cryptoshield 0.2.0__tar.gz

cryptoshield-0.2.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 yossweh
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

cryptoshield-0.2.0/PKG-INFO

@@ -0,0 +1,157 @@
+Metadata-Version: 2.4
+Name: cryptoshield
+Version: 0.2.0
+Summary: All-in-one crypto security toolkit — honeypot, approvals, rugpull, phishing
+Author-email: yossweh <cilokcilok15@gmail.com>
+License: MIT
+Project-URL: Homepage, https://github.com/yossweh/cryptoshield
+Project-URL: Repository, https://github.com/yossweh/cryptoshield
+Project-URL: Issues, https://github.com/yossweh/cryptoshield/issues
+Keywords: crypto,security,honeypot,rugpull,web3,defi,approval
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Libraries
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: typer>=0.9.0
+Requires-Dist: web3>=6.0.0
+Requires-Dist: requests>=2.28.0
+Dynamic: license-file
+
+# 🛡 CryptoShield
+
+**All-in-one crypto security toolkit.** Check tokens before you buy. Scan your wallet for dangerous approvals. Detect rugpulls. Block phishing sites.
+
+[![Python 3.9+](https://img.shields.io/badge/python-3.9+-blue.svg)](https://python.org)
+[![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)
+[![PyPI](https://img.shields.io/pypi/v/cryptoshield.svg)](https://pypi.org/project/cryptoshield/)
+
+## Features
+
+- **🍯 Honeypot Detection** — Can you sell? Hidden taxes? Mint function? Check before you buy.
+- **📋 Approval Scanner** — Find all token approvals on your wallet. Flag dangerous unlimited approvals.
+- **🔴 Rugpull Scorer** — Analyze contracts for common rug patterns. Score 0-100.
+- **🎣 Phishing Checker** — 60+ known scam domains. Typosquatting, fake airdrops, wallet drainers.
+- **☀️ Solana Support** — Check SPL tokens, freeze/mint authority, Jupiter listing status.
+- **📦 Batch Mode** — Check 100+ tokens/wallets from a file.
+
+## Install
+
+```bash
+pip install cryptoshield
+```
+
+Or from source:
+
+```bash
+git clone https://github.com/yossweh/cryptoshield
+cd cryptoshield
+pip install -e .
+```
+
+## Usage
+
+### Full security report (EVM)
+```bash
+cryptoshield check 0xdAC17F958D2ee523a2206206994597C13D831ec7
+cryptoshield check 0xToken --chain bsc
+cryptoshield check 0xToken --quick  # honeypot only
+```
+
+### Solana token check
+```bash
+cryptoshield check EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v --chain solana
+```
+
+### Scan wallet approvals
+```bash
+cryptoshield approvals 0xYourWallet
+cryptoshield approvals 0xYourWallet --chain polygon
+```
+
+### Check phishing URL
+```bash
+cryptoshield check-url uniswap-airdrop.com
+cryptoshield check-url https://app.uniswap.org
+cryptoshield check-url metamask-sync.xyz
+```
+
+### Solana wallet scan
+```bash
+cryptoshield solana YourSolanaWalletAddress
+```
+
+### Batch check
+```bash
+cryptoshield batch tokens.txt --mode honeypot
+cryptoshield batch tokens.txt --mode honeypot --chain solana
+cryptoshield batch wallets.txt --mode approvals --chain bsc
+```
+
+## Example Output
+
+```
+🛡 CRYPTO SHIELD REPORT
+━━━━━━━━━━━━━━━━━━━━━━━
+
+🍯 HONEYPOT CHECK — Tether USD (USDT)
+  ✅ Can sell: YES
+  ✅ Tax: 0% buy / 0% sell
+  ❌ Owner can mint: YES — infinite supply risk
+  ❌ Owner can change balances: YES
+  ✅ Contract: Verified
+  ℹ️  Holders: 14,585,422
+  ⚠️  Risk Score: 30/100 — MEDIUM RISK
+
+🎣 PHISHING CHECK — uniswap-airdrop.com
+  🚨 KNOWN SCAM DOMAIN — DO NOT VISIT
+  ❌ KNOWN SCAM DOMAIN — uniswap-airdrop.com is in scam database
+
+☀️ SOLANA TOKEN CHECK — SafeToken (SAFE)
+  ✅ Listed on Jupiter
+  ✅ On Jupiter Strict List (vetted)
+  ✅ Freeze Authority: None
+  ✅ Mint Authority: None (fixed supply)
+  ✅ Holders: 5,432
+  ✅ Risk Score: 0/100 — LOW RISK
+```
+
+## Supported Chains
+
+| Chain | Honeypot | Approvals | Rugpull |
+|-------|----------|-----------|---------|
+| Ethereum | ✅ | ✅ | ✅ |
+| BSC | ✅ | ✅ | ✅ |
+| Polygon | ✅ | ✅ | ✅ |
+| Arbitrum | ✅ | ✅ | ✅ |
+| Optimism | ✅ | ✅ | ✅ |
+| Base | ✅ | ✅ | ✅ |
+| Avalanche | ✅ | ✅ | ✅ |
+| Fantom | ✅ | ✅ | ✅ |
+| Solana | ✅ | — | ✅ |
+
+## Data Sources
+
+- **GoPlus Security API** — Honeypot detection, token security analysis (free, no key)
+- **Jupiter API** — Solana token data, strict list
+- **Birdeye API** — Solana holder count, volume
+- **On-chain data** — Approval events, contract code, ownership (direct RPC)
+- **Heuristics** — URL pattern matching, domain analysis, typosquatting detection
+- **Community scam database** — 60+ known phishing domains
+
+## Contributing
+
+PRs welcome! Especially:
+
+- More scam domains / phishing patterns
+- More chain support (TON, Sui, Aptos)
+- Better rugpull heuristics
+- UI improvements
+
+## License
+
+MIT

cryptoshield-0.2.0/README.md

@@ -0,0 +1,133 @@
+# 🛡 CryptoShield
+
+**All-in-one crypto security toolkit.** Check tokens before you buy. Scan your wallet for dangerous approvals. Detect rugpulls. Block phishing sites.
+
+[![Python 3.9+](https://img.shields.io/badge/python-3.9+-blue.svg)](https://python.org)
+[![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)
+[![PyPI](https://img.shields.io/pypi/v/cryptoshield.svg)](https://pypi.org/project/cryptoshield/)
+
+## Features
+
+- **🍯 Honeypot Detection** — Can you sell? Hidden taxes? Mint function? Check before you buy.
+- **📋 Approval Scanner** — Find all token approvals on your wallet. Flag dangerous unlimited approvals.
+- **🔴 Rugpull Scorer** — Analyze contracts for common rug patterns. Score 0-100.
+- **🎣 Phishing Checker** — 60+ known scam domains. Typosquatting, fake airdrops, wallet drainers.
+- **☀️ Solana Support** — Check SPL tokens, freeze/mint authority, Jupiter listing status.
+- **📦 Batch Mode** — Check 100+ tokens/wallets from a file.
+
+## Install
+
+```bash
+pip install cryptoshield
+```
+
+Or from source:
+
+```bash
+git clone https://github.com/yossweh/cryptoshield
+cd cryptoshield
+pip install -e .
+```
+
+## Usage
+
+### Full security report (EVM)
+```bash
+cryptoshield check 0xdAC17F958D2ee523a2206206994597C13D831ec7
+cryptoshield check 0xToken --chain bsc
+cryptoshield check 0xToken --quick  # honeypot only
+```
+
+### Solana token check
+```bash
+cryptoshield check EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v --chain solana
+```
+
+### Scan wallet approvals
+```bash
+cryptoshield approvals 0xYourWallet
+cryptoshield approvals 0xYourWallet --chain polygon
+```
+
+### Check phishing URL
+```bash
+cryptoshield check-url uniswap-airdrop.com
+cryptoshield check-url https://app.uniswap.org
+cryptoshield check-url metamask-sync.xyz
+```
+
+### Solana wallet scan
+```bash
+cryptoshield solana YourSolanaWalletAddress
+```
+
+### Batch check
+```bash
+cryptoshield batch tokens.txt --mode honeypot
+cryptoshield batch tokens.txt --mode honeypot --chain solana
+cryptoshield batch wallets.txt --mode approvals --chain bsc
+```
+
+## Example Output
+
+```
+🛡 CRYPTO SHIELD REPORT
+━━━━━━━━━━━━━━━━━━━━━━━
+
+🍯 HONEYPOT CHECK — Tether USD (USDT)
+  ✅ Can sell: YES
+  ✅ Tax: 0% buy / 0% sell
+  ❌ Owner can mint: YES — infinite supply risk
+  ❌ Owner can change balances: YES
+  ✅ Contract: Verified
+  ℹ️  Holders: 14,585,422
+  ⚠️  Risk Score: 30/100 — MEDIUM RISK
+
+🎣 PHISHING CHECK — uniswap-airdrop.com
+  🚨 KNOWN SCAM DOMAIN — DO NOT VISIT
+  ❌ KNOWN SCAM DOMAIN — uniswap-airdrop.com is in scam database
+
+☀️ SOLANA TOKEN CHECK — SafeToken (SAFE)
+  ✅ Listed on Jupiter
+  ✅ On Jupiter Strict List (vetted)
+  ✅ Freeze Authority: None
+  ✅ Mint Authority: None (fixed supply)
+  ✅ Holders: 5,432
+  ✅ Risk Score: 0/100 — LOW RISK
+```
+
+## Supported Chains
+
+| Chain | Honeypot | Approvals | Rugpull |
+|-------|----------|-----------|---------|
+| Ethereum | ✅ | ✅ | ✅ |
+| BSC | ✅ | ✅ | ✅ |
+| Polygon | ✅ | ✅ | ✅ |
+| Arbitrum | ✅ | ✅ | ✅ |
+| Optimism | ✅ | ✅ | ✅ |
+| Base | ✅ | ✅ | ✅ |
+| Avalanche | ✅ | ✅ | ✅ |
+| Fantom | ✅ | ✅ | ✅ |
+| Solana | ✅ | — | ✅ |
+
+## Data Sources
+
+- **GoPlus Security API** — Honeypot detection, token security analysis (free, no key)
+- **Jupiter API** — Solana token data, strict list
+- **Birdeye API** — Solana holder count, volume
+- **On-chain data** — Approval events, contract code, ownership (direct RPC)
+- **Heuristics** — URL pattern matching, domain analysis, typosquatting detection
+- **Community scam database** — 60+ known phishing domains
+
+## Contributing
+
+PRs welcome! Especially:
+
+- More scam domains / phishing patterns
+- More chain support (TON, Sui, Aptos)
+- Better rugpull heuristics
+- UI improvements
+
+## License
+
+MIT

cryptoshield-0.2.0/cryptoshield/__init__.py

@@ -0,0 +1,4 @@
+"""CryptoShield — All-in-one crypto security toolkit."""
+
+__version__ = "0.2.0"
+__author__ = "yossweh"

cryptoshield-0.2.0/cryptoshield/approvals.py

@@ -0,0 +1,185 @@
+"""Token approval scanner — find dangerous approvals on your wallet.
+
+Scans on-chain Approval events to find all active token approvals.
+"""
+
+from web3 import Web3
+from .utils import (
+    get_web3, checksum, label_address, ERC20_ABI, APPROVAL_EVENT,
+    KNOWN_ADDRESSES, print_header, print_ok, print_warn, print_fail, print_info,
+)
+
+# Common approval spender labels
+SPENDER_LABELS = {
+    **KNOWN_ADDRESSES,
+    "0x0000000000000000000000000000000000000000": "Zero Address (burn)",
+    "0x000000000000000000000000000000000000dead": "Dead Address (burn)",
+}
+
+# Approvals above this are considered "unlimited"
+UNLIMITED_THRESHOLD = 2**250
+
+
+def scan_approvals(wallet: str, chain: str = "eth", blocks_back: int = 100_000) -> list:
+    """Scan all token approvals for a wallet."""
+    w3 = get_web3(chain)
+    wallet = checksum(wallet)
+
+    current_block = w3.eth.block_number
+    from_block = max(0, current_block - blocks_back)
+
+    # Get Approval events where owner = wallet
+    approval_topic = w3.keccak(
+        text="Approval(address,address,uint256)"
+    ).hex()
+
+    try:
+        logs = w3.eth.get_logs({
+            "fromBlock": from_block,
+            "toBlock": current_block,
+            "topics": [
+                approval_topic,
+                "0x" + wallet[2:].lower().zfill(64),  # owner
+            ],
+        })
+    except Exception as e:
+        return [{"error": str(e)}]
+
+    # Deduplicate: keep latest approval per (token, spender)
+    approvals = {}
+    for log in logs:
+        try:
+            token_addr = log["address"]
+            spender = "0x" + log["topics"][2].hex()[-40:]
+            spender = Web3.to_checksum_address(spender)
+            value = int(log["data"].hex(), 16)
+
+            key = (token_addr.lower(), spender.lower())
+            approvals[key] = {
+                "token": token_addr,
+                "spender": spender,
+                "value": value,
+                "block": log["blockNumber"],
+            }
+        except Exception:
+            continue
+
+    # Filter: only keep current approvals (check on-chain allowance)
+    active = []
+    for (token_lower, spender_lower), info in approvals.items():
+        if info["value"] == 0:
+            continue
+
+        try:
+            contract = w3.eth.contract(
+                address=checksum(info["token"]), abi=ERC20_ABI
+            )
+            current_allowance = contract.functions.allowance(
+                wallet, checksum(info["spender"])
+            ).call()
+
+            if current_allowance == 0:
+                continue
+
+            # Get token info
+            try:
+                name = contract.functions.name().call()
+            except Exception:
+                name = "Unknown"
+            try:
+                symbol = contract.functions.symbol().call()
+            except Exception:
+                symbol = "?"
+
+            is_unlimited = current_allowance >= UNLIMITED_THRESHOLD
+            spender_label = SPENDER_LABELS.get(
+                info["spender"].lower(), "Unknown Contract"
+            )
+
+            active.append({
+                "token": info["token"],
+                "token_name": name,
+                "token_symbol": symbol,
+                "spender": info["spender"],
+                "spender_label": spender_label,
+                "allowance": current_allowance,
+                "is_unlimited": is_unlimited,
+                "is_known": info["spender"].lower() in KNOWN_ADDRESSES,
+            })
+        except Exception:
+            continue
+
+    return active
+
+
+def print_approval_report(approvals: list, wallet: str):
+    """Pretty-print approval scan results."""
+    if not approvals:
+        print_ok("No active approvals found — your wallet is clean!")
+        return
+
+    if "error" in approvals[0]:
+        print_fail(f"Error: {approvals[0]['error']}")
+        return
+
+    print_header(f"APPROVAL AUDIT — {wallet[:6]}...{wallet[-4:]}")
+
+    dangerous = []
+    caution = []
+    safe = []
+
+    for a in approvals:
+        if a["is_unlimited"] and not a["is_known"]:
+            dangerous.append(a)
+        elif a["is_unlimited"] and a["is_known"]:
+            caution.append(a)
+        else:
+            safe.append(a)
+
+    # Dangerous first
+    for a in dangerous:
+        print_fail(
+            f"{a['token_symbol']} → UNLIMITED to {label_address(a['spender'])}"
+        )
+        print(f"         ⚡ RECOMMEND: revoke immediately")
+
+    # Caution
+    for a in caution:
+        print_warn(
+            f"{a['token_symbol']} → unlimited to {label_address(a['spender'])}"
+        )
+        print(f"         Known protocol — consider reducing allowance")
+
+    # Safe
+    for a in safe:
+        if a["allowance"] > 10**18:
+            amount = f"{a['allowance'] / 10**18:.2f}"
+        else:
+            amount = str(a["allowance"])
+        print_ok(
+            f"{a['token_symbol']} → {amount} to {label_address(a['spender'])}"
+        )
+
+    print()
+    print_info(f"Total approvals: {len(approvals)}")
+    if dangerous:
+        print_fail(f"{len(dangerous)} HIGH RISK — revoke now!")
+    if caution:
+        print_warn(f"{len(caution)} caution — review recommended")
+
+
+REVOKE4_ABI = [
+    {
+        "inputs": [
+            {"name": "token", "type": "address"},
+            {"name": "spender", "type": "address"},
+        ],
+        "name": "revoke",
+        "outputs": [],
+        "stateMutability": "nonpayable",
+        "type": "function",
+    }
+]
+
+# revoke.xyz contract
+REVOKE_CONTRACT = "0x000000000000Dd366e1DA4F6c8a2b2F9e01f6F1E"

cryptoshield-0.2.0/cryptoshield/cli.py

@@ -0,0 +1,166 @@
+"""CryptoShield CLI — All-in-one crypto security toolkit."""
+
+import sys
+import typer
+
+from . import __version__
+
+app = typer.Typer(
+    name="cryptoshield",
+    help="🛡 CryptoShield — All-in-one crypto security toolkit",
+    add_completion=False,
+)
+
+
+@app.command()
+def check(
+    address: str = typer.Argument(..., help="Token contract address"),
+    chain: str = typer.Option("eth", "-c", "--chain", help="Chain: eth, bsc, polygon, arbitrum, optimism, base, avalanche, fantom, solana"),
+    quick: bool = typer.Option(False, "-q", "--quick", help="Quick check (honeypot only)"),
+):
+    """Full security report for a token contract."""
+    if chain == "solana":
+        from .solana import check_solana_token, print_solana_token_report
+        print(f"\n🛡 CRYPTO SHIELD — Scanning Solana token {address[:10]}...")
+        print("━" * 50)
+        report = check_solana_token(address)
+        print_solana_token_report(report)
+        return
+
+    from .honeypot import check_honeypot, print_honeypot_report
+    from .rugpull import analyze_rugpull, print_rugpull_report
+
+    print(f"\n🛡 CRYPTO SHIELD — Scanning {address[:10]}... on {chain}")
+    print("━" * 50)
+
+    if quick:
+        report = check_honeypot(address, chain)
+        print_honeypot_report(report)
+    else:
+        report = analyze_rugpull(address, chain)
+        print_rugpull_report(report)
+        print()
+        hp = check_honeypot(address, chain)
+        print_honeypot_report(hp)
+
+
+@app.command()
+def approvals(
+    wallet: str = typer.Argument(..., help="Wallet address to scan"),
+    chain: str = typer.Option("eth", "-c", "--chain", help="Chain to scan"),
+    blocks: int = typer.Option(100000, "-b", "--blocks", help="How many blocks back to scan"),
+):
+    """Scan token approvals for a wallet."""
+    from .approvals import scan_approvals, print_approval_report
+
+    print(f"\n🛡 Scanning approvals for {wallet[:10]}... on {chain}")
+    results = scan_approvals(wallet, chain, blocks)
+    print_approval_report(results, wallet)
+
+
+@app.command()
+def rugpull(
+    address: str = typer.Argument(..., help="Token contract address"),
+    chain: str = typer.Option("eth", "-c", "--chain", help="Chain"),
+):
+    """Analyze rugpull risk for a token."""
+    if chain == "solana":
+        from .solana import check_solana_token, print_solana_token_report
+        report = check_solana_token(address)
+        print_solana_token_report(report)
+        return
+
+    from .rugpull import analyze_rugpull, print_rugpull_report
+
+    report = analyze_rugpull(address, chain)
+    print_rugpull_report(report)
+
+
+@app.command("check-url")
+def check_url_cmd(
+    url: str = typer.Argument(..., help="URL to check"),
+):
+    """Check if a URL is a known or suspected phishing site."""
+    from .phishing import check_url, print_phishing_report
+
+    report = check_url(url)
+    print_phishing_report(report)
+
+
+@app.command()
+def solana(
+    wallet: str = typer.Argument(..., help="Solana wallet address"),
+):
+    """Check Solana wallet — SOL balance + token holdings."""
+    from .solana import check_solana_wallet
+
+    print(f"\n🛡 Solana wallet scan — {wallet[:10]}...")
+    print("━" * 50)
+    report = check_solana_wallet(wallet)
+
+    print(f"\n  💰 SOL Balance: {report['sol_balance']:.4f} SOL")
+    print(f"  📦 Token accounts: {len(report['tokens'])}")
+
+    if report["tokens"]:
+        print("\n  Token Holdings:")
+        for t in report["tokens"]:
+            if t["balance"] > 0:
+                print(f"    • {t['mint'][:8]}...{t['mint'][-4:]}: {t['balance']:,.2f}")
+
+
+@app.command()
+def batch(
+    addresses_file: str = typer.Argument(..., help="File with addresses (one per line)"),
+    chain: str = typer.Option("eth", "-c", "--chain", help="Chain"),
+    mode: str = typer.Option("honeypot", "-m", "--mode", help="Mode: honeypot, approvals, rugpull"),
+):
+    """Batch check multiple addresses from a file."""
+    from pathlib import Path
+
+    path = Path(addresses_file)
+    if not path.exists():
+        print(f"File not found: {addresses_file}")
+        sys.exit(1)
+
+    addresses = [line.strip() for line in path.read_text().splitlines() if line.strip()]
+    print(f"\n🛡 Batch {mode} check — {len(addresses)} addresses on {chain}")
+    print("━" * 50)
+
+    for i, addr in enumerate(addresses, 1):
+        print(f"\n[{i}/{len(addresses)}] {addr[:10]}...")
+        if mode == "honeypot":
+            if chain == "solana":
+                from .solana import check_solana_token, print_solana_token_report
+                report = check_solana_token(addr)
+                print_solana_token_report(report)
+            else:
+                from .honeypot import check_honeypot, print_honeypot_report
+                report = check_honeypot(addr, chain)
+                print_honeypot_report(report)
+        elif mode == "rugpull":
+            if chain == "solana":
+                from .solana import check_solana_token, print_solana_token_report
+                report = check_solana_token(addr)
+                print_solana_token_report(report)
+            else:
+                from .rugpull import analyze_rugpull, print_rugpull_report
+                report = analyze_rugpull(addr, chain)
+                print_rugpull_report(report)
+        elif mode == "approvals":
+            from .approvals import scan_approvals, print_approval_report
+            results = scan_approvals(addr, chain)
+            print_approval_report(results, addr)
+
+
+@app.command()
+def version():
+    """Show version."""
+    print(f"CryptoShield v{__version__}")
+
+
+def main():
+    app()
+
+
+if __name__ == "__main__":
+    main()