npm - uups-checker - Versions diffs - 1.0.0 - Mend

uups-checker 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (670) hide show

package/.gitmodules +6 -0
package/AIFI_AUDIT.md +220 -0
package/ALL_AUDITS_SUMMARY.md +366 -0
package/ALPHA_PROXY_CRITICAL_FINDING.md +136 -0
package/ALPHA_PROXY_FINAL_ANALYSIS.md +213 -0
package/ALPHA_PROXY_FINAL_VERDICT.md +233 -0
package/ALPHA_PROXY_SELFDESTRUCT_EXPLOIT.md +161 -0
package/ARIA-foundry-test.txt +9 -0
package/ARIA-mythril-analysis.txt +20 -0
package/ARIA-slither-analysis.txt +38 -0
package/ARIA_AI_SECURITY_AUDIT.md +290 -0
package/ARIA_VERIFIED_AUDIT.md +259 -0
package/ARIA_VERIFIED_slither.txt +76 -0
package/ARIVA_source.txt +1 -0
package/ARK_AUDIT.md +349 -0
package/BANANA_AUDIT.md +365 -0
package/BAS_AUDIT.md +451 -0
package/BAS_TOKEN_AUDIT.md +235 -0
package/BCE_EXPLOIT_ANALYSIS.md +165 -0
package/BEEFY_BNB_CHAIN_ANALYSIS.md +488 -0
package/BEEFY_MONAD_ANALYSIS.md +239 -0
package/BEEFY_STAKING_ANALYSIS.md +136 -0
package/BEEFY_XVS_WBNB_ACTUAL_FINDINGS.md +223 -0
package/BEEFY_XVS_WBNB_CRITICAL_FINDINGS.md +269 -0
package/BLOCKSEC_ATTACK_KNOWLEDGE_BASE.md +771 -0
package/BRISE_ANALYSIS.txt +31 -0
package/BRISE_BSC_DAPPS.txt +68 -0
package/BRISE_EXPLOITS_FOUND.md +98 -0
package/BRISE_REAL_EXPLOITS.md +115 -0
package/BRISE_WHITEHAT_REPORT.md +162 -0
package/BRISEstake_Analysis.txt +95 -0
package/BSCSLOCKTOKEN_CRITICAL_FINDING.md +240 -0
package/BSW_BISWAP_SECURITY_AUDIT.md +330 -0
package/BTCST_FINAL_VERDICT.md +319 -0
package/BTCST_MINING_REBASE_ANALYSIS.md +229 -0
package/BTCST_ROUNDING_DEEP_DIVE.md +293 -0
package/BTCST_ROUNDING_FINAL_VERDICT.md +9 -0
package/BTCST_SECURITY_ANALYSIS.md +391 -0
package/BTR_AUDIT.md +210 -0
package/BeamBridge-analysis.md +226 -0
package/BeamToken-analysis.md +201 -0
package/BitgertSwap_Investigation.txt +107 -0
package/CEEK_STAKING_ANALYSIS.md +0 -0
package/CHAINBASE_AUDIT.md +422 -0
package/COMPLETE_AUDIT_SUMMARY.md +342 -0
package/CORRECTED_ANALYSIS.txt +115 -0
package/DBXEN_COMPARISON_SUMMARY.md +232 -0
package/DBXEN_EXPLOIT_ANALYSIS.md +530 -0
package/DOPFairLaunch_raw.json +29 -0
package/DOPFairLaunch_source.txt +0 -0
package/DOP_BRIDGE_FINAL_ANALYSIS.txt +86 -0
package/DOP_BUSD_LP_ANALYSIS.txt +44 -0
package/DOP_FAIRLAUNCH_ANALYSIS.txt +61 -0
package/DOP_FAIRLAUNCH_FINAL_VERDICT.txt +113 -0
package/DOP_STAKING_CONTRACT_ANALYSIS.txt +67 -0
package/DSYNC_ECOSYSTEM_ANALYSIS.md +221 -0
package/DSyncStaking-exploit-analysis.md +153 -0
package/DSyncVault-analysis.md +120 -0
package/DUSD_PROXY_AUDIT.md +407 -0
package/DXSALE_LOCK_AUDIT.md +0 -0
package/DXSaleLock_bytecode.txt +1 -0
package/ECHIDNA_QUICK_START.md +101 -0
package/ELEPHANT_ECOSYSTEM_AUDIT_PLAN.md +159 -0
package/ELEPHANT_ECOSYSTEM_COMPREHENSIVE_AUDIT.md +427 -0
package/ELEPHANT_SECURITY_ANALYSIS.md +209 -0
package/ELEPHANT_VULNERABILITIES_EXPLAINED.md +455 -0
package/EXPLOIT_FIX.md +300 -0
package/EXPLOIT_INSTRUCTIONS.md +273 -0
package/EXPLOIT_SUMMARY.md +285 -0
package/EXPLOIT_SUMMARY.txt +175 -0
package/FALCON_FINANCE_AUDIT.md +258 -0
package/FANDOM_AUDIT.md +359 -0
package/FEE_ON_TRANSFER_ANALYSIS.md +228 -0
package/FINAL_AUDIT_REPORT.md +0 -0
package/FOLIO_PROXY_AUDIT.md +299 -0
package/FOT_EXPLOIT_RESULTS.txt +110 -0
package/FOT_TOKENS_AUDITED.md +103 -0
package/HEGIC-mythril-analysis.txt +39 -0
package/HEGIC_COMPLETE_ANALYSIS.md +343 -0
package/HOTCROSS_SWAP_EXPLOIT_ANALYSIS.md +123 -0
package/ICECREAMSWAP_EXPLOITS.md +259 -0
package/IMMUNEFI_REPORT.md +314 -0
package/KCCPAD_EXPLOIT_GUIDE.md +285 -0
package/KEL_CEL_EXPLOIT_ANALYSIS.md +0 -0
package/KOGE_AUDIT.md +328 -0
package/LENDFLARE_ANALYSIS.md +239 -0
package/LENDFLARE_ECHIDNA_GUIDE.md +356 -0
package/LENDFLARE_EXPLOIT_INSTRUCTIONS.md +297 -0
package/LENDFLARE_EXPLOIT_SUMMARY.md +292 -0
package/LENDFLARE_FLASHLOAN_GUIDE.md +383 -0
package/LENDFLARE_FUZZING_RESULTS.md +252 -0
package/LENDFLARE_HONEYPOT_BYPASS_ANALYSIS.md +420 -0
package/LENDFLARE_MANUAL_FUZZING.md +324 -0
package/LENDFLARE_MYTHRIL_ANALYSIS.md +339 -0
package/LENDFLARE_V3_BYPASS.md +296 -0
package/LFTDECOMPILE.txt +14478 -0
package/LFT_ACCOUNTING_ANALYSIS.md +0 -0
package/LFT_ACCOUNTING_BUG_ANALYSIS.md +426 -0
package/LFT_BACKDOOR_DEEP_DIVE.md +0 -0
package/LFT_CRITICAL_EXPLOIT_CONFIRMED.md +428 -0
package/LFT_EXPLOIT_VISUAL.md +253 -0
package/LFT_QUICK_SUMMARY.md +124 -0
package/LFT_REVERSE_EXPLOIT_ANALYSIS.md +521 -0
package/MGO_AUDIT_REPORT.md +420 -0
package/MYTHRIL_FINAL_REPORT.md +306 -0
package/MYTHRIL_SLITHER_SUMMARY.md +244 -0
package/NETX_MIGRATION_AUDIT.md +0 -0
package/NPM_PUBLISH_GUIDE.md +0 -0
package/NRV_CRITICAL_EXPLOIT.txt +143 -0
package/NetX_Analysis.txt +76 -0
package/NetX_Migration_bytecode.txt +1 -0
package/NetX_Migration_source.txt +0 -0
package/NetX_Token_source.txt +0 -0
package/NetxWhitehatRescue +22 -0
package/OILER_ATTACK_VISUAL.md +351 -0
package/OILER_BLOCKSEC_TEST_RESULTS.md +421 -0
package/OILER_DEEP_ANALYSIS.md +212 -0
package/OILER_FINAL_EXPLOIT_REPORT.md +241 -0
package/OILER_FINAL_VERDICT.md +339 -0
package/OILER_REENTRANCY_EXPLAINED.md +638 -0
package/OILER_REENTRANCY_FINAL_SUMMARY.md +391 -0
package/OILER_REENTRANCY_REALITY_CHECK.md +393 -0
package/OILER_REENTRANCY_STEP_BY_STEP.md +597 -0
package/OILER_STAKING_MAINNET_ANALYSIS.md +366 -0
package/OILER_STAKING_SECURITY_ANALYSIS.md +409 -0
package/PANCAKESWAP_UNDERFLOW_HUNTING.md +317 -0
package/POLS_MULTICHAIN_AUDIT.md +0 -0
package/POSI_STAKING_AUDIT.md +0 -0
package/PROXY2_SECURITY_ANALYSIS.md +0 -0
package/Proxy2TACS +29748 -0
package/QUICK_START.md +240 -0
package/RAMP_SECURITY_ANALYSIS.md +0 -0
package/README.md +238 -0
package/REAUDIT_MASTER_LIST.txt +15 -0
package/RING_analysis.txt +212 -0
package/RPC +4 -0
package/RULES.txt +20 -0
package/SIREN_AUDIT.md +186 -0
package/SYNC_EXPLOIT_README.md +0 -0
package/SYNC_TOKEN_EXPLOIT_REPORT.md +224 -0
package/TLM_raw.html +0 -0
package/TLM_raw.txt +0 -0
package/TLM_response.json +1 -0
package/TRADOOR_AUDIT.md +253 -0
package/TRUNK_AUDIT.md +285 -0
package/UNIBASE_AUDIT.md +241 -0
package/UNLOCK_ANALYSIS.md +0 -0
package/UNLOCK_EXPLOIT.md +49 -0
package/UNLOCK_EXPLOIT_ANALYSIS.md +0 -0
package/UPS +232 -0
package/UUPSCHECKER +208 -0
package/VAULT_PROXY_AUDIT.md +457 -0
package/VAULT_PROXY_FINAL_VERDICT.md +0 -0
package/VERIFIED_EXPLOITS_FINAL.txt +146 -0
package/WKEYDAO2_AUDIT.md +245 -0
package/WSG_AUDIT.md +0 -0
package/XFI_DEEP_ANALYSIS.md +327 -0
package/YOOSHI_EXPLOIT_GUIDE.md +119 -0
package/YSDAO_EXPLOIT_GUIDE.md +0 -0
package/agent-4-bundle.md +22490 -0
package/alpha-proxy-echidna.txt +1 -0
package/alpha-proxy-fuzz-results.txt +81 -0
package/alpha-proxy-mythril.txt +2 -0
package/analyze-btcst-farm.js +54 -0
package/analyze-dxsale-lock.js +75 -0
package/analyze-elephant.js +69 -0
package/analyze-fara-rewards.js +109 -0
package/analyze-fara-storage.js +83 -0
package/analyze-lft-transaction.js +158 -0
package/analyze-lock-bytecode.js +59 -0
package/analyze-shegic.js +0 -0
package/analyze-staking-abi.js +0 -0
package/analyze-sxp.js +57 -0
package/analyze-tlm.js +76 -0
package/analyze-trumpet.js +98 -0
package/analyze-unlimited-nft.js +108 -0
package/analyze_elephant.sh +27 -0
package/analyze_vault.sh +32 -0
package/aria-bytecode.txt +1 -0
package/aria_response.json +1 -0
package/ark_temp/README.md +66 -0
package/ark_temp/lib/forge-std/.gitattributes +1 -0
package/ark_temp/lib/forge-std/.github/CODEOWNERS +1 -0
package/ark_temp/lib/forge-std/.github/dependabot.yml +6 -0
package/ark_temp/lib/forge-std/.github/workflows/ci.yml +125 -0
package/ark_temp/lib/forge-std/.github/workflows/sync.yml +36 -0
package/ark_temp/lib/forge-std/CONTRIBUTING.md +193 -0
package/ark_temp/lib/forge-std/LICENSE-APACHE +203 -0
package/ark_temp/lib/forge-std/LICENSE-MIT +25 -0
package/ark_temp/lib/forge-std/README.md +314 -0
package/ark_temp/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
package/ark_temp/lib/forge-std/package.json +16 -0
package/ark_temp/lib/forge-std/scripts/vm.py +636 -0
package/audits/AiFi-security-audit-20260326.md +499 -0
package/audits/BasedAI-Brains-security-audit-20260324.md +651 -0
package/audits/BinanceAlphaWallet-pashov-ai-audit-report-20260324-170000.md +362 -0
package/audits/DGToken-security-audit-20260324.md +376 -0
package/audits/DSyncStaking-audit-part1.md +161 -0
package/audits/DSyncStaking-security-audit-20260324.md +547 -0
package/audits/DecompiledERC20-security-audit-20260325.md +397 -0
package/audits/DegenVC-security-audit-20260324.md +585 -0
package/audits/DelreyInu-security-audit-20260324.md +463 -0
package/audits/DestraNetwork-security-audit-20260324.md +705 -0
package/audits/DomiToken-security-audit-20260324.md +514 -0
package/audits/LendFlareToken-security-audit-20260325.md +197 -0
package/audits/LockReleaseTokenPool-security-audit-20260324.md +482 -0
package/audits/MOG-pashov-ai-audit-report-20260324-164900.md +229 -0
package/audits/PAALAI-security-audit-20260324.md +475 -0
package/audits/PAR-security-audit-20260325.md +311 -0
package/audits/PepeCoinStaking-security-audit-20260324.md +358 -0
package/audits/StakingPool-security-audit-20260324.md +517 -0
package/audits/SyncToken-security-audit-20260324.md +778 -0
package/audits/UndeadToken-decompiled-security-audit-20260324.md +485 -0
package/audits/UnknownToken-decompiled-security-audit-20260324.md +647 -0
package/audits/XFIStaking-security-audit-20260324.md +682 -0
package/audits/Xfinance-security-audit-20260324.md +463 -0
package/audits/basedAIFarm-security-audit-20260324.md +330 -0
package/audits/pepeCoin-security-audit-20260324.md +462 -0
package/bin/ups +232 -0
package/binance-wallet-exploit/.env.example +2 -0
package/binance-wallet-exploit/EXECUTIVE_SUMMARY.md +272 -0
package/binance-wallet-exploit/EXPLOIT_SUMMARY.md +104 -0
package/binance-wallet-exploit/FINAL_ANALYSIS.md +326 -0
package/binance-wallet-exploit/FLASHLOAN_ATTACK.md +292 -0
package/binance-wallet-exploit/HONEYPOT_REPORT.md +526 -0
package/binance-wallet-exploit/INVESTIGATION_COMPLETE.md +362 -0
package/binance-wallet-exploit/LENDFLARE_EXPLOIT.md +219 -0
package/binance-wallet-exploit/LENDFLARE_FINAL_ATTACK.md +307 -0
package/binance-wallet-exploit/LENDFLARE_REAL_EXPLOIT.md +286 -0
package/binance-wallet-exploit/LENDFLARE_RUGPULL.md +269 -0
package/binance-wallet-exploit/LFT_ANALYSIS.md +206 -0
package/binance-wallet-exploit/QUICK_START.md +75 -0
package/binance-wallet-exploit/README.md +195 -0
package/binance-wallet-exploit/REAL_TX_EXPLOIT_ANALYSIS.md +271 -0
package/binance-wallet-exploit/REMIX_INSTRUCTIONS.md +223 -0
package/binance-wallet-exploit/TEST_RESULTS.md +203 -0
package/binance-wallet-exploit/cache/solidity-files-cache.json +1 -0
package/binance-wallet-exploit/cache/test-failures +1 -0
package/binance-wallet-exploit/lib/forge-std/.gitattributes +1 -0
package/binance-wallet-exploit/lib/forge-std/.github/CODEOWNERS +1 -0
package/binance-wallet-exploit/lib/forge-std/.github/dependabot.yml +6 -0
package/binance-wallet-exploit/lib/forge-std/.github/workflows/ci.yml +125 -0
package/binance-wallet-exploit/lib/forge-std/.github/workflows/sync.yml +36 -0
package/binance-wallet-exploit/lib/forge-std/CONTRIBUTING.md +193 -0
package/binance-wallet-exploit/lib/forge-std/LICENSE-APACHE +203 -0
package/binance-wallet-exploit/lib/forge-std/LICENSE-MIT +25 -0
package/binance-wallet-exploit/lib/forge-std/README.md +314 -0
package/binance-wallet-exploit/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
package/binance-wallet-exploit/lib/forge-std/package.json +16 -0
package/binance-wallet-exploit/lib/forge-std/scripts/vm.py +636 -0
package/binance-wallet-exploit/out/build-info/1e9aa7e86cf56962.json +1 -0
package/binance-wallet-exploit/out/build-info/6f56f10e9d7b56eb.json +1 -0
package/binance-wallet-exploit/out/build-info/7edba961ff697a24.json +1 -0
package/binance-wallet-exploit/out/build-info/8c27fe3efea2f2e7.json +1 -0
package/binance-wallet-exploit/out/build-info/978b680daffec63a.json +1 -0
package/binance-wallet-exploit/out/build-info/9806b900b5672d0c.json +1 -0
package/binance-wallet-exploit/out/build-info/b4b9ff36e9b3fc27.json +1 -0
package/binance-wallet-exploit/out/build-info/b6f4df9ae05c0812.json +1 -0
package/binance-wallet-exploit/out/build-info/c88dbc86551f7b5c.json +1 -0
package/binance-wallet-exploit/out/build-info/e9657504010623db.json +1 -0
package/cache/fuzz/failures/ARIAVerifiedFuzzTest/testFuzz_ApprovalRaceCondition +1 -0
package/cache/fuzz/failures/HotCrossSwapFuzzTest/testFuzz_DirectTransferExploit +1 -0
package/cache/fuzz/failures/HotCrossSwapFuzzTest/testFuzz_LargeSwapDrain +1 -0
package/cache/fuzz/failures/LendFlareFuzz/testFuzz_ApprovalExploit +1 -0
package/cache/fuzz/failures/LendFlareFuzz/testFuzz_BalanceManipulation +1 -0
package/cache/fuzz/failures/LendFlareFuzz/testFuzz_RateManipulation +1 -0
package/cache/fuzz/failures/LendFlareFuzz/testFuzz_StorageManipulation +1 -0
package/cache/fuzz/failures/PARFuzzTest/testFuzz_OverflowTransfer +1 -0
package/cache/fuzz/failures/PARFuzzTest/testFuzz_Transfer +1 -0
package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_FrontrunAddfunds +1 -0
package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_RewardOverflow +1 -0
package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_RoundingExploit +1 -0
package/cache/fuzz/failures/XFIDeepFuzz/testFuzz_WithdrawLimit +1 -0
package/cache/solidity-files-cache.json +1 -0
package/cache/test-failures +1 -0
package/calculate-elephant-flashloan.js +195 -0
package/check-address-approval.js +112 -0
package/check-alpha-proxy.js +42 -0
package/check-arbitrage.js +155 -0
package/check-aria-token.js +47 -0
package/check-ark.sh +20 -0
package/check-btcst-mining.js +75 -0
package/check-btcst-pools.js +163 -0
package/check-btcst.js +88 -0
package/check-caller.js +26 -0
package/check-ceek-lp.js +73 -0
package/check-ceek.js +47 -0
package/check-dxsale-address.js +35 -0
package/check-fara-exploit-timing.js +56 -0
package/check-fara-real-exploit.js +73 -0
package/check-flashloan-limits.js +129 -0
package/check-kel-cel-pool.js +91 -0
package/check-lax-staking.js +41 -0
package/check-lendflare.js +165 -0
package/check-lft-accounting.js +109 -0
package/check-lft-roles.js +165 -0
package/check-lock-time.js +47 -0
package/check-min-stake.js +73 -0
package/check-mystery-contract.js +52 -0
package/check-next-token.js +50 -0
package/check-nora-lock.js +67 -0
package/check-oiler-approvals.js +116 -0
package/check-oiler-proxy.js +73 -0
package/check-oiler-staking.js +117 -0
package/check-proxy-simple.js +71 -0
package/check-recent-stakes.js +54 -0
package/check-shegic-holdings.js +67 -0
package/check-snowcrash-ecosystem.js +83 -0
package/check-sync-lp.js +97 -0
package/check-sync-stake.js +42 -0
package/check-tlm.js +37 -0
package/check-token-pools.js +146 -0
package/check-trunk-depeg.js +181 -0
package/check-tusd-decimals.js +58 -0
package/check-user-storage-deep.js +81 -0
package/check-welephant-pools.js +130 -0
package/check-xfi-pool.js +75 -0
package/check-zypher.js +32 -0
package/check_proxy.sh +36 -0
package/compare-tlm-chains.js +90 -0
package/contract_0x05f2.html +6025 -0
package/contract_0x3720.html +6361 -0
package/contract_0x928e.html +5606 -0
package/contract_0xc42d.html +5304 -0
package/contract_page.html +5789 -0
package/decode-stake-tx.js +50 -0
package/deep-analyze-lock.js +82 -0
package/dune_uups_proxy_query.sql +42 -0
package/dune_uups_vulnerable_query.sql +0 -0
package/echidna/alpha-proxy.yaml +14 -0
package/echidna/elephant.yaml +7 -0
package/echidna/lendflare.yaml +42 -0
package/echidna.config.yaml +12 -0
package/elephant_raw.json +1 -0
package/eps_raw.json +1 -0
package/exploit/.github/workflows/test.yml +38 -0
package/exploit/.gitmodules +3 -0
package/exploit/README.md +66 -0
package/exploit/foundry.lock +8 -0
package/exploit/lib/forge-std/.gitattributes +1 -0
package/exploit/lib/forge-std/.github/CODEOWNERS +1 -0
package/exploit/lib/forge-std/.github/dependabot.yml +6 -0
package/exploit/lib/forge-std/.github/workflows/ci.yml +125 -0
package/exploit/lib/forge-std/.github/workflows/sync.yml +36 -0
package/exploit/lib/forge-std/CONTRIBUTING.md +193 -0
package/exploit/lib/forge-std/LICENSE-APACHE +203 -0
package/exploit/lib/forge-std/LICENSE-MIT +25 -0
package/exploit/lib/forge-std/README.md +314 -0
package/exploit/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
package/exploit/lib/forge-std/package.json +16 -0
package/exploit/lib/forge-std/scripts/vm.py +636 -0
package/exploit_analysis.txt +51 -0
package/extract_contract.py +21 -0
package/extract_elephant_contracts.py +24 -0
package/fara-staking-bytecode.txt +1 -0
package/fara-staking-raw.txt +1 -0
package/fetch-aria.js +46 -0
package/fetch-contract.js +50 -0
package/fetch-shegic-source.js +86 -0
package/fetch-snowcrash.js +44 -0
package/fetch-staking-source.js +53 -0
package/fetch-tlm.js +60 -0
package/fetch_elephant_source.py +32 -0
package/find-ceek-staking.js +21 -0
package/find-exploit-tx.js +88 -0
package/find-oiler-holders.js +100 -0
package/find-tlm-holder.js +36 -0
package/find-vulnerable-fund.js +94 -0
package/foundry.lock +8 -0
package/fuzz-all.sh +53 -0
package/get-aria-contract.py +40 -0
package/get-lft-holders.js +89 -0
package/get-tlm-source.sh +8 -0
package/harvest_txs.json +1 -0
package/lft-bytecode-raw.txt +1 -0
package/lft-bytecode.json +1 -0
package/lft-impl.bin +1 -0
package/lft-implementation-bytecode.txt +1 -0
package/lib/forge-std/.gitattributes +1 -0
package/lib/forge-std/.github/CODEOWNERS +1 -0
package/lib/forge-std/.github/dependabot.yml +6 -0
package/lib/forge-std/.github/workflows/ci.yml +125 -0
package/lib/forge-std/.github/workflows/sync.yml +36 -0
package/lib/forge-std/CONTRIBUTING.md +193 -0
package/lib/forge-std/LICENSE-APACHE +203 -0
package/lib/forge-std/LICENSE-MIT +25 -0
package/lib/forge-std/README.md +314 -0
package/lib/forge-std/RELEASE_CHECKLIST.md +12 -0
package/lib/forge-std/package.json +16 -0
package/lib/forge-std/scripts/vm.py +636 -0
package/lib/openzeppelin-contracts/.changeset/config.json +12 -0
package/lib/openzeppelin-contracts/.codecov.yml +12 -0
package/lib/openzeppelin-contracts/.editorconfig +21 -0
package/lib/openzeppelin-contracts/.eslintrc +20 -0
package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/bug_report.md +21 -0
package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/config.yml +4 -0
package/lib/openzeppelin-contracts/.github/ISSUE_TEMPLATE/feature_request.md +14 -0
package/lib/openzeppelin-contracts/.github/PULL_REQUEST_TEMPLATE.md +20 -0
package/lib/openzeppelin-contracts/.github/actions/gas-compare/action.yml +49 -0
package/lib/openzeppelin-contracts/.github/actions/setup/action.yml +21 -0
package/lib/openzeppelin-contracts/.github/actions/storage-layout/action.yml +55 -0
package/lib/openzeppelin-contracts/.github/workflows/actionlint.yml +18 -0
package/lib/openzeppelin-contracts/.github/workflows/changeset.yml +28 -0
package/lib/openzeppelin-contracts/.github/workflows/checks.yml +118 -0
package/lib/openzeppelin-contracts/.github/workflows/docs.yml +19 -0
package/lib/openzeppelin-contracts/.github/workflows/formal-verification.yml +68 -0
package/lib/openzeppelin-contracts/.github/workflows/release-cycle.yml +214 -0
package/lib/openzeppelin-contracts/.github/workflows/upgradeable.yml +34 -0
package/lib/openzeppelin-contracts/.gitmodules +7 -0
package/lib/openzeppelin-contracts/.mocharc.js +4 -0
package/lib/openzeppelin-contracts/.prettierrc +15 -0
package/lib/openzeppelin-contracts/.solcover.js +13 -0
package/lib/openzeppelin-contracts/CHANGELOG.md +972 -0
package/lib/openzeppelin-contracts/CODE_OF_CONDUCT.md +73 -0
package/lib/openzeppelin-contracts/CONTRIBUTING.md +36 -0
package/lib/openzeppelin-contracts/GUIDELINES.md +148 -0
package/lib/openzeppelin-contracts/LICENSE +22 -0
package/lib/openzeppelin-contracts/README.md +107 -0
package/lib/openzeppelin-contracts/RELEASING.md +45 -0
package/lib/openzeppelin-contracts/SECURITY.md +42 -0
package/lib/openzeppelin-contracts/audits/2017-03.md +292 -0
package/lib/openzeppelin-contracts/audits/2018-10.pdf +0 -0
package/lib/openzeppelin-contracts/audits/2022-10-Checkpoints.pdf +0 -0
package/lib/openzeppelin-contracts/audits/2022-10-ERC4626.pdf +0 -0
package/lib/openzeppelin-contracts/audits/2023-05-v4.9.pdf +0 -0
package/lib/openzeppelin-contracts/audits/2023-10-v5.0.pdf +0 -0
package/lib/openzeppelin-contracts/audits/README.md +17 -0
package/lib/openzeppelin-contracts/certora/Makefile +54 -0
package/lib/openzeppelin-contracts/certora/README.md +60 -0
package/lib/openzeppelin-contracts/certora/diff/access_manager_AccessManager.sol.patch +97 -0
package/lib/openzeppelin-contracts/certora/reports/2021-10.pdf +0 -0
package/lib/openzeppelin-contracts/certora/reports/2022-03.pdf +0 -0
package/lib/openzeppelin-contracts/certora/reports/2022-05.pdf +0 -0
package/lib/openzeppelin-contracts/certora/run.js +160 -0
package/lib/openzeppelin-contracts/certora/specs/AccessControl.spec +119 -0
package/lib/openzeppelin-contracts/certora/specs/AccessControlDefaultAdminRules.spec +464 -0
package/lib/openzeppelin-contracts/certora/specs/DoubleEndedQueue.spec +300 -0
package/lib/openzeppelin-contracts/certora/specs/ERC20.spec +352 -0
package/lib/openzeppelin-contracts/certora/specs/ERC20FlashMint.spec +55 -0
package/lib/openzeppelin-contracts/certora/specs/ERC20Wrapper.spec +198 -0
package/lib/openzeppelin-contracts/certora/specs/ERC721.spec +679 -0
package/lib/openzeppelin-contracts/certora/specs/EnumerableMap.spec +333 -0
package/lib/openzeppelin-contracts/certora/specs/EnumerableSet.spec +246 -0
package/lib/openzeppelin-contracts/certora/specs/Initializable.spec +165 -0
package/lib/openzeppelin-contracts/certora/specs/Ownable.spec +77 -0
package/lib/openzeppelin-contracts/certora/specs/Ownable2Step.spec +108 -0
package/lib/openzeppelin-contracts/certora/specs/Pausable.spec +96 -0
package/lib/openzeppelin-contracts/certora/specs/TimelockController.spec +274 -0
package/lib/openzeppelin-contracts/certora/specs/helpers/helpers.spec +7 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IAccessControl.spec +8 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IAccessControlDefaultAdminRules.spec +36 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC20.spec +11 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC2612.spec +5 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC3156FlashBorrower.spec +3 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC3156FlashLender.spec +5 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC5313.spec +3 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC721.spec +17 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IERC721Receiver.spec +3 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IOwnable.spec +5 -0
package/lib/openzeppelin-contracts/certora/specs/methods/IOwnable2Step.spec +7 -0
package/lib/openzeppelin-contracts/certora/specs.json +86 -0
package/lib/openzeppelin-contracts/contracts/access/README.adoc +43 -0
package/lib/openzeppelin-contracts/contracts/finance/README.adoc +14 -0
package/lib/openzeppelin-contracts/contracts/governance/README.adoc +167 -0
package/lib/openzeppelin-contracts/contracts/interfaces/README.adoc +82 -0
package/lib/openzeppelin-contracts/contracts/metatx/README.adoc +12 -0
package/lib/openzeppelin-contracts/contracts/package.json +32 -0
package/lib/openzeppelin-contracts/contracts/proxy/README.adoc +87 -0
package/lib/openzeppelin-contracts/contracts/token/ERC1155/README.adoc +41 -0
package/lib/openzeppelin-contracts/contracts/token/ERC20/README.adoc +67 -0
package/lib/openzeppelin-contracts/contracts/token/ERC721/README.adoc +67 -0
package/lib/openzeppelin-contracts/contracts/token/common/README.adoc +10 -0
package/lib/openzeppelin-contracts/contracts/utils/README.adoc +88 -0
package/lib/openzeppelin-contracts/contracts/vendor/compound/LICENSE +11 -0
package/lib/openzeppelin-contracts/docs/README.md +16 -0
package/lib/openzeppelin-contracts/docs/antora.yml +7 -0
package/lib/openzeppelin-contracts/docs/config.js +21 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-3a.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-3b.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack-6.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-attack.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-deposit.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-mint.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-linear.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-loglog.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/erc4626-rate-loglogext.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/tally-exec.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/images/tally-vote.png +0 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/nav.adoc +23 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/access-control.adoc +204 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/backwards-compatibility.adoc +48 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/crowdsales.adoc +11 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/drafts.adoc +19 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc1155.adoc +145 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc20-supply.adoc +71 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc20.adoc +77 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc4626.adoc +214 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/erc721.adoc +79 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/extending-contracts.adoc +77 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/faq.adoc +13 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/governance.adoc +240 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/index.adoc +79 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/tokens.adoc +31 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/upgradeable.adoc +77 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/utilities.adoc +185 -0
package/lib/openzeppelin-contracts/docs/modules/ROOT/pages/wizard.adoc +15 -0
package/lib/openzeppelin-contracts/docs/templates/contract.hbs +111 -0
package/lib/openzeppelin-contracts/docs/templates/helpers.js +46 -0
package/lib/openzeppelin-contracts/docs/templates/page.hbs +4 -0
package/lib/openzeppelin-contracts/docs/templates/properties.js +64 -0
package/lib/openzeppelin-contracts/hardhat/env-artifacts.js +24 -0
package/lib/openzeppelin-contracts/hardhat/env-contract.js +25 -0
package/lib/openzeppelin-contracts/hardhat/ignore-unreachable-warnings.js +45 -0
package/lib/openzeppelin-contracts/hardhat/skip-foundry-tests.js +6 -0
package/lib/openzeppelin-contracts/hardhat/task-test-get-files.js +25 -0
package/lib/openzeppelin-contracts/hardhat.config.js +131 -0
package/lib/openzeppelin-contracts/lib/erc4626-tests/LICENSE +661 -0
package/lib/openzeppelin-contracts/lib/erc4626-tests/README.md +116 -0
package/lib/openzeppelin-contracts/lib/forge-std/.github/workflows/ci.yml +92 -0
package/lib/openzeppelin-contracts/lib/forge-std/.gitmodules +3 -0
package/lib/openzeppelin-contracts/lib/forge-std/LICENSE-APACHE +203 -0
package/lib/openzeppelin-contracts/lib/forge-std/LICENSE-MIT +25 -0
package/lib/openzeppelin-contracts/lib/forge-std/README.md +250 -0
package/lib/openzeppelin-contracts/lib/forge-std/package.json +16 -0
package/lib/openzeppelin-contracts/logo.svg +15 -0
package/lib/openzeppelin-contracts/netlify.toml +3 -0
package/lib/openzeppelin-contracts/package-lock.json +16544 -0
package/lib/openzeppelin-contracts/package.json +96 -0
package/lib/openzeppelin-contracts/remappings.txt +1 -0
package/lib/openzeppelin-contracts/renovate.json +4 -0
package/lib/openzeppelin-contracts/requirements.txt +1 -0
package/lib/openzeppelin-contracts/scripts/checks/compare-layout.js +20 -0
package/lib/openzeppelin-contracts/scripts/checks/compareGasReports.js +243 -0
package/lib/openzeppelin-contracts/scripts/checks/extract-layout.js +38 -0
package/lib/openzeppelin-contracts/scripts/checks/generation.sh +6 -0
package/lib/openzeppelin-contracts/scripts/checks/inheritance-ordering.js +54 -0
package/lib/openzeppelin-contracts/scripts/gen-nav.js +41 -0
package/lib/openzeppelin-contracts/scripts/generate/format-lines.js +16 -0
package/lib/openzeppelin-contracts/scripts/generate/run.js +49 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.js +247 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.opts.js +17 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/Checkpoints.t.js +146 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/EnumerableMap.js +283 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/EnumerableSet.js +250 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/SafeCast.js +126 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/StorageSlot.js +78 -0
package/lib/openzeppelin-contracts/scripts/generate/templates/conversion.js +30 -0
package/lib/openzeppelin-contracts/scripts/git-user-config.sh +6 -0
package/lib/openzeppelin-contracts/scripts/helpers.js +37 -0
package/lib/openzeppelin-contracts/scripts/prepack.sh +23 -0
package/lib/openzeppelin-contracts/scripts/prepare-docs.sh +26 -0
package/lib/openzeppelin-contracts/scripts/release/format-changelog.js +33 -0
package/lib/openzeppelin-contracts/scripts/release/synchronize-versions.js +15 -0
package/lib/openzeppelin-contracts/scripts/release/update-comment.js +34 -0
package/lib/openzeppelin-contracts/scripts/release/version.sh +11 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/exit-prerelease.sh +8 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/github-release.js +48 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/integrity-check.sh +20 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/pack.sh +26 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/publish.sh +26 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/rerun.js +7 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/set-changesets-pr-title.js +17 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/start.sh +35 -0
package/lib/openzeppelin-contracts/scripts/release/workflow/state.js +112 -0
package/lib/openzeppelin-contracts/scripts/remove-ignored-artifacts.js +45 -0
package/lib/openzeppelin-contracts/scripts/solhint-custom/index.js +84 -0
package/lib/openzeppelin-contracts/scripts/solhint-custom/package.json +5 -0
package/lib/openzeppelin-contracts/scripts/update-docs-branch.js +65 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/README.md +21 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/patch-apply.sh +19 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/patch-save.sh +18 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/transpile-onto.sh +54 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/transpile.sh +47 -0
package/lib/openzeppelin-contracts/scripts/upgradeable/upgradeable.patch +360 -0
package/lib/openzeppelin-contracts/slither.config.json +5 -0
package/lib/openzeppelin-contracts/solhint.config.js +20 -0
package/mythril-lft-output.txt +1 -0
package/mythril-lft-symbolic.txt +18 -0
package/mythril-lft.sh +20 -0
package/mythril-symbolic-output.txt +1 -0
package/mythril-symbolic.sh +42 -0
package/out/build-info/0026b78428192979.json +1 -0
package/out/build-info/03c4fc3b88486eba.json +1 -0
package/out/build-info/0540afa9b9a5c5a6.json +1 -0
package/out/build-info/081932f505bc08b9.json +1 -0
package/out/build-info/0da104ba0d6642d5.json +1 -0
package/out/build-info/197281971dbb5f23.json +1 -0
package/out/build-info/197e7e332832a232.json +1 -0
package/out/build-info/1a1cab9136eb5f94.json +1 -0
package/out/build-info/1b320204eb162aa2.json +1 -0
package/out/build-info/1e03f94398052674.json +1 -0
package/out/build-info/22ac085949602937.json +1 -0
package/out/build-info/234ef37453a9fa64.json +1 -0
package/out/build-info/2447db7b1878fa8e.json +1 -0
package/out/build-info/25568daeb484f5ff.json +1 -0
package/out/build-info/27465853244c49ce.json +1 -0
package/out/build-info/2c57a9e0f087453b.json +1 -0
package/out/build-info/3c62ae7de8da68c4.json +1 -0
package/out/build-info/3e771ae109e97bb3.json +1 -0
package/out/build-info/460499bc0a3465c4.json +1 -0
package/out/build-info/47ce37e50a4f115e.json +1 -0
package/out/build-info/4fcce5c63cf427d6.json +1 -0
package/out/build-info/4fd0a53fe63fddbb.json +1 -0
package/out/build-info/50f1247db9d769cc.json +1 -0
package/out/build-info/5317d0181a7a5e02.json +1 -0
package/out/build-info/594df509275ceb5b.json +1 -0
package/out/build-info/61983ac3f6141719.json +1 -0
package/out/build-info/638c4548307122fe.json +1 -0
package/out/build-info/67c2c43bdb7c0ded.json +1 -0
package/out/build-info/777f42643aad37b7.json +1 -0
package/out/build-info/7d7856f19e845354.json +1 -0
package/out/build-info/83976260b6f71e94.json +1 -0
package/out/build-info/83c23882000b963d.json +1 -0
package/out/build-info/84b2cce8f70b36be.json +1 -0
package/out/build-info/8bc13d31d7c3206a.json +1 -0
package/out/build-info/8e183bd4d9d8cf88.json +1 -0
package/out/build-info/94bfe1e7cafa8ff5.json +1 -0
package/out/build-info/99ec7d5e8d8ff360.json +1 -0
package/out/build-info/9ac044b29daa7d5e.json +1 -0
package/out/build-info/9b203227ff5d2e63.json +1 -0
package/out/build-info/9d18c5872c4282dd.json +1 -0
package/out/build-info/9f77f04f33baf9a3.json +1 -0
package/out/build-info/a6e1caf974787982.json +1 -0
package/out/build-info/a94b6348867a62d6.json +1 -0
package/out/build-info/ad93721947a8b195.json +1 -0
package/out/build-info/b42daddb5aa4b19f.json +1 -0
package/out/build-info/bf13512ae899f7e8.json +1 -0
package/out/build-info/c39f86c20a548c4a.json +1 -0
package/out/build-info/cb12bb975a2f4e65.json +1 -0
package/out/build-info/d0c6788fadc2aa60.json +1 -0
package/out/build-info/d2726bf94ed5b845.json +1 -0
package/out/build-info/d4eb00da50cce5cb.json +1 -0
package/out/build-info/db931924a3bc8bdd.json +1 -0
package/out/build-info/e1a503d49bc77401.json +1 -0
package/out/build-info/efe5396f8892ce77.json +1 -0
package/out/build-info/f536d90ced745969.json +1 -0
package/out/build-info/fed38823c7019b82.json +1 -0
package/package.json +51 -0
package/page.html +5384 -0
package/pancakeswap-simple-tvl.sql +15 -0
package/pancakeswap-top-pools.sql +29 -0
package/pancakeswap-tvl-optimized.sql +57 -0
package/pancakeswap-tvl-query.sql +60 -0
package/pancakeswap-underflow-hunting.sql +51 -0
package/pancakeswap-vulnerability-queries.sql +200 -0
package/posi_page.html +6369 -0
package/posi_response.json +29 -0
package/proxy_page.html +500 -0
package/run_mythril_elephant.sh +18 -0
package/sHEGIC-bytecode.bin +6 -0
package/sHEGIC-mythril-analysis.txt +1 -0
package/sHEGIC-mythril-full.txt +134 -0
package/sHEGIC_ANALYSIS.md +135 -0
package/sHEGIC_EXPLOIT_ANALYSIS.md +317 -0
package/sHEGIC_MYTHRIL_ANALYSIS.md +361 -0
package/scrape-snowcrash.js +28 -0
package/scripts/yooshi_drain.sh +154 -0
package/shi_raw.json +1 -0
package/temp.json +1 -0
package/temp_harvest.json +1 -0
package/temp_pika.json +1 -0
package/temp_posi.json +1 -0
package/temp_response.json +1 -0
package/test-lft-hidden-balance.js +108 -0
package/test-xfi-exploit.js +140 -0
package/trunk-liquidity-rescue.js +164 -0
package/vBABY_page.html +6153 -0
package/vBABY_response.json +29 -0
package/wsg_response.json +1 -0
package/yooldo_page.html +10371 -0

package/check-ceek-lp.js ADDED Viewed

@@ -0,0 +1,73 @@
+const { ethers } = require('ethers');
+const RPC = 'https://bsc-dataseed.binance.org/';
+const provider = new ethers.providers.JsonRpcProvider(RPC);
+const LP_ADDRESS = '0x119D6Ebe840966c9Cf4fF6603E76208d30BA2179';
+const CEEK_ADDRESS = '0xe0f94ac5462997d2bc57287ac3a3ae4c31345d66';
+const LP_ABI = [
+    'function token0() view returns (address)',
+    'function token1() view returns (address)',
+    'function getReserves() view returns (uint112 reserve0, uint112 reserve1, uint32 blockTimestampLast)',
+    'function totalSupply() view returns (uint256)',
+    'function balanceOf(address) view returns (uint256)',
+    'function swap(uint amount0Out, uint amount1Out, address to, bytes calldata data) external'
+];
+const TOKEN_ABI = [
+    'function symbol() view returns (string)',
+    'function decimals() view returns (uint8)',
+    'function balanceOf(address) view returns (uint256)'
+];
+async function main() {
+    const lp = new ethers.Contract(LP_ADDRESS, LP_ABI, provider);
+    console.log('=== CEEK LP PAIR ANALYSIS ===');
+    console.log('LP Address:', LP_ADDRESS);
+    const token0 = await lp.token0();
+    const token1 = await lp.token1();
+    console.log('\nToken0:', token0);
+    console.log('Token1:', token1);
+    const token0Contract = new ethers.Contract(token0, TOKEN_ABI, provider);
+    const token1Contract = new ethers.Contract(token1, TOKEN_ABI, provider);
+    const symbol0 = await token0Contract.symbol();
+    const symbol1 = await token1Contract.symbol();
+    const decimals0 = await token0Contract.decimals();
+    const decimals1 = await token1Contract.decimals();
+    console.log(`\n${symbol0} (${decimals0} decimals)`);
+    console.log(`${symbol1} (${decimals1} decimals)`);
+    const reserves = await lp.getReserves();
+    console.log('\nReserves:');
+    console.log(`${symbol0}:`, ethers.utils.formatUnits(reserves.reserve0, decimals0));
+    console.log(`${symbol1}:`, ethers.utils.formatUnits(reserves.reserve1, decimals1));
+    const totalSupply = await lp.totalSupply();
+    console.log('\nLP Total Supply:', ethers.utils.formatEther(totalSupply));
+    // Check if CEEK is token0 or token1
+    if (token0.toLowerCase() === CEEK_ADDRESS.toLowerCase()) {
+        console.log('\nCEEK is token0');
+    } else if (token1.toLowerCase() === CEEK_ADDRESS.toLowerCase()) {
+        console.log('\nCEEK is token1');
+    } else {
+        console.log('\nWARNING: CEEK not found in this pair!');
+    }
+    // Calculate price
+    const price0 = reserves.reserve1.mul(ethers.utils.parseUnits('1', decimals0)).div(reserves.reserve0);
+    const price1 = reserves.reserve0.mul(ethers.utils.parseUnits('1', decimals1)).div(reserves.reserve1);
+    console.log('\nPrices:');
+    console.log(`1 ${symbol0} =`, ethers.utils.formatUnits(price0, decimals1), symbol1);
+    console.log(`1 ${symbol1} =`, ethers.utils.formatUnits(price1, decimals0), symbol0);
+}
+main().catch(console.error);

package/check-ceek.js ADDED Viewed

@@ -0,0 +1,47 @@
+const { ethers } = require('ethers');
+const RPC = 'https://bsc-dataseed.binance.org/';
+const provider = new ethers.providers.JsonRpcProvider(RPC);
+const CEEK_ADDRESS = '0xe0f94ac5462997d2bc57287ac3a3ae4c31345d66';
+const ABI = [
+    'function owner() view returns (address)',
+    'function gate() view returns (address)',
+    'function trustedForwarder() view returns (address)',
+    'function totalSupply() view returns (uint256)',
+    'function cap() view returns (uint256)',
+    'function decimals() view returns (uint8)',
+    'function balanceOf(address) view returns (uint256)'
+];
+async function main() {
+    const ceek = new ethers.Contract(CEEK_ADDRESS, ABI, provider);
+    console.log('=== CEEK TOKEN ANALYSIS ===');
+    console.log('Address:', CEEK_ADDRESS);
+    const owner = await ceek.owner();
+    console.log('\nOwner:', owner);
+    const gate = await ceek.gate();
+    console.log('Gate (minter):', gate);
+    const trustedForwarder = await ceek.trustedForwarder();
+    console.log('Trusted Forwarder:', trustedForwarder);
+    const totalSupply = await ceek.totalSupply();
+    const cap = await ceek.cap();
+    const decimals = await ceek.decimals();
+    console.log('\nTotal Supply:', ethers.utils.formatUnits(totalSupply, decimals), 'CEEK');
+    console.log('Cap:', ethers.utils.formatUnits(cap, decimals), 'CEEK');
+    console.log('Remaining mintable:', ethers.utils.formatUnits(cap.sub(totalSupply), decimals), 'CEEK');
+    // Check if gate has any special permissions
+    if (gate !== ethers.constants.AddressZero) {
+        console.log('\n⚠️ Gate address can mint unlimited tokens up to cap!');
+    }
+}
+main().catch(console.error);

package/check-dxsale-address.js ADDED Viewed

@@ -0,0 +1,35 @@
+const { ethers } = require('ethers');
+async function main() {
+    const provider = new ethers.providers.JsonRpcProvider('https://bsc-dataseed.binance.org/');
+    // CatGirl token
+    const catgirl = '0x79ebc9a2ce02277a4b5b3a768b1c0a4ed75bd936';
+    console.log('=== CHECKING FOR DXSALE LOCK CONTRACTS ===\n');
+    // Common DXSale lock addresses on BSC:
+    const knownDXSaleLocks = [
+        '0xc765bddb93b0d1c1a88282ba0fa6b2d00e3e0c83', // DXSale Lock v1
+        '0x2d045410f002a95efcee67759a92518fa3fce677', // DXSale Lock v2
+        '0x7ee058420e5937496f5a2096f04caa7721cf70cc', // DXSale Lock Forwarder
+    ];
+    const tokenAbi = ['function balanceOf(address) view returns (uint256)'];
+    const token = new ethers.Contract(catgirl, tokenAbi, provider);
+    for (const lockAddr of knownDXSaleLocks) {
+        console.log(`Checking: ${lockAddr}`);
+        const lockCode = await provider.getCode(lockAddr);
+        if (lockCode !== '0x') {
+            const balance = await token.balanceOf(lockAddr);
+            console.log('  ✓ Contract exists');
+            console.log('  CATGIRL balance:', ethers.utils.formatEther(balance));
+        } else {
+            console.log('  ✗ No contract');
+        }
+        console.log('');
+    }
+}
+main().catch(console.error);

package/check-fara-exploit-timing.js ADDED Viewed

@@ -0,0 +1,56 @@
+const { ethers } = require('ethers');
+const RPC = 'https://bsc-dataseed.binance.org';
+const provider = new ethers.providers.JsonRpcProvider(RPC);
+const STAKING_CONTRACT = '0x107E5696fAc55207DFC05C071404C31CEc57d47A';
+const REAL_USER = '0xc75124Cc9d40d7f53FB05B5f8CC13638EfD869fE';
+async function checkExploitTiming() {
+    console.log('=== CHECKING WHEN THE EXPLOIT HAPPENED ===\n');
+    // Get the contract creation block
+    const currentBlock = await provider.getBlockNumber();
+    console.log('Current block:', currentBlock);
+    // Check if there were any contract upgrades or changes
+    // by looking at the transaction history
+    // The user showed transaction logs with these characteristics:
+    // 1. Normal transaction: periodId = 7,677,834,305,148,927,392
+    // 2. Exploit transaction: periodId = 2,348,722,764,634,508,715,752,853
+    // The exploit periodId is 305,909x larger than normal
+    // This suggests a MASSIVE underflow in time calculation
+    console.log('=== EXPLOIT CHARACTERISTICS ===');
+    console.log('Normal periodId: 7,677,834,305,148,927,392');
+    console.log('Exploit periodId: 2,348,722,764,634,508,715,752,853');
+    console.log('Multiplier: 305,909x');
+    console.log('\n=== HYPOTHESIS ===');
+    console.log('The exploit likely occurred when:');
+    console.log('1. A fund had a future endTime (set incorrectly by owner)');
+    console.log('2. User staked in that fund');
+    console.log('3. Reward calculation: (currentTime - endTime) underflowed');
+    console.log('4. Result: Massive periodId -> Massive rewards');
+    console.log('\n=== WHY IT DOESNT WORK NOW ===');
+    console.log('1. The vulnerable fund may have expired');
+    console.log('2. The contract may have been patched');
+    console.log('3. The owner may have fixed the fund parameters');
+    console.log('\n=== CONCLUSION ===');
+    console.log('This was a TIME-SENSITIVE exploit that required:');
+    console.log('- A specific fund with misconfigured endTime');
+    console.log('- Staking during the vulnerable window');
+    console.log('- The exploit window has likely closed');
+    console.log('\n=== POTENTIAL CURRENT EXPLOITS ===');
+    console.log('We should check if:');
+    console.log('1. Any OTHER funds have future endTimes');
+    console.log('2. The owner can still create vulnerable funds');
+    console.log('3. There are other underflow vectors in the contract');
+}
+checkExploitTiming().catch(console.error);

package/check-fara-real-exploit.js ADDED Viewed

@@ -0,0 +1,73 @@
+const { ethers } = require('ethers');
+const RPC = 'https://bsc-dataseed.binance.org';
+const provider = new ethers.providers.JsonRpcProvider(RPC);
+const STAKING_CONTRACT = '0x107E5696fAc55207DFC05C071404C31CEc57d47A';
+const FARA_TOKEN = '0xF4Ed363144981D3A65f42e7D0DC54FF9EEf559A1';
+const REAL_USER = '0xc75124Cc9d40d7f53FB05B5f8CC13638EfD869fE';
+// Transaction hashes from the user's history
+const TX_WITH_568_FARA = '0x...'; // The one with 568 FARA reward
+const TX_WITH_2_FARA = '0x...'; // The one with 2.36 FARA reward
+async function analyzeRealExploit() {
+    console.log('=== ANALYZING REAL USER EXPLOIT ===\n');
+    // Check current contract state
+    const faraToken = new ethers.Contract(FARA_TOKEN, [
+        'function balanceOf(address) view returns (uint256)',
+        'function decimals() view returns (uint8)'
+    ], provider);
+    const contractBalance = await faraToken.balanceOf(STAKING_CONTRACT);
+    const decimals = await faraToken.decimals();
+    console.log('Contract FARA balance:', ethers.utils.formatUnits(contractBalance, decimals));
+    console.log('Contract address:', STAKING_CONTRACT);
+    // The key insight: User got 568 FARA but events show 0 rewards
+    // This means the Transfer event happened OUTSIDE the RewardClaimed event
+    // Let's check if there's a separate reward pool contract
+    console.log('\n=== CHECKING FOR REWARD POOL ===');
+    console.log('Reward sender in 568 FARA tx: 0x0771CdEDC2aDA575c98b3cF5AC3b42f5A99b9c4b');
+    const rewardPool = '0x0771CdEDC2aDA575c98b3cF5AC3b42f5A99b9c4b';
+    const rewardPoolBalance = await faraToken.balanceOf(rewardPool);
+    console.log('Reward pool FARA balance:', ethers.utils.formatUnits(rewardPoolBalance, decimals));
+    // Check if reward pool has code
+    const code = await provider.getCode(rewardPool);
+    console.log('Reward pool has code:', code.length > 2);
+    console.log('Code length:', code.length);
+    // The massive periodId suggests time-based calculation overflow
+    // periodId: 2,348,722,764,634,508,715,752,853
+    // This is approximately 2.35 * 10^24
+    console.log('\n=== ANALYZING PERIOD ID ===');
+    const exploitPeriodId = BigInt('2348722764634508715752853');
+    const normalPeriodId = BigInt('7677834305148927392');
+    console.log('Exploit periodId:', exploitPeriodId.toString());
+    console.log('Normal periodId:', normalPeriodId.toString());
+    console.log('Ratio:', Number(exploitPeriodId / normalPeriodId));
+    // Check if this could be a timestamp overflow
+    const currentTime = Math.floor(Date.now() / 1000);
+    console.log('\nCurrent timestamp:', currentTime);
+    console.log('Exploit periodId as timestamp:', Number(exploitPeriodId));
+    // If periodId is calculated as (endTime - startTime) * multiplier
+    // and startTime > endTime, it underflows
+    console.log('\n=== HYPOTHESIS ===');
+    console.log('If the contract calculates:');
+    console.log('  periodId = (currentTime - lastUpdateTime) * SOME_MULTIPLIER');
+    console.log('And lastUpdateTime > currentTime (future timestamp)');
+    console.log('Then: periodId underflows to massive value');
+    console.log('Result: User gets MASSIVE rewards');
+}
+analyzeRealExploit().catch(console.error);

package/check-flashloan-limits.js ADDED Viewed

@@ -0,0 +1,129 @@
+// Check maximum flash loan amounts available
+const ethers = require('ethers');
+const WETH = '0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2';
+const USDC = '0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48';
+const DAI = '0x6B175474E89094C44Da98b954EedeAC495271d0F';
+// Flash loan providers
+const BALANCER_VAULT = '0xBA12222222228d8Ba445958a75a0704d566BF2C8';
+const AAVE_POOL = '0x87870Bca3F3fD6335C3F4ce8392D69350B4fA4E2'; // Aave V3
+const UNISWAP_V3_FACTORY = '0x1F98431c8aD98523631AE4a59f267346ea31F984';
+const ERC20_ABI = [
+    'function balanceOf(address) view returns (uint256)',
+    'function decimals() view returns (uint8)',
+    'function symbol() view returns (string)'
+];
+async function main() {
+    const provider = new ethers.providers.JsonRpcProvider(
+        'https://mainnet.infura.io/v3/db4d2c885bc946b691dbb3d5ef26d9e2'
+    );
+    console.log('=== MAXIMUM FLASH LOAN AMOUNTS ===\n');
+    // Check Balancer Vault (0% fee, best option)
+    console.log('1. BALANCER VAULT (0% fee)');
+    console.log('   Address:', BALANCER_VAULT);
+    const weth = new ethers.Contract(WETH, ERC20_ABI, provider);
+    const usdc = new ethers.Contract(USDC, ERC20_ABI, provider);
+    const dai = new ethers.Contract(DAI, ERC20_ABI, provider);
+    const balancerWETH = await weth.balanceOf(BALANCER_VAULT);
+    const balancerUSDC = await usdc.balanceOf(BALANCER_VAULT);
+    const balancerDAI = await dai.balanceOf(BALANCER_VAULT);
+    console.log('   WETH:', ethers.utils.formatEther(balancerWETH), 'WETH');
+    console.log('   USDC:', ethers.utils.formatUnits(balancerUSDC, 6), 'USDC');
+    console.log('   DAI:', ethers.utils.formatEther(balancerDAI), 'DAI');
+    // Check Aave V3 (0.05% fee)
+    console.log('\n2. AAVE V3 (0.05% fee)');
+    console.log('   Address:', AAVE_POOL);
+    const aaveWETH = await weth.balanceOf(AAVE_POOL);
+    const aaveUSDC = await usdc.balanceOf(AAVE_POOL);
+    const aaveDAI = await dai.balanceOf(AAVE_POOL);
+    console.log('   WETH:', ethers.utils.formatEther(aaveWETH), 'WETH');
+    console.log('   USDC:', ethers.utils.formatUnits(aaveUSDC, 6), 'USDC');
+    console.log('   DAI:', ethers.utils.formatEther(aaveDAI), 'DAI');
+    // Check XFI liquidity on Uniswap V2
+    console.log('\n3. XFI LIQUIDITY');
+    const XFI = '0x5BEfBB272290dD5b8521D4a938f6c4757742c430';
+    const XFI_WETH_PAIR = '0xaF996125e98b5804c00FFDB4f7fF386307c99A00';
+    const xfi = new ethers.Contract(XFI, ERC20_ABI, provider);
+    const pairWETH = await weth.balanceOf(XFI_WETH_PAIR);
+    const pairXFI = await xfi.balanceOf(XFI_WETH_PAIR);
+    console.log('   Uniswap V2 XFI/WETH Pair:', XFI_WETH_PAIR);
+    console.log('   WETH in pair:', ethers.utils.formatEther(pairWETH), 'WETH');
+    console.log('   XFI in pair:', ethers.utils.formatEther(pairXFI), 'XFI');
+    // Calculate max XFI we can buy
+    const maxWETH = balancerWETH; // Use Balancer's WETH
+    // Uniswap V2 formula: amountOut = (amountIn * 997 * reserveOut) / (reserveIn * 1000 + amountIn * 997)
+    // But we can't buy ALL the XFI, max is ~99% of reserves
+    const maxXFI = pairXFI.mul(99).div(100);
+    console.log('\n=== MAXIMUM EXPLOIT CAPACITY ===');
+    console.log('Max WETH flash loan (Balancer):', ethers.utils.formatEther(balancerWETH), 'WETH');
+    console.log('Max XFI we can buy (~99% of pool):', ethers.utils.formatEther(maxXFI), 'XFI');
+    // Calculate how much WETH needed to buy that much XFI
+    // amountIn = (reserveIn * amountOut * 1000) / ((reserveOut - amountOut) * 997)
+    const amountOut = maxXFI;
+    const reserveIn = pairWETH;
+    const reserveOut = pairXFI;
+    const numerator = reserveIn.mul(amountOut).mul(1000);
+    const denominator = reserveOut.sub(amountOut).mul(997);
+    const wethNeeded = numerator.div(denominator);
+    console.log('WETH needed to buy that much XFI:', ethers.utils.formatEther(wethNeeded), 'WETH');
+    if (wethNeeded.lt(balancerWETH)) {
+        console.log('\n✅ FEASIBLE! We can flash loan enough WETH from Balancer');
+        console.log('   Flash loan:', ethers.utils.formatEther(wethNeeded), 'WETH');
+        console.log('   Buy:', ethers.utils.formatEther(maxXFI), 'XFI');
+        console.log('   Fee: 0 WETH (Balancer has 0% fee)');
+    } else {
+        console.log('\n❌ NOT FEASIBLE - Need more WETH than available');
+        console.log('   Max we can buy with', ethers.utils.formatEther(balancerWETH), 'WETH:');
+        // Calculate max XFI with available WETH
+        const amountIn = balancerWETH;
+        const amountInWithFee = amountIn.mul(997);
+        const numerator2 = amountInWithFee.mul(reserveOut);
+        const denominator2 = reserveIn.mul(1000).add(amountInWithFee);
+        const maxXFIWithAvailableWETH = numerator2.div(denominator2);
+        console.log('   Max XFI:', ethers.utils.formatEther(maxXFIWithAvailableWETH), 'XFI');
+    }
+    // Check current XFI staking pool
+    console.log('\n=== XFI STAKING POOL ===');
+    const STAKING = '0x5cD1C00a88822182733E3ac335863fcC9A1c0705';
+    const stakingXFI = await xfi.balanceOf(STAKING);
+    const STAKING_ABI = [
+        'function totalStakes() view returns (uint256)',
+        'function totalDividends() view returns (uint256)'
+    ];
+    const staking = new ethers.Contract(STAKING, STAKING_ABI, provider);
+    const totalStakes = await staking.totalStakes();
+    const totalDividends = await staking.totalDividends();
+    console.log('XFI in staking contract:', ethers.utils.formatEther(stakingXFI), 'XFI');
+    console.log('Total staked:', ethers.utils.formatEther(totalStakes), 'XFI');
+    console.log('Total dividends:', totalDividends.toString());
+    console.log('Available to drain:', ethers.utils.formatEther(stakingXFI.sub(totalStakes)), 'XFI');
+}
+main().catch(console.error);

package/check-kel-cel-pool.js ADDED Viewed

@@ -0,0 +1,91 @@
+const { ethers } = require('ethers');
+const provider = new ethers.providers.JsonRpcProvider('https://mainnet.infura.io/v3/db4d2c885bc946b691dbb3d5ef26d9e2');
+const PAIR = '0x638BC0940C623DF5094C5C176a087ba250dF4756';
+const KEL = '0x8d99569ef5fEBb19989892eEE7f81f8f909D07F3';
+const CEL = '0xaaAEBE6Fe48E54f431b0C390CfaF0b017d09D42d';
+const pairAbi = [
+    'function getReserves() external view returns (uint112 reserve0, uint112 reserve1, uint32 blockTimestampLast)',
+    'function token0() external view returns (address)',
+    'function token1() external view returns (address)',
+    'function price0CumulativeLast() external view returns (uint256)',
+    'function price1CumulativeLast() external view returns (uint256)',
+    'function kLast() external view returns (uint256)'
+];
+const erc20Abi = [
+    'function balanceOf(address) external view returns (uint256)',
+    'function decimals() external view returns (uint8)',
+    'function symbol() external view returns (string)',
+    'function totalSupply() external view returns (uint256)'
+];
+async function main() {
+    console.log('=== KEL-CEL POOL ANALYSIS ===\n');
+    const pair = new ethers.Contract(PAIR, pairAbi, provider);
+    const kelToken = new ethers.Contract(KEL, erc20Abi, provider);
+    const celToken = new ethers.Contract(CEL, erc20Abi, provider);
+    // Get token info
+    const kelDecimals = await kelToken.decimals();
+    const celDecimals = await celToken.decimals();
+    const kelSymbol = await kelToken.symbol();
+    const celSymbol = await celToken.symbol();
+    console.log('Token Info:');
+    console.log(`${kelSymbol} (${KEL}): ${kelDecimals} decimals`);
+    console.log(`${celSymbol} (${CEL}): ${celDecimals} decimals\n`);
+    // Get pair info
+    const token0 = await pair.token0();
+    const token1 = await pair.token1();
+    const reserves = await pair.getReserves();
+    console.log('Pair Info:');
+    console.log(`Token0: ${token0} (${token0 === KEL ? 'KEL' : 'CEL'})`);
+    console.log(`Token1: ${token1} (${token1 === KEL ? 'KEL' : 'CEL'})\n`);
+    // Get balances
+    const bal0 = await (token0 === KEL ? kelToken : celToken).balanceOf(PAIR);
+    const bal1 = await (token1 === KEL ? kelToken : celToken).balanceOf(PAIR);
+    console.log('Reserves vs Balances:');
+    console.log(`Reserve0: ${reserves[0]} (${ethers.utils.formatUnits(reserves[0], token0 === KEL ? kelDecimals : celDecimals)})`);
+    console.log(`Balance0: ${bal0} (${ethers.utils.formatUnits(bal0, token0 === KEL ? kelDecimals : celDecimals)})`);
+    console.log(`Dust0: ${bal0 - reserves[0]}\n`);
+    console.log(`Reserve1: ${reserves[1]} (${ethers.utils.formatUnits(reserves[1], token1 === KEL ? kelDecimals : celDecimals)})`);
+    console.log(`Balance1: ${bal1} (${ethers.utils.formatUnits(bal1, token1 === KEL ? kelDecimals : celDecimals)})`);
+    console.log(`Dust1: ${bal1 - reserves[1]}\n`);
+    // Calculate K
+    const k = reserves[0] * reserves[1];
+    console.log(`K (constant product): ${k}`);
+    console.log(`sqrt(K): ${Math.sqrt(Number(k))}\n`);
+    // Check price
+    const kelReserve = token0 === KEL ? reserves[0] : reserves[1];
+    const celReserve = token0 === CEL ? reserves[0] : reserves[1];
+    const price = Number(celReserve) / Number(kelReserve);
+    console.log(`Price: 1 KEL = ${price.toFixed(6)} CEL`);
+    console.log(`Price: 1 CEL = ${(1/price).toFixed(6)} KEL\n`);
+    // Get total supplies
+    const kelSupply = await kelToken.totalSupply();
+    const celSupply = await celToken.totalSupply();
+    console.log('Total Supplies:');
+    console.log(`KEL: ${ethers.utils.formatUnits(kelSupply, kelDecimals)}`);
+    console.log(`CEL: ${ethers.utils.formatUnits(celSupply, celDecimals)}\n`);
+    // Calculate pool percentage
+    const kelPoolPct = (Number(kelReserve) / Number(kelSupply) * 100).toFixed(2);
+    const celPoolPct = (Number(celReserve) / Number(celSupply) * 100).toFixed(2);
+    console.log('Pool Percentage of Supply:');
+    console.log(`KEL: ${kelPoolPct}%`);
+    console.log(`CEL: ${celPoolPct}%`);
+}
+main().catch(console.error);

package/check-lax-staking.js ADDED Viewed

@@ -0,0 +1,41 @@
+const { ethers } = require('ethers');
+const LAX_TOKEN = '0x7F9Bd73e51e66e0b2c7A87dB0ca530A11Eb7A7E9';
+const RPC = 'https://bsc-mainnet.infura.io/v3/db4d2c885bc946b691dbb3d5ef26d9e2';
+const LAX_ABI = [
+    'function STAKING() view returns (address)',
+    'function owner() view returns (address)',
+    'function recycle(uint256 amount) external'
+];
+async function checkLAXStaking() {
+    const provider = new ethers.providers.JsonRpcProvider(RPC);
+    const lax = new ethers.Contract(LAX_TOKEN, LAX_ABI, provider);
+    console.log('=== LAX TOKEN STAKING ADDRESS CHECK ===\n');
+    try {
+        const stakingAddress = await lax.STAKING();
+        console.log('STAKING address:', stakingAddress);
+        const owner = await lax.owner();
+        console.log('Owner address:', owner);
+        console.log('\n=== EXPLOIT REQUIREMENTS ===');
+        console.log('To call recycle() and drain the pool, you need:');
+        console.log('1. Control of STAKING address:', stakingAddress);
+        console.log('2. STAKING is immutable (set in constructor, cannot change)');
+        console.log('3. Only STAKING can call recycle()');
+        console.log('\n=== CONCLUSION ===');
+        console.log('❌ NOT USER-EXPLOITABLE');
+        console.log('✅ Requires privileged access (STAKING address control)');
+        console.log('⚠️  This is a CENTRALIZATION RISK, not a user exploit');
+    } catch (error) {
+        console.error('Error:', error.message);
+    }
+}
+checkLAXStaking();