weasel-overview

# Weasel Overview

Project overview and audit scoping for security engineers starting a new audit.

## When to Activate

- Starting a new audit
- User asks "what does this project do?"
- User wants to scope/understand a codebase

## When NOT to Use

- User wants to run static analysis (→ weasel-analyzer)
- User wants to explain specific code (→ weasel-explainer)
- User already understands the project and wants to audit

## Process

### 1. Read Documentation
- README.md - project description, architecture
- docs/ folder if exists
- Comments in main contracts
- **Previous audits** - Check for `audit/`, `audits/`, or audit reports
- **Known issues** - Check `known-issues.md`, issue tracker links

### 2. Map Project Structure
- List all .sol files
- Identify: core contracts vs libraries vs interfaces
- Map inheritance hierarchy
- Note external dependencies (OpenZeppelin, Chainlink, etc.)

### 3. Identify Entry Points

**User Functions** (highest risk - untrusted input):
- deposit(), withdraw(), swap(), transfer()...
- Any external/public that handles value

**Admin Functions** (check access control):
- setFee(), pause(), upgrade()...
- Note: what permissions? onlyOwner? Multisig?

**Callbacks** (reentrancy risk):
- onFlashLoan(), uniswapV3Callback()...
- Any function called by external contracts

### 4. Trace Value Flow
- **Inbound:** How does ETH/tokens enter? (deposit, swap, mint)
- **Outbound:** How does ETH/tokens exit? (withdraw, claim, burn)
- **Internal:** How does value move between contracts?

### 5. Map Trust Boundaries

**Untrusted** - assume malicious:
- Users, external contracts, oracles

**Privileged** - trusted but verify:
- Owner/Admin, Governance, Keepers

**Internal** - trusted:
- Protocol's own contracts, libraries

### 6. Identify Focus Areas

| Project Type | High-Risk Areas |
|--------------|-----------------|
| DeFi/Lending | Liquidation, interest calc, oracles, flash loans |
| DEX/AMM | Price calc, slippage, LP math, fees |
| Staking/Vaults | Dep