Skip to content

Latest commit

 

History

History
101 lines (85 loc) · 3.21 KB

README.md

File metadata and controls

101 lines (85 loc) · 3.21 KB

SolAST

Solidity 0.8.X AST parsing and analysis in Rust.

Some legacy versions of Solidity are inherently supported (0.5.X-0.7.X), but the focus is primarily on Solidity 0.8.X and above.

Analyzers

  • no_spdx_identifier
  • floating_solidity_version
  • node_modules_imports
  • redundant_imports
  • abstract_contracts
  • large_literals
  • tight_variable_packing (WIP)
  • redundant_getter_function
  • require_without_message
  • state_variable_shadowing
  • explicit_variable_return
  • unused_return
  • storage_array_loop
  • external_calls_in_loop
  • check_effects_interactions
  • raw_address_transfer
  • safe_erc20_functions
  • unchecked_erc20_transfer
  • unpaid_payable_functions
  • divide_before_multiply (WIP)
  • comparison_utilization (WIP)
  • assignment_comparisons
  • state_variable_mutability
  • unused_state_variables
  • ineffectual_statements
  • inline_assembly
  • unchecked_casting (WIP)
  • unnecessary_pragmas (WIP)
  • missing_return
  • redundant_state_variable_access (WIP)
  • redundant_comparisons (WIP)
  • assert_usage
  • selfdestruct_usage
  • unrestricted_setter_functions (WIP)
  • manipulatable_balance_usage (WIP)
  • redundant_assignments (WIP)
  • invalid_using_for_directives
  • abi_encoding

Usage

cargo run --release -- [--todo_list] [--contract=<contract_name>] [--analyzer_name1] [--analyzer_nameN] <project_directory>

Currently, SolAST requires utilization of either a truffle project or a brownie project.

Please file an issue if you would like support for another build system.

If you only have .sol files, you can create a quick truffle project by performing the following:

  1. Open a terminal.
  2. Create a directory for your project to be contained in with mkdir solidity-project
  3. Move into the newly-created project directory with cd solidity-project.
  4. Initialize a node module for the project with npm init -y.
  5. Initialize the truffle project with truffle init.
  6. Copy all of your .sol files into contracts/.
mkdir solidity-project
cd solidity-project
npm init -y
truffle init
cp ~/Downloads/awesome-contracts/*.sol contracts/

Use your favorite text editor to change the solc version in truffle-config.js to 0.8.6 (or the relevant 0.8.X).

module.exports = {
  networks: {},
  mocha: {},
  compilers: {
    solc: {
      version: "0.8.6",
    }
  }
};

Compile your truffle project with npm i && rm -rf build && truffle compile. You should have a build/contracts/ folder with *.json files inside of it afterwards.

Now you can supply the path to the truffle project directory to SolAST with the following:

cargo run --release -- /path/to/project/

If you would like to save text output to an out.txt file instead of printing to the terminal, use the following:

cargo run --release -- /path/to/project/ > out.txt

On the first run it may take a few minutes to optimize and compile, but subsequent runs will be quite fast in release mode.