https://github.com/botirk38/guardianai

Safe Contracts is a tool that analyzes smart contracts for security vulnerabilities. It uses AI to detect common security issues in Solana code. The tool is accessible through an API that can be used to analyze smart contracts programmatically.
https://github.com/botirk38/guardianai

ai rust security solana

Last synced: 3 months ago
JSON representation

Safe Contracts is a tool that analyzes smart contracts for security vulnerabilities. It uses AI to detect common security issues in Solana code. The tool is accessible through an API that can be used to analyze smart contracts programmatically.

• Host: GitHub
• URL: https://github.com/botirk38/guardianai
• Owner: botirk38
• License: other
• Created: 2024-03-08T20:53:58.000Z (11 months ago)
• Default Branch: main
• Last Pushed: 2024-06-19T13:52:49.000Z (8 months ago)
• Last Synced: 2024-08-08T16:16:33.769Z (6 months ago)
• Topics: ai, rust, security, solana
• Language: Rust
• Homepage: https://www.smart-guardian.com/
• Size: 606 MB
• Stars: 4
• Watchers: 1
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        

# Project: Safe Contracts API

Safe Contracts is a tool that analyzes smart contracts for security vulnerabilities. It uses static analysis to detect common security issues in Solana code. The tool is accessible through an API that can be used to analyze smart contracts programmatically.

## Table of Contents

- [Prerequisites](#prerequisites)

- [Installation](#installation)

- [Running with Docker Compose](#running-with-docker-compose)

- [Calling the API](#calling-the-api)

  - [Authentication](#authentication)

  - [Connect to WebSocket](#connect-to-websocket)

  - [Direct API Call](#direct-api-call)

- [Using the Extension](#using-the-extension)

- [Troubleshooting](#troubleshooting)

- [Contributing](#contributing)

- [License](#license)

## Prerequisites

Before you begin, ensure you have the following installed on your machine:

- Docker

- Docker Compose

## Installation

1. Clone the repository:

    ```bash

    git clone https://github.com/botirk38/GuardianAI.git

    cd GuardianAI

    ```

## Running with Docker Compose

To build and run the services using Docker Compose, follow these steps:

1. **Navigate to the root directory of the project:**

    ```bash

    cd GuardianAI

    ```

2. **Build and run the containers:**

    ```bash

    docker-compose -f docker-compose.yml up --build

    ```

This will start the Spring Cloud Gateway on `http://localhost:8080` and the `code-detective` service on `http://localhost:8081`.

## Calling the API

You can interact with the `code-detective` service through the API Gateway.

### Authentication

Obtain an access token from Auth0:

```bash

curl --request POST \

  --url https://dev-az3di7fabdoc8vlz.uk.auth0.com/oauth/token \

  --header 'content-type: application/json' \

  --data '{"client_id":"your_client_id","client_secret":"your_client_secret","audience":"https://safe-contracts/","grant_type":"client_credentials"}'

```

Replace `your_client_id` and `your_client_secret` with your Auth0 client ID and client secret, which can be obtained from the Auth0 dashboard.

### Connect to WebSocket

Connect to the WebSocket to receive the response from the API call:

```bash

curl -i -N \

  -H "Connection: Upgrade" \

  -H "Upgrade: websocket" \

  -H "Host: localhost:8080" \

  -H "Origin: http://localhost:8080" \

  -H "Sec-WebSocket-Version: 13" \

  -H "Sec-WebSocket-Key: $(echo -n $RANDOM | base64)" \

  http://localhost:8080/code-detective-model/ws/your_request_id

```

### Direct API Call

To call the `analyze_code` endpoint directly, use the following `curl` command:

```bash

curl -X POST http://localhost:8080/code-detective/analyze_code \

     -H "Authorization: Bearer YOUR_JWT_TOKEN" \

     -H "Content-Type: application/json" \

     -d '{"code": "your code here", "request_id": "request_id here"}'

```

Replace `YOUR_JWT_TOKEN` with a valid JWT token and `{"code": "your code here", "request_id": "request_id here"}` with the appropriate payload for your request.

## Using the Extension

You can also use the Safe Contracts VS Code extension that interacts with the API Gateway to analyze your code for vulnerabilities. The extension is available in the `smartguardian` directory.

## Troubleshooting

- **503 Service Unavailable:** Ensure that both the Spring Cloud Gateway and `code-detective` service are running. Verify that the services can communicate within the Docker network.

- **OAuth2 Issues:** Ensure your Okta OAuth2 configuration is correct in the `application.yml` file of the `api_gateway` service. Verify that the issuer and audience values are properly set.

## Contributing

Contributions are welcome! Please open an issue or submit a pull request for any improvements or bug fixes.

## License

This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.