RogueWave/pyre
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
18ecbe471bb8c4e38ff30cc79590406430d276eb
pyre/packages/core
History
RogueWave 18ecbe471b feat(token-2022): extension-aware scanning + classification (security-gated) 
Implements the §7.1 policy in code so Token-2022 (pump.fun) tokens are cleanable
when safe:
- @pyre/core: extensions.ts (BLOCKING/FLAGGED/SAFE sets + evaluateTokenExtensions);
  classify.ts gates Token-2022 on account+mint extensions; unknown extension or
  confidential-transfer/withheld-fee -> UNSUPPORTED; transfer-hook/permanent-
  delegate/pausable -> cleanable+flagged. Added malformed-u64-balance guard.
- @pyre/solana: parseTokenAccounts reads account extensions + withheld fee, and
  batch-fetches MINT extensions (getMultipleParsedAccounts, chunked).

SECURITY (from audit): mint-fetch failure no longer silently downgrades to
account-level-only (which could hide a mint-level blocking extension). Token-2022
accounts with unverified mints are marked extensionsVerified=false and classified
UNSUPPORTED ("unknown means skip"). Two audit agents: integration SHIP; security
found this CRITICAL -> fixed + tested.

Tests: core 85, solana 8. Live verified: the two pump.fun Token-2022 tokens now
classify INCINERATE_ONLY (were UNSUPPORTED). classic-SPL behavior unchanged.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-31 04:16:33 +00:00
..
src
feat(token-2022): extension-aware scanning + classification (security-gated)
2026-05-31 04:16:33 +00:00
package.json
feat(phase1): wallet scanner — scan API, classifier, token fetch, web UI
2026-05-31 03:10:52 +00:00
README.md
chore: scaffold PYRE MVP monorepo (structure + docs)
2026-05-31 02:20:55 +00:00
tsconfig.json
chore: scaffold PYRE MVP monorepo (structure + docs)
2026-05-31 02:20:55 +00:00

README.md

@pyre/core

Shared types and business logic for PYRE / Prometheus Protocol.

Purpose

The canonical home for cross-cutting type definitions and (eventually) pure business logic shared by apps/* and the other packages/*. Per §13 its responsibilities are:

  • Classification enumsTokenClassification (§6).
  • Risk rules — conservative safety-rule types/constants (§7). Placeholder.
  • Shared DTOs — request/response shapes for the HTTP API (§14).
  • Receipt schemaCleanupReceipt (§8, §15).
  • Prometheus I/O schemaPrometheusInput / PrometheusOutput (§9).

This package carries real type definitions but no application logic in the skeleton.

Modules

  • src/classification.tsTokenClassification enum.
  • src/dto.ts — API request/response DTOs.
  • src/receipt.ts — cleanup receipt schema.
  • src/prometheus.ts — Prometheus meta-mixer input/output.
  • src/risk.ts — risk-rule placeholder.

TODO

  • Define concrete risk-rule identifiers, threshold shapes, and pure evaluators.
  • Tighten DTO shapes flagged TODO once the scan/classify/build pipeline lands.
  • Define the concrete token metadata JSON shape used by receipts and Prometheus.
Reference in New Issue View Git Blame Copy Permalink