Mev risk meter

[1evi7eo]

Description

This PR introduces a new MEV Risk Meter tool for BNB Smart Chain (BSC), a BNBChain Cookbook demo that analyzes transactions and contracts for MEV (Maximal Extractable Value) risks. The tool helps developers and users identify potential vulnerabilities to front-running, sandwich attacks, and other MEV extraction strategies before interacting with contracts or submitting transactions.

Key Features:

• Transaction Analysis:
  • Detects swap operations using common DEX function signatures (PancakeSwap, Uniswap V2-style)
  • Flags transactions with gas prices >20% above current average (potential front-running indicators)
  • Identifies transactions with significant value (>0.1 BNB) that are attractive MEV targets
  • Analyzes complex transaction data for potential MEV vectors
• Contract Analysis:
  • Scans contract ABIs for swap functions, flash loan capabilities, and price oracle dependencies
  • Identifies unprotected operations and centralization risks
  • Pattern matching for common MEV-vulnerable contract patterns
• Risk Scoring: Provides a comprehensive 0–100 risk score with detailed findings categorized by severity (low, medium, high, critical)
• Real-time Analysis: Fetches live transaction and contract data from BSC RPC endpoints (eth_getTransactionByHash, eth_getCode, eth_gasPrice)
• RESTful API: Express.js backend with /api/analyze endpoint that accepts transaction hashes or contract addresses
• User-friendly UI: Dark-themed single-page interface with clear risk visualization and detailed findings

MEV Risks Detected:

• Front-running (high gas price transactions)
• Sandwich attacks (swap transactions with significant value)
• Flash loan vulnerabilities (contracts with flash loan functions)
• Price oracle manipulation risks
• Unprotected swap operations

Tech Stack:

• TypeScript for type safety and maintainability
• Express.js for HTTP server and API endpoints
• BSC JSON-RPC for blockchain data fetching
• Vanilla JavaScript frontend with dark theme UI
• Vitest for comprehensive unit testing

This tool serves as an educational resource and early warning system for MEV risks, helping users make more informed decisions when interacting with BSC contracts.

Fixes # (issue)

Type of change

Please delete options that are not relevant.

• New feature (non-breaking change which adds functionality)
• Bug fix (non-breaking change which fixes an issue)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce.

• Ran unit tests with npm test to verify all MEV analysis functions (swap detection, gas price analysis, contract ABI scanning)
• Tested address and transaction hash validation functions
• Verified swap function detection for common DEX signatures (swapExactTokensForTokens, swapExactETHForTokens, etc.)
• Tested gas price comparison logic for front-running detection
• Validated significant value detection (>0.1 BNB threshold)
• Tested contract ABI analysis for swap functions, flash loans, and oracle dependencies
• Verified risk scoring algorithm produces correct 0–100 scores with appropriate findings
• Tested Express API endpoint /api/analyze with various transaction hashes and contract addresses
• Validated RPC integration for fetching transaction data, contract code, and current gas prices
• Tested frontend UI displays risk scores, findings, and transaction/contract details correctly
• Verified error handling for invalid inputs, missing transactions, and RPC failures
• Built and tested production build with npm run build && npm start
• Tested on BSC mainnet with real transaction hashes and contract addresses

Reproduction Steps:

1. Clone the repository and run ./clone-and-run.sh (or manually: npm install, cp .env.example .env, npm run build, npm test, npm start)
2. Open http://localhost:3000 in a browser
3. Enter a valid BSC transaction hash (e.g., a swap transaction from BSCTrace) or contract address
4. Verify the analysis returns appropriate risk score and findings
5. Test with different transaction types (swaps, transfers, contract calls) to see varying risk levels
6. Test with contracts that have swap functions, flash loans, or oracle dependencies

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes

[vivixu-cmd]

Congratulations! You have received a Cookbook reward. Please reply with your BSC wallet address.Thanks

[1evi7eo]

Congratulations! You have received a Cookbook reward. Please reply with your BSC wallet address.Thanks

Thank you for the opportunity to contribute!
0x23b23556c3CAA3C582EeE23Fc0D972352FB2a62c