web3-grep-arsenallisted

# GREP ARSENAL — MASTER REFERENCE > All grep commands in one place. Run in the first 30 minutes of any new target. > Replaces: 03-grep-surface-map, 14-grep-master-patterns + grep sections from 04-13 --- ## HOW TO USE THE SURFACE MAP **Process:** 1. Run ALL 10 blocks below (takes ~5 min) 2. Collect all results in a notes file 3. Tier-rank the hits (see Tier System below) 4. In pass 1: READ everything, DON'T investigate yet 5. In pass 2: Deep-dive on Tier 1 + 2 items **Tier System:** - **Tier 1** — Near privileged code, external calls, or state changes with no guards → Investigate first - **Tier 2** — Interesting patterns that need context before judging → Investigate after Tier 1 - **Tier 3** — Informational only (documentation, test files, comments) → Skip unless Tier 1+2 exhausted --- ## THE 10 GREP BLOCKS (Copy-Paste Each) ### Block 1 — Access Control ```bash echo "=== ACCESS CONTROL ===" && \ grep -rn "tx\.origin" src/ --include="*.sol" && \ grep -rn "msg\.sender == owner\b" src/ --include="*.sol" && \ grep -rn "modifier only" src/ --include="*.sol" -A5 && \ grep -rn "onlyOwner\|onlyAdmin\|onlyRole" src/ --include="*.sol" | wc -l && \ grep -rn "def admin_\|router\..*admin\|function.*[Aa]dmin" src/ --include="*.sol" ``` **Red flags:** - `tx.origin` used for auth → Tier 1 (phishing vector) - Modifier uses `if (condition) { _; }` without else → Tier 1 (silent bypass — function still executes for unauthorized callers) - `onlyOwner` count << total external function cou