# WARDEN ## Docs - [Core concepts](https://warden-re.io/concepts.md): The three ideas that make every WARDEN command click: stable function identity, one shared fingerprint engine, and the provenance/confidence economy. - [WARDEN](https://warden-re.io/index.md): Living reverse-engineering for Emscripten WebAssembly: a versioned, agent-populated symbol knowledge base that survives binary updates. - [The agent crew](https://warden-re.io/pipeline/agents.md): How WARDEN proposes, verifies, and writes names for every unnamed function, with or without an API key. - [Cross-version diff & carry-over](https://warden-re.io/pipeline/diff.md): How WARDEN diffs two .wasm versions, classifies every function, carries your annotations forward automatically, and emits a semantic changelog that separates real app changes from runtime churn. - [Exporters & deliverables](https://warden-re.io/pipeline/export.md): Turn your knowledge base into artifacts other tools and people consume: a C header, pseudocode listings, a git-diffable KB dump, or a Ghidra rename script. - [Ingestion & normalization](https://warden-re.io/pipeline/ingest.md): How WARDEN parses a .wasm binary (and optional JS glue) into a structured Module, fingerprints every function, and seeds the knowledge base with names it can recover for free, all in pure Python with no native toolchain. - [The Emscripten Oracle](https://warden-re.io/pipeline/oracle.md): How WARDEN compiles its own ground truth from the Emscripten toolchain, fingerprints the result into a signature store, and uses it to auto-identify runtime functions in a stripped target, collapsing 40–80% of a typical module to known code. - [Verification](https://warden-re.io/pipeline/verify.md): Phase 5: what 'verified' means in WARDEN, the zero-dependency mini-interpreter that makes differential execution runnable today, and where the full native harness is headed. - [Changelog](https://warden-re.io/project/changelog.md): Release history for WARDEN, following Keep a Changelog and Semantic Versioning. - [Contributing](https://warden-re.io/project/contributing.md): Dev setup, project layout, testing conventions, code style, and PR etiquette for contributing to WARDEN. - [Honest limits](https://warden-re.io/project/limitations.md): What WARDEN can and cannot do. Design constraints stated precisely so you can calibrate expectations and build an accurate threat model. - [Roadmap](https://warden-re.io/project/roadmap.md): The phased build plan: what runs today, what is scaffolded, and where contribution has the most leverage. - [Quickstart](https://warden-re.io/quickstart.md): Install WARDEN and run the full reverse-engineering pipeline: first on generated samples, then on your own Emscripten module. - [CLI reference](https://warden-re.io/reference/cli.md): Every warden command, its arguments, and what it does. - [Knowledge base schema](https://warden-re.io/reference/kb-schema.md): Table-by-table reference for the WARDEN SQLite knowledge base: stable identities, provenance ranking, the may_overwrite economy, and the kb-text export format. - [Python library reference](https://warden-re.io/reference/library.md): Import and drive WARDEN programmatically: open a KnowledgeBase, ingest modules, diff versions, and fingerprint functions using the pure-stdlib Python API. - [MCP server](https://warden-re.io/reference/mcp.md): Expose the WARDEN knowledge base to any MCP-capable agent or IDE extension over stdio. ## Optional - [GitHub](https://github.com/purpshell/warden)