npm - uups-checker - Versions diffs - 1.0.0 - Mend

uups-checker 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (670) hide show

package/.gitmodules +6 -0
package/AIFI_AUDIT.md +220 -0
package/ALL_AUDITS_SUMMARY.md +366 -0
package/ALPHA_PROXY_CRITICAL_FINDING.md +136 -0
package/ALPHA_PROXY_FINAL_ANALYSIS.md +213 -0
package/ALPHA_PROXY_FINAL_VERDICT.md +233 -0
package/ALPHA_PROXY_SELFDESTRUCT_EXPLOIT.md +161 -0
package/ARIA-foundry-test.txt +9 -0
package/ARIA-mythril-analysis.txt +20 -0
package/ARIA-slither-analysis.txt +38 -0
package/ARIA_AI_SECURITY_AUDIT.md +290 -0
package/ARIA_VERIFIED_AUDIT.md +259 -0
package/ARIA_VERIFIED_slither.txt +76 -0
package/ARIVA_source.txt +1 -0
package/ARK_AUDIT.md +349 -0
package/BANANA_AUDIT.md +365 -0
package/BAS_AUDIT.md +451 -0
package/BAS_TOKEN_AUDIT.md +235 -0
package/BCE_EXPLOIT_ANALYSIS.md +165 -0
package/BEEFY_BNB_CHAIN_ANALYSIS.md +488 -0
package/BEEFY_MONAD_ANALYSIS.md +239 -0
package/BEEFY_STAKING_ANALYSIS.md +136 -0
package/BEEFY_XVS_WBNB_ACTUAL_FINDINGS.md +223 -0
package/BEEFY_XVS_WBNB_CRITICAL_FINDINGS.md +269 -0
package/BLOCKSEC_ATTACK_KNOWLEDGE_BASE.md +771 -0
package/BRISE_ANALYSIS.txt +31 -0
package/BRISE_BSC_DAPPS.txt +68 -0
package/BRISE_EXPLOITS_FOUND.md +98 -0
package/BRISE_REAL_EXPLOITS.md +115 -0
package/BRISE_WHITEHAT_REPORT.md +162 -0
package/BRISEstake_Analysis.txt +95 -0
package/BSCSLOCKTOKEN_CRITICAL_FINDING.md +240 -0
package/BSW_BISWAP_SECURITY_AUDIT.md +330 -0
package/BTCST_FINAL_VERDICT.md +319 -0
package/BTCST_MINING_REBASE_ANALYSIS.md +229 -0
package/BTCST_ROUNDING_DEEP_DIVE.md +293 -0
package/BTCST_ROUNDING_FINAL_VERDICT.md +9 -0
package/BTCST_SECURITY_ANALYSIS.md +391 -0
package/BTR_AUDIT.md +210 -0
package/BeamBridge-analysis.md +226 -0
package/BeamToken-analysis.md +201 -0
package/BitgertSwap_Investigation.txt +107 -0
package/CEEK_STAKING_ANALYSIS.md +0 -0
package/CHAINBASE_AUDIT.md +422 -0
package/COMPLETE_AUDIT_SUMMARY.md +342 -0
package/CORRECTED_ANALYSIS.txt +115 -0
package/DBXEN_COMPARISON_SUMMARY.md +232 -0
package/DBXEN_EXPLOIT_ANALYSIS.md +530 -0
package/DOPFairLaunch_raw.json +29 -0
package/DOPFairLaunch_source.txt +0 -0
package/DOP_BRIDGE_FINAL_ANALYSIS.txt +86 -0
package/DOP_BUSD_LP_ANALYSIS.txt +44 -0
package/DOP_FAIRLAUNCH_ANALYSIS.txt +61 -0
package/DOP_FAIRLAUNCH_FINAL_VERDICT.txt +113 -0
package/DOP_STAKING_CONTRACT_ANALYSIS.txt +67 -0
package/DSYNC_ECOSYSTEM_ANALYSIS.md +221 -0
package/DSyncStaking-exploit-analysis.md +153 -0
package/DSyncVault-analysis.md +120 -0
package/DUSD_PROXY_AUDIT.md +407 -0
package/DXSALE_LOCK_AUDIT.md +0 -0
package/DXSaleLock_bytecode.txt +1 -0
package/ECHIDNA_QUICK_START.md +101 -0
package/ELEPHANT_ECOSYSTEM_AUDIT_PLAN.md +159 -0
package/ELEPHANT_ECOSYSTEM_COMPREHENSIVE_AUDIT.md +427 -0
package/ELEPHANT_SECURITY_ANALYSIS.md +209 -0
package/ELEPHANT_VULNERABILITIES_EXPLAINED.md +455 -0
package/EXPLOIT_FIX.md +300 -0
package/EXPLOIT_INSTRUCTIONS.md +273 -0
package/EXPLOIT_SUMMARY.md +285 -0
package/EXPLOIT_SUMMARY.txt +175 -0
package/FALCON_FINANCE_AUDIT.md +258 -0
package/FANDOM_AUDIT.md +359 -0
package/FEE_ON_TRANSFER_ANALYSIS.md +228 -0
package/FINAL_AUDIT_REPORT.md +0 -0
package/FOLIO_PROXY_AUDIT.md +299 -0
package/FOT_EXPLOIT_RESULTS.txt +110 -0
package/FOT_TOKENS_AUDITED.md +103 -0
package/HEGIC-mythril-analysis.txt +39 -0
package/HEGIC_COMPLETE_ANALYSIS.md +343 -0
package/HOTCROSS_SWAP_EXPLOIT_ANALYSIS.md +123 -0
package/ICECREAMSWAP_EXPLOITS.md +259 -0
package/IMMUNEFI_REPORT.md +314 -0
package/KCCPAD_EXPLOIT_GUIDE.md +285 -0
package/KEL_CEL_EXPLOIT_ANALYSIS.md +0 -0
package/KOGE_AUDIT.md +328 -0
package/LENDFLARE_ANALYSIS.md +239 -0
package/LENDFLARE_ECHIDNA_GUIDE.md +356 -0
package/LENDFLARE_EXPLOIT_INSTRUCTIONS.md +297 -0
package/LENDFLARE_EXPLOIT_SUMMARY.md +292 -0
package/LENDFLARE_FLASHLOAN_GUIDE.md +383 -0
package/LENDFLARE_FUZZING_RESULTS.md +252 -0
package/LENDFLARE_HONEYPOT_BYPASS_ANALYSIS.md +420 -0
package/LENDFLARE_MANUAL_FUZZING.md +324 -0
package/LENDFLARE_MYTHRIL_ANALYSIS.md +339 -0
package/LENDFLARE_V3_BYPASS.md +296 -0
package/LFTDECOMPILE.txt +14478 -0
package/LFT_ACCOUNTING_ANALYSIS.md +0 -0
package/LFT_ACCOUNTING_BUG_ANALYSIS.md +426 -0
package/LFT_BACKDOOR_DEEP_DIVE.md +0 -0
package/LFT_CRITICAL_EXPLOIT_CONFIRMED.md +428 -0
package/LFT_EXPLOIT_VISUAL.md +253 -0
package/LFT_QUICK_SUMMARY.md +124 -0
package/LFT_REVERSE_EXPLOIT_ANALYSIS.md +521 -0
package/MGO_AUDIT_REPORT.md +420 -0
package/MYTHRIL_FINAL_REPORT.md +306 -0
package/MYTHRIL_SLITHER_SUMMARY.md +244 -0
package/NETX_MIGRATION_AUDIT.md +0 -0
package/NPM_PUBLISH_GUIDE.md +0 -0
package/NRV_CRITICAL_EXPLOIT.txt +143 -0
package/NetX_Analysis.txt +76 -0
package/NetX_Migration_bytecode.txt +1 -0
package/NetX_Migration_source.txt +0 -0
package/NetX_Token_source.txt +0 -0
package/NetxWhitehatRescue +22 -0
package/OILER_ATTACK_VISUAL.md +351 -0
package/OILER_BLOCKSEC_TEST_RESULTS.md +421 -0
package/OILER_DEEP_ANALYSIS.md +212 -0
package/OILER_FINAL_EXPLOIT_REPORT.md +241 -0
package/OILER_FINAL_VERDICT.md +339 -0
package/OILER_REENTRANCY_EXPLAINED.md +638 -0
package/OILER_REENTRANCY_FINAL_SUMMARY.md +391 -0
package/OILER_REENTRANCY_REALITY_CHECK.md +393 -0
package/OILER_REENTRANCY_STEP_BY_STEP.md +597 -0
package/OILER_STAKING_MAINNET_ANALYSIS.md +366 -0
package/OILER_STAKING_SECURITY_ANALYSIS.md +409 -0
package/PANCAKESWAP_UNDERFLOW_HUNTING.md +317 -0
package/POLS_MULTICHAIN_AUDIT.md +0 -0
package/POSI_STAKING_AUDIT.md +0 -0
package/PROXY2_SECURITY_ANALYSIS.md +0 -0
package/Proxy2TACS +29748 -0
package/QUICK_START.md +240 -0
package/RAMP_SECURITY_ANALYSIS.md +0 -0
package/README.md +238 -0
package/REAUDIT_MASTER_LIST.txt +15 -0
package/RING_analysis.txt +212 -0
package/RPC +4 -0
package/RULES.txt +20 -0
package/SIREN_AUDIT.md +186 -0
package/SYNC_EXPLOIT_README.md +0 -0
package/SYNC_TOKEN_EXPLOIT_REPORT.md +224 -0
package/TLM_raw.html +0 -0
package/TLM_raw.txt +0 -0
package/TLM_response.json +1 -0
package/TRADOOR_AUDIT.md +253 -0
package/TRUNK_AUDIT.md +285 -0
package/UNIBASE_AUDIT.md +241 -0
package/UNLOCK_ANALYSIS.md +0 -0
package/UNLOCK_EXPLOIT.md +49 -0
package/UNLOCK_EXPLOIT_ANALYSIS.md +0 -0
package/UPS +232 -0
package/UUPSCHECKER +208 -0
package/VAULT_PROXY_AUDIT.md +457 -0
package/VAULT_PROXY_FINAL_VERDICT.md +0 -0
package/VERIFIED_EXPLOITS_FINAL.txt +146 -0
package/WKEYDAO2_AUDIT.md +245 -0
package/WSG_AUDIT.md +0 -0
package/XFI_DEEP_ANALYSIS.md +327 -0
package/YOOSHI_EXPLOIT_GUIDE.md +119 -0
package/YSDAO_EXPLOIT_GUIDE.md +0 -0
package/agent-4-bundle.md +22490 -0
package/alpha-proxy-echidna.txt +1 -0
package/alpha-proxy-fuzz-results.txt +81 -0
package/alpha-proxy-mythril.txt +2 -0
package/analyze-btcst-farm.js +54 -0
package/analyze-dxsale-lock.js +75 -0
package/analyze-elephant.js +69 -0
package/analyze-fara-rewards.js +109 -0
package/analyze-fara-storage.js +83 -0
package/analyze-lft-transaction.js +158 -0
package/analyze-lock-bytecode.js +59 -0
package/analyze-shegic.js +0 -0
package/analyze-staking-abi.js +0 -0
package/analyze-sxp.js +57 -0
package/analyze-tlm.js +76 -0
package/analyze-trumpet.js +98 -0
package/analyze-unlimited-nft.js +108 -0
package/analyze_elephant.sh +27 -0
package/analyze_vault.sh +32 -0
package/aria-bytecode.txt +1 -0
package/aria_response.json +1 -0
package/ark_temp/README.md +66 -0
package/ark_temp/lib/forge-std/.gitattributes +1 -0
package/ark_temp/lib/forge-std/.github/CODEOWNERS +1 -0
package/ark_temp/lib/forge-std/.github/dependabot.yml +6 -0
package/ark_temp/lib/forge-std/.github/workflows/ci.yml +125 -0
package/ark_temp/lib/forge-std/.github/workflows/sync.yml +36 -0
package/ark_temp/lib/forge-std/CONTRIBUTING.md +193 -0
package/ark_temp/lib/forge-std/LICENSE-APACHE +203 -0
package/ark_temp/lib/forge-std/LICENSE-MIT +25 -0
package/ark_temp/lib/forge-std/README.md +314 -0
package/ark_temp/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
package/ark_temp/lib/forge-std/package.json +16 -0
package/ark_temp/lib/forge-std/scripts/vm.py +636 -0
package/audits/AiFi-security-audit-20260326.md +499 -0
package/audits/BasedAI-Brains-security-audit-20260324.md +651 -0
package/audits/BinanceAlphaWallet-pashov-ai-audit-report-20260324-170000.md +362 -0
package/audits/DGToken-security-audit-20260324.md +376 -0
package/audits/DSyncStaking-audit-part1.md +161 -0
package/audits/DSyncStaking-security-audit-20260324.md +547 -0
package/audits/DecompiledERC20-security-audit-20260325.md +397 -0
package/audits/DegenVC-security-audit-20260324.md +585 -0
package/audits/DelreyInu-security-audit-20260324.md +463 -0
package/audits/DestraNetwork-security-audit-20260324.md +705 -0
package/audits/DomiToken-security-audit-20260324.md +514 -0
package/audits/LendFlareToken-security-audit-20260325.md +197 -0
package/audits/LockReleaseTokenPool-security-audit-20260324.md +482 -0
package/audits/MOG-pashov-ai-audit-report-20260324-164900.md +229 -0
package/audits/PAALAI-security-audit-20260324.md +475 -0
package/audits/PAR-security-audit-20260325.md +311 -0
package/audits/PepeCoinStaking-security-audit-20260324.md +358 -0
package/audits/StakingPool-security-audit-20260324.md +517 -0
package/audits/SyncToken-security-audit-20260324.md +778 -0
package/audits/UndeadToken-decompiled-security-audit-20260324.md +485 -0
package/audits/UnknownToken-decompiled-security-audit-20260324.md +647 -0
package/audits/XFIStaking-security-audit-20260324.md +682 -0
package/audits/Xfinance-security-audit-20260324.md +463 -0
package/audits/basedAIFarm-security-audit-20260324.md +330 -0
package/audits/pepeCoin-security-audit-20260324.md +462 -0
package/bin/ups +232 -0
package/binance-wallet-exploit/.env.example +2 -0
package/binance-wallet-exploit/EXECUTIVE_SUMMARY.md +272 -0
package/binance-wallet-exploit/EXPLOIT_SUMMARY.md +104 -0
package/binance-wallet-exploit/FINAL_ANALYSIS.md +326 -0
package/binance-wallet-exploit/FLASHLOAN_ATTACK.md +292 -0
package/binance-wallet-exploit/HONEYPOT_REPORT.md +526 -0
package/binance-wallet-exploit/INVESTIGATION_COMPLETE.md +362 -0
package/binance-wallet-exploit/LENDFLARE_EXPLOIT.md +219 -0
package/binance-wallet-exploit/LENDFLARE_FINAL_ATTACK.md +307 -0
package/binance-wallet-exploit/LENDFLARE_REAL_EXPLOIT.md +286 -0
package/binance-wallet-exploit/LENDFLARE_RUGPULL.md +269 -0
package/binance-wallet-exploit/LFT_ANALYSIS.md +206 -0
package/binance-wallet-exploit/QUICK_START.md +75 -0
package/binance-wallet-exploit/README.md +195 -0
package/binance-wallet-exploit/REAL_TX_EXPLOIT_ANALYSIS.md +271 -0
package/binance-wallet-exploit/REMIX_INSTRUCTIONS.md +223 -0
package/binance-wallet-exploit/TEST_RESULTS.md +203 -0
package/binance-wallet-exploit/cache/solidity-files-cache.json +1 -0
package/binance-wallet-exploit/cache/test-failures +1 -0
package/binance-wallet-exploit/lib/forge-std/.gitattributes +1 -0
package/binance-wallet-exploit/lib/forge-std/.github/CODEOWNERS +1 -0
package/binance-wallet-exploit/lib/forge-std/.github/dependabot.yml +6 -0
package/binance-wallet-exploit/lib/forge-std/.github/workflows/ci.yml +125 -0
package/binance-wallet-exploit/lib/forge-std/.github/workflows/sync.yml +36 -0
package/binance-wallet-exploit/lib/forge-std/CONTRIBUTING.md +193 -0
package/binance-wallet-exploit/lib/forge-std/LICENSE-APACHE +203 -0
package/binance-wallet-exploit/lib/forge-std/LICENSE-MIT +25 -0
package/binance-wallet-exploit/lib/forge-std/README.md +314 -0
package/binance-wallet-exploit/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
package/binance-wallet-exploit/lib/forge-std/package.json +16 -0
package/binance-wallet-exploit/lib/forge-std/scripts/vm.py +636 -0
package/binance-wallet-exploit/out/build-info/1e9aa7e86cf56962.json +1 -0
package/binance-wallet-exploit/out/build-info/6f56f10e9d7b56eb.json +1 -0
package/binance-wallet-exploit/out/build-info/7edba961ff697a24.json +1 -0
package/binance-wallet-exploit/out/build-info/8c27fe3efea2f2e7.json +1 -0
package/binance-wallet-exploit/out/build-info/978b680daffec63a.json +1 -0
package/binance-wallet-exploit/out/build-info/9806b900b5672d0c.json +1 -0
package/binance-wallet-exploit/out/build-info/b4b9ff36e9b3fc27.json +1 -0
package/binance-wallet-exploit/out/build-info/b6f4df9ae05c0812.json +1 -0
package/binance-wallet-exploit/out/build-info/c88dbc86551f7b5c.json +1 -0
package/binance-wallet-exploit/out/build-info/e9657504010623db.json +1 -0
package/cache/fuzz/failures/ARIAVerifiedFuzzTest/testFuzz_ApprovalRaceCondition +1 -0
package/cache/fuzz/failures/HotCrossSwapFuzzTest/testFuzz_DirectTransferExploit +1 -0
package/cache/fuzz/failures/HotCrossSwapFuzzTest/testFuzz_LargeSwapDrain +1 -0
package/cache/fuzz/failures/LendFlareFuzz/testFuzz_ApprovalExploit +1 -0
package/cache/fuzz/failures/LendFlareFuzz/testFuzz_BalanceManipulation +1 -0
package/cache/fuzz/failures/LendFlareFuzz/testFuzz_RateManipulation +1 -0
package/cache/fuzz/failures/LendFlareFuzz/testFuzz_StorageManipulation +1 -0
package/cache/fuzz/failures/PARFuzzTest/testFuzz_OverflowTransfer +1 -0
package/cache/fuzz/failures/PARFuzzTest/testFuzz_Transfer +1 -0
package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_FrontrunAddfunds +1 -0
package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_RewardOverflow +1 -0
package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_RoundingExploit +1 -0
package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_WithdrawLimit +1 -0
package/cache/solidity-files-cache.json +1 -0
package/cache/test-failures +1 -0
package/calculate-elephant-flashloan.js +195 -0
package/check-address-approval.js +112 -0
package/check-alpha-proxy.js +42 -0
package/check-arbitrage.js +155 -0
package/check-aria-token.js +47 -0
package/check-ark.sh +20 -0
package/check-btcst-mining.js +75 -0
package/check-btcst-pools.js +163 -0
package/check-btcst.js +88 -0
package/check-caller.js +26 -0
package/check-ceek-lp.js +73 -0
package/check-ceek.js +47 -0
package/check-dxsale-address.js +35 -0
package/check-fara-exploit-timing.js +56 -0
package/check-fara-real-exploit.js +73 -0
package/check-flashloan-limits.js +129 -0
package/check-kel-cel-pool.js +91 -0
package/check-lax-staking.js +41 -0
package/check-lendflare.js +165 -0
package/check-lft-accounting.js +109 -0
package/check-lft-roles.js +165 -0
package/check-lock-time.js +47 -0
package/check-min-stake.js +73 -0
package/check-mystery-contract.js +52 -0
package/check-next-token.js +50 -0
package/check-nora-lock.js +67 -0
package/check-oiler-approvals.js +116 -0
package/check-oiler-proxy.js +73 -0
package/check-oiler-staking.js +117 -0
package/check-proxy-simple.js +71 -0
package/check-recent-stakes.js +54 -0
package/check-shegic-holdings.js +67 -0
package/check-snowcrash-ecosystem.js +83 -0
package/check-sync-lp.js +97 -0
package/check-sync-stake.js +42 -0
package/check-tlm.js +37 -0
package/check-token-pools.js +146 -0
package/check-trunk-depeg.js +181 -0
package/check-tusd-decimals.js +58 -0
package/check-user-storage-deep.js +81 -0
package/check-welephant-pools.js +130 -0
package/check-xfi-pool.js +75 -0
package/check-zypher.js +32 -0
package/check_proxy.sh +36 -0
package/compare-tlm-chains.js +90 -0
package/contract_0x05f2.html +6025 -0
package/contract_0x3720.html +6361 -0
package/contract_0x928e.html +5606 -0
package/contract_0xc42d.html +5304 -0
package/contract_page.html +5789 -0
package/decode-stake-tx.js +50 -0
package/deep-analyze-lock.js +82 -0
package/dune_uups_proxy_query.sql +42 -0
package/dune_uups_vulnerable_query.sql +0 -0
package/echidna/alpha-proxy.yaml +14 -0
package/echidna/elephant.yaml +7 -0
package/echidna/lendflare.yaml +42 -0
package/echidna.config.yaml +12 -0
package/elephant_raw.json +1 -0
package/eps_raw.json +1 -0
package/exploit/.github/workflows/test.yml +38 -0
package/exploit/.gitmodules +3 -0
package/exploit/README.md +66 -0
package/exploit/foundry.lock +8 -0
package/exploit/lib/forge-std/.gitattributes +1 -0
package/exploit/lib/forge-std/.github/CODEOWNERS +1 -0
package/exploit/lib/forge-std/.github/dependabot.yml +6 -0
package/exploit/lib/forge-std/.github/workflows/ci.yml +125 -0
package/exploit/lib/forge-std/.github/workflows/sync.yml +36 -0
package/exploit/lib/forge-std/CONTRIBUTING.md +193 -0
package/exploit/lib/forge-std/LICENSE-APACHE +203 -0
package/exploit/lib/forge-std/LICENSE-MIT +25 -0
package/exploit/lib/forge-std/README.md +314 -0
package/exploit/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
package/exploit/lib/forge-std/package.json +16 -0
package/exploit/lib/forge-std/scripts/vm.py +636 -0
package/exploit_analysis.txt +51 -0
package/extract_contract.py +21 -0
package/extract_elephant_contracts.py +24 -0
package/fara-staking-bytecode.txt +1 -0
package/fara-staking-raw.txt +1 -0
package/fetch-aria.js +46 -0
package/fetch-contract.js +50 -0
package/fetch-shegic-source.js +86 -0
package/fetch-snowcrash.js +44 -0
package/fetch-staking-source.js +53 -0
package/fetch-tlm.js +60 -0
package/fetch_elephant_source.py +32 -0
package/find-ceek-staking.js +21 -0
package/find-exploit-tx.js +88 -0
package/find-oiler-holders.js +100 -0
package/find-tlm-holder.js +36 -0
package/find-vulnerable-fund.js +94 -0
package/foundry.lock +8 -0
package/fuzz-all.sh +53 -0
package/get-aria-contract.py +40 -0
package/get-lft-holders.js +89 -0
package/get-tlm-source.sh +8 -0
package/harvest_txs.json +1 -0
package/lft-bytecode-raw.txt +1 -0
package/lft-bytecode.json +1 -0
package/lft-impl.bin +1 -0
package/lft-implementation-bytecode.txt +1 -0
package/lib/forge-std/.gitattributes +1 -0
package/lib/forge-std/.github/CODEOWNERS +1 -0
package/lib/forge-std/.github/dependabot.yml +6 -0
package/lib/forge-std/.github/workflows/ci.yml +125 -0
package/lib/forge-std/.github/workflows/sync.yml +36 -0
package/lib/forge-std/CONTRIBUTING.md +193 -0
package/lib/forge-std/LICENSE-APACHE +203 -0
package/lib/forge-std/LICENSE-MIT +25 -0
package/lib/forge-std/README.md +314 -0
package/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
package/lib/forge-std/package.json +16 -0
package/lib/forge-std/scripts/vm.py +636 -0
package/lib/openzeppelin-contracts/.changeset/config.json +12 -0
package/lib/openzeppelin-contracts/.codecov.yml +12 -0
package/lib/openzeppelin-contracts/.editorconfig +21 -0
package/lib/openzeppelin-contracts/.eslintrc +20 -0
package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/bug_report.md +21 -0
package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/config.yml +4 -0
package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/feature_request.md +14 -0
package/lib/openzeppelin-contracts/.github/PULL_REQUEST_TEMPLATE.md +20 -0
package/lib/openzeppelin-contracts/.github/actions/gas-compare/action.yml +49 -0
package/lib/openzeppelin-contracts/.github/actions/setup/action.yml +21 -0
package/lib/openzeppelin-contracts/.github/actions/storage-layout/action.yml +55 -0
package/lib/openzeppelin-contracts/.github/workflows/actionlint.yml +18 -0
package/lib/openzeppelin-contracts/.github/workflows/changeset.yml +28 -0
package/lib/openzeppelin-contracts/.github/workflows/checks.yml +118 -0
package/lib/openzeppelin-contracts/.github/workflows/docs.yml +19 -0
package/lib/openzeppelin-contracts/.github/workflows/formal-verification.yml +68 -0
package/lib/openzeppelin-contracts/.github/workflows/release-cycle.yml +214 -0
package/lib/openzeppelin-contracts/.github/workflows/upgradeable.yml +34 -0
package/lib/openzeppelin-contracts/.gitmodules +7 -0
package/lib/openzeppelin-contracts/.mocharc.js +4 -0
package/lib/openzeppelin-contracts/.prettierrc +15 -0
package/lib/openzeppelin-contracts/.solcover.js +13 -0
package/lib/openzeppelin-contracts/CHANGELOG.md +972 -0
package/lib/openzeppelin-contracts/CODE_OF_CONDUCT.md +73 -0
package/lib/openzeppelin-contracts/CONTRIBUTING.md +36 -0
package/lib/openzeppelin-contracts/GUIDELINES.md +148 -0
package/lib/openzeppelin-contracts/LICENSE +22 -0
package/lib/openzeppelin-contracts/README.md +107 -0
package/lib/openzeppelin-contracts/RELEASING.md +45 -0
package/lib/openzeppelin-contracts/SECURITY.md +42 -0
package/lib/openzeppelin-contracts/audits/2017-03.md +292 -0
package/lib/openzeppelin-contracts/audits/2018-10.pdf +0 -0
package/lib/openzeppelin-contracts/audits/2022-10-Checkpoints.pdf +0 -0
package/lib/openzeppelin-contracts/audits/2022-10-ERC4626.pdf +0 -0
package/lib/openzeppelin-contracts/audits/2023-05-v4.9.pdf +0 -0
package/lib/openzeppelin-contracts/audits/2023-10-v5.0.pdf +0 -0
package/lib/openzeppelin-contracts/audits/README.md +17 -0
package/lib/openzeppelin-contracts/certora/Makefile +54 -0
package/lib/openzeppelin-contracts/certora/README.md +60 -0
package/lib/openzeppelin-contracts/certora/diff/access_manager_AccessManager.sol.patch +97 -0
package/lib/openzeppelin-contracts/certora/reports/2021-10.pdf +0 -0
package/lib/openzeppelin-contracts/certora/reports/2022-03.pdf +0 -0
package/lib/openzeppelin-contracts/certora/reports/2022-05.pdf +0 -0
package/lib/openzeppelin-contracts/certora/run.js +160 -0
package/lib/openzeppelin-contracts/certora/specs/AccessControl.spec +119 -0
package/lib/openzeppelin-contracts/certora/specs/AccessControlDefaultAdminRules.spec +464 -0
package/lib/openzeppelin-contracts/certora/specs/DoubleEndedQueue.spec +300 -0
package/lib/openzeppelin-contracts/certora/specs/ERC20.spec +352 -0
package/lib/openzeppelin-contracts/certora/specs/ERC20FlashMint.spec +55 -0
package/lib/openzeppelin-contracts/certora/specs/ERC20Wrapper.spec +198 -0
package/lib/openzeppelin-contracts/certora/specs/ERC721.spec +679 -0
package/lib/openzeppelin-contracts/certora/specs/EnumerableMap.spec +333 -0
package/lib/openzeppelin-contracts/certora/specs/EnumerableSet.spec +246 -0
package/lib/openzeppelin-contracts/certora/specs/Initializable.spec +165 -0
package/lib/openzeppelin-contracts/certora/specs/Ownable.spec +77 -0
package/lib/openzeppelin-contracts/certora/specs/Ownable2Step.spec +108 -0
package/lib/openzeppelin-contracts/certora/specs/Pausable.spec +96 -0
package/lib/openzeppelin-contracts/certora/specs/TimelockController.spec +274 -0
package/lib/openzeppelin-contracts/certora/specs/helpers/helpers.spec +7 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IAccessControl.spec +8 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IAccessControlDefaultAdminRules.spec +36 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC20.spec +11 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC2612.spec +5 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC3156FlashBorrower.spec +3 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC3156FlashLender.spec +5 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC5313.spec +3 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC721.spec +17 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC721Receiver.spec +3 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IOwnable.spec +5 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IOwnable2Step.spec +7 -0
package/lib/openzeppelin-contracts/certora/specs.json +86 -0
package/lib/openzeppelin-contracts/contracts/access/README.adoc +43 -0
package/lib/openzeppelin-contracts/contracts/finance/README.adoc +14 -0
package/lib/openzeppelin-contracts/contracts/governance/README.adoc +167 -0
package/lib/openzeppelin-contracts/contracts/interfaces/README.adoc +82 -0
package/lib/openzeppelin-contracts/contracts/metatx/README.adoc +12 -0
package/lib/openzeppelin-contracts/contracts/package.json +32 -0
package/lib/openzeppelin-contracts/contracts/proxy/README.adoc +87 -0
package/lib/openzeppelin-contracts/contracts/token/ERC1155/README.adoc +41 -0
package/lib/openzeppelin-contracts/contracts/token/ERC20/README.adoc +67 -0
package/lib/openzeppelin-contracts/contracts/token/ERC721/README.adoc +67 -0
package/lib/openzeppelin-contracts/contracts/token/common/README.adoc +10 -0
package/lib/openzeppelin-contracts/contracts/utils/README.adoc +88 -0
package/lib/openzeppelin-contracts/contracts/vendor/compound/LICENSE +11 -0
package/lib/openzeppelin-contracts/docs/README.md +16 -0
package/lib/openzeppelin-contracts/docs/antora.yml +7 -0
package/lib/openzeppelin-contracts/docs/config.js +21 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-3a.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-3b.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-6.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-deposit.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-mint.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-linear.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-loglog.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-loglogext.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/tally-exec.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/tally-vote.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/nav.adoc +23 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/access-control.adoc +204 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/backwards-compatibility.adoc +48 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/crowdsales.adoc +11 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/drafts.adoc +19 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc1155.adoc +145 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc20-supply.adoc +71 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc20.adoc +77 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc4626.adoc +214 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc721.adoc +79 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/extending-contracts.adoc +77 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/faq.adoc +13 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/governance.adoc +240 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/index.adoc +79 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/tokens.adoc +31 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/upgradeable.adoc +77 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/utilities.adoc +185 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/wizard.adoc +15 -0
package/lib/openzeppelin-contracts/docs/templates/contract.hbs +111 -0
package/lib/openzeppelin-contracts/docs/templates/helpers.js +46 -0
package/lib/openzeppelin-contracts/docs/templates/page.hbs +4 -0
package/lib/openzeppelin-contracts/docs/templates/properties.js +64 -0
package/lib/openzeppelin-contracts/hardhat/env-artifacts.js +24 -0
package/lib/openzeppelin-contracts/hardhat/env-contract.js +25 -0
package/lib/openzeppelin-contracts/hardhat/ignore-unreachable-warnings.js +45 -0
package/lib/openzeppelin-contracts/hardhat/skip-foundry-tests.js +6 -0
package/lib/openzeppelin-contracts/hardhat/task-test-get-files.js +25 -0
package/lib/openzeppelin-contracts/hardhat.config.js +131 -0
package/lib/openzeppelin-contracts/lib/erc4626-tests/LICENSE +661 -0
package/lib/openzeppelin-contracts/lib/erc4626-tests/README.md +116 -0
package/lib/openzeppelin-contracts/lib/forge-std/.github/workflows/ci.yml +92 -0
package/lib/openzeppelin-contracts/lib/forge-std/.gitmodules +3 -0
package/lib/openzeppelin-contracts/lib/forge-std/LICENSE-APACHE +203 -0
package/lib/openzeppelin-contracts/lib/forge-std/LICENSE-MIT +25 -0
package/lib/openzeppelin-contracts/lib/forge-std/README.md +250 -0
package/lib/openzeppelin-contracts/lib/forge-std/package.json +16 -0
package/lib/openzeppelin-contracts/logo.svg +15 -0
package/lib/openzeppelin-contracts/netlify.toml +3 -0
package/lib/openzeppelin-contracts/package-lock.json +16544 -0
package/lib/openzeppelin-contracts/package.json +96 -0
package/lib/openzeppelin-contracts/remappings.txt +1 -0
package/lib/openzeppelin-contracts/renovate.json +4 -0
package/lib/openzeppelin-contracts/requirements.txt +1 -0
package/lib/openzeppelin-contracts/scripts/checks/compare-layout.js +20 -0
package/lib/openzeppelin-contracts/scripts/checks/compareGasReports.js +243 -0
package/lib/openzeppelin-contracts/scripts/checks/extract-layout.js +38 -0
package/lib/openzeppelin-contracts/scripts/checks/generation.sh +6 -0
package/lib/openzeppelin-contracts/scripts/checks/inheritance-ordering.js +54 -0
package/lib/openzeppelin-contracts/scripts/gen-nav.js +41 -0
package/lib/openzeppelin-contracts/scripts/generate/format-lines.js +16 -0
package/lib/openzeppelin-contracts/scripts/generate/run.js +49 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.js +247 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.opts.js +17 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.t.js +146 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/EnumerableMap.js +283 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/EnumerableSet.js +250 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/SafeCast.js +126 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/StorageSlot.js +78 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/conversion.js +30 -0
package/lib/openzeppelin-contracts/scripts/git-user-config.sh +6 -0
package/lib/openzeppelin-contracts/scripts/helpers.js +37 -0
package/lib/openzeppelin-contracts/scripts/prepack.sh +23 -0
package/lib/openzeppelin-contracts/scripts/prepare-docs.sh +26 -0
package/lib/openzeppelin-contracts/scripts/release/format-changelog.js +33 -0
package/lib/openzeppelin-contracts/scripts/release/synchronize-versions.js +15 -0
package/lib/openzeppelin-contracts/scripts/release/update-comment.js +34 -0
package/lib/openzeppelin-contracts/scripts/release/version.sh +11 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/exit-prerelease.sh +8 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/github-release.js +48 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/integrity-check.sh +20 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/pack.sh +26 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/publish.sh +26 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/rerun.js +7 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/set-changesets-pr-title.js +17 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/start.sh +35 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/state.js +112 -0
package/lib/openzeppelin-contracts/scripts/remove-ignored-artifacts.js +45 -0
package/lib/openzeppelin-contracts/scripts/solhint-custom/index.js +84 -0
package/lib/openzeppelin-contracts/scripts/solhint-custom/package.json +5 -0
package/lib/openzeppelin-contracts/scripts/update-docs-branch.js +65 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/README.md +21 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/patch-apply.sh +19 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/patch-save.sh +18 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/transpile-onto.sh +54 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/transpile.sh +47 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/upgradeable.patch +360 -0
package/lib/openzeppelin-contracts/slither.config.json +5 -0
package/lib/openzeppelin-contracts/solhint.config.js +20 -0
package/mythril-lft-output.txt +1 -0
package/mythril-lft-symbolic.txt +18 -0
package/mythril-lft.sh +20 -0
package/mythril-symbolic-output.txt +1 -0
package/mythril-symbolic.sh +42 -0
package/out/build-info/0026b78428192979.json +1 -0
package/out/build-info/03c4fc3b88486eba.json +1 -0
package/out/build-info/0540afa9b9a5c5a6.json +1 -0
package/out/build-info/081932f505bc08b9.json +1 -0
package/out/build-info/0da104ba0d6642d5.json +1 -0
package/out/build-info/197281971dbb5f23.json +1 -0
package/out/build-info/197e7e332832a232.json +1 -0
package/out/build-info/1a1cab9136eb5f94.json +1 -0
package/out/build-info/1b320204eb162aa2.json +1 -0
package/out/build-info/1e03f94398052674.json +1 -0
package/out/build-info/22ac085949602937.json +1 -0
package/out/build-info/234ef37453a9fa64.json +1 -0
package/out/build-info/2447db7b1878fa8e.json +1 -0
package/out/build-info/25568daeb484f5ff.json +1 -0
package/out/build-info/27465853244c49ce.json +1 -0
package/out/build-info/2c57a9e0f087453b.json +1 -0
package/out/build-info/3c62ae7de8da68c4.json +1 -0
package/out/build-info/3e771ae109e97bb3.json +1 -0
package/out/build-info/460499bc0a3465c4.json +1 -0
package/out/build-info/47ce37e50a4f115e.json +1 -0
package/out/build-info/4fcce5c63cf427d6.json +1 -0
package/out/build-info/4fd0a53fe63fddbb.json +1 -0
package/out/build-info/50f1247db9d769cc.json +1 -0
package/out/build-info/5317d0181a7a5e02.json +1 -0
package/out/build-info/594df509275ceb5b.json +1 -0
package/out/build-info/61983ac3f6141719.json +1 -0
package/out/build-info/638c4548307122fe.json +1 -0
package/out/build-info/67c2c43bdb7c0ded.json +1 -0
package/out/build-info/777f42643aad37b7.json +1 -0
package/out/build-info/7d7856f19e845354.json +1 -0
package/out/build-info/83976260b6f71e94.json +1 -0
package/out/build-info/83c23882000b963d.json +1 -0
package/out/build-info/84b2cce8f70b36be.json +1 -0
package/out/build-info/8bc13d31d7c3206a.json +1 -0
package/out/build-info/8e183bd4d9d8cf88.json +1 -0
package/out/build-info/94bfe1e7cafa8ff5.json +1 -0
package/out/build-info/99ec7d5e8d8ff360.json +1 -0
package/out/build-info/9ac044b29daa7d5e.json +1 -0
package/out/build-info/9b203227ff5d2e63.json +1 -0
package/out/build-info/9d18c5872c4282dd.json +1 -0
package/out/build-info/9f77f04f33baf9a3.json +1 -0
package/out/build-info/a6e1caf974787982.json +1 -0
package/out/build-info/a94b6348867a62d6.json +1 -0
package/out/build-info/ad93721947a8b195.json +1 -0
package/out/build-info/b42daddb5aa4b19f.json +1 -0
package/out/build-info/bf13512ae899f7e8.json +1 -0
package/out/build-info/c39f86c20a548c4a.json +1 -0
package/out/build-info/cb12bb975a2f4e65.json +1 -0
package/out/build-info/d0c6788fadc2aa60.json +1 -0
package/out/build-info/d2726bf94ed5b845.json +1 -0
package/out/build-info/d4eb00da50cce5cb.json +1 -0
package/out/build-info/db931924a3bc8bdd.json +1 -0
package/out/build-info/e1a503d49bc77401.json +1 -0
package/out/build-info/efe5396f8892ce77.json +1 -0
package/out/build-info/f536d90ced745969.json +1 -0
package/out/build-info/fed38823c7019b82.json +1 -0
package/package.json +51 -0
package/page.html +5384 -0
package/pancakeswap-simple-tvl.sql +15 -0
package/pancakeswap-top-pools.sql +29 -0
package/pancakeswap-tvl-optimized.sql +57 -0
package/pancakeswap-tvl-query.sql +60 -0
package/pancakeswap-underflow-hunting.sql +51 -0
package/pancakeswap-vulnerability-queries.sql +200 -0
package/posi_page.html +6369 -0
package/posi_response.json +29 -0
package/proxy_page.html +500 -0
package/run_mythril_elephant.sh +18 -0
package/sHEGIC-bytecode.bin +6 -0
package/sHEGIC-mythril-analysis.txt +1 -0
package/sHEGIC-mythril-full.txt +134 -0
package/sHEGIC_ANALYSIS.md +135 -0
package/sHEGIC_EXPLOIT_ANALYSIS.md +317 -0
package/sHEGIC_MYTHRIL_ANALYSIS.md +361 -0
package/scrape-snowcrash.js +28 -0
package/scripts/yooshi_drain.sh +154 -0
package/shi_raw.json +1 -0
package/temp.json +1 -0
package/temp_harvest.json +1 -0
package/temp_pika.json +1 -0
package/temp_posi.json +1 -0
package/temp_response.json +1 -0
package/test-lft-hidden-balance.js +108 -0
package/test-xfi-exploit.js +140 -0
package/trunk-liquidity-rescue.js +164 -0
package/vBABY_page.html +6153 -0
package/vBABY_response.json +29 -0
package/wsg_response.json +1 -0
package/yooldo_page.html +10371 -0

package/check-alpha-proxy.js ADDED Viewed

@@ -0,0 +1,42 @@
+const Web3 = require('web3');
+const web3 = new Web3('https://bsc-dataseed.binance.org/');
+async function checkProxy() {
+    const proxyAddr = '0x71aa12b3864f577e3e52ca3eac34949df3732c69';
+    const adminAddr = '0xb8af5a48fefa0e696b54839a2a74eceb6d8abb51';
+    // ERC1967 implementation slot
+    const implSlot = '0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc';
+    console.log('=== ALPHA PROXY ANALYSIS ===\n');
+    console.log('Proxy:', proxyAddr);
+    console.log('Admin:', adminAddr);
+    // Get implementation address
+    const implData = await web3.eth.getStorageAt(proxyAddr, implSlot);
+    const impl = '0x' + implData.slice(-40);
+    console.log('\nImplementation:', impl);
+    // Check if implementation has code
+    const implCode = await web3.eth.getCode(impl);
+    console.log('Implementation has code:', implCode.length > 2);
+    // Check admin balance
+    const adminBalance = await web3.eth.getBalance(adminAddr);
+    console.log('\nAdmin BNB balance:', web3.utils.fromWei(adminBalance, 'ether'), 'BNB');
+    // Check if admin is a contract
+    const adminCode = await web3.eth.getCode(adminAddr);
+    console.log('Admin is contract:', adminCode.length > 2);
+    // Check proxy token balance
+    const alphaToken = '0xa1faa113cbe53436df28ff0aee54275c13b40975';
+    const balanceOfSig = '0x70a08231' + proxyAddr.slice(2).padStart(64, '0');
+    const balance = await web3.eth.call({
+        to: alphaToken,
+        data: balanceOfSig
+    });
+    console.log('\nProxy ALPHA balance:', web3.utils.fromWei(balance, 'ether'), 'ALPHA');
+}
+checkProxy().catch(console.error);

package/check-arbitrage.js ADDED Viewed

@@ -0,0 +1,155 @@
+// Check if LendFlare V2/V3 arbitrage is profitable
+// Run with: node check-arbitrage.js
+const ethers = require('ethers');
+const LFT = '0xB620Be8a1949AA9532e6a3510132864EF9Bc3F82';
+const WETH = '0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2';
+const V2_ROUTER = '0x7a250d5630B4cF539739dF2C5dAcb4c659F2488D';
+const V2_PAIR = '0x9c84f58bb51fabd18698efe95f5bab4f33e96e8f';
+const V3_POOL = '0x9bA091Ca2E2886DB44559784ab4Dc80D69773889';
+const ROUTER_ABI = [
+    'function getAmountsOut(uint amountIn, address[] memory path) view returns (uint[] memory amounts)'
+];
+const PAIR_ABI = [
+    'function getReserves() view returns (uint112 reserve0, uint112 reserve1, uint32 blockTimestampLast)',
+    'function token0() view returns (address)',
+    'function token1() view returns (address)'
+];
+const POOL_ABI = [
+    'function slot0() view returns (uint160 sqrtPriceX96, int24 tick, uint16 observationIndex, uint16 observationCardinality, uint16 observationCardinalityNext, uint8 feeProtocol, bool unlocked)',
+    'function liquidity() view returns (uint128)',
+    'function token0() view returns (address)',
+    'function token1() view returns (address)'
+];
+async function main() {
+    const provider = new ethers.providers.JsonRpcProvider(
+        process.env.ETH_RPC_URL || 'https://eth.llamarpc.com'
+    );
+    console.log('=== LENDFLARE ARBITRAGE ANALYSIS ===\n');
+    // V2 Analysis
+    console.log('1. UNISWAP V2 ANALYSIS:');
+    const v2Pair = new ethers.Contract(V2_PAIR, PAIR_ABI, provider);
+    const v2Router = new ethers.Contract(V2_ROUTER, ROUTER_ABI, provider);
+    const reserves = await v2Pair.getReserves();
+    const token0 = await v2Pair.token0();
+    let lftReserve, wethReserve;
+    if (token0.toLowerCase() === LFT.toLowerCase()) {
+        lftReserve = reserves.reserve0;
+        wethReserve = reserves.reserve1;
+    } else {
+        wethReserve = reserves.reserve0;
+        lftReserve = reserves.reserve1;
+    }
+    console.log('   LFT Reserve:', ethers.utils.formatEther(lftReserve));
+    console.log('   WETH Reserve:', ethers.utils.formatEther(wethReserve));
+    const v2Price = wethReserve.mul(ethers.utils.parseEther('1')).div(lftReserve);
+    console.log('   Price: 1 LFT =', ethers.utils.formatEther(v2Price), 'WETH');
+    // Test buy on V2
+    const testAmount = ethers.utils.parseEther('100'); // 100 WETH
+    const v2Path = [WETH, LFT];
+    const v2Amounts = await v2Router.getAmountsOut(testAmount, v2Path);
+    const lftFromV2 = v2Amounts[1];
+    console.log('   Buy 100 WETH → Get', ethers.utils.formatEther(lftFromV2), 'LFT');
+    // V3 Analysis
+    console.log('\n2. UNISWAP V3 ANALYSIS:');
+    const v3Pool = new ethers.Contract(V3_POOL, POOL_ABI, provider);
+    try {
+        const slot0 = await v3Pool.slot0();
+        const liquidity = await v3Pool.liquidity();
+        const v3Token0 = await v3Pool.token0();
+        console.log('   Pool exists: YES');
+        console.log('   Liquidity:', liquidity.toString());
+        console.log('   SqrtPriceX96:', slot0.sqrtPriceX96.toString());
+        // Calculate price from sqrtPriceX96
+        const sqrtPrice = slot0.sqrtPriceX96;
+        const price = sqrtPrice.mul(sqrtPrice).div(ethers.BigNumber.from(2).pow(192));
+        let v3Price;
+        if (v3Token0.toLowerCase() === LFT.toLowerCase()) {
+            // token0 = LFT, token1 = WETH
+            // price = WETH/LFT
+            v3Price = price;
+        } else {
+            // token0 = WETH, token1 = LFT
+            // price = LFT/WETH, need to invert
+            v3Price = ethers.utils.parseEther('1').mul(ethers.utils.parseEther('1')).div(price);
+        }
+        console.log('   Price: 1 LFT =', ethers.utils.formatEther(v3Price), 'WETH (approx)');
+        // Estimate sell on V3 (rough calculation)
+        // Actual amount depends on liquidity and price impact
+        const estimatedWethFromV3 = lftFromV2.mul(v3Price).div(ethers.utils.parseEther('1'));
+        console.log('   Sell', ethers.utils.formatEther(lftFromV2), 'LFT → Get ~', ethers.utils.formatEther(estimatedWethFromV3), 'WETH (approx)');
+        // Calculate profit
+        console.log('\n3. ARBITRAGE CALCULATION:');
+        console.log('   Flash loan: 100 WETH');
+        console.log('   Buy on V2: ', ethers.utils.formatEther(lftFromV2), 'LFT');
+        console.log('   Sell on V3: ~', ethers.utils.formatEther(estimatedWethFromV3), 'WETH');
+        console.log('   Repay loan: 100 WETH');
+        const profit = estimatedWethFromV3.sub(testAmount);
+        const profitPercent = profit.mul(10000).div(testAmount).toNumber() / 100;
+        console.log('   Profit: ', ethers.utils.formatEther(profit), 'WETH');
+        console.log('   Profit %:', profitPercent.toFixed(2), '%');
+        if (profit.gt(0)) {
+            const profitUSD = parseFloat(ethers.utils.formatEther(profit)) * 2200; // Assume $2200/ETH
+            console.log('   Profit USD: $', profitUSD.toFixed(2));
+            if (profitPercent > 1) {
+                console.log('\n🔥 ARBITRAGE OPPORTUNITY DETECTED!');
+                console.log('   Deploy LendFlareFlashLoanArbitrage.sol NOW!');
+            } else {
+                console.log('\n⚠️  Profit is low (<1%)');
+                console.log('   Gas costs might eat into profits');
+                console.log('   Consider waiting for better opportunity');
+            }
+        } else {
+            console.log('\n❌ NO ARBITRAGE OPPORTUNITY');
+            console.log('   V3 price is lower than V2 price');
+            console.log('   Would lose money');
+        }
+    } catch (e) {
+        console.log('   Error reading V3 pool:', e.message);
+        console.log('   Pool might not exist or have liquidity');
+    }
+    // Final verdict
+    console.log('\n=== FINAL VERDICT ===');
+    console.log('V2 allows buying: ✅');
+    console.log('V3 allows selling: ✅');
+    console.log('Flash loan fee: 0% (Balancer) ✅');
+    console.log('\nNext steps:');
+    console.log('1. Deploy LendFlareFlashLoanArbitrage.sol');
+    console.log('2. Call executeArbitrage(100 ether)');
+    console.log('3. Profit!');
+}
+main()
+    .then(() => process.exit(0))
+    .catch((error) => {
+        console.error(error);
+        process.exit(1);
+    });

package/check-aria-token.js ADDED Viewed

@@ -0,0 +1,47 @@
+const { ethers } = require('ethers');
+const provider = new ethers.providers.JsonRpcProvider('https://bsc-mainnet.infura.io/v3/db4d2c885bc946b691dbb3d5ef26d9e2');
+const address = '0x5d3a12c42e5372b2cc3264ab3cdcf660a1555238';
+// Standard ERC20 ABI
+const abi = [
+    'function name() view returns (string)',
+    'function symbol() view returns (string)',
+    'function decimals() view returns (uint8)',
+    'function totalSupply() view returns (uint256)',
+    'function balanceOf(address) view returns (uint256)',
+    'function owner() view returns (address)'
+];
+async function checkToken() {
+    const contract = new ethers.Contract(address, abi, provider);
+    try {
+        const name = await contract.name();
+        const symbol = await contract.symbol();
+        const decimals = await contract.decimals();
+        const totalSupply = await contract.totalSupply();
+        console.log('Token Name:', name);
+        console.log('Symbol:', symbol);
+        console.log('Decimals:', decimals);
+        console.log('Total Supply:', ethers.utils.formatUnits(totalSupply, decimals));
+        try {
+            const owner = await contract.owner();
+            console.log('Owner:', owner);
+        } catch (e) {
+            console.log('No owner() function or not Ownable');
+        }
+        // Get bytecode
+        const code = await provider.getCode(address);
+        console.log('\nBytecode length:', code.length, 'chars');
+        console.log('Contract is deployed:', code !== '0x');
+    } catch (error) {
+        console.error('Error:', error.message);
+    }
+}
+checkToken();

package/check-ark.sh ADDED Viewed

@@ -0,0 +1,20 @@
+#!/bin/bash
+RPC="https://bsc-mainnet.infura.io/v3/db4d2c885bc946b691dbb3d5ef26d9e2"
+TOKEN="0xcae117ca6bc8a341d2e7207f30e180f0e5618b9d"
+echo "=== ARK Token Info ==="
+echo "Name: $(cast call $TOKEN "name()(string)" --rpc-url $RPC)"
+echo "Symbol: $(cast call $TOKEN "symbol()(string)" --rpc-url $RPC)"
+echo "Decimals: $(cast call $TOKEN "decimals()(uint8)" --rpc-url $RPC)"
+echo "Total Supply: $(cast call $TOKEN "totalSupply()(uint256)" --rpc-url $RPC)"
+echo ""
+echo "=== Governance Info ==="
+echo "Governance: $(cast call $TOKEN "governance()(address)" --rpc-url $RPC)"
+echo "Oracle: $(cast call $TOKEN "oracle()(address)" --rpc-url $RPC)"
+echo "RBS: $(cast call $TOKEN "rbs()(address)" --rpc-url $RPC)"
+echo "Treasury: $(cast call $TOKEN "treasury()(address)" --rpc-url $RPC)"
+echo ""
+echo "=== Tax Rates ==="
+echo "Buy Tax (longGovernanceRatio): $(cast call $TOKEN "longGovernanceRatio()(uint256)" --rpc-url $RPC)"
+echo "Sell Tax (shortGovernanceRatio): $(cast call $TOKEN "shortGovernanceRatio()(uint256)" --rpc-url $RPC)"
+echo "BPS_100: $(cast call $TOKEN "BPS_100()(uint256)" --rpc-url $RPC)"

package/check-btcst-mining.js ADDED Viewed

@@ -0,0 +1,75 @@
+const { ethers } = require('ethers');
+const RPC = 'https://bsc-dataseed1.binance.org';
+const provider = new ethers.providers.JsonRpcProvider(RPC);
+const BTCST_PROXY = '0x78650B139471520656b9E7aA7A5e9276814a38e9';
+async function main() {
+    console.log('🔍 BTCST Mining/Rebase Contract Analysis\n');
+    // Check storage slots directly
+    console.log('📊 Reading Storage Slots...\n');
+    // Common storage layout for upgradeable contracts:
+    // Slot 0-10: Basic token data
+    // Higher slots: Custom data
+    for (let i = 0; i < 30; i++) {
+        const slot = ethers.utils.hexZeroPad(ethers.utils.hexlify(i), 32);
+        const value = await provider.getStorageAt(BTCST_PROXY, slot);
+        if (value !== '0x0000000000000000000000000000000000000000000000000000000000000000') {
+            console.log(`Slot ${i}:`, value);
+            // Try to interpret as address
+            if (value.startsWith('0x000000000000000000000000')) {
+                const addr = '0x' + value.slice(26);
+                if (addr !== '0x0000000000000000000000000000000000000000') {
+                    console.log(`  → Possible Address: ${addr}`);
+                    const code = await provider.getCode(addr);
+                    if (code !== '0x') {
+                        console.log(`  → Has Contract Code (${code.length} bytes)`);
+                    }
+                }
+            }
+        }
+    }
+    // Check implementation slot (EIP-1967)
+    const implSlot = '0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc';
+    const implAddress = await provider.getStorageAt(BTCST_PROXY, implSlot);
+    console.log('\n📍 Implementation Address (EIP-1967):', implAddress);
+    // Check admin slot (EIP-1967)
+    const adminSlot = '0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103';
+    const adminAddress = await provider.getStorageAt(BTCST_PROXY, adminSlot);
+    console.log('📍 Admin Address (EIP-1967):', adminAddress);
+    // Get recent transactions
+    console.log('\n📜 Checking Recent Activity...');
+    const latestBlock = await provider.getBlockNumber();
+    console.log('Latest Block:', latestBlock);
+    // Check for Transfer events (last 10000 blocks)
+    const transferTopic = ethers.utils.id('Transfer(address,address,uint256)');
+    const events = await provider.getLogs({
+        address: BTCST_PROXY,
+        topics: [transferTopic],
+        fromBlock: latestBlock - 10000,
+        toBlock: 'latest'
+    });
+    console.log('Transfer Events (last 10000 blocks):', events.length);
+    if (events.length > 0) {
+        console.log('\nRecent Transfers:');
+        events.slice(-5).forEach((event, i) => {
+            const from = '0x' + event.topics[1].slice(26);
+            const to = '0x' + event.topics[2].slice(26);
+            const amount = ethers.BigNumber.from(event.data);
+            console.log(`  ${from} → ${to}: ${ethers.utils.formatUnits(amount, 17)} BTCST`);
+        });
+    }
+}
+main().catch(console.error);

package/check-btcst-pools.js ADDED Viewed

@@ -0,0 +1,163 @@
+const { ethers } = require('ethers');
+const provider = new ethers.providers.JsonRpcProvider('https://bsc-dataseed.binance.org/');
+const BTCST = '0x78650B139471520656b9E7aA7A5e9276814a38e9';
+const WBNB = '0xbb4CdB9CBd36B01bD1cBaEBF2De08d9173bc095c';
+const BUSD = '0xe9e7CEA3DedcA5984780Bafc599bD69ADd087D56';
+const PANCAKE_FACTORY = '0xcA143Ce32Fe78f1f7019d7d551a6402fC5350c73';
+const FACTORY_ABI = [
+    'function getPair(address tokenA, address tokenB) external view returns (address pair)'
+];
+const PAIR_ABI = [
+    'function token0() external view returns (address)',
+    'function token1() external view returns (address)',
+    'function getReserves() external view returns (uint112 reserve0, uint112 reserve1, uint32 blockTimestampLast)',
+    'function totalSupply() external view returns (uint256)'
+];
+const ERC20_ABI = [
+    'function decimals() external view returns (uint8)',
+    'function symbol() external view returns (string)',
+    'function balanceOf(address) external view returns (uint256)'
+];
+async function checkBTCSTPool() {
+    console.log('=== BTCST DECIMAL CONFUSION ANALYSIS ===\n');
+    const factory = new ethers.Contract(PANCAKE_FACTORY, FACTORY_ABI, provider);
+    const btcst = new ethers.Contract(BTCST, ERC20_ABI, provider);
+    // Get BTCST info
+    const btcstDecimals = await btcst.decimals();
+    const btcstSymbol = await btcst.symbol();
+    console.log(`Token: ${btcstSymbol}`);
+    console.log(`Address: ${BTCST}`);
+    console.log(`Decimals: ${btcstDecimals} (UNUSUAL! Standard is 18)`);
+    console.log(`Decimal Difference: 10^${18 - btcstDecimals} = ${Math.pow(10, 18 - btcstDecimals)}x\n`);
+    // Check BTCST/WBNB pool
+    console.log('=== CHECKING BTCST/WBNB POOL ===');
+    const btcstWbnbPair = await factory.getPair(BTCST, WBNB);
+    if (btcstWbnbPair === ethers.constants.AddressZero) {
+        console.log('❌ NO BTCST/WBNB POOL FOUND\n');
+    } else {
+        console.log(`✅ Pool Found: ${btcstWbnbPair}`);
+        await analyzePool(btcstWbnbPair, 'BTCST', 'WBNB', btcstDecimals);
+    }
+    // Check BTCST/BUSD pool
+    console.log('=== CHECKING BTCST/BUSD POOL ===');
+    const btcstBusdPair = await factory.getPair(BTCST, BUSD);
+    if (btcstBusdPair === ethers.constants.AddressZero) {
+        console.log('❌ NO BTCST/BUSD POOL FOUND\n');
+    } else {
+        console.log(`✅ Pool Found: ${btcstBusdPair}`);
+        await analyzePool(btcstBusdPair, 'BTCST', 'BUSD', btcstDecimals);
+    }
+    // Check time-locked balances
+    console.log('=== CHECKING TIME-LOCKED BALANCES ===');
+    await checkTimeLockedBalances();
+    // Check owner/admin addresses
+    console.log('\n=== CHECKING OWNER/ADMIN ADDRESSES ===');
+    await checkOwnerAdmin();
+}
+async function analyzePool(pairAddress, token0Symbol, token1Symbol, btcstDecimals) {
+    const pair = new ethers.Contract(pairAddress, PAIR_ABI, provider);
+    const token0 = await pair.token0();
+    const token1 = await pair.token1();
+    const reserves = await pair.getReserves();
+    const totalSupply = await pair.totalSupply();
+    const token0Contract = new ethers.Contract(token0, ERC20_ABI, provider);
+    const token1Contract = new ethers.Contract(token1, ERC20_ABI, provider);
+    const decimals0 = await token0Contract.decimals();
+    const decimals1 = await token1Contract.decimals();
+    const symbol0 = await token0Contract.symbol();
+    const symbol1 = await token1Contract.symbol();
+    console.log(`Token0: ${symbol0} (${decimals0} decimals)`);
+    console.log(`Token1: ${symbol1} (${decimals1} decimals)`);
+    console.log(`Reserve0: ${ethers.utils.formatUnits(reserves[0], decimals0)} ${symbol0}`);
+    console.log(`Reserve1: ${ethers.utils.formatUnits(reserves[1], decimals1)} ${symbol1}`);
+    console.log(`LP Supply: ${ethers.utils.formatEther(totalSupply)}`);
+    // Calculate price
+    const price = reserves[1].mul(ethers.BigNumber.from(10).pow(decimals0))
+        .div(reserves[0].mul(ethers.BigNumber.from(10).pow(decimals1)));
+    console.log(`Price: 1 ${symbol0} = ${ethers.utils.formatUnits(price, decimals0)} ${symbol1}`);
+    // Check for decimal confusion
+    if (decimals0 === 17 || decimals1 === 17) {
+        console.log('\n⚠️  DECIMAL CONFUSION RISK DETECTED!');
+        console.log('This pool has a token with 17 decimals (non-standard)');
+        console.log('Check if any integrations assume 18 decimals');
+        console.log('Potential 10x price discrepancy if decimal not read correctly');
+    }
+    // Calculate liquidity value
+    const reserve0Value = ethers.utils.formatUnits(reserves[0], decimals0);
+    const reserve1Value = ethers.utils.formatUnits(reserves[1], decimals1);
+    console.log(`\nLiquidity: ${reserve0Value} ${symbol0} + ${reserve1Value} ${symbol1}`);
+    console.log('');
+}
+async function checkTimeLockedBalances() {
+    // Check if there are significant time-locked balances
+    const BTCST_IMPL = '0x85d4F83b0Bf400D3aF6fA12C44a28b490689c091';
+    // Storage slots for time-locked balances (from contract analysis)
+    // _totalSupplyReleaseByTimeLock is at slot 0x1cc
+    const slot = '0x00000000000000000000000000000000000000000000000000000000000001cc';
+    try {
+        const value = await provider.getStorageAt(BTCST_IMPL, slot);
+        const totalLocked = ethers.BigNumber.from(value);
+        if (totalLocked.gt(0)) {
+            console.log(`Total Time-Locked Supply: ${ethers.utils.formatUnits(totalLocked, 17)} BTCST`);
+            console.log('⚠️  Significant time-locked tokens exist');
+            console.log('These tokens unlock linearly over 25 weeks (25 rounds)');
+            console.log('Potential for rounding errors in unlock calculation');
+        } else {
+            console.log('No time-locked tokens found (or unable to read storage)');
+        }
+    } catch (error) {
+        console.log('Unable to read time-locked balance storage');
+    }
+}
+async function checkOwnerAdmin() {
+    const OWNER = '0xAd3784cD071602d6c9c2980d8e0933466C3F0a0a';
+    const ADMIN = '0xaa4c10aa3de2e4da6b0c0c9d177f1fa77314c9d8';
+    const ownerBalance = await provider.getBalance(OWNER);
+    const adminBalance = await provider.getBalance(ADMIN);
+    console.log(`Owner: ${OWNER}`);
+    console.log(`  BNB Balance: ${ethers.utils.formatEther(ownerBalance)} BNB`);
+    console.log(`\nAdmin: ${ADMIN}`);
+    console.log(`  BNB Balance: ${ethers.utils.formatEther(adminBalance)} BNB`);
+    // Check recent transactions
+    console.log('\n⚠️  CRITICAL: Monitor these addresses for:');
+    console.log('  - adminChangeDecimal() calls');
+    console.log('  - changeFarmContract() calls');
+    console.log('  - Proxy upgrade transactions');
+    console.log('  - Large token transfers');
+}
+checkBTCSTPool().catch(console.error);

package/check-btcst.js ADDED Viewed

@@ -0,0 +1,88 @@
+const { ethers } = require('ethers');
+const provider = new ethers.providers.JsonRpcProvider('https://bsc-dataseed.binance.org/');
+const BTCST_PROXY = '0x78650B139471520656b9E7aA7A5e9276814a38e9';
+// EIP-1967 implementation slot
+const IMPLEMENTATION_SLOT = '0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc';
+const PROXY_ABI = [
+    'function implementation() external view returns (address)',
+    'function admin() external view returns (address)'
+];
+const ERC20_ABI = [
+    'function name() external view returns (string)',
+    'function symbol() external view returns (string)',
+    'function decimals() external view returns (uint8)',
+    'function totalSupply() external view returns (uint256)',
+    'function balanceOf(address) external view returns (uint256)',
+    'function owner() external view returns (address)',
+    'function paused() external view returns (bool)'
+];
+async function analyzeBTCST() {
+    console.log('=== BTCST (Bitcoin Standard Hashrate Token) ANALYSIS ===\n');
+    console.log('Proxy:', BTCST_PROXY);
+    // Get implementation address from storage slot
+    const implAddress = await provider.getStorageAt(BTCST_PROXY, IMPLEMENTATION_SLOT);
+    const implementation = '0x' + implAddress.slice(-40);
+    console.log('Implementation:', implementation);
+    // Get admin
+    const ADMIN_SLOT = '0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103';
+    const adminAddress = await provider.getStorageAt(BTCST_PROXY, ADMIN_SLOT);
+    const admin = '0x' + adminAddress.slice(-40);
+    console.log('Admin:', admin);
+    // Get token info
+    const token = new ethers.Contract(BTCST_PROXY, ERC20_ABI, provider);
+    try {
+        const name = await token.name();
+        const symbol = await token.symbol();
+        const decimals = await token.decimals();
+        const totalSupply = await token.totalSupply();
+        console.log('\n=== TOKEN INFO ===');
+        console.log('Name:', name);
+        console.log('Symbol:', symbol);
+        console.log('Decimals:', decimals);
+        console.log('Total Supply:', ethers.utils.formatUnits(totalSupply, decimals));
+        // Check if paused
+        try {
+            const paused = await token.paused();
+            console.log('Paused:', paused);
+        } catch {
+            console.log('Paused: function not found');
+        }
+        // Check owner
+        try {
+            const owner = await token.owner();
+            console.log('Owner:', owner);
+        } catch {
+            console.log('Owner: function not found');
+        }
+    } catch (error) {
+        console.log('Error getting token info:', error.message);
+    }
+    console.log('\n=== NEXT STEPS ===');
+    console.log('1. Download implementation contract from BSCScan');
+    console.log('2. Look for:');
+    console.log('   - Minting functions');
+    console.log('   - Burning functions');
+    console.log('   - Pause mechanisms');
+    console.log('   - Upgrade vulnerabilities');
+    console.log('   - Access control issues');
+    console.log('   - Mining power redemption logic');
+}
+analyzeBTCST().catch(console.error);

package/check-caller.js ADDED Viewed

@@ -0,0 +1,26 @@
+const { ethers } = require('ethers');
+const RPC = 'https://bsc-mainnet.infura.io/v3/db4d2c885bc946b691dbb3d5ef26d9e2';
+const CALLER = '0x849E612202Ca4E2f3C5e66D491461167Ac1f8Da9';
+async function main() {
+    const provider = new ethers.providers.JsonRpcProvider(RPC);
+    console.log('=== Checking Successful Caller ===');
+    console.log('Address:', CALLER);
+    const code = await provider.getCode(CALLER);
+    console.log('Is contract:', code !== '0x');
+    console.log('Code length:', code.length);
+    if (code === '0x') {
+        console.log('\nThis is an EOA (Externally Owned Account)');
+        console.log('Staking contract likely has msg.sender == tx.origin check');
+        console.log('Contracts CANNOT stake!');
+    } else {
+        console.log('\nThis is a contract!');
+        console.log('Contracts CAN stake');
+    }
+}
+main().catch(console.error);