https://github.com/karthiks373/aegis
Aegis is a python based CLI tool used to help solidity smart contract developers to create, compile, scan, audit, document and generate code
https://github.com/karthiks373/aegis
Last synced: 3 months ago
JSON representation
Aegis is a python based CLI tool used to help solidity smart contract developers to create, compile, scan, audit, document and generate code
- Host: GitHub
- URL: https://github.com/karthiks373/aegis
- Owner: KarthikS373
- License: mit
- Created: 2024-01-30T17:38:54.000Z (over 1 year ago)
- Default Branch: master
- Last Pushed: 2024-02-04T20:42:47.000Z (over 1 year ago)
- Last Synced: 2025-01-22T05:34:32.336Z (5 months ago)
- Language: Python
- Homepage: https://youtu.be/7Y2kOU450fU
- Size: 56.6 MB
- Stars: 1
- Watchers: 1
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: docs/contributing.md
- License: LICENSE
- Code of conduct: docs/CODE_OF_CONDUCT.md
Awesome Lists containing this project
README
Aegis: Shielding Smart Contracts with AI-Driven Security
Aegis is a smart contract audit and analysis tool powered by artificial intelligence, dedicated to safeguarding your smart contracts from vulnerabilities.
View Demo
·
Report Bug
·
Request Feature
Table of Contents
-
About The Project
- Key Features
- Built With
- Vulnerability Detection
-
Getting Started
- CLI Commands
- License
- Contributing
- Team Members
About the Project
Aegis is a cutting-edge smart contract audit and analysis tool, empowered by state-of-the-art artificial intelligence, that safeguards your smart contracts against a wide range of vulnerabilities. Traditional security approaches like manually defining patterns are time-consuming, require deep expertise, and struggle to keep up with ever-evolving threats. Aegis leverages the power of deep learning to offer a faster, more comprehensive solution.
Watch demo [here](https://youtu.be/7Y2kOU450fU)
Mission:
Our mission is to empower developers of all skill levels with advanced security capabilities, simplifying the process of building robust and trustworthy smart contracts.
Value Proposition:
- **AI-powered Vulnerability Detection:** Our robust machine learning model, trained on extensive real-world data, accurately identifies critical vulnerabilities, exceeding the limitations of traditional rule-based approaches.
- **Solidity Expertise:** Aegis seamlessly supports Solidity, the leading language for smart contract development, ensuring compatibility with your existing projects.
- **Actionable Insights and Remediation:** Detailed reports pinpoint vulnerabilities, their severity levels, and offer concrete suggestions for remediation, guiding you towards secure and reliable smart contracts.
- **Effortless Integration:** Aegis integrates seamlessly into your development workflow with a user-friendly command-line interface, minimizing disruption and maximizing efficiency.
Key Features
- **Advanced Vulnerability Detection:** Identify a broad spectrum of vulnerabilities, including reentrancy, integer overflow, access control issues, and more.
- **Comprehensive Solidity Support:** Analyze and scan your Solidity code for potential threats.
- **Actionable Insights and Remediation:** Receive detailed reports highlighting vulnerabilities, their severity levels, and suggested fixes.
- **Easy Integration:** Seamlessly integrate Aegis into your development workflow with a user-friendly CLI interface.
Built with
    
Open Source Pre-trained Models:
- [ResNet18](https://pytorch.org/vision/main/models/generated/torchvision.models.resnet18.html)
- [TheBloke/Llama-2-7B-Chat-GGML](https://huggingface.co/TheBloke/Llama-2-7B-Chat-GGML)
Vulnerability Detection
Aegis employs a two-stage approach to vulnerability detection, combining the strengths of ResNet-18 and LLAMA 2.
### [ResNet-18](docs/training/ResNetModelTraining.md):
- Acts as the first line of defense, efficiently extracting crucial features from smart contract bytecode.
- Identifies the presence of vulnerabilities with a broad scope, providing an initial assessment.
### [LLAMA 2](docs/training/FinetuningLlama.md):
- Built upon ResNet-18's foundation, leverages fine-tuning and specialized training to pinpoint vulnerable code segments with enhanced precision.
- Goes beyond mere detection, offering actionable guidance for resolving vulnerabilities through targeted suggestions and potential fixes.
### Key Advantages:
- **Precision Boost**: LLAMA 2's targeted approach minimizes false positives and pinpoints relevant areas for attention, saving developers valuable time and effort.
- **Actionable Insights**: Gain practical, code-level recommendations for addressing vulnerabilities, empowering you to effectively secure your smart contracts.
- **Open Datasets and Hallucination Mitigation**: We prioritize responsible AI practices by utilizing publicly available datasets, actively addressing the potential for hallucination in LLAMA 2, and ensuring the accurate identification and remediation of vulnerabilities.
### Detailed Information:
For a deeper understanding of the fine-tuning process, dataset selection, and mitigation strategies, please refer to the comprehensive [documentation](docs/training) provided.
Getting Started
Installation Instructions:
To setup Aegis in your local machine, you need to have the following prerequisites installed on your system:
1. **Python 3.8 or higher:** [Download and install Python](https://www.python.org/downloads/) if you haven't already.
2. **Poetry:** We use Poetry for dependency management. Install it by following the instructions [here](https://python-poetry.org/docs/#installation).
Once you have the prerequisites, you can set up Aegis by following these steps:
1. **Clone the repository:**
```
git clone https://github.com/KarthikS373/aegis.git
```
2. **Navigate to the project directory:**
```
cd aegis
```
3. **Install dependencies using Poetry:**
```
poetry install
```
4. **Activate Virtual Environment:**
```
poetry shell
```
5. **Run your first command:**
```
poetry run aegis --help
```
For a more detailed setup guide, consult our [documentation](docs/setup.md).
Example Usage:
To see Aegis in action, check out our demo or refer to the detailed example usage guide in our documentation:
- **Demo:** [Watch the Demo](https://youtu.be/jKpPOpVc6yM)
- **Example Usage Guide:** [Example Usage Guide](docs/examples/examples.md)
Feel free to explore and experiment with the provided examples to understand how to make the most out of Aegis for your projects.
CLI Commands
Aegis offers a set of intuitive CLI commands for efficient interaction. Refer to the [documentation](docs/examples/examples.md) for usage examples.
```
compile : compile the solidity code
```
```
documentation : generate documentation for the smart contract
```
```
generate : generate ready to deploy smart contracts
```
```
info : get information about the application
```
```
report : generate a pdf report for the smart contract, summarizing its content, highlighting detected vulnerabilities, and suggesting optimizations
```
```
scan : scan a file or directory for vulnerabilities
```
```
summary : get summary about the smart contract
```
License
Aegis is licensed under the MIT license. For more information, please see the [LICENSE](LICENSE) file in the repository.
Contributing
We welcome contributions! For detailed instructions on how to contribute, please refer to the [Contributing Guide](docs/contributing.md) in our documentation.
Team Members
- [Ananya Gupta](https://github.com/Ananya2003Gupta)
- [Karthik S](https://github.com/KarthikS373)
- [Samarth Sahu](https://github.com/Samcoding5854)