kauri

5 min read - Posted 28 May 19

Analyze Solidity Smart Contracts with Slither

Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses.

Features

  • Detects vulnerable Solidity code with low false positives
  • Identifies where the error condition occurs in the source code
  • Easily integrates into continuous integration and Truffle builds
  • Built-in 'printers' quickly report crucial contract information
  • Detector API to write custom analyses in Python
  • Ability to analyze contracts written with Solidity >= 0.4
  • Intermediate representation (SlithIR) enables simple, high-precision analyses
  • Correctly parses 99.9% of all public Solidity code
  • Average execution time of less than 1 second per contract

How to install

Slither requires Python 3.6+ and solc, the Solidity compiler.

Using Pip
$ pip install slither-analyzer
Using Git
$ git clone https://github.com/trailofbits/slither.git && cd slither
$ python setup.py install

We recommend using a Python virtual environment, as detailed in the Developer Installation Instructions, if you prefer to install Slither via git.

Using Docker

Use the eth-security-toolbox docker image. It includes all of our security tools and every major version of Solidity in a single image. /home/share will be mounted to /share in the container. Use solc-select to switch the Solidity version.

docker pull trailofbits/eth-security-toolbox

To share a directory in the container:

docker run -it -v /home/share:/share trailofbits/eth-security-toolbox

Usage

Run Slither on a Truffle/Embark/Dapp/Etherlime application:

slither .

Run Slither on a single file:

$ slither tests/uninitialized.sol

For additional configuration, see the usage documentation.

Detectors

By default, all the detectors are run.

NumDetectorWhat it DetectsImpactConfidence
1rtloRight-To-Left-Override control character is usedHighHigh
2shadowing-stateState variables shadowingHighHigh
3suicidalFunctions allowing anyone to destruct the contractHighHigh
4uninitialized-stateUninitialized state variablesHighHigh
5uninitialized-storageUninitialized storage variablesHighHigh
6arbitrary-sendFunctions that send ether to arbitrary destinationsHighMedium
7controlled-delegatecallControlled delegatecall destinationHighMedium
8reentrancy-ethReentrancy vulnerabilities (theft of ethers)HighMedium
9erc20-interfaceIncorrect ERC20 interfacesMediumHigh
10erc721-interfaceIncorrect ERC721 interfacesMediumHigh
11incorrect-equalityDangerous strict equalitiesMediumHigh
12locked-etherContracts that lock etherMediumHigh
13shadowing-abstractState variables shadowing from abstract contractsMediumHigh
14constant-functionConstant functions changing the stateMediumMedium
15reentrancy-no-ethReentrancy vulnerabilities (no theft of ethers)MediumMedium
16tx-originDangerous usage of tx.originMediumMedium
17unchecked-lowlevelUnchecked low-level callsMediumMedium
18unchecked-sendUnchecked sendMediumMedium
19uninitialized-localUninitialized local variablesMediumMedium
20unused-returnUnused return valuesMediumMedium
21shadowing-builtinBuilt-in symbol shadowingLowHigh
22shadowing-localLocal variables shadowingLowHigh
23calls-loopMultiple calls in a loopLowMedium
24reentrancy-benignBenign reentrancy vulnerabilitiesLowMedium
25timestampDangerous usage of block.timestampLowMedium
26assemblyAssembly usageInformationalHigh
27constable-statesState variables that could be declared constantInformationalHigh
28deprecated-standardsDeprecated Solidity StandardsInformationalHigh
29erc20-indexedUn-indexed ERC20 event parametersInformationalHigh
30external-functionPublic function that could be declared as externalInformationalHigh
31low-level-callsLow level callsInformationalHigh
32naming-conventionConformance to Solidity naming conventionsInformationalHigh
33pragmaIf different pragma directives are usedInformationalHigh
34solc-versionIncorrect Solidity version (< 0.4.24 or complex pragma)InformationalHigh
35unused-stateUnused state variablesInformationalHigh
36too-many-digitsConformance to numeric notation best practicesInformationalMedium
Printers

To run a printer, use --print and a comma-separated list of printers.

NumPrinterDescription
1call-graphExport the call-graph of the contracts to a dot file
2cfgExport the CFG of each functions
3contract-summaryPrint a summary of the contracts
4data-dependencyPrint the data dependencies of the variables
5function-idPrint the keccack256 signature of the functions
6function-summaryPrint a summary of the functions
7human-summaryPrint a human-readable summary of the contracts
8inheritancePrint the inheritance relations between contracts
9inheritance-graphExport the inheritance graph of each contract to a dot file
10modifiersPrint the modifiers called by each function
11requirePrint the require and assert calls of each function
12slithirPrint the slithIR representation of the functions
13slithir-ssaPrint the slithIR representation of the functions
14variable-orderPrint the storage order of the state variables
15vars-and-authPrint the state variables written and the authorization of the functions

Next Steps

Feel free to stop by our Slack channel (#ethereum) for help using or extending Slither.

Created with Sketch.Content is"CC-BY-SA 4.0" licensed
Article On-chain
Article Author
0 Comments
Related Articles
An Introduction to Smart Contracts with Solidity

Smart contracts are programs which govern the behaviour of accounts within the Ethereum state, and Solidity is an object-oriented, high-level language for implementing smart contracts. With Solidity you can create contracts for uses such as voting, crowdfunding, blind auctions, and multi-signature wallets. Solidity was influenced by C++, Python and JavaScript and is designed to target the Ethereum Virtual Machine (EVM). Solidity is statically typed, supports inheritance, libraries and complex us

Kauri Team

30 Apr 19

Ethereum 101 - Part 7 - Decentralized Apps

Developing on the Ethereum Platform It is relatively easy to establish an Ethereum node, send and receive transactions, trade cryptocurrencies, and bring test environments online, though understanding the moving parts and complexities of such a fledgling technology is a formidable task. It takes time. This section will introduce consumers and developers to the decentralized app ecosystem. Basic Decentralized Infrastructure Stack (non-exhaustive) How an End-User Interacts with Your Decentralized

Wil Barnes

13 Feb 19