cryptoshield 0.2.0__py3-none-any.whl

cryptoshield/__init__.py

@@ -0,0 +1,4 @@
+"""CryptoShield — All-in-one crypto security toolkit."""
+
+__version__ = "0.2.0"
+__author__ = "yossweh"

cryptoshield/approvals.py

@@ -0,0 +1,185 @@
+"""Token approval scanner — find dangerous approvals on your wallet.
+
+Scans on-chain Approval events to find all active token approvals.
+"""
+
+from web3 import Web3
+from .utils import (
+    get_web3, checksum, label_address, ERC20_ABI, APPROVAL_EVENT,
+    KNOWN_ADDRESSES, print_header, print_ok, print_warn, print_fail, print_info,
+)
+
+# Common approval spender labels
+SPENDER_LABELS = {
+    **KNOWN_ADDRESSES,
+    "0x0000000000000000000000000000000000000000": "Zero Address (burn)",
+    "0x000000000000000000000000000000000000dead": "Dead Address (burn)",
+}
+
+# Approvals above this are considered "unlimited"
+UNLIMITED_THRESHOLD = 2**250
+
+
+def scan_approvals(wallet: str, chain: str = "eth", blocks_back: int = 100_000) -> list:
+    """Scan all token approvals for a wallet."""
+    w3 = get_web3(chain)
+    wallet = checksum(wallet)
+
+    current_block = w3.eth.block_number
+    from_block = max(0, current_block - blocks_back)
+
+    # Get Approval events where owner = wallet
+    approval_topic = w3.keccak(
+        text="Approval(address,address,uint256)"
+    ).hex()
+
+    try:
+        logs = w3.eth.get_logs({
+            "fromBlock": from_block,
+            "toBlock": current_block,
+            "topics": [
+                approval_topic,
+                "0x" + wallet[2:].lower().zfill(64),  # owner
+            ],
+        })
+    except Exception as e:
+        return [{"error": str(e)}]
+
+    # Deduplicate: keep latest approval per (token, spender)
+    approvals = {}
+    for log in logs:
+        try:
+            token_addr = log["address"]
+            spender = "0x" + log["topics"][2].hex()[-40:]
+            spender = Web3.to_checksum_address(spender)
+            value = int(log["data"].hex(), 16)
+
+            key = (token_addr.lower(), spender.lower())
+            approvals[key] = {
+                "token": token_addr,
+                "spender": spender,
+                "value": value,
+                "block": log["blockNumber"],
+            }
+        except Exception:
+            continue
+
+    # Filter: only keep current approvals (check on-chain allowance)
+    active = []
+    for (token_lower, spender_lower), info in approvals.items():
+        if info["value"] == 0:
+            continue
+
+        try:
+            contract = w3.eth.contract(
+                address=checksum(info["token"]), abi=ERC20_ABI
+            )
+            current_allowance = contract.functions.allowance(
+                wallet, checksum(info["spender"])
+            ).call()
+
+            if current_allowance == 0:
+                continue
+
+            # Get token info
+            try:
+                name = contract.functions.name().call()
+            except Exception:
+                name = "Unknown"
+            try:
+                symbol = contract.functions.symbol().call()
+            except Exception:
+                symbol = "?"
+
+            is_unlimited = current_allowance >= UNLIMITED_THRESHOLD
+            spender_label = SPENDER_LABELS.get(
+                info["spender"].lower(), "Unknown Contract"
+            )
+
+            active.append({
+                "token": info["token"],
+                "token_name": name,
+                "token_symbol": symbol,
+                "spender": info["spender"],
+                "spender_label": spender_label,
+                "allowance": current_allowance,
+                "is_unlimited": is_unlimited,
+                "is_known": info["spender"].lower() in KNOWN_ADDRESSES,
+            })
+        except Exception:
+            continue
+
+    return active
+
+
+def print_approval_report(approvals: list, wallet: str):
+    """Pretty-print approval scan results."""
+    if not approvals:
+        print_ok("No active approvals found — your wallet is clean!")
+        return
+
+    if "error" in approvals[0]:
+        print_fail(f"Error: {approvals[0]['error']}")
+        return
+
+    print_header(f"APPROVAL AUDIT — {wallet[:6]}...{wallet[-4:]}")
+
+    dangerous = []
+    caution = []
+    safe = []
+
+    for a in approvals:
+        if a["is_unlimited"] and not a["is_known"]:
+            dangerous.append(a)
+        elif a["is_unlimited"] and a["is_known"]:
+            caution.append(a)
+        else:
+            safe.append(a)
+
+    # Dangerous first
+    for a in dangerous:
+        print_fail(
+            f"{a['token_symbol']} → UNLIMITED to {label_address(a['spender'])}"
+        )
+        print(f"         ⚡ RECOMMEND: revoke immediately")
+
+    # Caution
+    for a in caution:
+        print_warn(
+            f"{a['token_symbol']} → unlimited to {label_address(a['spender'])}"
+        )
+        print(f"         Known protocol — consider reducing allowance")
+
+    # Safe
+    for a in safe:
+        if a["allowance"] > 10**18:
+            amount = f"{a['allowance'] / 10**18:.2f}"
+        else:
+            amount = str(a["allowance"])
+        print_ok(
+            f"{a['token_symbol']} → {amount} to {label_address(a['spender'])}"
+        )
+
+    print()
+    print_info(f"Total approvals: {len(approvals)}")
+    if dangerous:
+        print_fail(f"{len(dangerous)} HIGH RISK — revoke now!")
+    if caution:
+        print_warn(f"{len(caution)} caution — review recommended")
+
+
+REVOKE4_ABI = [
+    {
+        "inputs": [
+            {"name": "token", "type": "address"},
+            {"name": "spender", "type": "address"},
+        ],
+        "name": "revoke",
+        "outputs": [],
+        "stateMutability": "nonpayable",
+        "type": "function",
+    }
+]
+
+# revoke.xyz contract
+REVOKE_CONTRACT = "0x000000000000Dd366e1DA4F6c8a2b2F9e01f6F1E"

cryptoshield/cli.py

@@ -0,0 +1,166 @@
+"""CryptoShield CLI — All-in-one crypto security toolkit."""
+
+import sys
+import typer
+
+from . import __version__
+
+app = typer.Typer(
+    name="cryptoshield",
+    help="🛡 CryptoShield — All-in-one crypto security toolkit",
+    add_completion=False,
+)
+
+
+@app.command()
+def check(
+    address: str = typer.Argument(..., help="Token contract address"),
+    chain: str = typer.Option("eth", "-c", "--chain", help="Chain: eth, bsc, polygon, arbitrum, optimism, base, avalanche, fantom, solana"),
+    quick: bool = typer.Option(False, "-q", "--quick", help="Quick check (honeypot only)"),
+):
+    """Full security report for a token contract."""
+    if chain == "solana":
+        from .solana import check_solana_token, print_solana_token_report
+        print(f"\n🛡 CRYPTO SHIELD — Scanning Solana token {address[:10]}...")
+        print("━" * 50)
+        report = check_solana_token(address)
+        print_solana_token_report(report)
+        return
+
+    from .honeypot import check_honeypot, print_honeypot_report
+    from .rugpull import analyze_rugpull, print_rugpull_report
+
+    print(f"\n🛡 CRYPTO SHIELD — Scanning {address[:10]}... on {chain}")
+    print("━" * 50)
+
+    if quick:
+        report = check_honeypot(address, chain)
+        print_honeypot_report(report)
+    else:
+        report = analyze_rugpull(address, chain)
+        print_rugpull_report(report)
+        print()
+        hp = check_honeypot(address, chain)
+        print_honeypot_report(hp)
+
+
+@app.command()
+def approvals(
+    wallet: str = typer.Argument(..., help="Wallet address to scan"),
+    chain: str = typer.Option("eth", "-c", "--chain", help="Chain to scan"),
+    blocks: int = typer.Option(100000, "-b", "--blocks", help="How many blocks back to scan"),
+):
+    """Scan token approvals for a wallet."""
+    from .approvals import scan_approvals, print_approval_report
+
+    print(f"\n🛡 Scanning approvals for {wallet[:10]}... on {chain}")
+    results = scan_approvals(wallet, chain, blocks)
+    print_approval_report(results, wallet)
+
+
+@app.command()
+def rugpull(
+    address: str = typer.Argument(..., help="Token contract address"),
+    chain: str = typer.Option("eth", "-c", "--chain", help="Chain"),
+):
+    """Analyze rugpull risk for a token."""
+    if chain == "solana":
+        from .solana import check_solana_token, print_solana_token_report
+        report = check_solana_token(address)
+        print_solana_token_report(report)
+        return
+
+    from .rugpull import analyze_rugpull, print_rugpull_report
+
+    report = analyze_rugpull(address, chain)
+    print_rugpull_report(report)
+
+
+@app.command("check-url")
+def check_url_cmd(
+    url: str = typer.Argument(..., help="URL to check"),
+):
+    """Check if a URL is a known or suspected phishing site."""
+    from .phishing import check_url, print_phishing_report
+
+    report = check_url(url)
+    print_phishing_report(report)
+
+
+@app.command()
+def solana(
+    wallet: str = typer.Argument(..., help="Solana wallet address"),
+):
+    """Check Solana wallet — SOL balance + token holdings."""
+    from .solana import check_solana_wallet
+
+    print(f"\n🛡 Solana wallet scan — {wallet[:10]}...")
+    print("━" * 50)
+    report = check_solana_wallet(wallet)
+
+    print(f"\n  💰 SOL Balance: {report['sol_balance']:.4f} SOL")
+    print(f"  📦 Token accounts: {len(report['tokens'])}")
+
+    if report["tokens"]:
+        print("\n  Token Holdings:")
+        for t in report["tokens"]:
+            if t["balance"] > 0:
+                print(f"    • {t['mint'][:8]}...{t['mint'][-4:]}: {t['balance']:,.2f}")
+
+
+@app.command()
+def batch(
+    addresses_file: str = typer.Argument(..., help="File with addresses (one per line)"),
+    chain: str = typer.Option("eth", "-c", "--chain", help="Chain"),
+    mode: str = typer.Option("honeypot", "-m", "--mode", help="Mode: honeypot, approvals, rugpull"),
+):
+    """Batch check multiple addresses from a file."""
+    from pathlib import Path
+
+    path = Path(addresses_file)
+    if not path.exists():
+        print(f"File not found: {addresses_file}")
+        sys.exit(1)
+
+    addresses = [line.strip() for line in path.read_text().splitlines() if line.strip()]
+    print(f"\n🛡 Batch {mode} check — {len(addresses)} addresses on {chain}")
+    print("━" * 50)
+
+    for i, addr in enumerate(addresses, 1):
+        print(f"\n[{i}/{len(addresses)}] {addr[:10]}...")
+        if mode == "honeypot":
+            if chain == "solana":
+                from .solana import check_solana_token, print_solana_token_report
+                report = check_solana_token(addr)
+                print_solana_token_report(report)
+            else:
+                from .honeypot import check_honeypot, print_honeypot_report
+                report = check_honeypot(addr, chain)
+                print_honeypot_report(report)
+        elif mode == "rugpull":
+            if chain == "solana":
+                from .solana import check_solana_token, print_solana_token_report
+                report = check_solana_token(addr)
+                print_solana_token_report(report)
+            else:
+                from .rugpull import analyze_rugpull, print_rugpull_report
+                report = analyze_rugpull(addr, chain)
+                print_rugpull_report(report)
+        elif mode == "approvals":
+            from .approvals import scan_approvals, print_approval_report
+            results = scan_approvals(addr, chain)
+            print_approval_report(results, addr)
+
+
+@app.command()
+def version():
+    """Show version."""
+    print(f"CryptoShield v{__version__}")
+
+
+def main():
+    app()
+
+
+if __name__ == "__main__":
+    main()

cryptoshield/db.py

@@ -0,0 +1,50 @@
+"""SQLite cache for API results."""
+
+import sqlite3
+import json
+import time
+from pathlib import Path
+
+DB_PATH = Path.home() / ".cryptoshield" / "cache.db"
+
+
+def get_db() -> sqlite3.Connection:
+    DB_PATH.parent.mkdir(parents=True, exist_ok=True)
+    conn = sqlite3.connect(str(DB_PATH))
+    conn.execute("""
+        CREATE TABLE IF NOT EXISTS cache (
+            key TEXT PRIMARY KEY,
+            value TEXT NOT NULL,
+            expires_at REAL NOT NULL
+        )
+    """)
+    conn.commit()
+    return conn
+
+
+def cache_get(key: str) -> dict | None:
+    conn = get_db()
+    row = conn.execute(
+        "SELECT value, expires_at FROM cache WHERE key = ?", (key,)
+    ).fetchone()
+    conn.close()
+    if row and row[1] > time.time():
+        return json.loads(row[0])
+    return None
+
+
+def cache_set(key: str, value: dict, ttl: int = 3600):
+    conn = get_db()
+    conn.execute(
+        "INSERT OR REPLACE INTO cache (key, value, expires_at) VALUES (?, ?, ?)",
+        (key, json.dumps(value), time.time() + ttl),
+    )
+    conn.commit()
+    conn.close()
+
+
+def cache_clear():
+    conn = get_db()
+    conn.execute("DELETE FROM cache")
+    conn.commit()
+    conn.close()

cryptoshield/honeypot.py

@@ -0,0 +1,219 @@
+"""Honeypot checker — detect scam tokens before you buy.
+
+Uses GoPlus Security API (free, no key required).
+"""
+
+from .db import cache_get, cache_set
+from .utils import fetch_json, print_header, print_ok, print_warn, print_fail, print_info
+
+GOPLUS_TOKEN_SECURITY = "https://api.gopluslabs.io/api/v1/token_security/{chain_id}"
+
+
+def get_chain_id_goplus(chain: str) -> int:
+    """Map chain name to GoPlus chain ID."""
+    mapping = {
+        "eth": 1,
+        "bsc": 56,
+        "polygon": 137,
+        "arbitrum": 42161,
+        "optimism": 10,
+        "base": 8453,
+        "avalanche": 43114,
+        "fantom": 250,
+    }
+    return mapping.get(chain, 1)
+
+
+def check_honeypot(address: str, chain: str = "eth") -> dict:
+    """Check if a token is a honeypot using GoPlus API."""
+    cache_key = f"honeypot:{chain}:{address.lower()}"
+    cached = cache_get(cache_key)
+    if cached:
+        return cached
+
+    chain_id = get_chain_id_goplus(chain)
+    url = GOPLUS_TOKEN_SECURITY.format(chain_id=chain_id)
+    data = fetch_json(url, params={"contract_addresses": address})
+
+    if "error" in data:
+        return {"error": data["error"]}
+
+    result = data.get("result", {})
+    token_data = result.get(address.lower(), result.get(address, {}))
+
+    if not token_data:
+        return {"error": "Token not found on GoPlus"}
+
+    # Parse into structured report
+    report = {
+        "address": address,
+        "chain": chain,
+        "token_name": token_data.get("token_name", "Unknown"),
+        "token_symbol": token_data.get("token_symbol", "?"),
+        "is_honeypot": _to_bool(token_data.get("is_honeypot")),
+        "buy_tax": _to_float(token_data.get("buy_tax", "0")),
+        "sell_tax": _to_float(token_data.get("sell_tax", "0")),
+        "can_buy": not _to_bool(token_data.get("cannot_buy")),
+        "can_sell": not _to_bool(token_data.get("cannot_sell_all")),
+        "owner_can_mint": _to_bool(token_data.get("is_mintable")),
+        "owner_can_change_balance": _to_bool(token_data.get("owner_change_balance")),
+        "hidden_owner": _to_bool(token_data.get("hidden_owner")),
+        "selfdestruct": _to_bool(token_data.get("selfdestruct")),
+        "external_call": _to_bool(token_data.get("external_call")),
+        "is_proxy": _to_bool(token_data.get("is_proxy")),
+        "is_blacklisted": _to_bool(token_data.get("is_blacklisted")),
+        "is_whitelisted": _to_bool(token_data.get("is_whitelisted")),
+        "trading_cooldown": _to_bool(token_data.get("trading_cooldown")),
+        "is_open_source": _to_bool(token_data.get("is_open_source")),
+        "holder_count": _to_int(token_data.get("holder_count")),
+        "total_supply": token_data.get("total_supply", "0"),
+        "lp_total_supply": token_data.get("lp_total_supply", "0"),
+        "lp_holder_count": _to_int(token_data.get("lp_holder_count")),
+        "owner_address": token_data.get("owner_address", ""),
+        "creator_address": token_data.get("creator_address", ""),
+        "dex": token_data.get("dex", []),
+        "risks": [],
+    }
+
+    # Calculate risk flags
+    if report["is_honeypot"]:
+        report["risks"].append("HONEYPOT — cannot sell")
+    if report["buy_tax"] > 0.10:
+        report["risks"].append(f"HIGH BUY TAX — {report['buy_tax']*100:.0f}%")
+    elif report["buy_tax"] > 0.05:
+        report["risks"].append(f"BUY TAX — {report['buy_tax']*100:.0f}%")
+    if report["sell_tax"] > 0.10:
+        report["risks"].append(f"HIGH SELL TAX — {report['sell_tax']*100:.0f}%")
+    elif report["sell_tax"] > 0.05:
+        report["risks"].append(f"SELL TAX — {report['sell_tax']*100:.0f}%")
+    if report["owner_can_mint"]:
+        report["risks"].append("OWNER CAN MINT — infinite supply risk")
+    if report["owner_can_change_balance"]:
+        report["risks"].append("OWNER CAN CHANGE BALANCES")
+    if report["hidden_owner"]:
+        report["risks"].append("HIDDEN OWNER")
+    if report["selfdestruct"]:
+        report["risks"].append("SELF-DESTRUCT FUNCTION")
+    if report["external_call"]:
+        report["risks"].append("EXTERNAL CALLS — possible exploit vector")
+    if report["is_proxy"]:
+        report["risks"].append("PROXY CONTRACT — logic can change")
+    if not report["is_open_source"]:
+        report["risks"].append("CLOSED SOURCE — cannot verify code")
+
+    # Score: 0 = safe, 10 = scam
+    score = 0
+    if report["is_honeypot"]:
+        score += 50
+    score += min(int(report["buy_tax"] * 100), 20)
+    score += min(int(report["sell_tax"] * 100), 20)
+    if report["owner_can_mint"]:
+        score += 15
+    if report["owner_can_change_balance"]:
+        score += 15
+    if report["hidden_owner"]:
+        score += 10
+    if report["selfdestruct"]:
+        score += 10
+    if not report["is_open_source"]:
+        score += 10
+    if report["is_proxy"]:
+        score += 5
+    report["risk_score"] = min(score, 100)
+
+    cache_set(cache_key, report, ttl=1800)  # Cache 30 min
+    return report
+
+
+def print_honeypot_report(report: dict):
+    """Pretty-print honeypot check results."""
+    if "error" in report:
+        print_fail(f"Error: {report['error']}")
+        return
+
+    print_header(f"HONEYPOT CHECK — {report['token_name']} ({report['token_symbol']})")
+
+    # Sell ability
+    if report["can_sell"]:
+        print_ok("Can sell: YES")
+    else:
+        print_fail("Can sell: NO — HONEYPOT")
+
+    # Taxes
+    buy_pct = report["buy_tax"] * 100
+    sell_pct = report["sell_tax"] * 100
+    if buy_pct == 0 and sell_pct == 0:
+        print_ok("Tax: 0% buy / 0% sell")
+    elif buy_pct <= 5 and sell_pct <= 5:
+        print_ok(f"Tax: {buy_pct:.0f}% buy / {sell_pct:.0f}% sell")
+    elif buy_pct <= 10 and sell_pct <= 10:
+        print_warn(f"Tax: {buy_pct:.0f}% buy / {sell_pct:.0f}% sell")
+    else:
+        print_fail(f"Tax: {buy_pct:.0f}% buy / {sell_pct:.0f}% sell")
+
+    # Owner risks
+    if report["owner_can_mint"]:
+        print_fail("Owner can mint: YES — infinite supply risk")
+    else:
+        print_ok("Owner can mint: NO")
+
+    if report["owner_can_change_balance"]:
+        print_fail("Owner can change balances: YES")
+
+    if report["hidden_owner"]:
+        print_fail("Hidden owner: YES")
+
+    if report["selfdestruct"]:
+        print_fail("Self-destruct: YES")
+
+    if not report["is_open_source"]:
+        print_warn("Contract: NOT verified / closed source")
+    else:
+        print_ok("Contract: Verified")
+
+    if report["is_proxy"]:
+        print_warn("Proxy contract: YES — logic can be changed")
+
+    # Holder info
+    if report["holder_count"]:
+        print_info(f"Holders: {report['holder_count']}")
+
+    # Risk score
+    score = report["risk_score"]
+    if score <= 20:
+        print_ok(f"Risk Score: {score}/100 — LOW RISK")
+    elif score <= 50:
+        print_warn(f"Risk Score: {score}/100 — MEDIUM RISK")
+    else:
+        print_fail(f"Risk Score: {score}/100 — HIGH RISK")
+
+    # Risk flags
+    if report["risks"]:
+        print()
+        print("  Risks:")
+        for risk in report["risks"]:
+            print(f"    ⚡ {risk}")
+
+
+def _to_bool(val) -> bool:
+    if isinstance(val, bool):
+        return val
+    if isinstance(val, str):
+        return val in ("1", "true", "True")
+    if isinstance(val, (int, float)):
+        return val == 1
+    return False
+
+
+def _to_float(val) -> float:
+    try:
+        return float(val)
+    except (ValueError, TypeError):
+        return 0.0
+
+
+def _to_int(val) -> int:
+    try:
+        return int(val)
+    except (ValueError, TypeError):
+        return 0