auditing-wallet-security

# Wallet Security Auditor

## Overview

Security analysis tool for cryptocurrency wallets. Scans ERC20 token approvals, analyzes transaction patterns, calculates security risk scores, and provides actionable recommendations to improve wallet security.

**Important**: This is a read-only analysis tool. It does NOT execute transactions, manage private keys, or perform revocations.

## Prerequisites

Before using this skill, ensure you have:
- Python 3.8+ with `requests` library installed
- Optional: `ETHERSCAN_API_KEY` environment variable for higher rate limits
- Network access to blockchain RPC endpoints (public RPCs included)
- Target wallet address (hex format, 0x...)

## Instructions

### 1. List Token Approvals

Scan wallet for all active ERC20 token approvals:

```bash
cd {baseDir}/scripts
python wallet_auditor.py approvals <address> --chain <chain>
```

Options:
- `--chain`: ethereum, bsc, polygon, arbitrum, optimism, base (default: ethereum)
- `--unlimited`: Show only unlimited approvals
- `--verbose`: Detailed output

### 2. Full Security Scan

Comprehensive security analysis including approvals, transaction history, and patterns:

```bash
python wallet_auditor.py scan <address> --verbose
```

Analyzes:
- Active token approvals (unlimited, risky)
- Transaction history patterns
- Contract interactions (verified vs unverified)
- Suspicious activity detection

### 3. Calculate Security Score

Get weighted security risk score (0-100, higher = safer):

```bash
python wallet_auditor.py score <address>
python wallet_auditor.py score <address> --json  # JSON output
```

Score components:
- Approvals (40%): Unlimited, risky, stale approvals
- Interactions (30%): Contract verification, flagged addresses
- Patterns (20%): Transaction frequency, diversity
- Age (10%): Wallet maturity

Risk levels:
- 90-100: SAFE
- 70-89: LOW
- 50-69: MEDIUM
- 30-49: HIGH
- 0-29: CRITICAL

### 4. Analyze Transaction History

Review recent contract interactions and patterns:

```bash
pyth