Conversation
Refactor and optimize code structure across multiple components
… in ExecutionStackTrace
Adds .gitmodules pointing edb at github.com/Timidan/edb-extended branch `toolkit` and bumps the submodule to f98f2a1 (Heimdall installer). This is the branch all edb binaries are built from. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Pulls edb-extended toolkit @ ca0ca6b, which adds the
/heimdall/{version,decompile,dump} bridge endpoints the Tx-Captain
deep-dive flow consumes.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…ct generation - Added LLM transaction analysis functionality in `llm.ts` with structured JSON verdicts. - Introduced markdown conversion for verdicts in `markdown.ts`. - Created normalization logic for verdict labels and structures in `normalizeVerdict.ts`. - Implemented heuristic application for evidence packets in `sieve.ts`. - Added source code sanitization for Solidity files in `sourceSanitizer.ts`. - Defined types and schemas for evidence packets and verdicts in `types.ts`. - Enhanced Vite configuration to support LLM invocation and proxying.
… handling in useLlmInvocation
Pulls in the EDB debug improvements (useDebugEvaluation, evalSnapshotResolver), api/edb rename to api/edb-proxy, and removes the unused src/chains/index.ts module. Conflict resolution: - package.json: union of deps (keep cofhe/sdk, dynamic-labs, add monaco-editor) - vite.config.ts: take fix/debug's comment (edb-proxy filename) - package-lock.json: regenerated via npm install - .codex: dropped (tracked empty blob from fix/debug) Pre-existing TS error in useHackTriage.ts:151 is unrelated to this merge (file is tx-captain-only; fix/debug does not touch it).
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
@cofhe/sdk's PermitUtils.isValid returns { valid, error }, not
{ success }. The wrong property name slipped through local typecheck
and broke Vercel's npm run build.
There was a problem hiding this comment.
Pull request overview
This PR introduces a new “TxCaptain” transaction analysis workflow (LLM-backed verdicts + hack triage + deep-dive source/context), adds Heimdall-powered heuristic storage-layout fallback, and updates the app’s settings/UX and bridge/proxy plumbing to support these features.
Changes:
- Add tx-analysis + hack-analysis modules (heuristics, LLM prompts/schema plumbing, analog retrieval, fixtures, incident library).
- Add Heimdall bridge + client hooks and use it to synthesize “heuristic” storage layouts when verified/reconstructed layouts aren’t available.
- Add app-level LLM configuration/consent gating + Settings modal; wire “Summarize” entrypoint from simulation results into a new Builder “analysis” mode.
Reviewed changes
Copilot reviewed 198 out of 201 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
vercel.json |
Adds rewrites to route /api/edb/* through a proxy handler. |
src/utils/tx-analysis/sourceSanitizer.ts |
Adds Solidity source sanitization before LLM deep-dive. |
src/utils/tx-analysis/sieve.ts |
Adds heuristic hit generation over extracted evidence packets. |
src/utils/tx-analysis/markdown.ts |
Adds markdown rendering for verdicts. |
src/utils/tx-analysis/llm.ts |
Adds LLM prompt + invocation helpers and prompt hashing for tx analysis. |
src/utils/tx-analysis/deepDive.ts |
Adds deep-dive source fetching (verified + heimdall fallback). |
src/utils/traceDecoder/jumpAnalysis.ts |
Comment-only compaction. |
src/utils/traceDecoder/callHierarchy.ts |
Comment-only compaction. |
src/utils/traceDecoder/analysisHelpers.ts |
Comment-only compaction. |
src/utils/solidity-layout/types.ts |
Extends reconstruction confidence to include heuristic. |
src/utils/solidity-layout/allocatorTypeHelpers.ts |
Comment-only compaction. |
src/utils/simulationArtifacts.ts |
Moves ensureArray to a shared types/helpers module. |
src/utils/simulationArtifactTypes.ts |
Adds ensureArray helper alongside artifact types. |
src/utils/resolver/types.ts |
Narrows resolver source types/configs (drops unimplemented sources). |
src/utils/resolver/proxyResolver.ts |
Centralizes ZERO_ADDRESS usage via shared constants. |
src/utils/resolver/contractContext.ts |
Centralizes ZERO_ADDRESS usage via shared constants. |
src/utils/resolver/ContractResolver.ts |
Removes dead/placeholder resolver branches for unimplemented sources. |
src/utils/llm/types.ts |
Adds shared LLM request/response/error typing. |
src/utils/llm/streamParser.ts |
Adds SSE chunk parsers for Anthropic/OpenAI/Gemini streaming. |
src/utils/heuristic-layout/heuristicLayout.ts |
Adds Heimdall dump/decompile-based heuristic storage layout synthesizer. |
src/utils/heuristic-layout/abiLabelExtractor.ts |
Extracts ABI-based label/type hints for heuristic layouts. |
src/utils/heimdall/useHeimdallAvailability.ts |
Adds a small hook to detect Heimdall availability/version. |
src/utils/heimdall/types.ts |
Adds Zod schemas + types for Heimdall bridge payloads. |
src/utils/heimdall/hooks.ts |
Adds react-query hooks for Heimdall endpoints. |
src/utils/heimdall/heimdallApi.ts |
Adds client API wrapper with schema validation + typed errors. |
src/utils/hack-analysis/triage/cofhe.ts |
Adds CoFHE triage bit packing helpers + label mapping. |
src/utils/hack-analysis/retrieval.ts |
Adds analog incident retrieval/scoring. |
src/utils/hack-analysis/llm.ts |
Adds hack post-mortem LLM prompt + validation/cleanup of LLM references. |
src/utils/hack-analysis/incidents/team-finance-2022-10.json |
Adds incident corpus entry. |
src/utils/hack-analysis/incidents/ronin-2022-03.json |
Adds incident corpus entry. |
src/utils/hack-analysis/incidents/radiant-2024-10.json |
Adds incident corpus entry. |
src/utils/hack-analysis/incidents/qubit-2022-01.json |
Adds incident corpus entry. |
src/utils/hack-analysis/incidents/platypus-2023-02.json |
Adds incident corpus entry. |
src/utils/hack-analysis/incidents/penpie-2024-09.json |
Adds incident corpus entry. |
src/utils/hack-analysis/incidents/orbit-bridge-2024-01.json |
Adds incident corpus entry. |
src/utils/hack-analysis/incidents/multichain-2023-07.json |
Adds incident corpus entry. |
src/utils/hack-analysis/incidents/ledger-connect-2023-12.json |
Adds incident corpus entry. |
src/utils/hack-analysis/incidents/kyberswap-elastic-2023-11.json |
Adds incident corpus entry. |
src/utils/hack-analysis/incidents/bybit-2025-02.json |
Adds incident corpus entry. |
src/utils/hack-analysis/incidents/index.ts |
Adds incident loader + schema/cross-ref validation. |
src/utils/hack-analysis/incidents/README.md |
Documents incident library format and validation steps. |
src/utils/hack-analysis/fixtures/signer-compromise-fixture.ts |
Adds fixture evidence packet for testing/validation. |
src/utils/hack-analysis/fixtures/reentrancy-fixture.ts |
Adds fixture evidence packet for testing/validation. |
src/utils/hack-analysis/fixtures/oracle-manipulation-fixture.ts |
Adds fixture evidence packet for testing/validation. |
src/utils/hack-analysis/fixtures/math-invariant-fixture.ts |
Adds fixture evidence packet for testing/validation. |
src/utils/hack-analysis/fixtures/governance-takeover-fixture.ts |
Adds fixture evidence packet for testing/validation. |
src/utils/hack-analysis/fixtures/flashloan-fixture.ts |
Adds fixture evidence packet for testing/validation. |
src/utils/hack-analysis/fixtures/delegatecall-fixture.ts |
Adds fixture evidence packet for testing/validation. |
src/utils/hack-analysis/fixtures/bridge-forgery-fixture.ts |
Adds fixture evidence packet for testing/validation. |
src/utils/hack-analysis/fixtures/benign-vault-deposit.ts |
Adds fixture evidence packet for testing/validation. |
src/utils/hack-analysis/fixtures/approval-drain-fixture.ts |
Adds fixture evidence packet for testing/validation. |
src/utils/hack-analysis/fixtures/access-control-fixture.ts |
Adds fixture evidence packet for testing/validation. |
src/utils/edbTraceConverter.ts |
Updates to import ensureArray from the new shared module. |
src/utils/cache/sourcifyCache.ts |
Removes outdated doc reference to a legacy fetcher. |
src/utils/addressConstants.ts |
Adds shared address constants + isNativeToken. |
src/types/index.ts |
Refactors types exports to new chain.ts/abi.ts modules. |
src/types/contractInfo.ts |
Updates Chain import path and source union. |
src/types/chain.ts |
Adds extracted Chain/explorer types. |
src/types/abi.ts |
Adds extracted ABI fetch result types. |
src/services/TxAnalysisStore.ts |
Adds IndexedDB persistence for tx analysis results with sanitization. |
src/services/DebugBridgeService.ts |
Adds sparse snapshot metadata fetch helper with bounded concurrency. |
src/main.tsx |
Wires LlmConfigProvider into app bootstrap. |
src/hooks/useLlmConsent.ts |
Adds hook to acknowledge LLM consent. |
src/hooks/useContractInputs.ts |
Simplifies async calldata generation error handling. |
src/contexts/debug/useDebugPrep.ts |
Improves error messaging when live debug session is evicted. |
src/contexts/debug/debugHelpers.ts |
Removes re-exports from structStorageDecoding (cleanup). |
src/contexts/SimulationContext.tsx |
Adds analysisSubject state for TxCaptain analysis routing. |
src/contexts/LlmConsentGateContext.tsx |
Adds async consent gate provider/context + modal wiring. |
src/contexts/LlmConfigContext.tsx |
Adds LLM config context backed by localStorage manager. |
src/config/llmConfig.ts |
Adds persistent LLM config manager (providers/models/keys/consent). |
src/components/tx-analysis/useHackAnalysis.ts |
Adds hook for classify → retrieve analogs → run hack-analysis LLM. |
src/components/tx-analysis/VerdictCard.tsx |
Adds UI card for tx verdict display. |
src/components/tx-analysis/SummarizeButton.tsx |
Adds “Summarize with Tx Captain” button component. |
src/components/tx-analysis/EvidenceList.tsx |
Adds UI for displaying evidence packet sections. |
src/components/tx-analysis/DeepDiveDrawer.tsx |
Adds UI drawer for deep-dive output. |
src/components/simulation-results/useSimulationPageState.ts |
Fixes first-click debugger open for “ready but not connected” sessions. |
src/components/simulation-results/useSimulationPageHelpers.ts |
Comment-only compaction. |
src/components/simulation-results/ResultsHeader.tsx |
Adds optional summarize button in results header. |
src/components/simple-grid/utils.ts |
Simplifies JSON stringify fallback handling. |
src/components/simple-grid/types.ts |
Removes outdated extraction note in comment. |
src/components/simple-grid/tokenDetection.ts |
Removes outdated extraction note in comment. |
src/components/simple-grid/layout/OverridesSidebar.tsx |
Removes outdated extraction note in comment. |
src/components/simple-grid/layout/FunctionTypeSection.tsx |
Removes outdated extraction note in comment. |
src/components/simple-grid/layout/FunctionSelectSection.tsx |
Removes outdated extraction note in comment. |
src/components/simple-grid/layout/FunctionSearchSection.tsx |
Removes outdated extraction note in comment. |
src/components/simple-grid/layout/FunctionResultSection.tsx |
Removes outdated extraction note in comment. |
src/components/simple-grid/layout/FunctionParamsSection.tsx |
Removes outdated extraction note in comment. |
src/components/simple-grid/layout/ExecutionSection.tsx |
Removes outdated extraction note in comment. |
src/components/simple-grid/layout/DiamondPopup.tsx |
Removes outdated extraction note in comment. |
src/components/simple-grid/layout/ContractPreviewCard.tsx |
Removes outdated extraction note in comment. |
src/components/simple-grid/layout/ContractInfoCard.tsx |
Removes outdated extraction note in comment. |
src/components/simple-grid/layout/ContractColumn.tsx |
Removes outdated extraction note in comment. |
src/components/simple-grid/layout/CalldataSection.tsx |
Removes outdated extraction note in comment. |
src/components/simple-grid/layout/AbiUploadSection.tsx |
Removes outdated extraction note in comment. |
src/components/simple-grid/hooks/useWalletHelpers.ts |
Comment-only compaction. |
src/components/simple-grid/hooks/useTokenState.ts |
Comment-only compaction. |
src/components/simple-grid/hooks/useSimulationState.tsx |
Comment-only compaction. |
src/components/simple-grid/hooks/useSharedEffects.ts |
Comment-only cleanup. |
src/components/simple-grid/hooks/useRestorationEffects.ts |
Comment-only cleanup. |
src/components/simple-grid/hooks/useFunctionState.ts |
Comment-only compaction. |
src/components/simple-grid/hooks/useDiamondState.ts |
Comment-only compaction. |
src/components/simple-grid/hooks/useContractState.ts |
Comment-only compaction. |
src/components/simple-grid/buildGridContextValue.ts |
Comment-only cleanup. |
src/components/simple-grid/GridContext.tsx |
Removes blockscout-ebd from ABI source union. |
src/components/shared/AddressDisplay.tsx |
Centralizes ZERO_ADDRESS import via shared constants. |
src/components/llm/LlmDestinationChip.tsx |
Adds UI chip describing LLM destination/mode/cache-sharing. |
src/components/llm/LlmConsentModal.tsx |
Adds consent modal describing what data is sent to LLMs. |
src/components/integrations/lifi-earn/txUtils.ts |
Reuses shared address shortening + native token detection. |
src/components/integrations/lifi-earn/hooks/useTokenBalance.ts |
Uses shared isNativeToken helper. |
src/components/integrations/lifi-earn/concierge/intent/IntentPanel.tsx |
Wires LLM invocation/config into multi-asset recommendations query key. |
src/components/integrations/lifi-earn/concierge/hooks/useIdleBalances.ts |
Uses shared native token detection and MULTICALL3 constant. |
src/components/integrations/lifi-earn/concierge/hooks/fetchAssetPrices.ts |
Uses shared native token detection. |
src/components/integrations/lifi-earn/VaultList.tsx |
Reuses shared address shortening. |
src/components/integrations/lifi-earn/LifiEarnPage.tsx |
Reuses shared address shortening. |
src/components/integrations/lifi-earn/DepositFlow.tsx |
Removes unnecessary try/catch around deterministic arithmetic. |
src/components/explorer/useStorageViewerState.ts |
Threads Heimdall heuristic tier option into layout fetching. |
src/components/explorer/storage-viewer/useStorageEvidence.ts |
Extends params to accept Heimdall options into layout fetch. |
src/components/explorer/storage-viewer/fetchStorageLayout.ts |
Adds Heimdall heuristic fallback layout tier + confidence updates. |
src/components/explorer/storage-viewer/HeuristicLayoutBanner.tsx |
Adds UI warning banner for heuristic layouts. |
src/components/explorer/StorageToolbar.tsx |
Adds UI handling for heuristic confidence styling/label. |
src/components/explorer/StorageLayoutViewer.tsx |
Shows heuristic banner when confidence is heuristic. |
src/components/execution-trace/traceFrameHelpers.ts |
Comment-only compaction. |
src/components/execution-trace/traceAddressMaps.ts |
Comment-only compaction. |
src/components/debug/EvaluateModal.tsx |
Increases evaluation timeout. |
src/components/contract/ContractAddressInput.tsx |
Removes blockscout-ebd from ABI source union. |
src/components/UniversalSearchBar.tsx |
Renames RPC settings action to general “Settings” and expands keywords. |
src/components/TransactionBuilderHub.tsx |
Adds “analysis” mode and lazy-loads TxAnalysisPanel. |
src/components/TopBar.tsx |
Renames RPC settings affordance to general settings and updates wiring. |
src/components/TokenMovementsPanel.tsx |
Centralizes ZERO_ADDRESS import via shared constants. |
src/components/SimulationResultsPage.tsx |
Adds “Summarize” action to route into builder analysis mode via context. |
src/components/SettingsModal.tsx |
Adds combined Network + LLM settings modal. |
src/components/Navigation.tsx |
Adds “Analysis” sub-tab in tool navigation. |
src/components/ExecutionStackTrace.tsx |
Uses extracted token movements, controlled accordion open state, and correct counts. |
src/chains/index.ts |
Removes redundant re-export file. |
src/App.tsx |
Wires new SettingsModal, consent gate provider, and tx-summary samples route. |
src/App.css |
Renames settings trigger CSS class. |
scripts/smoke-heimdall.mjs |
Adds Heimdall manual smoke-test script. |
scripts/simulator-bridge.mjs |
Adds /heimdall/* endpoint routing + logs. |
scripts/heimdall-runner.mjs |
Adds subprocess runner with timeout + error classification. |
scripts/heimdall-cache.mjs |
Adds simple LRU cache with TTL for Heimdall outputs. |
scripts/bridge-config.mjs |
Adds Heimdall configuration + chain RPC allowlist and URL hardening. |
index.html |
Updates CSP to allow new endpoints/frames used by features. |
fhe/tsconfig.json |
Adds isolated TS config for the FHE Hardhat workspace. |
fhe/scripts/deployRiskThrottle.ts |
Adds deployment script for RiskThrottle. |
fhe/scripts/deploy-triage.ts |
Adds deployment script for HackTriage. |
fhe/package.json |
Adds FHE workspace package metadata/scripts/deps. |
fhe/hardhat.config.ts |
Adds Hardhat config for Sepolia + CoFHE toolchain. |
fhe/deployments/throttle-sepolia.json |
Adds recorded deployment addresses/metadata. |
fhe/deployments/sepolia.json |
Adds recorded deployment addresses/metadata. |
fhe/contracts/RiskThrottle.sol |
Adds CoFHE contract mapping severity → encrypted throttle status. |
fhe/contracts/HackTriage.sol |
Adds CoFHE contract performing encrypted rule-based triage. |
fhe/README.md |
Documents the isolated FHE workflow and commands. |
fhe/.gitignore |
Ignores Hardhat build artifacts and secrets for the FHE workspace. |
api/edb-proxy.ts |
Updates EDB proxy routing to use rewrite-populated path query param. |
api/_llm/guardHeaders.ts |
Adds fail-closed request guard for LLM proxy endpoints. |
api/_llm/allowlist.ts |
Adds provider/path allowlist + base URL resolution for LLM proxying. |
.gitmodules |
Adds edb submodule configuration. |
.gitignore |
Ignores root pnpm-lock.yaml to avoid Vercel package-manager confusion. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| "compile": "hardhat compile", | ||
| "clean": "rimraf ./artifacts ./cache ./typechain-types", | ||
| "test": "hardhat test --network sepolia", | ||
| "deploy:triage": "hardhat run scripts/deployHackTriage.ts --network sepolia", |
| @@ -0,0 +1,4 @@ | |||
| [submodule "edb"] | |||
| path = edb | |||
| url = git@github.com:Timidan/edb-extended.git | |||
Comment on lines
+43
to
+45
| <strong>The free Gemini 3.1 Pro Preview default</strong> routes through hexkit's proxy; by using it you | ||
| agree that resulting reports may be cached and shown to other hexkit users. | ||
| </p> |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 3e3c1a65a8
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Comment on lines
+18
to
+20
| const ALLOWED_ORIGINS = new Set( | ||
| (process.env.ALLOWED_ORIGINS || "").split(",").filter(Boolean), | ||
| ); |
There was a problem hiding this comment.
ALLOWED_ORIGINS is parsed with split(",") but never trimmed, so a common env format like "https://app.example.com, https://preview.example.com" stores the second origin with a leading space and causes legitimate browser requests to be rejected as origin_not_allowed (403). This check runs before checkRequestGuards, so the later trimmed parsing there does not save the request.
Useful? React with 👍 / 👎.
Comment on lines
+69
to
+73
| <button | ||
| type="button" | ||
| className="text-xs underline text-muted-foreground hover:text-foreground" | ||
| onClick={() => setDraft({ ...draft, defaultProvider: p })} | ||
| > |
There was a problem hiding this comment.
The settings UI allows custom to be set as the default provider, but useLlmInvocation explicitly throws unauthorized_endpoint for custom, so tx-analysis requests fail immediately for users who pick that default. This creates a deterministic broken configuration from the primary settings flow.
Useful? React with 👍 / 👎.
…lues for contract-creation transactions and enhance heuristic classifications
There was a problem hiding this comment.
Pull request overview
This PR introduces the “TxCaptain” transaction/hack analysis capabilities (LLM-backed), adds Heimdall-powered heuristic storage-layout fallback, and wires supporting infra (EDB proxy rewrite, settings/consent UX, and an isolated fhe/ Hardhat workspace for CoFHE contracts).
Changes:
- Add LLM configuration + consent gating, and a new “Analysis” mode entry point from simulation results.
- Add Heimdall client + bridge endpoints and a heuristic storage-layout synthesis fallback tier.
- Add hack-analysis incident corpus + retrieval/LLM orchestration and fixtures, plus assorted refactors (constants/types extraction, doc comment trims).
Reviewed changes
Copilot reviewed 198 out of 201 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| vercel.json | Add rewrites to route /api/edb/* to edb-proxy handler. |
| src/utils/tx-analysis/sourceSanitizer.ts | New Solidity source sanitization helper for analysis prompts. |
| src/utils/tx-analysis/markdown.ts | New Verdict→Markdown renderer. |
| src/utils/tx-analysis/deepDive.ts | New deep-dive source fetch/sanitize orchestration. |
| src/utils/traceDecoder/jumpAnalysis.ts | Doc comment compacting. |
| src/utils/traceDecoder/callHierarchy.ts | Doc comment compacting. |
| src/utils/traceDecoder/analysisHelpers.ts | Doc comment compacting. |
| src/utils/solidity-layout/types.ts | Add heuristic confidence option. |
| src/utils/solidity-layout/allocatorTypeHelpers.ts | Doc comment compacting. |
| src/utils/simulationArtifacts.ts | Move ensureArray to shared types module and re-export. |
| src/utils/simulationArtifactTypes.ts | Add ensureArray helper to shared types module. |
| src/utils/resolver/types.ts | Remove unused resolver sources; trim SOURCE_CONFIGS. |
| src/utils/resolver/proxyResolver.ts | Centralize ZERO_ADDRESS via shared constants. |
| src/utils/resolver/contractContext.ts | Centralize ZERO_ADDRESS via shared constants. |
| src/utils/resolver/ContractResolver.ts | Remove unimplemented resolver source branches. |
| src/utils/llm/types.ts | New shared LLM request/response/error types. |
| src/utils/llm/streamParser.ts | New SSE chunk parsers for Anthropic/OpenAI/Gemini streams. |
| src/utils/heuristic-layout/heuristicLayout.ts | New heuristic storage-layout synthesis from Heimdall dump (+ ABI hints). |
| src/utils/heuristic-layout/abiLabelExtractor.ts | ABI hint extraction for heuristic labels/types. |
| src/utils/heimdall/useHeimdallAvailability.ts | Hook to detect Heimdall availability/version. |
| src/utils/heimdall/types.ts | Zod schemas + types for Heimdall API payloads. |
| src/utils/heimdall/hooks.ts | React Query hooks for Heimdall endpoints. |
| src/utils/heimdall/heimdallApi.ts | Client API wrapper for Heimdall bridge endpoints. |
| src/utils/hack-analysis/triage/cofhe.ts | CoFHE triage feature packing + class label mapping. |
| src/utils/hack-analysis/retrieval.ts | Analog incident retrieval by label overlap. |
| src/utils/hack-analysis/llm.ts | Hack-analysis LLM prompt + validation/cleanup of references. |
| src/utils/hack-analysis/incidents/team-finance-2022-10.json | Add incident entry. |
| src/utils/hack-analysis/incidents/ronin-2022-03.json | Add incident entry. |
| src/utils/hack-analysis/incidents/radiant-2024-10.json | Add incident entry. |
| src/utils/hack-analysis/incidents/qubit-2022-01.json | Add incident entry. |
| src/utils/hack-analysis/incidents/platypus-2023-02.json | Add incident entry. |
| src/utils/hack-analysis/incidents/penpie-2024-09.json | Add incident entry. |
| src/utils/hack-analysis/incidents/orbit-bridge-2024-01.json | Add incident entry. |
| src/utils/hack-analysis/incidents/nomad-2022-08.json | Add incident entry. |
| src/utils/hack-analysis/incidents/multichain-2023-07.json | Add incident entry. |
| src/utils/hack-analysis/incidents/ledger-connect-2023-12.json | Add incident entry. |
| src/utils/hack-analysis/incidents/kyberswap-elastic-2023-11.json | Add incident entry. |
| src/utils/hack-analysis/incidents/index.ts | Loader/validator for incident JSON corpus. |
| src/utils/hack-analysis/incidents/bybit-2025-02.json | Add incident entry. |
| src/utils/hack-analysis/incidents/README.md | Document incident corpus format + validation rules. |
| src/utils/hack-analysis/fixtures/signer-compromise-fixture.ts | Add classifier/LLM fixture. |
| src/utils/hack-analysis/fixtures/reentrancy-fixture.ts | Add classifier/LLM fixture. |
| src/utils/hack-analysis/fixtures/oracle-manipulation-fixture.ts | Add classifier/LLM fixture. |
| src/utils/hack-analysis/fixtures/math-invariant-fixture.ts | Add classifier/LLM fixture. |
| src/utils/hack-analysis/fixtures/governance-takeover-fixture.ts | Add classifier/LLM fixture. |
| src/utils/hack-analysis/fixtures/flashloan-fixture.ts | Add classifier/LLM fixture. |
| src/utils/hack-analysis/fixtures/delegatecall-fixture.ts | Add classifier/LLM fixture (+ benign case). |
| src/utils/hack-analysis/fixtures/bridge-forgery-fixture.ts | Add classifier/LLM fixture (+ benign case). |
| src/utils/hack-analysis/fixtures/benign-vault-deposit.ts | Add benign fixture. |
| src/utils/hack-analysis/fixtures/approval-drain-fixture.ts | Add approval-drain + router-swap fixture. |
| src/utils/hack-analysis/fixtures/access-control-fixture.ts | Add access-control fixture. |
| src/utils/edbTraceConverter.ts | Update ensureArray import source. |
| src/utils/cache/sourcifyCache.ts | Remove outdated legacy fetcher mention. |
| src/utils/addressConstants.ts | New shared address constants + native-token helpers. |
| src/types/index.ts | Split chain/abi types into dedicated modules; re-export. |
| src/types/contractInfo.ts | Update Chain import + trim source union. |
| src/types/chain.ts | New canonical Chain/Explorer types module. |
| src/types/abi.ts | Inline ABIFetchResult into abi module. |
| src/services/TxAnalysisStore.ts | New IndexedDB-backed store for tx analyses with sanitization. |
| src/services/DebugBridgeService.ts | Add sparse snapshot metadata fetch helper. |
| src/main.tsx | Add LlmConfigProvider to app root. |
| src/hooks/useLlmConsent.ts | New hook to acknowledge consent. |
| src/hooks/useContractInputs.ts | Simplify dynamic ethers import error handling. |
| src/contexts/debug/useDebugPrep.ts | Improve error state when live session is evicted mid-connect. |
| src/contexts/debug/debugHelpers.ts | Remove re-exports (structStorageDecoding) from this module. |
| src/contexts/SimulationContext.tsx | Add analysisSubject state for Tx analysis routing. |
| src/contexts/LlmConsentGateContext.tsx | New consent gate provider/context. |
| src/contexts/LlmConfigContext.tsx | New LLM config context tied to localStorage manager. |
| src/config/llmConfig.ts | New localStorage-backed LLM config manager + defaults. |
| src/components/tx-analysis/useHackAnalysis.ts | New hook to classify/retrieve/invoke hack-analysis. |
| src/components/tx-analysis/VerdictCard.tsx | New verdict summary UI card. |
| src/components/tx-analysis/SummarizeButton.tsx | Add “Summarize transaction” UI trigger. |
| src/components/tx-analysis/EvidenceList.tsx | New evidence packet display component. |
| src/components/tx-analysis/DeepDiveDrawer.tsx | New deep-dive display drawer. |
| src/components/simulation-results/useSimulationPageState.ts | Improve open-debug flow when prep auto-connect still in flight. |
| src/components/simulation-results/useSimulationPageHelpers.ts | Doc comment compacting. |
| src/components/simulation-results/ResultsHeader.tsx | Add Summarize button plumbing. |
| src/components/simple-grid/utils.ts | Simplify stringify fallback. |
| src/components/simple-grid/types.ts | Remove outdated extraction note. |
| src/components/simple-grid/tokenDetection.ts | Remove outdated extraction note. |
| src/components/simple-grid/layout/OverridesSidebar.tsx | Remove outdated extraction note. |
| src/components/simple-grid/layout/FunctionTypeSection.tsx | Remove outdated extraction note. |
| src/components/simple-grid/layout/FunctionSelectSection.tsx | Remove outdated extraction note. |
| src/components/simple-grid/layout/FunctionSearchSection.tsx | Remove outdated extraction note. |
| src/components/simple-grid/layout/FunctionResultSection.tsx | Remove outdated extraction note. |
| src/components/simple-grid/layout/FunctionParamsSection.tsx | Remove outdated extraction note. |
| src/components/simple-grid/layout/ExecutionSection.tsx | Remove outdated extraction note. |
| src/components/simple-grid/layout/DiamondPopup.tsx | Remove outdated extraction note. |
| src/components/simple-grid/layout/ContractPreviewCard.tsx | Remove outdated extraction note. |
| src/components/simple-grid/layout/ContractInfoCard.tsx | Remove outdated extraction note. |
| src/components/simple-grid/layout/ContractColumn.tsx | Remove outdated extraction note. |
| src/components/simple-grid/layout/CalldataSection.tsx | Remove outdated extraction note. |
| src/components/simple-grid/layout/AbiUploadSection.tsx | Remove outdated extraction note. |
| src/components/simple-grid/hooks/useWalletHelpers.ts | Doc comment compacting. |
| src/components/simple-grid/hooks/useTokenState.ts | Doc comment compacting. |
| src/components/simple-grid/hooks/useSimulationState.tsx | Doc comment compacting. |
| src/components/simple-grid/hooks/useSharedEffects.ts | Doc comment compacting. |
| src/components/simple-grid/hooks/useRestorationEffects.ts | Doc comment compacting. |
| src/components/simple-grid/hooks/useFunctionState.ts | Doc comment compacting. |
| src/components/simple-grid/hooks/useDiamondState.ts | Doc comment compacting. |
| src/components/simple-grid/hooks/useContractState.ts | Doc comment compacting. |
| src/components/simple-grid/buildGridContextValue.ts | Remove outdated extraction note. |
| src/components/simple-grid/GridContext.tsx | Remove blockscout-ebd abi source type. |
| src/components/shared/AddressDisplay.tsx | Centralize ZERO_ADDRESS via shared constants. |
| src/components/llm/LlmDestinationChip.tsx | New chip indicating LLM destination/BYOK/cache-sharing. |
| src/components/llm/LlmConsentModal.tsx | New LLM consent modal copy + acknowledge flow. |
| src/components/integrations/lifi-earn/txUtils.ts | Reuse shared address + native-token helpers. |
| src/components/integrations/lifi-earn/hooks/useTokenBalance.ts | Use shared native-token helper. |
| src/components/integrations/lifi-earn/concierge/intent/IntentPanel.tsx | Thread LLM invoke/model into multi-asset recommendations query. |
| src/components/integrations/lifi-earn/concierge/hooks/useIdleBalances.ts | Use shared native-token + Multicall3 constants. |
| src/components/integrations/lifi-earn/concierge/hooks/fetchAssetPrices.ts | Use shared native-token helper. |
| src/components/integrations/lifi-earn/VaultList.tsx | Use shared address truncation helper. |
| src/components/integrations/lifi-earn/LifiEarnPage.tsx | Use shared address truncation helper. |
| src/components/integrations/lifi-earn/DepositFlow.tsx | Remove empty try/catch around deterministic parsing. |
| src/components/explorer/useStorageViewerState.ts | Wire Heimdall heuristic tier into storage layout fetch options. |
| src/components/explorer/storage-viewer/useStorageEvidence.ts | Thread Heimdall options into fetchStorageLayout call. |
| src/components/explorer/storage-viewer/fetchStorageLayout.ts | Add heuristic Heimdall tier + confidence updates. |
| src/components/explorer/storage-viewer/HeuristicLayoutBanner.tsx | Add UI warning banner for heuristic layouts. |
| src/components/explorer/StorageToolbar.tsx | Display heuristic confidence styling + tooltip. |
| src/components/explorer/StorageLayoutViewer.tsx | Show heuristic warning banner with dismiss behavior. |
| src/components/execution-trace/traceFrameHelpers.ts | Doc comment compacting. |
| src/components/execution-trace/traceAddressMaps.ts | Doc comment compacting. |
| src/components/debug/EvaluateModal.tsx | Increase evaluation timeout. |
| src/components/contract/ContractAddressInput.tsx | Remove blockscout-ebd abi source option. |
| src/components/UniversalSearchBar.tsx | Rename open-settings callback; broaden settings keywords. |
| src/components/TransactionBuilderHub.tsx | Add new builder mode “analysis” + lazy-load TxAnalysisPanel. |
| src/components/TopBar.tsx | Rename RPC settings trigger to general settings trigger. |
| src/components/TokenMovementsPanel.tsx | Centralize ZERO_ADDRESS usage (via addressConstants). |
| src/components/SimulationResultsPage.tsx | Add summarize handler → route to analysis mode and set subject. |
| src/components/SettingsModal.tsx | New combined Settings modal with Network + LLM tabs. |
| src/components/Navigation.tsx | Add “Analysis” sub-tab in navigation. |
| src/components/ExecutionStackTrace.tsx | Only show token movements section when real token transfers exist; controlled accordion state. |
| src/chains/index.ts | Remove unused re-export barrel. |
| src/App.tsx | Integrate settings modal + consent gate + samples route. |
| src/App.css | Rename settings trigger CSS class. |
| scripts/smoke-heimdall.mjs | Add Heimdall smoke-test script. |
| scripts/simulator-bridge.mjs | Route /heimdall/* endpoints to heimdall handler. |
| scripts/heimdall-runner.mjs | Add subprocess runner with timeout + typed errors. |
| scripts/heimdall-cache.mjs | Add small LRU cache helper for Heimdall results. |
| scripts/bridge-config.mjs | Add Heimdall config + server-side RPC allowlist/SSRF defenses. |
| package.json | Add dependencies for CoFHE + shared storage; adjust dev deps. |
| index.html | Update CSP connect-src/frame-src for new integrations. |
| fhe/tsconfig.json | New isolated TS config for fhe/ workspace. |
| fhe/scripts/deployRiskThrottle.ts | Deployment script for RiskThrottle. |
| fhe/scripts/deploy-triage.ts | Deployment script for HackTriage. |
| fhe/package.json | New isolated Hardhat workspace package config. |
| fhe/hardhat.config.ts | Hardhat config (Sepolia + CoFHE). |
| fhe/deployments/throttle-sepolia.json | Deployment record. |
| fhe/deployments/sepolia.json | Deployment record. |
| fhe/contracts/RiskThrottle.sol | New CoFHE throttle contract. |
| fhe/contracts/HackTriage.sol | New CoFHE triage contract. |
| fhe/README.md | Document fhe/ workspace usage. |
| fhe/.gitignore | Ignore fhe/ workspace build artifacts + secrets. |
| api/edb-proxy.ts | Update EDB proxy path extraction for new rewrite-based routing. |
| api/_llm/guardHeaders.ts | Add fail-closed origin/proxy-secret guard helpers. |
| api/_llm/allowlist.ts | Add provider base URLs + path allowlist resolution helpers. |
| .gitmodules | Add edb submodule reference. |
| .gitignore | Ignore root pnpm lockfile to avoid Vercel package-manager confusion. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+44
to
+45
| export { ensureArray } from "./simulationArtifactTypes"; | ||
| import { ensureArray } from "./simulationArtifactTypes"; |
Comment on lines
+25
to
+26
| const [tab, setTab] = useState<"network" | "llm">(initialTab); | ||
|
|
Comment on lines
+547
to
+551
| const snapshots: SnapshotListItem[] = allResults | ||
| .filter( | ||
| (r): r is PromiseFulfilledResult<{ id: number; value: unknown }> => | ||
| r.status === 'fulfilled' && r.value !== null, | ||
| ) |
| <script src="/error-handler.js"></script> | ||
| <meta charset="UTF-8" /> | ||
| <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https: blob:; connect-src 'self' https://*.alchemy.com https://*.infura.io https://*.etherscan.io https://*.basescan.org https://*.polygonscan.com https://*.arbiscan.io https://*.bscscan.com https://*.blockscout.com https://sourcify.dev https://repo.sourcify.dev https://eth-bytecode-db.services.blockscout.com https://api.openchain.xyz https://www.4byte.directory https://coins.llama.fi https://cdn.jsdelivr.net https://cca-lite.coinbase.com https://*.coinbase.com https://*.publicnode.com https://polygon-rpc.com https://*.arbitrum.io https://*.optimism.io https://*.base.org https://api.avax.network https://*.binance.org https://rpc.gnosischain.com https://*.polygon.technology https://*.ethpandaops.io https://*.blastapi.io https://*.lisk.com https://*.thirdweb.com https://*.drpc.org https://*.tenderly.co https://rpc.scroll.io https://rpc.linea.build https://rpc.mantle.xyz https://rpc.blast.io https://rpc.berachain.com https://rpc.soniclabs.com https://rpc.frax.com https://opbnb-mainnet-rpc.bnbchain.org https://rpc.api.moonbeam.network https://evm-rpc.sei-apis.com https://rpc.mainnet.taiko.xyz https://rpc.soneium.org https://rpc.fuse.io https://api.roninchain.com https://rpc-quicknode.morphl2.io https://rpc.immutable.com https://flare-api.flare.network https://rpc.lens.xyz https://rpc.xdcscan.com https://rpc.viction.xyz https://rpc.gobob.xyz https://rpc-gel.inkonchain.com https://rpc.hemi.network https://rpc.gravity.xyz https://rpc.vana.org https://rpc.corn.fun https://rpc.sophon.xyz https://rpc.plasma.build https://rpc.stable.xyz https://rpc.plume.org https://rpc.tempo.xyz https://rpc.hyperliquid.xyz https://rpc.monad.xyz https://rpc.katana.farm https://rpc.superposition.so https://mainnet.unichain.org https://forno.celo.org https://evm.cronos.org https://mainnet.era.zksync.io https://mainnet.mode.network https://mainnet.boba.network https://andromeda.metis.io https://apechain.calderachain.xyz https://swell-mainnet.alt.technology https://api.mainnet.abs.xyz https://public-node.rsk.co https://mainnet.evm.nodes.onflow.org https://public-en.node.kaia.io https://mainnet.telos.net https://node.mainnet.etherlink.com https://sepolia.optimism.io https://sepolia.base.org https://polygon-amoy.gateway.tenderly.co https://*.vercel.app https://*.walletconnect.com https://*.walletconnect.org wss://*.walletconnect.com wss://*.walletconnect.org ws://localhost:* http://localhost:* http://127.0.0.1:* https://web3-toolkit.vercel.app; frame-src 'self' https://*.walletconnect.com https://*.walletconnect.org; worker-src 'self' blob:;" /> | ||
| <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https: blob:; connect-src 'self' https://*.alchemy.com https://*.infura.io https://*.etherscan.io https://*.basescan.org https://*.polygonscan.com https://*.arbiscan.io https://*.bscscan.com https://*.blockscout.com https://sourcify.dev https://repo.sourcify.dev https://eth-bytecode-db.services.blockscout.com https://api.openchain.xyz https://www.4byte.directory https://coins.llama.fi https://cdn.jsdelivr.net https://cca-lite.coinbase.com https://*.coinbase.com https://*.publicnode.com https://polygon-rpc.com https://*.arbitrum.io https://*.optimism.io https://*.base.org https://api.avax.network https://*.binance.org https://rpc.gnosischain.com https://*.polygon.technology https://*.ethpandaops.io https://*.blastapi.io https://*.lisk.com https://*.thirdweb.com https://*.drpc.org https://*.tenderly.co https://rpc.scroll.io https://rpc.linea.build https://rpc.mantle.xyz https://rpc.blast.io https://rpc.berachain.com https://rpc.soniclabs.com https://rpc.frax.com https://opbnb-mainnet-rpc.bnbchain.org https://rpc.api.moonbeam.network https://evm-rpc.sei-apis.com https://rpc.mainnet.taiko.xyz https://rpc.soneium.org https://rpc.immutable.com https://flare-api.flare.network https://rpc.lens.xyz https://rpc.xdcscan.com https://rpc.viction.xyz https://rpc.gobob.xyz https://rpc-gel.inkonchain.com https://rpc.hemi.network https://rpc.gravity.xyz https://rpc.vana.org https://rpc.corn.fun https://rpc.sophon.xyz https://rpc.plasma.build https://rpc.stable.xyz https://rpc.plume.org https://rpc.tempo.xyz https://rpc.hyperliquid.xyz https://rpc.monad.xyz https://rpc.katana.farm https://rpc.superposition.so https://mainnet.unichain.org https://forno.celo.org https://evm.cronos.org https://mainnet.era.zksync.io https://mainnet.mode.network https://mainnet.boba.network https://andromeda.metis.io https://apechain.calderachain.xyz https://swell-mainnet.alt.technology https://api.mainnet.abs.xyz https://public-node.rsk.co https://mainnet.evm.nodes.onflow.org https://public-en.node.kaia.io https://mainnet.telos.net https://node.mainnet.etherlink.com https://sepolia.optimism.io https://sepolia.base.org https://polygon-amoy.gateway.tenderly.co https://*.vercel.app https://*.walletconnect.com https://*.walletconnect.org wss://*.walletconnect.com wss://*.walletconnect.org https://testnet-cofhe.fhenix.zone https://testnet-cofhe-vrf.fhenix.zone https://testnet-cofhe-tn.fhenix.zone ws://localhost:* http://localhost:* http://127.0.0.1:* https://web3-toolkit.vercel.app; frame-src 'self' https://*.walletconnect.com https://*.walletconnect.org https://iframe-shared-storage.vercel.app; worker-src 'self' blob:;" /> |
| @@ -0,0 +1,4 @@ | |||
| [submodule "edb"] | |||
| path = edb | |||
| url = git@github.com:Timidan/edb-extended.git | |||
Comment on lines
+43
to
+45
| <strong>The free Gemini 3.1 Pro Preview default</strong> routes through hexkit's proxy; by using it you | ||
| agree that resulting reports may be cached and shown to other hexkit users. | ||
| </p> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.