audit changes

[thedavidmeister]

Motivation

Solution

Checks

By submitting this for review, I'm confirming I've done the following:

• made this PR as small as possible
• unit-tested any new functionality
• linked any relevant issues or PRs
• included screenshots (if this involves a front-end change)

Summary by CodeRabbit

Release Notes

• New Features

  • Added detection and rejection of EOF (Ethereum Object Format) bytecode with appropriate error handling.
  • Expanded EVM opcode support to include TSTORE and improved handling of JUMP operations.

• Tests

  • Added comprehensive test suites for EOF bytecode detection and validation.
  • Enhanced test coverage for bytecode scanning and opcode analysis operations.

[coderabbitai]

Walkthrough

This PR adds EOF (Extensible Opcode Format) bytecode detection and rejection throughout the extrospection library, updates EVM opcode handling by marking JUMP as halting and adding TSTORE to non-static operations, and refactors bytecode trimming with integrated EOF pre-checks. Comprehensive tests validate new EOF detection logic and existing scanning functionality.

Changes

Cohort / File(s)	Summary
Opcode Configuration src/interface/IExtrospectInterpreterV1.sol, src/lib/EVMOpcodes.sol	Added EVM_OP_TSTORE to imports and NON_STATIC_OPS; marked EVM_OP_JUMP as halting in HALTING_BITMAP.
EOF Support Implementation src/lib/LibExtrospectBytecode.sol	Added EOFBytecodeNotSupported error, isEOFBytecode and checkNotEOFBytecode functions; renamed trimSolidityCBORMetadata to tryTrimSolidityCBORMetadata with EOF pre-check; integrated EOF checks into scanEVMOpcodesReachableInBytecode and scanEVMOpcodesPresentInBytecode.
Reference Implementation test/lib/LibExtrospectionSlow.sol	Added isEOFBytecodeSlow function; refactored push-byte skipping logic in scanEVMOpcodesPresentInBytecodeSlow and scanEVMOpcodesReachableInBytecodeSlow to handle halted state consistently.
EOF Detection Tests test/src/lib/LibExtrospectBytecode.isEOFBytecode.t.sol	New test contract with unit and fuzz tests for isEOFBytecode and checkNotEOFBytecode, including boundary cases and EOF format validation.
Bytecode Scanning Tests test/src/lib/LibExtrospectBytecode.scanEVMOpcodesReachableInBytecode.t.sol, test/src/lib/LibExtrospectBytecode.scanEVMOpcodesPresentInBytecode.t.sol	Added external wrapper functions; introduced tests for EOF reversion and halted-state push-sequence handling; added vm.assume guards to exclude EOF bytecode from reference comparison.
Trim Function Tests test/src/lib/LibExtrospectBytecode.tryTrimSolidityCBORMetadata.t.sol	Renamed contract and tests to reflect tryTrim API; added external wrapper; introduced EOF reversion test; updated assertions for renamed function.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• fix expectedhash in trimsoliditycbormetadata #14: Updates NON_STATIC_OPS in IExtrospectInterpreterV1.sol and modifies trimSolidityCBORMetadata call sites, overlapping with this PR's opcode and bytecode-trimming changes.
• update deps and add check bytecode hash #13: Modifies LibExtrospectBytecode's bytecode-trimming API and behavior, directly related to the refactoring of trimSolidityCBORMetadata to tryTrimSolidityCBORMetadata in this PR.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'audit changes' is vague and generic, failing to describe the specific technical changes made in the pull request.	Revise the title to be more specific and descriptive, such as 'Add EOF bytecode detection and JUMP opcode halting support' or 'Implement EOF handling in bytecode scanning libraries'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch 2026-02-04-audit

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

test/src/lib/LibExtrospectBytecode.trimSolidityCBORMetadata.t.sol (1)

27-61: ⚠️ Potential issue | 🟡 Minor

Missing EOF precondition in fuzz test.

The testTrimSolidityCBORMetadataBytecodeContrived function calls trimSolidityCBORMetadata at line 46, but unlike testTrimSolidityCBORMetadataBytecodeShort, it doesn't filter out EOF bytecode. If the fuzzer generates bytecode starting with 0xEF00, the call will revert with EOFBytecodeNotSupported() instead of being skipped via vm.assume.

Proposed fix

     function testTrimSolidityCBORMetadataBytecodeContrived(bytes memory bytecode) external pure {
+        vm.assume(!LibExtrospectBytecode.isEOFBytecode(bytecode));
         bytes32 a = keccak256(bytecode);