Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/raineorshine/solgraph
Visualize Solidity control flow for smart contract security analysis. :dollar: ⇆ :dollar:
https://github.com/raineorshine/solgraph
ethereum solidity
Last synced: 25 days ago
JSON representation
Visualize Solidity control flow for smart contract security analysis. :dollar: ⇆ :dollar:
- Host: GitHub
- URL: https://github.com/raineorshine/solgraph
- Owner: raineorshine
- License: isc
- Created: 2016-07-05T21:10:07.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2022-12-04T15:07:40.000Z (almost 2 years ago)
- Last Synced: 2024-10-06T07:33:50.109Z (about 1 month ago)
- Topics: ethereum, solidity
- Language: JavaScript
- Homepage:
- Size: 507 KB
- Stars: 1,015
- Watchers: 27
- Forks: 122
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-smart-contracts - raineorshine/solgraph - Visualize Solidity control flow for smart contract security analysis. (Utilities / Audits)
- awesome-solidity - solgraph - Visualize control flows for smart contract security analysis. (Tools)
- awesome-solidity - solgraph - Visualize control flows for smart contract security analysis. (Tools)
- ultimate-defi-research-base - Solgraph - Visualise Solidity control flow for smart contract security analysis (Developer Tools)
- awesome-web3 - Solgraph - Visualise Solidity control flow for smart contract security analysis. (Software Development / Risk Management)
- awesome-smart-contracts - raineorshine/solgraph - Visualize Solidity control flow for smart contract security analysis. (Utilities)
- awesome-solidity - solgraph - Visualize control flows for smart contract security analysis. (Tools)
- DeFi-Developer-Road-Map - Solgraph - Visualise Solidity control flow for smart contract security analysis (Roadmap)
README
# solgraph
[](https://npmjs.org/package/solgraph)
[](https://travis-ci.org/raineorshine/solgraph)
Generates a [DOT]() graph that visualizes function control flow of a Solidity contract and highlights potential security vulnerabilities.
**Legend:**
- Red: Send to external address
- Blue: Constant function
- Yellow: View
- Green: Pure
- Orange: Call
- Purple: Transfer
- Lilac: Payable
**Generated from contract:**
```js
contract MyContract {
uint balance;
function MyContract() {
Mint(1000000);
}
function Mint(uint amount) internal {
balance = amount;
}
function Withdraw() {
msg.sender.send(balance);
}
function GetBalance() constant returns(uint) {
return balance;
}
}
```
## Install
```sh
npm install -g solgraph
```
Depending on your permissions, you may need to add the `unsafe-perm` flag:
```sh
sudo npm install -g solgraph --unsafe-perm=true --allow-root
```
## Usage
```sh
solgraph MyContract.sol > MyContract.dot
strict digraph {
MyContract
Mint [color=gray]
Withdraw [color=red]
UNTRUSTED
GetBalance [color=blue]
MyContract -> Mint
Withdraw -> UNTRUSTED
}
```
You have to have [graphviz](https://graphviz.gitlab.io/download/) installed (`brew install graphviz`) to render the [DOT]() file as an image:
```sh
dot -Tpng MyContract.dot -o MyContract.png
```
A nice example of piping contract source that is in your clipboard through solgraph, dot, and preview: (Use whatever image previewer is available on your system; Preview.app is available on Mac)
```sh
pbpaste | solgraph | dot -Tpng | open -f -a /Applications/Preview.app
```
## Node Module
```js
import { readFileSync } from 'fs'
import solgraph from 'solgraph'
const dot = solgraph(fs.readFileSync('./Simple.sol'))
console.log(dot)
/*
Foo
Bar
Foo -> Bar
*/
```
## License
ISC © [Raine Revere](https://github.com/raineorshine)