// npm 패키지
@aztec/cli-wallet
1) Start a local Ethereum node (Anvil) in one terminal:
버전
981
메인테이너
6
최초 publish
2025-02-07
publisher
charlielye
tarball
305,824 B
AUTO-PUBLISHED·1개 버전 인덱싱됨·최근 publish: 2026-06-04
// exfil path
what is read → where it shipssteals
- ● Seed phrase
sends to
(no destination string extracted — payload may be dynamic / obfuscated)
evidence in excerpt
> export function extractECDSAPublicKeyFromBase64String(base64PublicKey: string): Buffer {
> const buffer = Buffer.from(base64PublicKey, 'base64');
> l1RpcUrls: string[],
> const chain = createEthereumChain(l1RpcUrls, chainId);
> const client = createExtendedL1Client(chain.rpcUrls, privateKey ?? mnemonic, chain.chainInfo);// publisher 캠페인by charlielye
이 계정에서 catch된 패키지 9건고립된 catch가 아닙니다. 동일 publisher가 8개의 다른 패키지를 추가로 발행했고, 모두 파이프라인이 catch했습니다 — 일회성이 아닌 조직적 캠페인의 형태. 아래 링크는 각 형제 catch의 분석으로 이동합니다.
// offending code· @4.3.1· 4 files flagged
- @4.3.1··AUTO-PUBLISHED·publisher: charlielyeheuristic 64/100static flags 2llm skippednew-publisher:15dmature-packagepublisher-multi-name-burst:34publisher-version-pump:35base64-decodereads-seed-phrase
// offending code· 4 files flaggedpatterns: 2
--- package/src/utils/ecdsa.ts (excerpt) --- export function extractECDSAPublicKeyFromBase64String(base64PublicKey: string): Buffer { const buffer = Buffer.from(base64PublicKey, 'base64'); let keyOffset = 0; const typeLen = buffer.readUInt32BE(keyOffset); keyOffset += 4; keyOffset += typeLen; const curveLen = buffer.readUInt32BE(keyOffset); keyOffset += 4; keyOffset += curveLen; const keyLen = buffer.readUInt32BE(keyOffset); keyOffset += 5; // 4+1 to remove the prefix return buffer.subarray(keyOffset, keyOffset + keyLen - 1); } --- package/src/cmds/bridge_fee_juice.ts (excerpt) --- import { L1FeeJuicePortalManager } from '@aztec/aztec.js/ethereum'; import type { AztecNode } from '@aztec/aztec.js/node'; import { ProtocolContractAddress } from '@aztec/aztec.js/protocol'; import { prettyPrintJSON } from '@aztec/cli/utils'; import { createEthereumChain } from '@aztec/ethereum/chain'; import { createExtendedL1Client } from '@aztec/ethereum/client'; import { Fr } from '@aztec/foundation/curves/bn254'; import type { LogFn, Logger } from '@aztec/foundation/log'; import type { AztecAddress } from '@aztec/stdlib/aztec-address'; import { getNonNullifiedL1ToL2MessageWitness } from '@aztec/stdlib/messaging'; export async function bridgeL1FeeJuice( amount: bigint, recipient: AztecAddress, node: AztecNode, l1RpcUrls: string[], chainId: number, privateKey: string | undefined, mnemonic: string, mint: boolean, json: boolean, wait: boolean, interval = 60_000, log: LogFn, debugLogger: Logger, ) { // Prepare L1 client const chain = createEthereumChain(l1RpcUrls, chainId); const client = createExtendedL1Client(chain.rpcUrls, privateKey ?? mnemonic, chain.chainInfo); // Setup portal manager const portal = await L1FeeJuicePortalManager.new(node, client, debugLogger); const { claimAmount, claimSecret, messageHash, messageLeafIndex } = await portal.bridgeTokensPublic( recipient, amount, mint, ); if (json) { const out = { claimAmount, claimSecret, messageLeafIndex, }; log(prettyPrintJSON(out)); --- package/src/cmds/index.ts (excerpt) --- import { getIdentities } from '@aztec/accounts/utils'; import { TxHash } from '@aztec/aztec.js/tx'; import { ETHEREUM_HOSTS, PRIVATE_KEY, addOptions, createSecretKeyOption, l1ChainIdOption, parseBigint, parseFieldFromHexString, parsePublicKey, } from '@aztec/cli/utils'; import { randomBytes } from '@aztec/foundation/crypto/random'; import type { LogFn, Logger } from '@aztec/foundation/log'; import { TxStatus } from '@aztec/stdlib/tx'; import { type Command, Option } from 'commander'; import inquirer from 'inquirer'; import type { WalletDB } from '../storage/wallet_db.js'; import type { CliWalletAndNodeWrapper } from '../utils/cli_wallet_and_node_wrapper.js'; import type { AccountType } from '../utils/constants.js'; import { ARTIFACT_DESCRIPTION, CLIFeeArgs, aliasedAddressParser, aliasedSecretKeyParser, aliasedTxHashParser, artifactPathFromPromiseOrAlias, artifactPathParser, cleanupAuthWitnesses, createAccountOption, createAliasOption, createArgsOption, createArtifactOption, createAuthwitnessOption, createContractAddressOption, createDebugExecutionStepsDirOption, createTypeOption, createVerboseOption, integerArgParser, } from '../utils/options/index.js'; function parseWaitForStatus(status: string): TxStatus { switch (status) { case 'proposed': return TxStatus.PROPOSED; case 'checkpointed': return TxStatus.CHECKPOINTED; default: throw new Error(`Invalid wait-for-status: ${status}. Use 'propos --- package/dest/utils/ecdsa.js (excerpt) --- export function extractECDSAPublicKeyFromBase64String(base64PublicKey) { const buffer = Buffer.from(base64PublicKey, 'base64'); let keyOffset = 0; const typeLen = buffer.readUInt32BE(keyOffset); keyOffset += 4; keyOffset += typeLen; const curveLen = buffer.readUInt32BE(keyOffset); keyOffset += 4; keyOffset += curveLen; const keyLen = buffer.readUInt32BE(keyOffset); keyOffset += 5; // 4+1 to remove the prefix return buffer.subarray(keyOffset, keyOffset + keyLen - 1); }
