Coder Social home page Coder Social logo

solscape's Introduction

Solscape

Navigate the Solidity landscape. Use an automated battery of tools to get a bird's eye view of any contract system in less than two minutes.

Why use it?

  • Automatically excludes trusted public libraries and audits.
  • Saves repetitive entering of commands for scoping and tool analysis.

Scoping

Scoping is an essential part of audit pre-assessment which has to do with understanding the dimensions of the files to be audited, and what kinds of work/how much work will an audit entail

Scoping Dependencies

  • globstar is enabled by default at the beginning of the script with shopt -s globstar. This allows scoping any directory's .sol files using a single wildcard lookup. scoping functions in Audit Tools can't run properly without it.
  • surya Surya is a smart contract analysis tool. It provides many tools for breaking apart smart contracts and understanding them, including inheritance graphs, call graphs, and function breakdowns. Install globally with node package manager: npm install -g surya. This allows Audit Tools to call it from the command line.
  • graphviz Graphviz is required by Surya for its data visualization functions. Click here for a list of downloads by operating system. Or on apt, apt install graphviz.

Scoping Functionality

The operation of this script is dependent on the existence of .sol files inhabiting subdirectories of the main directory, or the main directory itself. It will not work unless all of the .sol files you need scoped are in the main directory and/or its subdirectories and all the files to be scoped are written in Solidity. This tool does not scope any files other than Solidity files.

Tool Analysis

Mythril

For each Solidity file, performs a Mythril analysis.

Mythril Dependencies

Mythril requires Python 3 to run. Mythril's dependencies will be automatically installed when installing Mythril with python3-pip.

Solhint

For each Solidity file, performs a Solhint analysis.

Future Versions

Should:

  • Apply some more cool automatic searching/sorting of .sol files to the generic output. (pattern recognition and extrapolating from large data samples, to name a few)

Viewing the Report

It is recommended to use grip to view the report, which is generated in Markdown. To install grip, type

pip install grip

then

$ grip /path/to/report/Audit_Tools_Report.md

solscape's People

Contributors

chronaeon avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.