AlgoScan

The intrinsic simplifier folds shl and shr even when the shift amount
is >= 64 (valid range 0–63). The AVM panics with "shl arg too big" /
"shr arg too big", but the optimizer silently folds to 0.

Two separate contracts (ShlFoldOOB, ShrFoldOOB) allow the on-chain
tests to verify both error messages independently.

The shl/shr folding paths had no bounds check on the shift amount.
For shift >= 64, the AVM panics with "shl/shr arg too big", but the
optimizer computed (a << b) % 2^64 or a >> b, silently producing 0.

Now the match cases have guard clauses `if b_const < 64`, skipping
the fold when the shift would be out of bounds.

The setbit uint64 folding path had no bounds check on the bit index.
For index >= 64, the AVM panics with "setbit index > 63 with Uint",
but the optimizer computed source | (1 << index) or
source & ~(1 << index), producing either an oversized value or
silently returning the source.

Now returns None (skip fold) when index >= 64, preserving the runtime
panic.

Currently, the intrinsic simplifier folds setbit on uint64 even when the bit index is >= 64.

The setbit uint64 folding path had no bounds check on the bit index.
For index >= 64, the AVM panics with "setbit index > 63 with Uint",
but the optimizer computed source | (1 << index) or
source & ~(1 << index), producing either an oversized value or
silently returning the source.

Now returns None (skip fold) when index >= 64, preserving the runtime
panic.

Currently, the intrinsic simplifier folds setbit on uint64 even when the bit index is >= 64.

Frontend was calling factory.deploy() on every wallet, which is per-sender —
each new wallet deployed its own forked Algoku app, fragmenting mints across
apps the leaderboard never queries. Now binds via factory.getAppClientById
when a canonical app id is configured (testnet/mainnet); deploy fallback is
preserved for localnet/dev.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>