Technical Documentation

How CodeDiff AI Works

Complete technical methodology behind our deterministic security analysis. No AI hallucinations, only mathematical proofs and real attack simulations.

1. The Scoring Algorithm (The Math)

Deterministic Risk Calculation

Base Formula

riskScore = min(

(totalBugs × 10) +

(highSeverityBugs × 20),

100

)

Score > 70

VULNERABLE

Critical security issues that require immediate attention

Score 40-70

WARNING

Moderate risks that should be addressed

Score < 40

SECURE

No significant security issues detected

Attack Proof Override

If our Attack Simulator successfully proves a vulnerability (SQL injection, logic bypass, etc.), the risk score is automatically set to 100 regardless of the base calculation.

if (attackResult?.success) riskScore = 100;

2. Financial Risk Estimation

PCI-DSS Compliance Fine Structure

Regulatory Fine Ranges

Extreme Risk (SQL Injection + Critical Vulns)

PCI-DSS Level 1 Violations

$100K - $5M

+ Fraud Risk: $1M - $50M

High Risk (Race Conditions + High Severity)

PCI-DSS Level 2-3 Violations

$50K - $1M

+ Fraud Risk: $500K - $10M

Moderate Risk (Score > 40)

PCI-DSS Level 4 Violations

$10K - $100K

+ Fraud Risk: $100K - $1M

3. Deterministic Engines (No Hallucinations)

PCI Auditor

Uses the Luhn Algorithm to mathematically verify credit card numbers. Zero false positives - only flags actual valid card numbers.

Luhn Check Implementation

function isLuhnValid(cardNumber) {

let sum = 0, shouldDouble = false;

for (let i = cardNumber.length - 1; i >= 0; i--) {

let digit = parseInt(cardNumber[i]);

if (shouldDouble && (digit *= 2) > 9) digit -= 9;

sum += digit; shouldDouble = !shouldDouble;

}

return sum % 10 === 0;

}

Detects PCI-DSS Req 3.4 violations

Mathematical verification (no guessing)

Attack Simulator

Uses AST (Abstract Syntax Tree) parsing to inject SQL payloads safely. If the parser accepts our injection, the code is provably vulnerable.

Double-Tap Strategy

// Original: SELECT * FROM users WHERE id = ${ userId }

// Attack 1: "' OR '1'='1"

// Result: SELECT * FROM users WHERE id = 1 OR '1'='1

// Attack 2: "OR 1=1"

// Result: SELECT * FROM users WHERE id = 1 OR 1=1

// If AST parser accepts = VULNERABLE ✓

Real SQL injection testing

Syntax-level vulnerability proof

4. Glossary of Terms

Luhn Check

A mathematical algorithm used to validate credit card numbers. Created by IBM researcher Hans Luhn, it uses a checksum formula to verify that a sequence of digits is a valid payment card number, preventing false positives in credit card detection.

AST Parsing

Abstract Syntax Tree parsing converts code into a structured tree representation, allowing us to analyze and modify SQL queries programmatically. We use this to test if our injection payloads create valid SQL syntax, proving vulnerability existence.

SQL Injection

A code injection technique where malicious SQL statements are inserted into application entry points. Our simulator tests for this by injecting payloads like "' OR '1'='1" to bypass authentication logic and gain unauthorized database access.

PCI-DSS

Payment Card Industry Data Security Standard - a comprehensive set of security requirements for organizations that handle credit card data. Violations can result in fines ranging from $10K to $5M+ depending on the merchant level and severity of non-compliance.

Ready to Secure Your Codebase?

Our deterministic approach provides mathematical certainty, not AI guesswork. Get proven vulnerability detection with zero false positives.