/drafts.adoc +19 -0
  494. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc1155.adoc +145 -0
  495. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc20-supply.adoc +71 -0
  496. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc20.adoc +77 -0
  497. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc4626.adoc +214 -0
  498. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc721.adoc +79 -0
  499. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/extending-contracts.adoc +77 -0
  500. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/faq.adoc +13 -0
  501. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/governance.adoc +240 -0
  502. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/index.adoc +79 -0
  503. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/tokens.adoc +31 -0
  504. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/upgradeable.adoc +77 -0
  505. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/utilities.adoc +185 -0
  506. package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/wizard.adoc +15 -0
  507. package/lib/openzeppelin-contracts/docs/templates/contract.hbs +111 -0
  508. package/lib/openzeppelin-contracts/docs/templates/helpers.js +46 -0
  509. package/lib/openzeppelin-contracts/docs/templates/page.hbs +4 -0
  510. package/lib/openzeppelin-contracts/docs/templates/properties.js +64 -0
  511. package/lib/openzeppelin-contracts/hardhat/env-artifacts.js +24 -0
  512. package/lib/openzeppelin-contracts/hardhat/env-contract.js +25 -0
  513. package/lib/openzeppelin-contracts/hardhat/ignore-unreachable-warnings.js +45 -0
  514. package/lib/openzeppelin-contracts/hardhat/skip-foundry-tests.js +6 -0
  515. package/lib/openzeppelin-contracts/hardhat/task-test-get-files.js +25 -0
  516. package/lib/openzeppelin-contracts/hardhat.config.js +131 -0
  517. package/lib/openzeppelin-contracts/lib/erc4626-tests/LICENSE +661 -0
  518. package/lib/openzeppelin-contracts/lib/erc4626-tests/README.md +116 -0
  519. package/lib/openzeppelin-contracts/lib/forge-std/.github/workflows/ci.yml +92 -0
  520. package/lib/openzeppelin-contracts/lib/forge-std/.gitmodules +3 -0
  521. package/lib/openzeppelin-contracts/lib/forge-std/LICENSE-APACHE +203 -0
  522. package/lib/openzeppelin-contracts/lib/forge-std/LICENSE-MIT +25 -0
  523. package/lib/openzeppelin-contracts/lib/forge-std/README.md +250 -0
  524. package/lib/openzeppelin-contracts/lib/forge-std/package.json +16 -0
  525. package/lib/openzeppelin-contracts/logo.svg +15 -0
  526. package/lib/openzeppelin-contracts/netlify.toml +3 -0
  527. package/lib/openzeppelin-contracts/package-lock.json +16544 -0
  528. package/lib/openzeppelin-contracts/package.json +96 -0
  529. package/lib/openzeppelin-contracts/remappings.txt +1 -0
  530. package/lib/openzeppelin-contracts/renovate.json +4 -0
  531. package/lib/openzeppelin-contracts/requirements.txt +1 -0
  532. package/lib/openzeppelin-contracts/scripts/checks/compare-layout.js +20 -0
  533. package/lib/openzeppelin-contracts/scripts/checks/compareGasReports.js +243 -0
  534. package/lib/openzeppelin-contracts/scripts/checks/extract-layout.js +38 -0
  535. package/lib/openzeppelin-contracts/scripts/checks/generation.sh +6 -0
  536. package/lib/openzeppelin-contracts/scripts/checks/inheritance-ordering.js +54 -0
  537. package/lib/openzeppelin-contracts/scripts/gen-nav.js +41 -0
  538. package/lib/openzeppelin-contracts/scripts/generate/format-lines.js +16 -0
  539. package/lib/openzeppelin-contracts/scripts/generate/run.js +49 -0
  540. package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.js +247 -0
  541. package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.opts.js +17 -0
  542. package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.t.js +146 -0
  543. package/lib/openzeppelin-contracts/scripts/generate/templates/EnumerableMap.js +283 -0
  544. package/lib/openzeppelin-contracts/scripts/generate/templates/EnumerableSet.js +250 -0
  545. package/lib/openzeppelin-contracts/scripts/generate/templates/SafeCast.js +126 -0
  546. package/lib/openzeppelin-contracts/scripts/generate/templates/StorageSlot.js +78 -0
  547. package/lib/openzeppelin-contracts/scripts/generate/templates/conversion.js +30 -0
  548. package/lib/openzeppelin-contracts/scripts/git-user-config.sh +6 -0
  549. package/lib/openzeppelin-contracts/scripts/helpers.js +37 -0
  550. package/lib/openzeppelin-contracts/scripts/prepack.sh +23 -0
  551. package/lib/openzeppelin-contracts/scripts/prepare-docs.sh +26 -0
  552. package/lib/openzeppelin-contracts/scripts/release/format-changelog.js +33 -0
  553. package/lib/openzeppelin-contracts/scripts/release/synchronize-versions.js +15 -0
  554. package/lib/openzeppelin-contracts/scripts/release/update-comment.js +34 -0
  555. package/lib/openzeppelin-contracts/scripts/release/version.sh +11 -0
  556. package/lib/openzeppelin-contracts/scripts/release/workflow/exit-prerelease.sh +8 -0
  557. package/lib/openzeppelin-contracts/scripts/release/workflow/github-release.js +48 -0
  558. package/lib/openzeppelin-contracts/scripts/release/workflow/integrity-check.sh +20 -0
  559. package/lib/openzeppelin-contracts/scripts/release/workflow/pack.sh +26 -0
  560. package/lib/openzeppelin-contracts/scripts/release/workflow/publish.sh +26 -0
  561. package/lib/openzeppelin-contracts/scripts/release/workflow/rerun.js +7 -0
  562. package/lib/openzeppelin-contracts/scripts/release/workflow/set-changesets-pr-title.js +17 -0
  563. package/lib/openzeppelin-contracts/scripts/release/workflow/start.sh +35 -0
  564. package/lib/openzeppelin-contracts/scripts/release/workflow/state.js +112 -0
  565. package/lib/openzeppelin-contracts/scripts/remove-ignored-artifacts.js +45 -0
  566. package/lib/openzeppelin-contracts/scripts/solhint-custom/index.js +84 -0
  567. package/lib/openzeppelin-contracts/scripts/solhint-custom/package.json +5 -0
  568. package/lib/openzeppelin-contracts/scripts/update-docs-branch.js +65 -0
  569. package/lib/openzeppelin-contracts/scripts/upgradeable/README.md +21 -0
  570. package/lib/openzeppelin-contracts/scripts/upgradeable/patch-apply.sh +19 -0
  571. package/lib/openzeppelin-contracts/scripts/upgradeable/patch-save.sh +18 -0
  572. package/lib/openzeppelin-contracts/scripts/upgradeable/transpile-onto.sh +54 -0
  573. package/lib/openzeppelin-contracts/scripts/upgradeable/transpile.sh +47 -0
  574. package/lib/openzeppelin-contracts/scripts/upgradeable/upgradeable.patch +360 -0
  575. package/lib/openzeppelin-contracts/slither.config.json +5 -0
  576. package/lib/openzeppelin-contracts/solhint.config.js +20 -0
  577. package/mythril-lft-output.txt +1 -0
  578. package/mythril-lft-symbolic.txt +18 -0
  579. package/mythril-lft.sh +20 -0
  580. package/mythril-symbolic-output.txt +1 -0
  581. package/mythril-symbolic.sh +42 -0
  582. package/out/build-info/0026b78428192979.json +1 -0
  583. package/out/build-info/03c4fc3b88486eba.json +1 -0
  584. package/out/build-info/0540afa9b9a5c5a6.json +1 -0
  585. package/out/build-info/081932f505bc08b9.json +1 -0
  586. package/out/build-info/0da104ba0d6642d5.json +1 -0
  587. package/out/build-info/197281971dbb5f23.json +1 -0
  588. package/out/build-info/197e7e332832a232.json +1 -0
  589. package/out/build-info/1a1cab9136eb5f94.json +1 -0
  590. package/out/build-info/1b320204eb162aa2.json +1 -0
  591. package/out/build-info/1e03f94398052674.json +1 -0
  592. package/out/build-info/22ac085949602937.json +1 -0
  593. package/out/build-info/234ef37453a9fa64.json +1 -0
  594. package/out/build-info/2447db7b1878fa8e.json +1 -0
  595. package/out/build-info/25568daeb484f5ff.json +1 -0
  596. package/out/build-info/27465853244c49ce.json +1 -0
  597. package/out/build-info/2c57a9e0f087453b.json +1 -0
  598. package/out/build-info/3c62ae7de8da68c4.json +1 -0
  599. package/out/build-info/3e771ae109e97bb3.json +1 -0
  600. package/out/build-info/460499bc0a3465c4.json +1 -0
  601. package/out/build-info/47ce37e50a4f115e.json +1 -0
  602. package/out/build-info/4fcce5c63cf427d6.json +1 -0
  603. package/out/build-info/4fd0a53fe63fddbb.json +1 -0
  604. package/out/build-info/50f1247db9d769cc.json +1 -0
  605. package/out/build-info/5317d0181a7a5e02.json +1 -0
  606. package/out/build-info/594df509275ceb5b.json +1 -0
  607. package/out/build-info/61983ac3f6141719.json +1 -0
  608. package/out/build-info/638c4548307122fe.json +1 -0
  609. package/out/build-info/67c2c43bdb7c0ded.json +1 -0
  610. package/out/build-info/777f42643aad37b7.json +1 -0
  611. package/out/build-info/7d7856f19e845354.json +1 -0
  612. package/out/build-info/83976260b6f71e94.json +1 -0
  613. package/out/build-info/83c23882000b963d.json +1 -0
  614. package/out/build-info/84b2cce8f70b36be.json +1 -0
  615. package/out/build-info/8bc13d31d7c3206a.json +1 -0
  616. package/out/build-info/8e183bd4d9d8cf88.json +1 -0
  617. package/out/build-info/94bfe1e7cafa8ff5.json +1 -0
  618. package/out/build-info/99ec7d5e8d8ff360.json +1 -0
  619. package/out/build-info/9ac044b29daa7d5e.json +1 -0
  620. package/out/build-info/9b203227ff5d2e63.json +1 -0
  621. package/out/build-info/9d18c5872c4282dd.json +1 -0
  622. package/out/build-info/9f77f04f33baf9a3.json +1 -0
  623. package/out/build-info/a6e1caf974787982.json +1 -0
  624. package/out/build-info/a94b6348867a62d6.json +1 -0
  625. package/out/build-info/ad93721947a8b195.json +1 -0
  626. package/out/build-info/b42daddb5aa4b19f.json +1 -0
  627. package/out/build-info/bf13512ae899f7e8.json +1 -0
  628. package/out/build-info/c39f86c20a548c4a.json +1 -0
  629. package/out/build-info/cb12bb975a2f4e65.json +1 -0
  630. package/out/build-info/d0c6788fadc2aa60.json +1 -0
  631. package/out/build-info/d2726bf94ed5b845.json +1 -0
  632. package/out/build-info/d4eb00da50cce5cb.json +1 -0
  633. package/out/build-info/db931924a3bc8bdd.json +1 -0
  634. package/out/build-info/e1a503d49bc77401.json +1 -0
  635. package/out/build-info/efe5396f8892ce77.json +1 -0
  636. package/out/build-info/f536d90ced745969.json +1 -0
  637. package/out/build-info/fed38823c7019b82.json +1 -0
  638. package/package.json +51 -0
  639. package/page.html +5384 -0
  640. package/pancakeswap-simple-tvl.sql +15 -0
  641. package/pancakeswap-top-pools.sql +29 -0
  642. package/pancakeswap-tvl-optimized.sql +57 -0
  643. package/pancakeswap-tvl-query.sql +60 -0
  644. package/pancakeswap-underflow-hunting.sql +51 -0
  645. package/pancakeswap-vulnerability-queries.sql +200 -0
  646. package/posi_page.html +6369 -0
  647. package/posi_response.json +29 -0
  648. package/proxy_page.html +500 -0
  649. package/run_mythril_elephant.sh +18 -0
  650. package/sHEGIC-bytecode.bin +6 -0
  651. package/sHEGIC-mythril-analysis.txt +1 -0
  652. package/sHEGIC-mythril-full.txt +134 -0
  653. package/sHEGIC_ANALYSIS.md +135 -0
  654. package/sHEGIC_EXPLOIT_ANALYSIS.md +317 -0
  655. package/sHEGIC_MYTHRIL_ANALYSIS.md +361 -0
  656. package/scrape-snowcrash.js +28 -0
  657. package/scripts/yooshi_drain.sh +154 -0
  658. package/shi_raw.json +1 -0
  659. package/temp.json +1 -0
  660. package/temp_harvest.json +1 -0
  661. package/temp_pika.json +1 -0
  662. package/temp_posi.json +1 -0
  663. package/temp_response.json +1 -0
  664. package/test-lft-hidden-balance.js +108 -0
  665. package/test-xfi-exploit.js +140 -0
  666. package/trunk-liquidity-rescue.js +164 -0
  667. package/vBABY_page.html +6153 -0
  668. package/vBABY_response.json +29 -0
  669. package/wsg_response.json +1 -0
  670. package/yooldo_page.html +10371 -0
package/binance-wallet-exploit/TEST_RESULTS.md ADDED
@@ -0,0 +1,203 @@
1
+ # LendFlare Exploit - Test Results Summary
2
+
3
+ ## ✅ Tests Completed Successfully
4
+
5
+ All tests run on **Ethereum Mainnet Fork** using Infura RPC.
6
+
7
+ ### Test 1: Buy LFT ✅ PASS
8
+
9
+ ```bash
10
+ forge test --match-test testBuyLFT -vv --fork-url https://mainnet.infura.io/v3/...
11
+ ```
12
+
13
+ **Result**: SUCCESS
14
+ - Bought 233,844,193 LFT with 50 WETH
15
+ - Pool drained from 1.655B to 1.421B LFT
16
+ - Transaction completed successfully
17
+
18
+ ### Test 2: Sell LFT ❌ BLOCKED
19
+
20
+ ```bash
21
+ forge test --match-test testSellLFT -vv --fork-url https://mainnet.infura.io/v3/...
22
+ ```
23
+
24
+ **Result**: FAILED (as expected)
25
+ - Error: "TransferHelper: TRANSFER_FROM_FAILED"
26
+ - Confirms: Cannot sell LFT back to pool
27
+ - Transfer restriction is active
28
+
29
+ ### Test 3: Flash Loan Attack ❌ FAILED
30
+
31
+ ```bash
32
+ forge test --match-test testAttack_350WETH -vvv --fork-url https://mainnet.infura.io/v3/...
33
+ ```
34
+
35
+ **Result**: FAILED
36
+ - ✅ Flash loan received: 350 WETH
37
+ - ✅ Bought LFT: 864,778,110 tokens
38
+ - ❌ Sell failed: "Insufficient gas fees"
39
+ - ❌ Cannot complete round trip
40
+ - Transaction reverted
41
+
42
+ **Trace Analysis**:
43
+ ```
44
+ 1. Aave lends 350 WETH ✅
45
+ 2. Buy LFT with 332.5 WETH ✅
46
+ - Bought: 864,778,110 LFT
47
+ - Pool: 790M LFT left (was 1.655B)
48
+ 3. Attempt to sell LFT back ❌
49
+ - transferFrom(attacker, pool, 288M LFT)
50
+ - Error: "Insufficient gas fees"
51
+ - Root cause: Transfer restriction
52
+ 4. Flash loan cannot be repaid ❌
53
+ 5. Transaction reverts ❌
54
+ ```
55
+
56
+ ### Test 4: Buy All LFT ⚠️ NEEDS MORE CAPITAL
57
+
58
+ ```bash
59
+ forge test --match-test testBuyAllLFT -vv --fork-url https://mainnet.infura.io/v3/...
60
+ ```
61
+
62
+ **Result**: FAILED
63
+ - Attempted to buy 99% (1.638B LFT)
64
+ - Error: "UniswapV2Router: EXCESSIVE_INPUT_AMOUNT"
65
+ - Need more than 400 WETH
66
+
67
+ ## 📊 Key Findings
68
+
69
+ ### 1. Transfer Restriction is ACTIVE
70
+
71
+ The LFT token blocks ALL transfers to the pool address:
72
+
73
+ ```solidity
74
+ if (recipient == 0x9c84f58bb51fabd18698efe95f5bab4f33e96e8f) {
75
+ require(tx.origin == 0x2caa8387030af8fd61c59eee88341dc590883496);
76
+ }
77
+ ```
78
+
79
+ This blocks:
80
+ - ❌ Selling LFT (LFT → WETH)
81
+ - ❌ Adding liquidity
82
+ - ❌ Flash loan round trips
83
+ - ❌ Uniswap Router swaps to pool
84
+
85
+ This allows:
86
+ - ✅ Buying LFT (WETH → LFT)
87
+ - ✅ Removing liquidity
88
+ - ✅ User-to-user transfers
89
+
90
+ ### 2. Flash Loan Attack is IMPOSSIBLE
91
+
92
+ The attack fails at step 3 (selling back):
93
+
94
+ ```
95
+ Step 1: Borrow WETH ✅
96
+ Step 2: Buy LFT ✅
97
+ Step 3: Sell LFT ❌ BLOCKED
98
+ Step 4: Repay loan ❌ CANNOT REACH
99
+ ```
100
+
101
+ **Conclusion**: Flash loan attacks DON'T work on this token.
102
+
103
+ ### 3. Buy-and-Hold is the ONLY Option
104
+
105
+ To exploit this vulnerability:
106
+ - Must BUY LFT and HOLD
107
+ - Cannot sell back to Uniswap
108
+ - Must find exit liquidity elsewhere:
109
+ - CEX listings
110
+ - OTC deals
111
+ - Other DEX pools
112
+ - Wait for price appreciation
113
+
114
+ ### 4. Capital Requirements
115
+
116
+ To buy 99% of pool:
117
+ - Need: >400 WETH (~$866k)
118
+ - Get: ~1.64B LFT tokens
119
+ - Pool value: ~$654k
120
+ - **Immediate loss**: ~$212k
121
+
122
+ **Only profitable if**:
123
+ - LFT price increases >33%
124
+ - Can sell OTC at premium
125
+ - Can short on CEX before attack
126
+
127
+ ## 🎯 Exploit Viability
128
+
129
+ ### ❌ Flash Loan Attack: NOT VIABLE
130
+ - Reason: Cannot sell back
131
+ - Profit: $0 (transaction reverts)
132
+ - Risk: None (fails in simulation)
133
+
134
+ ### ⚠️ Buy-and-Hold Attack: RISKY
135
+ - Capital: ~$866k required
136
+ - Immediate loss: ~$212k
137
+ - Profit: Depends on exit strategy
138
+ - Risk: HIGH (might not find buyers)
139
+
140
+ ### ✅ Liquidity Denial Attack: VIABLE (if shorting)
141
+ - Capital: ~$866k
142
+ - Short LFT on CEX: ~$500k
143
+ - Buy all LFT from Uniswap
144
+ - LFT becomes untradeable
145
+ - Profit from short: Depends on price crash
146
+ - Risk: MEDIUM (need CEX listing)
147
+
148
+ ## 📝 Recommendations
149
+
150
+ ### For Attackers:
151
+ 1. ❌ Don't attempt flash loan (proven to fail)
152
+ 2. ⚠️ Buy-and-hold requires $866k capital
153
+ 3. ✅ Only viable if you can short on CEX first
154
+ 4. 💡 Better targets exist with lower capital requirements
155
+
156
+ ### For LendFlare Team:
157
+ 1. 🔴 CRITICAL: Remove transfer restriction
158
+ 2. 🔴 Allow Uniswap Router to sell back
159
+ 3. 🔴 This creates a liquidity trap
160
+ 4. 🔴 Users can buy but not sell = rug pull
161
+
162
+ ### For Users:
163
+ 1. ⚠️ DO NOT buy LFT on Uniswap
164
+ 2. ⚠️ You cannot sell it back
165
+ 3. ⚠️ Liquidity is one-way only
166
+ 4. ⚠️ This is effectively a honeypot
167
+
168
+ ## 🔧 Test Commands
169
+
170
+ Run all tests:
171
+ ```bash
172
+ cd binance-wallet-exploit
173
+
174
+ # Test buying (should pass)
175
+ forge test --match-test testBuyLFT -vv --fork-url https://mainnet.infura.io/v3/YOUR_KEY
176
+
177
+ # Test selling (should fail)
178
+ forge test --match-test testSellLFT -vv --fork-url https://mainnet.infura.io/v3/YOUR_KEY
179
+
180
+ # Test flash loan (should fail)
181
+ forge test --match-test testAttack_350WETH -vvv --fork-url https://mainnet.infura.io/v3/YOUR_KEY
182
+
183
+ # Test buy all (needs more capital)
184
+ forge test --match-test testBuyAllLFT -vv --fork-url https://mainnet.infura.io/v3/YOUR_KEY
185
+ ```
186
+
187
+ ## 📈 Conclusion
188
+
189
+ **The LendFlare token is a HONEYPOT**:
190
+ - Users can buy but cannot sell
191
+ - Flash loan attacks are impossible
192
+ - Only buy-and-hold attacks work
193
+ - Requires massive capital (~$866k)
194
+ - Profit is uncertain
195
+
196
+ **Verdict**: NOT a profitable exploit. Move on to better targets.
197
+
198
+ ---
199
+
200
+ **All tests completed**: 2026-03-24
201
+ **Network**: Ethereum Mainnet (forked)
202
+ **RPC**: Infura
203
+ **Status**: ✅ Tests successful, ❌ Exploit not viable
package/binance-wallet-exploit/cache/solidity-files-cache.json ADDED
@@ -0,0 +1 @@
1
+ {"_format":"","paths":{"artifacts":"out","build_infos":"out/build-info","sources":"src","tests":"test","scripts":"script","libraries":["lib"]},"files":{"lib/forge-std/src/Base.sol":{"lastModificationDate":1774343236321,"contentHash":"057da15af4544b7a","interfaceReprHash":null,"sourceName":"lib/forge-std/src/Base.sol","imports":["lib/forge-std/src/StdStorage.sol","lib/forge-std/src/Vm.sol"],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"CommonBase":{"0.8.28":{"default":{"path":"Base.sol/CommonBase.json","build_id":"6f56f10e9d7b56eb"}}},"ScriptBase":{"0.8.28":{"default":{"path":"Base.sol/ScriptBase.json","build_id":"6f56f10e9d7b56eb"}}},"TestBase":{"0.8.28":{"default":{"path":"Base.sol/TestBase.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/Script.sol":{"lastModificationDate":1774343236322,"contentHash":"f2808a0770d1b6a2","interfaceReprHash":null,"sourceName":"lib/forge-std/src/Script.sol","imports":["lib/forge-std/src/Base.sol","lib/forge-std/src/StdChains.sol","lib/forge-std/src/StdCheats.sol","lib/forge-std/src/StdConstants.sol","lib/forge-std/src/StdJson.sol","lib/forge-std/src/StdMath.sol","lib/forge-std/src/StdStorage.sol","lib/forge-std/src/StdStyle.sol","lib/forge-std/src/StdUtils.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol","lib/forge-std/src/interfaces/IMulticall3.sol","lib/forge-std/src/safeconsole.sol"],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"Script":{"0.8.28":{"default":{"path":"Script.sol/Script.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/StdAssertions.sol":{"lastModificationDate":1774343236323,"contentHash":"7bf8f8dd736b7b28","interfaceReprHash":null,"sourceName":"lib/forge-std/src/StdAssertions.sol","imports":["lib/forge-std/src/Vm.sol"],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"StdAssertions":{"0.8.28":{"default":{"path":"StdAssertions.sol/StdAssertions.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/StdChains.sol":{"lastModificationDate":1774343236323,"contentHash":"cef85f092f883921","interfaceReprHash":null,"sourceName":"lib/forge-std/src/StdChains.sol","imports":["lib/forge-std/src/Vm.sol"],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"StdChains":{"0.8.28":{"default":{"path":"StdChains.sol/StdChains.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/StdCheats.sol":{"lastModificationDate":1774343236324,"contentHash":"906cd6276ed83364","interfaceReprHash":null,"sourceName":"lib/forge-std/src/StdCheats.sol","imports":["lib/forge-std/src/StdStorage.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol"],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"StdCheats":{"0.8.28":{"default":{"path":"StdCheats.sol/StdCheats.json","build_id":"6f56f10e9d7b56eb"}}},"StdCheatsSafe":{"0.8.28":{"default":{"path":"StdCheats.sol/StdCheatsSafe.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/StdConstants.sol":{"lastModificationDate":1774343236324,"contentHash":"6e64e3e0f1e270b1","interfaceReprHash":null,"sourceName":"lib/forge-std/src/StdConstants.sol","imports":["lib/forge-std/src/Vm.sol","lib/forge-std/src/interfaces/IMulticall3.sol"],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"StdConstants":{"0.8.28":{"default":{"path":"StdConstants.sol/StdConstants.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/StdError.sol":{"lastModificationDate":1774343236324,"contentHash":"aa3090ae1422ce31","interfaceReprHash":null,"sourceName":"lib/forge-std/src/StdError.sol","imports":[],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"stdError":{"0.8.28":{"default":{"path":"StdError.sol/stdError.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/StdInvariant.sol":{"lastModificationDate":1774343236324,"contentHash":"65ff1041945c2df0","interfaceReprHash":null,"sourceName":"lib/forge-std/src/StdInvariant.sol","imports":[],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"StdInvariant":{"0.8.28":{"default":{"path":"StdInvariant.sol/StdInvariant.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/StdJson.sol":{"lastModificationDate":1774343236324,"contentHash":"deb75521f38fb99f","interfaceReprHash":null,"sourceName":"lib/forge-std/src/StdJson.sol","imports":["lib/forge-std/src/Vm.sol"],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"stdJson":{"0.8.28":{"default":{"path":"StdJson.sol/stdJson.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/StdMath.sol":{"lastModificationDate":1774343236324,"contentHash":"393b2ec0becc479a","interfaceReprHash":null,"sourceName":"lib/forge-std/src/StdMath.sol","imports":[],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"stdMath":{"0.8.28":{"default":{"path":"StdMath.sol/stdMath.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/StdStorage.sol":{"lastModificationDate":1774343236324,"contentHash":"841b0345e6acf8d0","interfaceReprHash":null,"sourceName":"lib/forge-std/src/StdStorage.sol","imports":["lib/forge-std/src/Vm.sol"],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"stdStorage":{"0.8.28":{"default":{"path":"StdStorage.sol/stdStorage.json","build_id":"6f56f10e9d7b56eb"}}},"stdStorageSafe":{"0.8.28":{"default":{"path":"StdStorage.sol/stdStorageSafe.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/StdStyle.sol":{"lastModificationDate":1774343236324,"contentHash":"dd683e581612d9d7","interfaceReprHash":null,"sourceName":"lib/forge-std/src/StdStyle.sol","imports":["lib/forge-std/src/Vm.sol"],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"StdStyle":{"0.8.28":{"default":{"path":"StdStyle.sol/StdStyle.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/StdToml.sol":{"lastModificationDate":1774343236325,"contentHash":"66561afcd2e48189","interfaceReprHash":null,"sourceName":"lib/forge-std/src/StdToml.sol","imports":["lib/forge-std/src/Vm.sol"],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"stdToml":{"0.8.28":{"default":{"path":"StdToml.sol/stdToml.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/StdUtils.sol":{"lastModificationDate":1774343236325,"contentHash":"476c1e8becd32967","interfaceReprHash":null,"sourceName":"lib/forge-std/src/StdUtils.sol","imports":["lib/forge-std/src/StdConstants.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/interfaces/IMulticall3.sol"],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"StdUtils":{"0.8.28":{"default":{"path":"StdUtils.sol/StdUtils.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/Test.sol":{"lastModificationDate":1774343236325,"contentHash":"bd0e131f71fa5665","interfaceReprHash":null,"sourceName":"lib/forge-std/src/Test.sol","imports":["lib/forge-std/src/Base.sol","lib/forge-std/src/StdAssertions.sol","lib/forge-std/src/StdChains.sol","lib/forge-std/src/StdCheats.sol","lib/forge-std/src/StdConstants.sol","lib/forge-std/src/StdError.sol","lib/forge-std/src/StdInvariant.sol","lib/forge-std/src/StdJson.sol","lib/forge-std/src/StdMath.sol","lib/forge-std/src/StdStorage.sol","lib/forge-std/src/StdStyle.sol","lib/forge-std/src/StdToml.sol","lib/forge-std/src/StdUtils.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol","lib/forge-std/src/interfaces/IMulticall3.sol","lib/forge-std/src/safeconsole.sol"],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"Test":{"0.8.28":{"default":{"path":"Test.sol/Test.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/Vm.sol":{"lastModificationDate":1774343236325,"contentHash":"55e749aafb49ce93","interfaceReprHash":null,"sourceName":"lib/forge-std/src/Vm.sol","imports":[],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"Vm":{"0.8.28":{"default":{"path":"Vm.sol/Vm.json","build_id":"6f56f10e9d7b56eb"}}},"VmSafe":{"0.8.28":{"default":{"path":"Vm.sol/VmSafe.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/console.sol":{"lastModificationDate":1774343236326,"contentHash":"c2f250cceea75093","interfaceReprHash":null,"sourceName":"lib/forge-std/src/console.sol","imports":[],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"console":{"0.8.28":{"default":{"path":"console.sol/console.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/console2.sol":{"lastModificationDate":1774343236326,"contentHash":"fb84555cebe27360","interfaceReprHash":null,"sourceName":"lib/forge-std/src/console2.sol","imports":["lib/forge-std/src/console.sol"],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{},"seenByCompiler":true},"lib/forge-std/src/interfaces/IMulticall3.sol":{"lastModificationDate":1774343236326,"contentHash":"731463c8fd01e759","interfaceReprHash":null,"sourceName":"lib/forge-std/src/interfaces/IMulticall3.sol","imports":[],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"IMulticall3":{"0.8.28":{"default":{"path":"IMulticall3.sol/IMulticall3.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"lib/forge-std/src/safeconsole.sol":{"lastModificationDate":1774343236328,"contentHash":"075ad54247fa474a","interfaceReprHash":null,"sourceName":"lib/forge-std/src/safeconsole.sol","imports":[],"versionRequirement":">=0.8.13, <0.9.0","artifacts":{"safeconsole":{"0.8.28":{"default":{"path":"safeconsole.sol/safeconsole.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"script/Counter.s.sol":{"lastModificationDate":1774343231560,"contentHash":"2f28174698c31b47","interfaceReprHash":null,"sourceName":"script/Counter.s.sol","imports":["lib/forge-std/src/Base.sol","lib/forge-std/src/Script.sol","lib/forge-std/src/StdChains.sol","lib/forge-std/src/StdCheats.sol","lib/forge-std/src/StdConstants.sol","lib/forge-std/src/StdJson.sol","lib/forge-std/src/StdMath.sol","lib/forge-std/src/StdStorage.sol","lib/forge-std/src/StdStyle.sol","lib/forge-std/src/StdUtils.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol","lib/forge-std/src/interfaces/IMulticall3.sol","lib/forge-std/src/safeconsole.sol","src/Counter.sol"],"versionRequirement":"^0.8.13","artifacts":{"CounterScript":{"0.8.28":{"default":{"path":"Counter.s.sol/CounterScript.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"src/Counter.sol":{"lastModificationDate":1774343231556,"contentHash":"11a918b87c723f51","interfaceReprHash":null,"sourceName":"src/Counter.sol","imports":[],"versionRequirement":"^0.8.13","artifacts":{"Counter":{"0.8.28":{"default":{"path":"Counter.sol/Counter.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"test/BinanceWalletExploit.t.sol":{"lastModificationDate":1774343320201,"contentHash":"3a622000e9868bbe","interfaceReprHash":null,"sourceName":"test/BinanceWalletExploit.t.sol","imports":["lib/forge-std/src/Base.sol","lib/forge-std/src/StdAssertions.sol","lib/forge-std/src/StdChains.sol","lib/forge-std/src/StdCheats.sol","lib/forge-std/src/StdConstants.sol","lib/forge-std/src/StdError.sol","lib/forge-std/src/StdInvariant.sol","lib/forge-std/src/StdJson.sol","lib/forge-std/src/StdMath.sol","lib/forge-std/src/StdStorage.sol","lib/forge-std/src/StdStyle.sol","lib/forge-std/src/StdToml.sol","lib/forge-std/src/StdUtils.sol","lib/forge-std/src/Test.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol","lib/forge-std/src/interfaces/IMulticall3.sol","lib/forge-std/src/safeconsole.sol"],"versionRequirement":"^0.8.28","artifacts":{"BinanceWalletExploitTest":{"0.8.28":{"default":{"path":"BinanceWalletExploit.t.sol/BinanceWalletExploitTest.json","build_id":"6f56f10e9d7b56eb"}}},"IBinanceWallet":{"0.8.28":{"default":{"path":"BinanceWalletExploit.t.sol/IBinanceWallet.json","build_id":"6f56f10e9d7b56eb"}}},"MaliciousRouter":{"0.8.28":{"default":{"path":"BinanceWalletExploit.t.sol/MaliciousRouter.json","build_id":"6f56f10e9d7b56eb"}}},"MockERC20":{"0.8.28":{"default":{"path":"BinanceWalletExploit.t.sol/MockERC20.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"test/Counter.t.sol":{"lastModificationDate":1774343231560,"contentHash":"f4793edc3fe87617","interfaceReprHash":null,"sourceName":"test/Counter.t.sol","imports":["lib/forge-std/src/Base.sol","lib/forge-std/src/StdAssertions.sol","lib/forge-std/src/StdChains.sol","lib/forge-std/src/StdCheats.sol","lib/forge-std/src/StdConstants.sol","lib/forge-std/src/StdError.sol","lib/forge-std/src/StdInvariant.sol","lib/forge-std/src/StdJson.sol","lib/forge-std/src/StdMath.sol","lib/forge-std/src/StdStorage.sol","lib/forge-std/src/StdStyle.sol","lib/forge-std/src/StdToml.sol","lib/forge-std/src/StdUtils.sol","lib/forge-std/src/Test.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol","lib/forge-std/src/interfaces/IMulticall3.sol","lib/forge-std/src/safeconsole.sol","src/Counter.sol"],"versionRequirement":"^0.8.13","artifacts":{"CounterTest":{"0.8.28":{"default":{"path":"Counter.t.sol/CounterTest.json","build_id":"6f56f10e9d7b56eb"}}}},"seenByCompiler":true},"test/LendFlare0xTest.t.sol":{"lastModificationDate":1774356463455,"contentHash":"76d1df84d9f25902","interfaceReprHash":null,"sourceName":"test/LendFlare0xTest.t.sol","imports":["lib/forge-std/src/Base.sol","lib/forge-std/src/StdAssertions.sol","lib/forge-std/src/StdChains.sol","lib/forge-std/src/StdCheats.sol","lib/forge-std/src/StdConstants.sol","lib/forge-std/src/StdError.sol","lib/forge-std/src/StdInvariant.sol","lib/forge-std/src/StdJson.sol","lib/forge-std/src/StdMath.sol","lib/forge-std/src/StdStorage.sol","lib/forge-std/src/StdStyle.sol","lib/forge-std/src/StdToml.sol","lib/forge-std/src/StdUtils.sol","lib/forge-std/src/Test.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol","lib/forge-std/src/interfaces/IMulticall3.sol","lib/forge-std/src/safeconsole.sol"],"versionRequirement":"^0.8.0","artifacts":{"IERC20":{"0.8.28":{"default":{"path":"LendFlare0xTest.t.sol/IERC20.json","build_id":"1e9aa7e86cf56962"}}},"IUniswapV2Router":{"0.8.28":{"default":{"path":"LendFlare0xTest.t.sol/IUniswapV2Router.json","build_id":"1e9aa7e86cf56962"}}},"IWETH":{"0.8.28":{"default":{"path":"LendFlare0xTest.t.sol/IWETH.json","build_id":"1e9aa7e86cf56962"}}},"LendFlare0xTest":{"0.8.28":{"default":{"path":"LendFlare0xTest.t.sol/LendFlare0xTest.json","build_id":"1e9aa7e86cf56962"}}}},"seenByCompiler":true},"test/LendFlareFlashLoanTest.t.sol":{"lastModificationDate":1774346900662,"contentHash":"9c5bf89ecbb85495","interfaceReprHash":null,"sourceName":"test/LendFlareFlashLoanTest.t.sol","imports":["lib/forge-std/src/Base.sol","lib/forge-std/src/StdAssertions.sol","lib/forge-std/src/StdChains.sol","lib/forge-std/src/StdCheats.sol","lib/forge-std/src/StdConstants.sol","lib/forge-std/src/StdError.sol","lib/forge-std/src/StdInvariant.sol","lib/forge-std/src/StdJson.sol","lib/forge-std/src/StdMath.sol","lib/forge-std/src/StdStorage.sol","lib/forge-std/src/StdStyle.sol","lib/forge-std/src/StdToml.sol","lib/forge-std/src/StdUtils.sol","lib/forge-std/src/Test.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol","lib/forge-std/src/interfaces/IMulticall3.sol","lib/forge-std/src/safeconsole.sol"],"versionRequirement":"^0.8.0","artifacts":{"IERC20":{"0.8.28":{"default":{"path":"LendFlareFlashLoanTest.t.sol/IERC20.json","build_id":"c88dbc86551f7b5c"}}},"IPool":{"0.8.28":{"default":{"path":"LendFlareFlashLoanTest.t.sol/IPool.json","build_id":"c88dbc86551f7b5c"}}},"IUniswapV2Pair":{"0.8.28":{"default":{"path":"LendFlareFlashLoanTest.t.sol/IUniswapV2Pair.json","build_id":"c88dbc86551f7b5c"}}},"IUniswapV2Router":{"0.8.28":{"default":{"path":"LendFlareFlashLoanTest.t.sol/IUniswapV2Router.json","build_id":"c88dbc86551f7b5c"}}},"LendFlareFlashLoanAttack":{"0.8.28":{"default":{"path":"LendFlareFlashLoanTest.t.sol/LendFlareFlashLoanAttack.json","build_id":"c88dbc86551f7b5c"}}},"LendFlareFlashLoanTest":{"0.8.28":{"default":{"path":"LendFlareFlashLoanTest.t.sol/LendFlareFlashLoanTest.json","build_id":"c88dbc86551f7b5c"}}}},"seenByCompiler":true},"test/LendFlareLowLevelTest.t.sol":{"lastModificationDate":1774351269469,"contentHash":"3c7d80553e264442","interfaceReprHash":null,"sourceName":"test/LendFlareLowLevelTest.t.sol","imports":["lib/forge-std/src/Base.sol","lib/forge-std/src/StdAssertions.sol","lib/forge-std/src/StdChains.sol","lib/forge-std/src/StdCheats.sol","lib/forge-std/src/StdConstants.sol","lib/forge-std/src/StdError.sol","lib/forge-std/src/StdInvariant.sol","lib/forge-std/src/StdJson.sol","lib/forge-std/src/StdMath.sol","lib/forge-std/src/StdStorage.sol","lib/forge-std/src/StdStyle.sol","lib/forge-std/src/StdToml.sol","lib/forge-std/src/StdUtils.sol","lib/forge-std/src/Test.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol","lib/forge-std/src/interfaces/IMulticall3.sol","lib/forge-std/src/safeconsole.sol"],"versionRequirement":"^0.8.0","artifacts":{"IERC20":{"0.8.28":{"default":{"path":"LendFlareLowLevelTest.t.sol/IERC20.json","build_id":"7edba961ff697a24"}}},"IUniswapV2Pair":{"0.8.28":{"default":{"path":"LendFlareLowLevelTest.t.sol/IUniswapV2Pair.json","build_id":"7edba961ff697a24"}}},"LendFlareLowLevelExploit":{"0.8.28":{"default":{"path":"LendFlareLowLevelTest.t.sol/LendFlareLowLevelExploit.json","build_id":"7edba961ff697a24"}}},"LendFlareLowLevelTest":{"0.8.28":{"default":{"path":"LendFlareLowLevelTest.t.sol/LendFlareLowLevelTest.json","build_id":"7edba961ff697a24"}}}},"seenByCompiler":true},"test/LendFlareRealExploit.t.sol":{"lastModificationDate":1774347130148,"contentHash":"3202a915d3f3e0f7","interfaceReprHash":null,"sourceName":"test/LendFlareRealExploit.t.sol","imports":["lib/forge-std/src/Base.sol","lib/forge-std/src/StdAssertions.sol","lib/forge-std/src/StdChains.sol","lib/forge-std/src/StdCheats.sol","lib/forge-std/src/StdConstants.sol","lib/forge-std/src/StdError.sol","lib/forge-std/src/StdInvariant.sol","lib/forge-std/src/StdJson.sol","lib/forge-std/src/StdMath.sol","lib/forge-std/src/StdStorage.sol","lib/forge-std/src/StdStyle.sol","lib/forge-std/src/StdToml.sol","lib/forge-std/src/StdUtils.sol","lib/forge-std/src/Test.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol","lib/forge-std/src/interfaces/IMulticall3.sol","lib/forge-std/src/safeconsole.sol"],"versionRequirement":"^0.8.0","artifacts":{"IERC20":{"0.8.28":{"default":{"path":"LendFlareRealExploit.t.sol/IERC20.json","build_id":"b4b9ff36e9b3fc27"}}},"IUniswapV2Pair":{"0.8.28":{"default":{"path":"LendFlareRealExploit.t.sol/IUniswapV2Pair.json","build_id":"b4b9ff36e9b3fc27"}}},"IUniswapV2Router":{"0.8.28":{"default":{"path":"LendFlareRealExploit.t.sol/IUniswapV2Router.json","build_id":"b4b9ff36e9b3fc27"}}},"IWETH":{"0.8.28":{"default":{"path":"LendFlareRealExploit.t.sol/IWETH.json","build_id":"b4b9ff36e9b3fc27"}}},"LendFlareRealExploitTest":{"0.8.28":{"default":{"path":"LendFlareRealExploit.t.sol/LendFlareRealExploitTest.json","build_id":"b4b9ff36e9b3fc27"}}}},"seenByCompiler":true},"test/LendFlareSimpleTest.t.sol":{"lastModificationDate":1774347815590,"contentHash":"dd92f11502c33115","interfaceReprHash":null,"sourceName":"test/LendFlareSimpleTest.t.sol","imports":["lib/forge-std/src/Base.sol","lib/forge-std/src/StdAssertions.sol","lib/forge-std/src/StdChains.sol","lib/forge-std/src/StdCheats.sol","lib/forge-std/src/StdConstants.sol","lib/forge-std/src/StdError.sol","lib/forge-std/src/StdInvariant.sol","lib/forge-std/src/StdJson.sol","lib/forge-std/src/StdMath.sol","lib/forge-std/src/StdStorage.sol","lib/forge-std/src/StdStyle.sol","lib/forge-std/src/StdToml.sol","lib/forge-std/src/StdUtils.sol","lib/forge-std/src/Test.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol","lib/forge-std/src/interfaces/IMulticall3.sol","lib/forge-std/src/safeconsole.sol"],"versionRequirement":"^0.8.0","artifacts":{"IERC20":{"0.8.28":{"default":{"path":"LendFlareSimpleTest.t.sol/IERC20.json","build_id":"8c27fe3efea2f2e7"}}},"IPool":{"0.8.28":{"default":{"path":"LendFlareSimpleTest.t.sol/IPool.json","build_id":"8c27fe3efea2f2e7"}}},"IUniswapV2Pair":{"0.8.28":{"default":{"path":"LendFlareSimpleTest.t.sol/IUniswapV2Pair.json","build_id":"8c27fe3efea2f2e7"}}},"IUniswapV2Router":{"0.8.28":{"default":{"path":"LendFlareSimpleTest.t.sol/IUniswapV2Router.json","build_id":"8c27fe3efea2f2e7"}}},"LendFlareSimpleAttack":{"0.8.28":{"default":{"path":"LendFlareSimpleTest.t.sol/LendFlareSimpleAttack.json","build_id":"8c27fe3efea2f2e7"}}},"LendFlareSimpleTest":{"0.8.28":{"default":{"path":"LendFlareSimpleTest.t.sol/LendFlareSimpleTest.json","build_id":"8c27fe3efea2f2e7"}}}},"seenByCompiler":true},"test/LendFlareSkimTest.t.sol":{"lastModificationDate":1774351070467,"contentHash":"46fa24270ba8dce8","interfaceReprHash":null,"sourceName":"test/LendFlareSkimTest.t.sol","imports":["lib/forge-std/src/Base.sol","lib/forge-std/src/StdAssertions.sol","lib/forge-std/src/StdChains.sol","lib/forge-std/src/StdCheats.sol","lib/forge-std/src/StdConstants.sol","lib/forge-std/src/StdError.sol","lib/forge-std/src/StdInvariant.sol","lib/forge-std/src/StdJson.sol","lib/forge-std/src/StdMath.sol","lib/forge-std/src/StdStorage.sol","lib/forge-std/src/StdStyle.sol","lib/forge-std/src/StdToml.sol","lib/forge-std/src/StdUtils.sol","lib/forge-std/src/Test.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol","lib/forge-std/src/interfaces/IMulticall3.sol","lib/forge-std/src/safeconsole.sol"],"versionRequirement":"^0.8.0","artifacts":{"IERC20":{"0.8.28":{"default":{"path":"LendFlareSkimTest.t.sol/IERC20.json","build_id":"978b680daffec63a"}}},"IUniswapV2Pair":{"0.8.28":{"default":{"path":"LendFlareSkimTest.t.sol/IUniswapV2Pair.json","build_id":"978b680daffec63a"}}},"LendFlareSkimTest":{"0.8.28":{"default":{"path":"LendFlareSkimTest.t.sol/LendFlareSkimTest.json","build_id":"978b680daffec63a"}}}},"seenByCompiler":true},"test/LendFlareWorkingTest.t.sol":{"lastModificationDate":1774348889480,"contentHash":"cb724ed17882daba","interfaceReprHash":null,"sourceName":"test/LendFlareWorkingTest.t.sol","imports":["lib/forge-std/src/Base.sol","lib/forge-std/src/StdAssertions.sol","lib/forge-std/src/StdChains.sol","lib/forge-std/src/StdCheats.sol","lib/forge-std/src/StdConstants.sol","lib/forge-std/src/StdError.sol","lib/forge-std/src/StdInvariant.sol","lib/forge-std/src/StdJson.sol","lib/forge-std/src/StdMath.sol","lib/forge-std/src/StdStorage.sol","lib/forge-std/src/StdStyle.sol","lib/forge-std/src/StdToml.sol","lib/forge-std/src/StdUtils.sol","lib/forge-std/src/Test.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol","lib/forge-std/src/interfaces/IMulticall3.sol","lib/forge-std/src/safeconsole.sol"],"versionRequirement":"^0.8.0","artifacts":{"IERC20":{"0.8.28":{"default":{"path":"LendFlareWorkingTest.t.sol/IERC20.json","build_id":"e9657504010623db"}}},"IPool":{"0.8.28":{"default":{"path":"LendFlareWorkingTest.t.sol/IPool.json","build_id":"e9657504010623db"}}},"IUniswapV2Pair":{"0.8.28":{"default":{"path":"LendFlareWorkingTest.t.sol/IUniswapV2Pair.json","build_id":"e9657504010623db"}}},"IUniswapV2Router":{"0.8.28":{"default":{"path":"LendFlareWorkingTest.t.sol/IUniswapV2Router.json","build_id":"e9657504010623db"}}},"LendFlareWorkingAttack":{"0.8.28":{"default":{"path":"LendFlareWorkingTest.t.sol/LendFlareWorkingAttack.json","build_id":"e9657504010623db"}}},"LendFlareWorkingTest":{"0.8.28":{"default":{"path":"LendFlareWorkingTest.t.sol/LendFlareWorkingTest.json","build_id":"e9657504010623db"}}}},"seenByCompiler":true},"test/RealTransactionExploit.t.sol":{"lastModificationDate":1774344334452,"contentHash":"59ca4104ecce2dc3","interfaceReprHash":null,"sourceName":"test/RealTransactionExploit.t.sol","imports":["lib/forge-std/src/Base.sol","lib/forge-std/src/StdAssertions.sol","lib/forge-std/src/StdChains.sol","lib/forge-std/src/StdCheats.sol","lib/forge-std/src/StdConstants.sol","lib/forge-std/src/StdError.sol","lib/forge-std/src/StdInvariant.sol","lib/forge-std/src/StdJson.sol","lib/forge-std/src/StdMath.sol","lib/forge-std/src/StdStorage.sol","lib/forge-std/src/StdStyle.sol","lib/forge-std/src/StdToml.sol","lib/forge-std/src/StdUtils.sol","lib/forge-std/src/Test.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol","lib/forge-std/src/interfaces/IMulticall3.sol","lib/forge-std/src/safeconsole.sol"],"versionRequirement":"^0.8.28","artifacts":{"RealTransactionExploitTest":{"0.8.28":{"default":{"path":"RealTransactionExploit.t.sol/RealTransactionExploitTest.json","build_id":"9806b900b5672d0c"}}}},"seenByCompiler":true},"test/SimpleExploit.t.sol":{"lastModificationDate":1774343488000,"contentHash":"443c818d7347dc3d","interfaceReprHash":null,"sourceName":"test/SimpleExploit.t.sol","imports":["lib/forge-std/src/Base.sol","lib/forge-std/src/StdAssertions.sol","lib/forge-std/src/StdChains.sol","lib/forge-std/src/StdCheats.sol","lib/forge-std/src/StdConstants.sol","lib/forge-std/src/StdError.sol","lib/forge-std/src/StdInvariant.sol","lib/forge-std/src/StdJson.sol","lib/forge-std/src/StdMath.sol","lib/forge-std/src/StdStorage.sol","lib/forge-std/src/StdStyle.sol","lib/forge-std/src/StdToml.sol","lib/forge-std/src/StdUtils.sol","lib/forge-std/src/Test.sol","lib/forge-std/src/Vm.sol","lib/forge-std/src/console.sol","lib/forge-std/src/console2.sol","lib/forge-std/src/interfaces/IMulticall3.sol","lib/forge-std/src/safeconsole.sol"],"versionRequirement":"^0.8.28","artifacts":{"SimpleExploitTest":{"0.8.28":{"default":{"path":"SimpleExploit.t.sol/SimpleExploitTest.json","build_id":"b6f4df9ae05c0812"}}}},"seenByCompiler":true}},"builds":["1e9aa7e86cf56962","6f56f10e9d7b56eb","7edba961ff697a24","8c27fe3efea2f2e7","978b680daffec63a","9806b900b5672d0c","b4b9ff36e9b3fc27","b6f4df9ae05c0812","c88dbc86551f7b5c","e9657504010623db"],"profiles":{"default":{"solc":{"optimizer":{"enabled":true,"runs":200},"metadata":{"useLiteralContent":false,"bytecodeHash":"ipfs","appendCBOR":true},"outputSelection":{"*":{"*":["abi","evm.bytecode.object","evm.bytecode.sourceMap","evm.bytecode.linkReferences","evm.deployedBytecode.object","evm.deployedBytecode.sourceMap","evm.deployedBytecode.linkReferences","evm.deployedBytecode.immutableReferences","evm.methodIdentifiers","metadata"]}},"evmVersion":"cancun","viaIR":true,"libraries":{}},"vyper":{"evmVersion":"cancun","outputSelection":{"*":{"*":["abi","evm.bytecode","evm.deployedBytecode"]}}}}},"preprocessed":false,"mocks":[]}
package/binance-wallet-exploit/cache/test-failures ADDED
@@ -0,0 +1 @@
1
+ testAttack_100WETH
package/binance-wallet-exploit/lib/forge-std/.gitattributes ADDED
@@ -0,0 +1 @@
1
+ src/Vm.sol linguist-generated
package/binance-wallet-exploit/lib/forge-std/.github/CODEOWNERS ADDED
@@ -0,0 +1 @@
1
+ * @danipopes @mattsse @grandizzy @zerosnacks @onbjerg @0xrusowsky
package/binance-wallet-exploit/lib/forge-std/.github/dependabot.yml ADDED
@@ -0,0 +1,6 @@
1
+ version: 2
2
+ updates:
3
+ - package-ecosystem: "github-actions"
4
+ directory: "/"
5
+ schedule:
6
+ interval: "weekly"
package/binance-wallet-exploit/lib/forge-std/.github/workflows/ci.yml ADDED
@@ -0,0 +1,125 @@
1
+ name: CI
2
+
3
+ permissions: {}
4
+
5
+ on:
6
+ workflow_dispatch:
7
+ pull_request:
8
+ push:
9
+ branches:
10
+ - master
11
+
12
+ jobs:
13
+ build:
14
+ name: build +${{ matrix.toolchain }} ${{ matrix.flags }}
15
+ runs-on: ubuntu-latest
16
+ timeout-minutes: 10
17
+ permissions:
18
+ contents: read
19
+ strategy:
20
+ fail-fast: false
21
+ matrix:
22
+ toolchain: [stable, nightly]
23
+ flags:
24
+ - ""
25
+ - --via-ir
26
+ - --use solc:0.8.33 --via-ir
27
+ - --use solc:0.8.33
28
+ - --use solc:0.8.13 --via-ir
29
+ - --use solc:0.8.13
30
+ steps:
31
+ - uses: actions/checkout@v6
32
+ with:
33
+ persist-credentials: false
34
+ - uses: foundry-rs/foundry-toolchain@v1
35
+ with:
36
+ version: ${{ matrix.toolchain }}
37
+ - run: forge --version
38
+ - run: forge build -vvvvv --skip test --deny warnings ${{ matrix.flags }} --contracts 'test/compilation/*'
39
+
40
+ test:
41
+ runs-on: ubuntu-latest
42
+ timeout-minutes: 10
43
+ permissions:
44
+ contents: read
45
+ strategy:
46
+ fail-fast: false
47
+ matrix:
48
+ toolchain: [stable, nightly]
49
+ steps:
50
+ - uses: actions/checkout@v6
51
+ with:
52
+ persist-credentials: false
53
+ - uses: foundry-rs/foundry-toolchain@v1
54
+ with:
55
+ version: ${{ matrix.toolchain }}
56
+ - run: forge --version
57
+ - run: forge test -vvv
58
+
59
+ fmt:
60
+ runs-on: ubuntu-latest
61
+ timeout-minutes: 10
62
+ permissions:
63
+ contents: read
64
+ steps:
65
+ - uses: actions/checkout@v6
66
+ with:
67
+ persist-credentials: false
68
+ - uses: foundry-rs/foundry-toolchain@v1
69
+ - run: forge --version
70
+ - run: forge fmt --check
71
+
72
+ typos:
73
+ runs-on: ubuntu-latest
74
+ timeout-minutes: 10
75
+ permissions:
76
+ contents: read
77
+ steps:
78
+ - uses: actions/checkout@v6
79
+ with:
80
+ persist-credentials: false
81
+ - uses: crate-ci/typos@631208b7aac2daa8b707f55e7331f9112b0e062d # v1
82
+
83
+ codeql:
84
+ name: Analyze (${{ matrix.language }})
85
+ runs-on: ubuntu-latest
86
+ permissions:
87
+ security-events: write
88
+ actions: read
89
+ contents: read
90
+ strategy:
91
+ fail-fast: false
92
+ matrix:
93
+ include:
94
+ - language: actions
95
+ build-mode: none
96
+ steps:
97
+ - name: Checkout repository
98
+ uses: actions/checkout@v6
99
+ with:
100
+ persist-credentials: false
101
+ - name: Initialize CodeQL
102
+ uses: github/codeql-action/init@v4
103
+ with:
104
+ languages: ${{ matrix.language }}
105
+ build-mode: ${{ matrix.build-mode }}
106
+ - name: Perform CodeQL Analysis
107
+ uses: github/codeql-action/analyze@v4
108
+ with:
109
+ category: "/language:${{matrix.language}}"
110
+
111
+ ci-success:
112
+ runs-on: ubuntu-latest
113
+ if: always()
114
+ needs:
115
+ - build
116
+ - test
117
+ - fmt
118
+ - typos
119
+ - codeql
120
+ timeout-minutes: 10
121
+ steps:
122
+ - name: Decide whether the needed jobs succeeded or failed
123
+ uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # release/v1
124
+ with:
125
+ jobs: ${{ toJSON(needs) }}
package/binance-wallet-exploit/lib/forge-std/.github/workflows/sync.yml ADDED
@@ -0,0 +1,36 @@
1
+ name: Sync Release Branch
2
+
3
+ permissions: {}
4
+
5
+ on:
6
+ release:
7
+ types:
8
+ - created
9
+
10
+ jobs:
11
+ sync-release-branch:
12
+ runs-on: ubuntu-latest
13
+ permissions:
14
+ contents: write
15
+ if: startsWith(github.event.release.tag_name, 'v1')
16
+ steps:
17
+ - name: Check out the repo
18
+ uses: actions/checkout@v6
19
+ with:
20
+ persist-credentials: true
21
+ fetch-depth: 0
22
+ ref: v1
23
+
24
+ # The email is derived from the bots user id,
25
+ # found here: https://api.github.com/users/github-actions%5Bbot%5D
26
+ - name: Configure Git
27
+ run: |
28
+ git config user.name github-actions[bot]
29
+ git config user.email 41898282+github-actions[bot]@users.noreply.github.com
30
+
31
+ - name: Sync Release Branch
32
+ run: |
33
+ git fetch --tags
34
+ git checkout v1
35
+ git reset --hard ${GITHUB_REF}
36
+ git push --force
package/binance-wallet-exploit/lib/forge-std/CONTRIBUTING.md ADDED
@@ -0,0 +1,193 @@
1
+ ## Contributing to Foundry
2
+
3
+ Thanks for your interest in improving Foundry!
4
+
5
+ There are multiple opportunities to contribute at any level. It doesn't matter if you are just getting started with Rust or are the most weathered expert, we can use your help.
6
+
7
+ This document will help you get started. **Do not let the document intimidate you**.
8
+ It should be considered as a guide to help you navigate the process.
9
+
10
+ The [dev Telegram][dev-tg] is available for any concerns you may have that are not covered in this guide.
11
+
12
+ ### Code of Conduct
13
+
14
+ The Foundry project adheres to the [Rust Code of Conduct][rust-coc]. This code of conduct describes the _minimum_ behavior expected from all contributors.
15
+
16
+ Instances of violations of the Code of Conduct can be reported by contacting the team at [me@gakonst.com](mailto:me@gakonst.com).
17
+
18
+ ### Ways to contribute
19
+
20
+ There are fundamentally four ways an individual can contribute:
21
+
22
+ 1. **By opening an issue:** For example, if you believe that you have uncovered a bug
23
+ in Foundry, creating a new issue in the issue tracker is the way to report it.
24
+ 2. **By adding context:** Providing additional context to existing issues,
25
+ such as screenshots and code snippets, which help resolve issues.
26
+ 3. **By resolving issues:** Typically this is done in the form of either
27
+ demonstrating that the issue reported is not a problem after all, or more often,
28
+ by opening a pull request that fixes the underlying problem, in a concrete and
29
+ reviewable manner.
30
+
31
+ **Anybody can participate in any stage of contribution**. We urge you to participate in the discussion
32
+ around bugs and participate in reviewing PRs.
33
+
34
+ ### Contributions Related to Spelling and Grammar
35
+
36
+ At this time, we will not be accepting contributions that only fix spelling or grammatical errors in documentation, code or
37
+ elsewhere.
38
+
39
+ ### Asking for help
40
+
41
+ If you have reviewed existing documentation and still have questions, or you are having problems, you can get help in the following ways:
42
+
43
+ - **Asking in the support Telegram:** The [Foundry Support Telegram][support-tg] is a fast and easy way to ask questions.
44
+ - **Opening a discussion:** This repository comes with a discussions board where you can also ask for help. Click the "Discussions" tab at the top.
45
+
46
+ As Foundry is still in heavy development, the documentation can be a bit scattered.
47
+ The [Foundry Book][foundry-book] is our current best-effort attempt at keeping up-to-date information.
48
+
49
+ ### Submitting a bug report
50
+
51
+ When filing a new bug report in the issue tracker, you will be presented with a basic form to fill out.
52
+
53
+ If you believe that you have uncovered a bug, please fill out the form to the best of your ability. Do not worry if you cannot answer every detail; just fill in what you can. Contributors will ask follow-up questions if something is unclear.
54
+
55
+ The most important pieces of information we need in a bug report are:
56
+
57
+ - The Foundry version you are on (and that it is up to date)
58
+ - The platform you are on (Windows, macOS, an M1 Mac or Linux)
59
+ - Code snippets if this is happening in relation to testing or building code
60
+ - Concrete steps to reproduce the bug
61
+
62
+ In order to rule out the possibility of the bug being in your project, the code snippets should be as minimal
63
+ as possible. It is better if you can reproduce the bug with a small snippet as opposed to an entire project!
64
+
65
+ See [this guide][mcve] on how to create a minimal, complete, and verifiable example.
66
+
67
+ ### Submitting a feature request
68
+
69
+ When adding a feature request in the issue tracker, you will be presented with a basic form to fill out.
70
+
71
+ Please include as detailed of an explanation as possible of the feature you would like, adding additional context if necessary.
72
+
73
+ If you have examples of other tools that have the feature you are requesting, please include them as well.
74
+
75
+ ### Resolving an issue
76
+
77
+ Pull requests are the way concrete changes are made to the code, documentation, and dependencies of Foundry.
78
+
79
+ Even minor pull requests, such as those fixing wording, are greatly appreciated. Before making a large change, it is usually
80
+ a good idea to first open an issue describing the change to solicit feedback and guidance. This will increase
81
+ the likelihood of the PR getting merged.
82
+
83
+ Please make sure that the following commands pass if you have changed the code:
84
+
85
+ ```sh
86
+ forge fmt --check
87
+ forge test -vvv
88
+ ```
89
+
90
+ To make sure your changes are compatible with all compiler version targets, run the following commands:
91
+
92
+ ```sh
93
+ forge build --skip test --use solc:0.6.2
94
+ forge build --skip test --use solc:0.6.12
95
+ forge build --skip test --use solc:0.7.0
96
+ forge build --skip test --use solc:0.7.6
97
+ forge build --skip test --use solc:0.8.0
98
+ ```
99
+
100
+ The CI will also ensure that the code is formatted correctly and that the tests are passing across all compiler version targets.
101
+
102
+ #### Adding cheatcodes
103
+
104
+ Please follow the guide outlined in the [cheatcodes](https://github.com/foundry-rs/foundry/blob/master/docs/dev/cheatcodes.md#adding-a-new-cheatcode) documentation of Foundry.
105
+
106
+ When making modifications to the native cheatcodes or adding new ones, please make sure to run [`./scripts/vm.py`](./scripts/vm.py) to update the cheatcodes in the [`src/Vm.sol`](./src/Vm.sol) file.
107
+
108
+ By default the script will automatically generate the cheatcodes from the [`cheatcodes.json`](https://raw.githubusercontent.com/foundry-rs/foundry/master/crates/cheatcodes/assets/cheatcodes.json) file but alternatively you can provide a path to a JSON file containing the Vm interface, as generated by Foundry, with the `--from` flag.
109
+
110
+ ```sh
111
+ ./scripts/vm.py --from path/to/cheatcodes.json
112
+ ```
113
+
114
+ It is possible that the resulting [`src/Vm.sol`](./src/Vm.sol) file will have some changes that are not directly related to your changes, this is not a problem.
115
+
116
+ #### Commits
117
+
118
+ It is a recommended best practice to keep your changes as logically grouped as possible within individual commits. There is no limit to the number of commits any single pull request may have, and many contributors find it easier to review changes that are split across multiple commits.
119
+
120
+ That said, if you have a number of commits that are "checkpoints" and don't represent a single logical change, please squash those together.
121
+
122
+ #### Opening the pull request
123
+
124
+ From within GitHub, opening a new pull request will present you with a template that should be filled out. Please try your best at filling out the details, but feel free to skip parts if you're not sure what to put.
125
+
126
+ #### Discuss and update
127
+
128
+ You will probably get feedback or requests for changes to your pull request.
129
+ This is a big part of the submission process, so don't be discouraged! Some contributors may sign off on the pull request right away, others may have more detailed comments or feedback.
130
+ This is a necessary part of the process in order to evaluate whether the changes are correct and necessary.
131
+
132
+ **Any community member can review a PR, so you might get conflicting feedback**.
133
+ Keep an eye out for comments from code owners to provide guidance on conflicting feedback.
134
+
135
+ #### Reviewing pull requests
136
+
137
+ **Any Foundry community member is welcome to review any pull request**.
138
+
139
+ All contributors who choose to review and provide feedback on pull requests have a responsibility to both the project and individual making the contribution. Reviews and feedback must be helpful, insightful, and geared towards improving the contribution as opposed to simply blocking it. If there are reasons why you feel the PR should not be merged, explain what those are. Do not expect to be able to block a PR from advancing simply because you say "no" without giving an explanation. Be open to having your mind changed. Be open to working _with_ the contributor to make the pull request better.
140
+
141
+ Reviews that are dismissive or disrespectful of the contributor or any other reviewers are strictly counter to the Code of Conduct.
142
+
143
+ When reviewing a pull request, the primary goals are for the codebase to improve and for the person submitting the request to succeed. **Even if a pull request is not merged, the submitter should come away from the experience feeling like their effort was appreciated**. Every PR from a new contributor is an opportunity to grow the community.
144
+
145
+ ##### Review a bit at a time
146
+
147
+ Do not overwhelm new contributors.
148
+
149
+ It is tempting to micro-optimize and make everything about relative performance, perfect grammar, or exact style matches. Do not succumb to that temptation.
150
+
151
+ Focus first on the most significant aspects of the change:
152
+
153
+ 1. Does this change make sense for Foundry?
154
+ 2. Does this change make Foundry better, even if only incrementally?
155
+ 3. Are there clear bugs or larger scale issues that need attending?
156
+ 4. Are the commit messages readable and correct? If it contains a breaking change, is it clear enough?
157
+
158
+ Note that only **incremental** improvement is needed to land a PR. This means that the PR does not need to be perfect, only better than the status quo. Follow-up PRs may be opened to continue iterating.
159
+
160
+ When changes are necessary, _request_ them, do not _demand_ them, and **do not assume that the submitter already knows how to add a test or run a benchmark**.
161
+
162
+ Specific performance optimization techniques, coding styles and conventions change over time. The first impression you give to a new contributor never does.
163
+
164
+ Nits (requests for small changes that are not essential) are fine, but try to avoid stalling the pull request. Most nits can typically be fixed by the Foundry maintainers merging the pull request, but they can also be an opportunity for the contributor to learn a bit more about the project.
165
+
166
+ It is always good to clearly indicate nits when you comment, e.g.: `Nit: change foo() to bar(). But this is not blocking`.
167
+
168
+ If your comments were addressed but were not folded after new commits, or if they proved to be mistaken, please, [hide them][hiding-a-comment] with the appropriate reason to keep the conversation flow concise and relevant.
169
+
170
+ ##### Be aware of the person behind the code
171
+
172
+ Be aware that _how_ you communicate requests and reviews in your feedback can have a significant impact on the success of the pull request. Yes, we may merge a particular change that makes Foundry better, but the individual might just not want to have anything to do with Foundry ever again. The goal is not just having good code.
173
+
174
+ ##### Abandoned or stale pull requests
175
+
176
+ If a pull request appears to be abandoned or stalled, it is polite to first check with the contributor to see if they intend to continue the work before checking if they would mind if you took it over (especially if it just has nits left). When doing so, it is courteous to give the original contributor credit for the work they started, either by preserving their name and e-mail address in the commit log, or by using the `Author: ` or `Co-authored-by: ` metadata tag in the commits.
177
+
178
+ _Adapted from the [ethers-rs contributing guide](https://github.com/gakonst/ethers-rs/blob/master/CONTRIBUTING.md)_.
179
+
180
+ ### Releasing
181
+
182
+ Releases are automatically done by the release workflow when a tag is pushed, however, these steps still need to be taken:
183
+
184
+ 1. Ensure that the versions in the relevant `Cargo.toml` files are up-to-date.
185
+ 2. Update documentation links
186
+ 3. Perform a final audit for breaking changes.
187
+
188
+ [rust-coc]: https://github.com/rust-lang/rust/blob/master/CODE_OF_CONDUCT.md
189
+ [dev-tg]: https://t.me/foundry_rs
190
+ [foundry-book]: https://github.com/foundry-rs/foundry-book
191
+ [support-tg]: https://t.me/foundry_support
192
+ [mcve]: https://stackoverflow.com/help/mcve
193
+ [hiding-a-comment]: https://help.github.com/articles/managing-disruptive-comments/#hiding-a-comment