Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/byterocket/c4udit

Static analyzer for solidity contracts based on regexs specifically crafted for code4rena contests
https://github.com/byterocket/c4udit

analyzer audit ethereum evm research security solidity

Last synced: about 3 hours ago
JSON representation

Static analyzer for solidity contracts based on regexs specifically crafted for code4rena contests

Host: GitHub
URL: https://github.com/byterocket/c4udit
Owner: byterocket
License: gpl-3.0
Created: 2022-01-24T13:44:18.000Z (almost 3 years ago)
Default Branch: main
Last Pushed: 2022-02-02T21:55:03.000Z (almost 3 years ago)
Last Synced: 2024-12-20T19:11:42.755Z (6 days ago)
Topics: analyzer, audit, ethereum, evm, research, security, solidity
Language: Go
Homepage:
Size: 21.5 KB
Stars: 236
Watchers: 6
Forks: 39
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        
c4udit


## Introduction

`c4udit` is a static analyzer for solidity contracts based on regular

expressions specifically crafted for [Code4Rena](https://code4rena.com) contests.

It is capable of finding low risk issues and gas optimization documented in the

[c4-common-issues](https://github.com/byterocket/c4-common-issues) repository.

Note that `c4udit` uses [c4-common-issues](https://github.com/byterocket/c4-common-issues)'s issue identifiers.

## Installation

First you need to have the Go toolchain installed. You can find instruction [here](https://go.dev/doc/install).

Then install `c4udit` with:

```

$ go install github.com/byterocket/c4udit@latest

```

To just build the binary:

```

$ git clone https://github.com/byterocket/c4udit

$ cd c4udit/

$ go build .

```

Now you should be able to run `c4udit` with:

```

$ ./c4udit

```

## Usage

```

Usage:

	c4udit [flags] [files...]

Flags:

	-h    Print help text.

	-s    Save report as file.

```

## Example

Running `c4udit` against the `examples` directory:

```

$ ./c4udit examples/

Files analyzed:

- examples/Test.sol

Issues found:

 G001:

  examples/Test.sol::4 => uint256 a = 0;

  examples/Test.sol::12 => for (uint256 i = 0; i < array.length; i++) {

 G002:

  examples/Test.sol::12 => for (uint256 i = 0; i < array.length; i++) {

 G007:

  examples/Test.sol::6 => string b = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";

 G008:

  examples/Test.sol::13 => i = i / 2;

 L001:

  examples/Test.sol::16 => token.transferFrom(msg.sender, address(this), 100);

 L003:

  examples/Test.sol::1 => pragma solidity ^0.8.0;

```

Using the `-s` flag, `c4udit` will create a report in markdown format.

For an example check out the report in the `examples` directory [here](./examples/c4udit-report.md).

## License

Note that this tool is licensed as [free software](./LICENSE)!