Diablo_Rain/Diablo_ClaudeMD_Ricing_example
Archived
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
This repository has been archived on 2026-06-11. You can view files and clone it, but cannot push or open issues or pull requests.
29f6e9829b
Diablo_ClaudeMD_Ricing_example/skills/entry-point-analyzer/references/move-sui.md
diablo 50fa79407d
Some checks are pending
CI — CoM Config Validation / Validate JSON Configs (push) Waiting to run
Details
CI — CoM Config Validation / Validate YAML Configs (push) Waiting to run
Details
CI — CoM Config Validation / Lint Shell Scripts (push) Waiting to run
Details
CI — CoM Config Validation / Secret Detection (push) Waiting to run
Details
CI — CoM Config Validation / Lint Markdown (push) Waiting to run
Details
CI — CoM Config Validation / Validate CODEOWNERS (push) Waiting to run
Details
CoM Claude Command Center — sanitized public configuration 
Public, sanitized mirror of an AI orchestration command center: agents, skills,
MCP servers, slash-command workflows. All infrastructure identifiers, hostnames,
mesh IPs/subnets, repo paths, maintainer identity, and hardware fleet specifics
scrubbed to <placeholders>; session debug logs and host-specific memory removed.
No live credentials. Verified clean by automated leak sweep. See SANITIZATION.md.

churchofmalware.org . authorized research only
2026-06-10 02:02:03 -04:00

3.5 KiB
Raw Blame History

Move Entry Point Detection (Sui)

Entry Point Identification (State-Changing Only)

In Move, public functions can be invoked from programmable transaction blocks (Sui) or transaction scripts (Aptos) and typically modify state. In addition, private entry functions are entrypoints. Package-protected (public(package) fun) and private (fun) functions should be excluded.

// Public functions
public fun compute(obj: &mut Object): u64 { }

// Entry functions in Sui
public entry fun transfer(ctx: &mut TxContext) { }

Visibility Rules

Visibility Include? Notes
public entry fun Yes Callable from transactions and modules
public fun Yes Callable from transactions and modules
entry fun Yes Callable from transactions, but not other modules
fun (private) No Not externally callable
public(package) fun No Only callable by other modules in the same package

Access Control Patterns

// Object types have the key ability
public struct MyObject has key { id: ID, ... }

// Capability objects typically have names that end with "Cap"
public struct AdminCap has key { id: ID, ... }

// Shared objects are created via `public_share
public struct Pool has key { id: ID, ... }

// Object ownership provides access control
public fun use_owned_object(obj: &mut MyObject) {
    // Only owner of obj can call this
}

// Shared object - anyone can access
public fun use_shared(pool: &mut Pool) { }

// Shared Pool object gated by capability - only owner of AdminCap can call
public fun capability_gate(_cap: &AdminCap, pool: &mut Pool) {}

Access Control Classification

Pattern Classification
Owned object parameter Owner of object
Shared object Public (Unrestricted)

Contract-Only Detection

Package-protected Functions

// Only callable by other modules in the same Move package
public(protected) fun internal_fun() { }

Extraction Strategy

  1. Parse all .move files
  2. Find module declarations
  3. Extract public, public entry, and entry functions
  4. Extract object type declarations (struct's that have the key ability)
  5. Determine whether each object type is owned (passed as parameter to transfer or public_transfer functions) or shared (passed as parameter to share or public_share functions)
  6. Analyze parameters:
    • Owned object type with "XCap" in name -> X role (e.g., AdminCap = Admin role, GuardianCap = Guardian role)
    • Owned object type without "Cap" in name -> Owner role
    • Shared object type -> Public

Move-Specific Considerations

  1. Object Model: Access control typically through object ownership (rather than runtime assertions)
  2. Capabilities: Cap suffix typically indicates capability pattern
  3. Generic Types: Type parameters may carry capability constraints
  4. Package Visibility: public(pacakge) limits callers to modules in the same package

Common Gotchas

  1. Module Initializers: init functions often create singletone shared objects and initial capabilities
  2. Object Wrapping: Wrapped objects transfer ownership
  3. Shared vs Owned: Shared objects can be accessed by anyone, owned objects only by a transaction sent by the owner
  4. Package Upgrades: Upgrades can introduce new types and functions and change old ones in type-compatible ways
  5. Phantom Types: Type parameters with phantom don't affect runtime