AI Security Review
scanned 2d ago · by lpm-firewall-aiNo confirmed malicious attack surface. This is a self-custody Solana wallet whose signing and transfer paths are explicit runtime API calls, not install- or import-time behavior.
Static reason
High-risk behavior combination matched malicious policy.
Trigger
Caller invokes `sendCirc`, `sendSol`, or `swap` with a configured keypair.
Impact
The caller's wallet can transfer or swap funds only through the package's documented, explicitly invoked methods.
Mechanism
Constructs, signs, and broadcasts user-requested Solana transfers or Jupiter swap transactions.
Rationale
The flagged cryptocurrency operations are the package's stated wallet functionality and are gated by explicit caller methods plus a supplied/environment keypair. Source inspection found no automatic transfer, persistence, payload execution, local harvesting, or exfiltration chain.
Evidence
package.jsondist/index.jsdist/index.d.tsREADME.md
Network endpoints4
lite-api.jup.ag/swap/v1api.jup.ag/swap/v1api.mainnet-beta.solana.comrpc.ankr.com/solana
Decision evidence
public snapshotAI called this Clean at 97.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- `package.json` has no lifecycle install hooks.
- `dist/index.js` only loads `CIRCUIT_WALLET` when `makeWallet` is called.
- Transfers require explicit `sendCirc` or `sendSol` calls and a signing keypair.
- Swaps require an explicit `swap` call; it signs the returned transaction then broadcasts it.
- No filesystem writes, shell/process execution, dynamic evaluation, or credential exfiltration found.
- Network calls target documented Solana RPC and Jupiter swap endpoints.
Behavioral surface
EnvironmentVarsNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcedist/index.jsView file
4function keypairFromSecret(input) {
L5: if (input instanceof Uint8Array) return Keypair.fromSecretKey(input);
L6: if (Array.isArray(input)) return Keypair.fromSecretKey(Uint8Array.from(input));
L7: const s = String(input).trim();
L8: if (s.startsWith("[")) return Keypair.fromSecretKey(Uint8Array.from(JSON.parse(s)));
L9: return Keypair.fromSecretKey(bs58.decode(s));
L10: }
L11: function loadKeypairFromEnv(env = process.env) {
L12: const v = env.CIRCUIT_WALLET;
...
L86: if (!usesDefaultPublicRpc(opts)) return;
L87: if (process.env.CIRCUIT_SUPPRESS_RPC_WARNING === "1") return;
L88: warned = true;
Critical
Wallet Drain
Source uses private key material to transfer cryptocurrency funds.
dist/index.jsView on unpkg · L44Trigger-reachable chain: manifest.main -> dist/index.js
L4: function keypairFromSecret(input) {
L5: if (input instanceof Uint8Array) return Keypair.fromSecretKey(input);
L6: if (Array.isArray(input)) return Keypair.fromSecretKey(Uint8Array.from(input));
L7: const s = String(input).trim();
L8: if (s.startsWith("[")) return Keypair.fromSecretKey(Uint8Array.from(JSON.parse(s)));
L9: return Keypair.fromSecretKey(bs58.decode(s));
L10: }
L11: function loadKeypairFromEnv(env = process.env) {
L12: const v = env.CIRCUIT_WALLET;
...
L86: if (!usesDefaultPublicRpc(opts)) return;
L87: if (process.env.CIRCUIT_SUPPRESS_RPC_WARNING === "1") return;
L88: warned = true;
Critical
Trigger Reachable Dangerous Capability
A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/index.jsView on unpkg · L4Findings
2 Critical2 Medium2 Low
CriticalWallet Draindist/index.js
CriticalTrigger Reachable Dangerous Capabilitydist/index.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowUrl Strings