cryptoshield 0.2.0__tar.gz → 0.2.2__tar.gz

{cryptoshield-0.2.0 → cryptoshield-0.2.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cryptoshield
-Version: 0.2.0
+Version: 0.2.2
 Summary: All-in-one crypto security toolkit — honeypot, approvals, rugpull, phishing
 Author-email: yossweh <cilokcilok15@gmail.com>
 License: MIT
@@ -30,6 +30,27 @@ Dynamic: license-file
 [![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)
 [![PyPI](https://img.shields.io/pypi/v/cryptoshield.svg)](https://pypi.org/project/cryptoshield/)
 
+## Why CryptoShield?
+
+Every day, people lose money to:
+- **Honeypot tokens** — you can buy but can't sell. Your funds are trapped.
+- **Unlimited token approvals** — you gave a random contract permission to drain your wallet. Months later, they do.
+- **Rugpulls** — team dumps all tokens, liquidity vanishes, price goes to zero.
+- **Phishing sites** — fake airdrop pages that look like Uniswap but steal your seed phrase.
+
+CryptoShield combines all these checks into **one CLI tool**. No API keys needed. No accounts. No BS. Just run a command and get a clear report.
+
+```
+# Before you ape into that token:
+cryptoshield check 0xToken
+
+# Before you connect your wallet to some random site:
+cryptoshield check-url suspicious-site.com
+
+# Check if your wallet has dangerous approvals:
+cryptoshield approvals 0xYourWallet
+```
+
 ## Features
 
 - **🍯 Honeypot Detection** — Can you sell? Hidden taxes? Mint function? Check before you buy.
@@ -118,6 +139,13 @@ cryptoshield batch wallets.txt --mode approvals --chain bsc
   ✅ Mint Authority: None (fixed supply)
   ✅ Holders: 5,432
   ✅ Risk Score: 0/100 — LOW RISK
+
+📋 APPROVAL AUDIT — 0x47ac...8188
+  ❌ USDT → UNLIMITED to 0xUnkn...abcd
+         ⚡ RECOMMEND: revoke immediately
+  ⚠️  WETH → unlimited to Uniswap V2 Router
+         Known protocol — consider reducing allowance
+  ✅ DAI → 500.00 to Uniswap V3 Router
 ```
 
 ## Supported Chains
@@ -132,16 +160,21 @@ cryptoshield batch wallets.txt --mode approvals --chain bsc
 | Base | ✅ | ✅ | ✅ |
 | Avalanche | ✅ | ✅ | ✅ |
 | Fantom | ✅ | ✅ | ✅ |
-| Solana | ✅ | — | ✅ |
+| Solana | ✅ | 🔜 | ✅ |
+
+> 🔜 = Coming soon. SPL token delegation uses a different model than ERC-20 approvals.
+
+## How It Works
 
-## Data Sources
+| Check | Data Source | Key Needed? |
+|-------|-----------|-------------|
+| Honeypot | GoPlus Security API | No |
+| Approvals | On-chain events (RPC) | No |
+| Rugpull | GoPlus + on-chain heuristics | No |
+| Phishing | Pattern matching + 60+ known domains | No |
+| Solana tokens | Jupiter + Birdeye + Solana RPC | No |
 
-- **GoPlus Security API** — Honeypot detection, token security analysis (free, no key)
-- **Jupiter API** — Solana token data, strict list
-- **Birdeye API** — Solana holder count, volume
-- **On-chain data** — Approval events, contract code, ownership (direct RPC)
-- **Heuristics** — URL pattern matching, domain analysis, typosquatting detection
-- **Community scam database** — 60+ known phishing domains
+Everything runs with public APIs and free RPC endpoints. No signups. No API keys. No tracking.
 
 ## Contributing
 
@@ -149,6 +182,7 @@ PRs welcome! Especially:
 
 - More scam domains / phishing patterns
 - More chain support (TON, Sui, Aptos)
+- SPL token delegation scanner (Solana approvals)
 - Better rugpull heuristics
 - UI improvements
 

{cryptoshield-0.2.0 → cryptoshield-0.2.2}/README.md

@@ -6,6 +6,27 @@
 [![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)
 [![PyPI](https://img.shields.io/pypi/v/cryptoshield.svg)](https://pypi.org/project/cryptoshield/)
 
+## Why CryptoShield?
+
+Every day, people lose money to:
+- **Honeypot tokens** — you can buy but can't sell. Your funds are trapped.
+- **Unlimited token approvals** — you gave a random contract permission to drain your wallet. Months later, they do.
+- **Rugpulls** — team dumps all tokens, liquidity vanishes, price goes to zero.
+- **Phishing sites** — fake airdrop pages that look like Uniswap but steal your seed phrase.
+
+CryptoShield combines all these checks into **one CLI tool**. No API keys needed. No accounts. No BS. Just run a command and get a clear report.
+
+```
+# Before you ape into that token:
+cryptoshield check 0xToken
+
+# Before you connect your wallet to some random site:
+cryptoshield check-url suspicious-site.com
+
+# Check if your wallet has dangerous approvals:
+cryptoshield approvals 0xYourWallet
+```
+
 ## Features
 
 - **🍯 Honeypot Detection** — Can you sell? Hidden taxes? Mint function? Check before you buy.
@@ -94,6 +115,13 @@ cryptoshield batch wallets.txt --mode approvals --chain bsc
   ✅ Mint Authority: None (fixed supply)
   ✅ Holders: 5,432
   ✅ Risk Score: 0/100 — LOW RISK
+
+📋 APPROVAL AUDIT — 0x47ac...8188
+  ❌ USDT → UNLIMITED to 0xUnkn...abcd
+         ⚡ RECOMMEND: revoke immediately
+  ⚠️  WETH → unlimited to Uniswap V2 Router
+         Known protocol — consider reducing allowance
+  ✅ DAI → 500.00 to Uniswap V3 Router
 ```
 
 ## Supported Chains
@@ -108,16 +136,21 @@ cryptoshield batch wallets.txt --mode approvals --chain bsc
 | Base | ✅ | ✅ | ✅ |
 | Avalanche | ✅ | ✅ | ✅ |
 | Fantom | ✅ | ✅ | ✅ |
-| Solana | ✅ | — | ✅ |
+| Solana | ✅ | 🔜 | ✅ |
+
+> 🔜 = Coming soon. SPL token delegation uses a different model than ERC-20 approvals.
+
+## How It Works
 
-## Data Sources
+| Check | Data Source | Key Needed? |
+|-------|-----------|-------------|
+| Honeypot | GoPlus Security API | No |
+| Approvals | On-chain events (RPC) | No |
+| Rugpull | GoPlus + on-chain heuristics | No |
+| Phishing | Pattern matching + 60+ known domains | No |
+| Solana tokens | Jupiter + Birdeye + Solana RPC | No |
 
-- **GoPlus Security API** — Honeypot detection, token security analysis (free, no key)
-- **Jupiter API** — Solana token data, strict list
-- **Birdeye API** — Solana holder count, volume
-- **On-chain data** — Approval events, contract code, ownership (direct RPC)
-- **Heuristics** — URL pattern matching, domain analysis, typosquatting detection
-- **Community scam database** — 60+ known phishing domains
+Everything runs with public APIs and free RPC endpoints. No signups. No API keys. No tracking.
 
 ## Contributing
 
@@ -125,6 +158,7 @@ PRs welcome! Especially:
 
 - More scam domains / phishing patterns
 - More chain support (TON, Sui, Aptos)
+- SPL token delegation scanner (Solana approvals)
 - Better rugpull heuristics
 - UI improvements
 

{cryptoshield-0.2.0 → cryptoshield-0.2.2}/cryptoshield/__init__.py

@@ -1,4 +1,4 @@
 """CryptoShield — All-in-one crypto security toolkit."""
 
-__version__ = "0.2.0"
+__version__ = "0.2.2"
 __author__ = "yossweh"

{cryptoshield-0.2.0 → cryptoshield-0.2.2}/cryptoshield/rugpull.py

@@ -24,18 +24,20 @@ def analyze_rugpull(address: str, chain: str = "eth") -> dict:
         "risk_level": "UNKNOWN",
     }
 
-    contract = w3.eth.contract(address=addr, abi=ERC20_ABI)
-
-    # 1. Check if contract is verified (has code)
-    code = w3.eth.get_code(addr)
-    if code == b"" or code == b"0x":
-        report["checks"].append({"name": "Contract Code", "status": "FAIL", "detail": "No contract code — not a contract"})
-        report["score"] += 50
-    else:
-        report["checks"].append({"name": "Contract Code", "status": "OK", "detail": f"{len(code)} bytes deployed"})
+    # 1. Check if contract has code
+    try:
+        code = w3.eth.get_code(addr)
+        if code == b"" or code == b"0x":
+            report["checks"].append({"name": "Contract Code", "status": "FAIL", "detail": "No contract code — not a contract"})
+            report["score"] += 50
+        else:
+            report["checks"].append({"name": "Contract Code", "status": "OK", "detail": f"{len(code)} bytes deployed"})
+    except Exception as e:
+        report["checks"].append({"name": "Contract Code", "status": "INFO", "detail": f"Could not check: {str(e)[:50]}"})
 
     # 2. Check if owner is renounced
     try:
+        contract = w3.eth.contract(address=addr, abi=ERC20_ABI)
         owner = contract.functions.owner().call()
         zero = "0x0000000000000000000000000000000000000000"
         dead = "0x000000000000000000000000000000000000dEaD"
@@ -47,8 +49,9 @@ def analyze_rugpull(address: str, chain: str = "eth") -> dict:
     except Exception:
         report["checks"].append({"name": "Ownership", "status": "INFO", "detail": "No owner function (could be good or bad)"})
 
-    # 3. Check total supply concentration
+    # 3. Check total supply
     try:
+        contract = w3.eth.contract(address=addr, abi=ERC20_ABI)
         total_supply = contract.functions.totalSupply().call()
         if total_supply > 0:
             report["checks"].append({"name": "Total Supply", "status": "INFO", "detail": f"{total_supply:,}"})
@@ -56,46 +59,50 @@ def analyze_rugpull(address: str, chain: str = "eth") -> dict:
             report["checks"].append({"name": "Total Supply", "status": "FAIL", "detail": "Zero supply"})
             report["score"] += 20
     except Exception:
-        report["checks"].append({"name": "Total Supply", "status": "FAIL", "detail": "Cannot read supply"})
+        report["checks"].append({"name": "Total Supply", "status": "INFO", "detail": "Cannot read supply"})
 
-    # 4. Check liquidity (look for LP tokens)
-    # This is a simplified check — real check would scan DEX pairs
+    # 4. Liquidity hint
     report["checks"].append({"name": "Liquidity", "status": "INFO", "detail": "Check manually on DEX Screener"})
 
-    # 5. Get GoPlus data for additional checks
-    goplus = check_honeypot(addr, chain)
-    if "error" not in goplus:
-        if goplus.get("is_honeypot"):
-            report["score"] += 40
-            report["checks"].append({"name": "Honeypot", "status": "FAIL", "detail": "Token is a honeypot"})
-        else:
-            report["checks"].append({"name": "Honeypot", "status": "OK", "detail": "Not a honeypot"})
-
-        if not goplus.get("is_open_source"):
-            report["score"] += 15
-            report["checks"].append({"name": "Source Code", "status": "FAIL", "detail": "Not verified"})
+    # 5. GoPlus data (honeypot, source code, proxy, etc.)
+    try:
+        goplus = check_honeypot(addr, chain)
+        if "error" not in goplus:
+            if goplus.get("is_honeypot"):
+                report["score"] += 40
+                report["checks"].append({"name": "Honeypot", "status": "FAIL", "detail": "Token is a honeypot"})
+            else:
+                report["checks"].append({"name": "Honeypot", "status": "OK", "detail": "Not a honeypot"})
+
+            if not goplus.get("is_open_source"):
+                report["score"] += 15
+                report["checks"].append({"name": "Source Code", "status": "FAIL", "detail": "Not verified"})
+            else:
+                report["checks"].append({"name": "Source Code", "status": "OK", "detail": "Verified on explorer"})
+
+            if goplus.get("is_proxy"):
+                report["score"] += 5
+                report["checks"].append({"name": "Proxy", "status": "WARN", "detail": "Proxy contract — logic can change"})
+
+            if goplus.get("selfdestruct"):
+                report["score"] += 15
+                report["checks"].append({"name": "Self-Destruct", "status": "FAIL", "detail": "Has selfdestruct function"})
+
+            if goplus.get("hidden_owner"):
+                report["score"] += 10
+                report["checks"].append({"name": "Hidden Owner", "status": "FAIL", "detail": "Hidden owner detected"})
+
+            if goplus.get("owner_can_mint"):
+                report["score"] += 10
+                report["checks"].append({"name": "Mintable", "status": "WARN", "detail": "Owner can mint new tokens"})
+
+            holder_count = goplus.get("holder_count", 0)
+            if holder_count:
+                report["checks"].append({"name": "Holders", "status": "INFO", "detail": f"{holder_count:,} holders"})
         else:
-            report["checks"].append({"name": "Source Code", "status": "OK", "detail": "Verified on explorer"})
-
-        if goplus.get("is_proxy"):
-            report["score"] += 5
-            report["checks"].append({"name": "Proxy", "status": "WARN", "detail": "Proxy contract — logic can change"})
-
-        if goplus.get("selfdestruct"):
-            report["score"] += 15
-            report["checks"].append({"name": "Self-Destruct", "status": "FAIL", "detail": "Has selfdestruct function"})
-
-        if goplus.get("hidden_owner"):
-            report["score"] += 10
-            report["checks"].append({"name": "Hidden Owner", "status": "FAIL", "detail": "Hidden owner detected"})
-
-        if goplus.get("owner_can_mint"):
-            report["score"] += 10
-            report["checks"].append({"name": "Mintable", "status": "WARN", "detail": "Owner can mint new tokens"})
-
-        holder_count = goplus.get("holder_count", 0)
-        if holder_count:
-            report["checks"].append({"name": "Holders", "status": "INFO", "detail": f"{holder_count:,} holders"})
+            report["checks"].append({"name": "GoPlus", "status": "INFO", "detail": f"API error: {goplus['error'][:50]}"})
+    except Exception as e:
+        report["checks"].append({"name": "GoPlus", "status": "INFO", "detail": f"Could not check: {str(e)[:50]}"})
 
     # Cap score at 100
     report["score"] = min(report["score"], 100)

{cryptoshield-0.2.0 → cryptoshield-0.2.2}/cryptoshield/solana.py

@@ -1,6 +1,6 @@
 """Solana token security checker.
 
-Uses Solana RPC + Jupiter API for token data.
+Uses Solana RPC + Solana Token Registry for token data.
 """
 
 import requests
@@ -8,9 +8,36 @@ from .db import cache_get, cache_set
 from .utils import print_header, print_ok, print_warn, print_fail, print_info
 
 SOLANA_RPC = "https://api.mainnet-beta.solana.com"
-JUPITER_TOKEN_API = "https://tokens.jup.ag/token/{mint}"
-JUPITER_LIST = "https://tokens.jup.ag/strict"
-BIRDEYE_TOKEN = "https://public-api.birdeye.so/defi/token_overview?address={mint}"
+TOKEN_REGISTRY_URL = "https://raw.githubusercontent.com/solana-labs/token-list/main/src/tokens/solana.tokenlist.json"
+
+# Cache the token registry
+_registry_cache = None
+
+
+def _get_token_registry() -> dict:
+    """Get the Solana token registry (cached)."""
+    global _registry_cache
+    if _registry_cache is not None:
+        return _registry_cache
+
+    cached = cache_get("solana_token_registry")
+    if cached:
+        _registry_cache = cached
+        return cached
+
+    try:
+        r = requests.get(TOKEN_REGISTRY_URL, timeout=30)
+        r.raise_for_status()
+        data = r.json()
+        tokens = {}
+        for t in data.get("tokens", []):
+            tokens[t["address"]] = t
+        _registry_cache = tokens
+        cache_set("solana_token_registry", tokens, ttl=86400)  # Cache 24h
+        return tokens
+    except Exception:
+        _registry_cache = {}
+        return {}
 
 
 def check_solana_token(mint: str) -> dict:
@@ -30,35 +57,23 @@ def check_solana_token(mint: str) -> dict:
         "holder_count": 0,
         "total_supply": 0,
         "decimals": 0,
-        "is_on_jupiter": False,
+        "is_known": False,
         "freeze_authority": None,
         "mint_authority": None,
-        "is_mutable": True,
+        "tags": [],
     }
 
-    # 1. Get token metadata from Jupiter
-    try:
-        r = requests.get(JUPITER_TOKEN_API.format(mint=mint), timeout=10)
-        if r.status_code == 200:
-            data = r.json()
-            report["token_name"] = data.get("name", "Unknown")
-            report["token_symbol"] = data.get("symbol", "?")
-            report["decimals"] = data.get("decimals", 0)
-            report["is_on_jupiter"] = True
-            report["daily_volume"] = data.get("daily_volume", 0)
-    except Exception:
-        pass
-
-    # 2. Check if on Jupiter strict list (vetted tokens)
-    try:
-        r = requests.get(JUPITER_LIST, timeout=10)
-        if r.status_code == 200:
-            strict_tokens = {t["address"] for t in r.json()}
-            report["is_on_jupiter_strict"] = mint in strict_tokens
-    except Exception:
-        report["is_on_jupiter_strict"] = False
-
-    # 3. Get on-chain token info via RPC
+    # 1. Get token info from registry
+    registry = _get_token_registry()
+    if mint in registry:
+        token_info = registry[mint]
+        report["token_name"] = token_info.get("name", "Unknown")
+        report["token_symbol"] = token_info.get("symbol", "?")
+        report["decimals"] = token_info.get("decimals", 0)
+        report["is_known"] = True
+        report["tags"] = token_info.get("tags", [])
+
+    # 2. Get on-chain token info via RPC
     try:
         payload = {
             "jsonrpc": "2.0",
@@ -66,7 +81,7 @@ def check_solana_token(mint: str) -> dict:
             "method": "getAccountInfo",
             "params": [mint, {"encoding": "jsonParsed"}],
         }
-        r = requests.post(SOLANA_RPC, json=payload, timeout=10)
+        r = requests.post(SOLANA_RPC, json=payload, timeout=15)
         data = r.json()
         account = data.get("result", {}).get("value", {})
 
@@ -76,26 +91,30 @@ def check_solana_token(mint: str) -> dict:
 
             report["mint_authority"] = info.get("mintAuthority")
             report["freeze_authority"] = info.get("freezeAuthority")
-            report["is_mutable"] = info.get("isInitialized", True)
-            report["total_supply"] = int(info.get("supply", "0"))
+            supply_raw = int(info.get("supply", "0"))
+            report["total_supply"] = supply_raw
             report["decimals"] = info.get("decimals", report["decimals"])
-    except Exception:
-        pass
 
-    # 4. Get holder count from Birdeye (optional, may fail without API key)
+            # Calculate human-readable supply
+            if report["decimals"] > 0:
+                report["total_supply_ui"] = supply_raw / (10 ** report["decimals"])
+            else:
+                report["total_supply_ui"] = supply_raw
+    except Exception as e:
+        report["rpc_error"] = str(e)[:50]
+
+    # 3. Get holder count from Solana RPC (approximate)
     try:
-        headers = {"X-API-KEY": "public"}
-        r = requests.get(
-            BIRDEYE_TOKEN.format(mint=mint),
-            headers=headers,
-            timeout=10,
-        )
-        if r.status_code == 200:
-            birddata = r.json().get("data", {})
-            report["holder_count"] = birddata.get("holder", 0)
-            report["daily_volume"] = birddata.get("v24hUSD", report.get("daily_volume", 0))
-            report["market_cap"] = birddata.get("mc", 0)
-            report["price"] = birddata.get("price", 0)
+        payload = {
+            "jsonrpc": "2.0",
+            "id": 1,
+            "method": "getTokenLargestAccounts",
+            "params": [mint],
+        }
+        r = requests.post(SOLANA_RPC, json=payload, timeout=15)
+        data = r.json()
+        largest = data.get("result", {}).get("value", [])
+        report["top_holders"] = len(largest)
     except Exception:
         pass
 
@@ -113,34 +132,23 @@ def check_solana_token(mint: str) -> dict:
         risks.append("MINT AUTHORITY — unlimited supply, issuer can mint more")
         score += 15
 
-    # Not on Jupiter
-    if not report["is_on_jupiter"]:
-        risks.append("NOT ON JUPITER — unvetted token, high risk")
+    # Not in registry
+    if not report["is_known"]:
+        risks.append("NOT IN TOKEN REGISTRY — unvetted token, high risk")
         score += 15
 
-    # Not on Jupiter strict list
-    if not report.get("is_on_jupiter_strict"):
-        risks.append("NOT ON JUPITER STRICT LIST — not officially vetted")
-        score += 5
+    # Stablecoin tag (positive)
+    if "stablecoin" in report.get("tags", []):
+        score -= 10  # Lower risk for known stablecoins
 
-    # Low holder count
-    if report["holder_count"] > 0 and report["holder_count"] < 100:
-        risks.append(f"LOW HOLDER COUNT — only {report['holder_count']} holders")
-        score += 15
-    elif report["holder_count"] > 0 and report["holder_count"] < 1000:
-        risks.append(f"SMALL HOLDER COUNT — {report['holder_count']} holders")
-        score += 5
-
-    # Low volume
-    vol = report.get("daily_volume", 0)
-    if vol > 0 and vol < 1000:
-        risks.append(f"LOW VOLUME — ${vol:,.0f} in 24h")
-        score += 10
-
-    report["risk_score"] = min(score, 100)
-    if score <= 20:
+    # Native SOL wrapped (positive)
+    if "native" in report.get("tags", []):
+        score -= 5
+
+    report["risk_score"] = max(min(score, 100), 0)
+    if report["risk_score"] <= 20:
         report["risk_level"] = "LOW"
-    elif score <= 50:
+    elif report["risk_score"] <= 50:
         report["risk_level"] = "MEDIUM"
     else:
         report["risk_level"] = "HIGH"
@@ -165,7 +173,7 @@ def check_solana_wallet(wallet: str) -> dict:
             "method": "getBalance",
             "params": [wallet],
         }
-        r = requests.post(SOLANA_RPC, json=payload, timeout=10)
+        r = requests.post(SOLANA_RPC, json=payload, timeout=15)
         data = r.json()
         report["sol_balance"] = data.get("result", {}).get("value", 0) / 1e9
     except Exception:
@@ -183,16 +191,30 @@ def check_solana_wallet(wallet: str) -> dict:
                 {"encoding": "jsonParsed"},
             ],
         }
-        r = requests.post(SOLANA_RPC, json=payload, timeout=10)
+        r = requests.post(SOLANA_RPC, json=payload, timeout=15)
         data = r.json()
         accounts = data.get("result", {}).get("value", [])
 
+        registry = _get_token_registry()
+
         for acc in accounts:
             info = acc["account"]["data"]["parsed"]["info"]
             token_amount = info.get("tokenAmount", {})
+            mint = info.get("mint", "")
+            balance = token_amount.get("uiAmount", 0)
+
+            # Get token name from registry
+            name = "Unknown"
+            symbol = mint[:6]
+            if mint in registry:
+                name = registry[mint].get("name", "Unknown")
+                symbol = registry[mint].get("symbol", symbol)
+
             report["tokens"].append({
-                "mint": info.get("mint", ""),
-                "balance": token_amount.get("uiAmount", 0),
+                "mint": mint,
+                "name": name,
+                "symbol": symbol,
+                "balance": balance,
                 "decimals": token_amount.get("decimals", 0),
             })
     except Exception:
@@ -207,15 +229,14 @@ def print_solana_token_report(report: dict):
     symbol = report["token_symbol"]
     print_header(f"SOLANA TOKEN CHECK — {name} ({symbol})")
 
-    # Jupiter status
-    if report["is_on_jupiter"]:
-        print_ok("Listed on Jupiter")
-        if report.get("is_on_jupiter_strict"):
-            print_ok("On Jupiter Strict List (vetted)")
-        else:
-            print_warn("NOT on Jupiter Strict List")
+    # Known status
+    if report.get("is_known"):
+        print_ok("Listed in Solana Token Registry")
+        tags = report.get("tags", [])
+        if tags:
+            print_info(f"Tags: {', '.join(tags)}")
     else:
-        print_fail("Not listed on Jupiter — unvetted token")
+        print_warn("NOT in Token Registry — unvetted token")
 
     # Freeze authority
     if report["freeze_authority"]:
@@ -229,24 +250,13 @@ def print_solana_token_report(report: dict):
     else:
         print_ok("Mint Authority: None (fixed supply)")
 
-    # Holders
-    if report["holder_count"]:
-        if report["holder_count"] < 100:
-            print_fail(f"Holders: {report['holder_count']:,}")
-        elif report["holder_count"] < 1000:
-            print_warn(f"Holders: {report['holder_count']:,}")
-        else:
-            print_ok(f"Holders: {report['holder_count']:,}")
-
-    # Volume
-    vol = report.get("daily_volume", 0)
-    if vol:
-        print_info(f"24h Volume: ${vol:,.0f}")
-
-    # Market cap
-    mc = report.get("market_cap", 0)
-    if mc:
-        print_info(f"Market Cap: ${mc:,.0f}")
+    # Supply
+    if report.get("total_supply_ui"):
+        print_info(f"Total Supply: {report['total_supply_ui']:,.2f}")
+
+    # Top holders
+    if report.get("top_holders"):
+        print_info(f"Top holders: {report['top_holders']} largest accounts")
 
     # Risk score
     score = report["risk_score"]

{cryptoshield-0.2.0 → cryptoshield-0.2.2}/cryptoshield/utils.py

@@ -6,16 +6,47 @@ from typing import Optional
 import requests
 from web3 import Web3
 
-# Default RPC endpoints (public, no key needed)
+# Default RPC endpoints (public, no key needed) — with fallbacks
 RPC_ENDPOINTS = {
-    "eth": "https://eth.llamarpc.com",
-    "bsc": "https://bsc-dataseed1.binance.org",
-    "polygon": "https://polygon-rpc.com",
-    "arbitrum": "https://arb1.arbitrum.io/rpc",
-    "optimism": "https://mainnet.optimism.io",
-    "base": "https://mainnet.base.org",
-    "avalanche": "https://api.avax.network/ext/bc/C/rpc",
-    "fantom": "https://rpc.ftm.tools",
+    "eth": [
+        "https://rpc.ankr.com/eth",
+        "https://eth.llamarpc.com",
+        "https://eth.drpc.org",
+        "https://cloudflare-eth.com",
+    ],
+    "bsc": [
+        "https://bsc-dataseed1.binance.org",
+        "https://bsc-dataseed2.binance.org",
+        "https://rpc.ankr.com/bsc",
+    ],
+    "polygon": [
+        "https://polygon-rpc.com",
+        "https://rpc.ankr.com/polygon",
+        "https://polygon.drpc.org",
+    ],
+    "arbitrum": [
+        "https://arb1.arbitrum.io/rpc",
+        "https://rpc.ankr.com/arbitrum",
+        "https://arbitrum.drpc.org",
+    ],
+    "optimism": [
+        "https://mainnet.optimism.io",
+        "https://rpc.ankr.com/optimism",
+        "https://optimism.drpc.org",
+    ],
+    "base": [
+        "https://mainnet.base.org",
+        "https://rpc.ankr.com/base",
+        "https://base.drpc.org",
+    ],
+    "avalanche": [
+        "https://api.avax.network/ext/bc/C/rpc",
+        "https://rpc.ankr.com/avalanche",
+    ],
+    "fantom": [
+        "https://rpc.ftm.tools",
+        "https://rpc.ankr.com/fantom",
+    ],
 }
 
 CHAIN_IDS = {
@@ -95,31 +126,7 @@ ERC20_ABI = [
     },
 ]
 
-# Transfer event ABI
-TRANSFER_EVENT = {
-    "anonymous": False,
-    "inputs": [
-        {"indexed": True, "name": "from", "type": "address"},
-        {"indexed": True, "name": "to", "type": "address"},
-        {"indexed": False, "name": "value", "type": "uint256"},
-    ],
-    "name": "Transfer",
-    "type": "event",
-}
-
-# Approval event ABI
-APPROVAL_EVENT = {
-    "anonymous": False,
-    "inputs": [
-        {"indexed": True, "name": "owner", "type": "address"},
-        {"indexed": True, "name": "spender", "type": "address"},
-        {"indexed": False, "name": "value", "type": "uint256"},
-    ],
-    "name": "Approval",
-    "type": "event",
-}
-
-# Well-known addresses to label
+# Known addresses to label
 KNOWN_ADDRESSES = {
     "0x7a250d5630b4cf539739df2c5dacb4c659f2488d": "Uniswap V2 Router",
     "0xe592427a0aece92de3edee1f18e0157c05861564": "Uniswap V3 Router",
@@ -140,11 +147,23 @@ KNOWN_ADDRESSES = {
 
 
 def get_web3(chain: str = "eth") -> Web3:
-    rpc = RPC_ENDPOINTS.get(chain)
-    if not rpc:
+    """Get Web3 instance with automatic RPC fallback."""
+    endpoints = RPC_ENDPOINTS.get(chain)
+    if not endpoints:
         print(f"Unsupported chain: {chain}")
         sys.exit(1)
-    return Web3(Web3.HTTPProvider(rpc))
+
+    for rpc in endpoints:
+        try:
+            w3 = Web3(Web3.HTTPProvider(rpc, request_kwargs={"timeout": 10}))
+            # Test connection
+            w3.eth.block_number
+            return w3
+        except Exception:
+            continue
+
+    print(f"All RPC endpoints failed for {chain}")
+    sys.exit(1)
 
 
 def is_valid_address(addr: str) -> bool:

{cryptoshield-0.2.0 → cryptoshield-0.2.2}/cryptoshield.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cryptoshield
-Version: 0.2.0
+Version: 0.2.2
 Summary: All-in-one crypto security toolkit — honeypot, approvals, rugpull, phishing
 Author-email: yossweh <cilokcilok15@gmail.com>
 License: MIT
@@ -30,6 +30,27 @@ Dynamic: license-file
 [![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)
 [![PyPI](https://img.shields.io/pypi/v/cryptoshield.svg)](https://pypi.org/project/cryptoshield/)
 
+## Why CryptoShield?
+
+Every day, people lose money to:
+- **Honeypot tokens** — you can buy but can't sell. Your funds are trapped.
+- **Unlimited token approvals** — you gave a random contract permission to drain your wallet. Months later, they do.
+- **Rugpulls** — team dumps all tokens, liquidity vanishes, price goes to zero.
+- **Phishing sites** — fake airdrop pages that look like Uniswap but steal your seed phrase.
+
+CryptoShield combines all these checks into **one CLI tool**. No API keys needed. No accounts. No BS. Just run a command and get a clear report.
+
+```
+# Before you ape into that token:
+cryptoshield check 0xToken
+
+# Before you connect your wallet to some random site:
+cryptoshield check-url suspicious-site.com
+
+# Check if your wallet has dangerous approvals:
+cryptoshield approvals 0xYourWallet
+```
+
 ## Features
 
 - **🍯 Honeypot Detection** — Can you sell? Hidden taxes? Mint function? Check before you buy.
@@ -118,6 +139,13 @@ cryptoshield batch wallets.txt --mode approvals --chain bsc
   ✅ Mint Authority: None (fixed supply)
   ✅ Holders: 5,432
   ✅ Risk Score: 0/100 — LOW RISK
+
+📋 APPROVAL AUDIT — 0x47ac...8188
+  ❌ USDT → UNLIMITED to 0xUnkn...abcd
+         ⚡ RECOMMEND: revoke immediately
+  ⚠️  WETH → unlimited to Uniswap V2 Router
+         Known protocol — consider reducing allowance
+  ✅ DAI → 500.00 to Uniswap V3 Router
 ```
 
 ## Supported Chains
@@ -132,16 +160,21 @@ cryptoshield batch wallets.txt --mode approvals --chain bsc
 | Base | ✅ | ✅ | ✅ |
 | Avalanche | ✅ | ✅ | ✅ |
 | Fantom | ✅ | ✅ | ✅ |
-| Solana | ✅ | — | ✅ |
+| Solana | ✅ | 🔜 | ✅ |
+
+> 🔜 = Coming soon. SPL token delegation uses a different model than ERC-20 approvals.
+
+## How It Works
 
-## Data Sources
+| Check | Data Source | Key Needed? |
+|-------|-----------|-------------|
+| Honeypot | GoPlus Security API | No |
+| Approvals | On-chain events (RPC) | No |
+| Rugpull | GoPlus + on-chain heuristics | No |
+| Phishing | Pattern matching + 60+ known domains | No |
+| Solana tokens | Jupiter + Birdeye + Solana RPC | No |
 
-- **GoPlus Security API** — Honeypot detection, token security analysis (free, no key)
-- **Jupiter API** — Solana token data, strict list
-- **Birdeye API** — Solana holder count, volume
-- **On-chain data** — Approval events, contract code, ownership (direct RPC)
-- **Heuristics** — URL pattern matching, domain analysis, typosquatting detection
-- **Community scam database** — 60+ known phishing domains
+Everything runs with public APIs and free RPC endpoints. No signups. No API keys. No tracking.
 
 ## Contributing
 
@@ -149,6 +182,7 @@ PRs welcome! Especially:
 
 - More scam domains / phishing patterns
 - More chain support (TON, Sui, Aptos)
+- SPL token delegation scanner (Solana approvals)
 - Better rugpull heuristics
 - UI improvements
 

{cryptoshield-0.2.0 → cryptoshield-0.2.2}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "cryptoshield"
-version = "0.2.0"
+version = "0.2.2"
 description = "All-in-one crypto security toolkit — honeypot, approvals, rugpull, phishing"
 readme = "README.md"
 license = {text = "MIT"}