#gas #solidity #audit #static-analysis #security

bin+lib solstat

A Solidity static analyzer to identify contract vulnerabilities and gas efficiencies

5 releases (breaking)

0.5.0 Nov 1, 2022
0.4.0 Oct 31, 2022
0.3.0 Oct 28, 2022
0.2.0 Oct 26, 2022
0.1.0 Oct 22, 2022

#17 in #gas

Download history 6/week @ 2023-12-04 1/week @ 2023-12-11 1/week @ 2024-01-08 18/week @ 2024-02-19 40/week @ 2024-02-26 22/week @ 2024-03-04 38/week @ 2024-03-11 92/week @ 2024-03-18

193 downloads per month

MIT license

385KB
6.5K SLoC

solstat

A Solidity static analyzer to identify contract vulnerabilities and gas efficiencies.

.------. .------. .------. .------. .------. .------. .------.
|S.--. | |O.--. | |L.--. | |S.--. | |T.--. | |A.--. | |T.--. |
| :/\: | | :/\: | | :/\: | | :/\: | | :/\: | | (\/) | | :/\: |
| :\/: | | :\/: | | (__) | | :\/: | | (__) | | :\/: | | (__) |
| '--'S| | '--'O| | '--'L| | '--'S| | '--'T| | '--'A| | '--'T|
`------' `------' `------' `------' `------' `------' `------'

Table of Contents

 

Installation

First, make sure that you have Rust installed. Then you can choose either of the installation methods by entering the corresponding command in your terminal below.

 

Install from crates.io

cargo install solstat

 

Install from source

git clone https://github.com/0xKitsune/solstat &&
cd solstat &&
cargo install --path .

 

Usage

Now that you have solstat involved, you can use the solstat command from anywhere in your terminal. By default, solstat looks for a ./contracts directory and analyzes every file within the folder. If you would like to specify the directory solstat should use, you can pass the --path flag (ex. solstat --path <path_to_dir>).

In the default configuration, solstat runs analysis for every currently included Optimization, Vulnerability and QA, however if you would like to run analysis for select patterns, you can create a .toml file for your custom configuration. Check out the default solstat.toml configuration for reference. After creating a custom .toml file, make sure to pass the --toml flag when running solstat (ex. solstat --toml <path_to_toml_file>).

Once solstat runs its analysis, a report will be generated and output as solstat_report.md.

At any point you can use solstat --help to see a list of all commands and options.

Usage: solstat [OPTIONS]

Options:
  -p, --path <PATH>  Path to the directory containing the files solstat will analyze. The default directory is `./contracts`
  -t, --toml <TOML>  Path to the toml file containing the solstat configuration when not using the default settings.
  -h, --help         Print help information

 

Contributing

First off, thanks for taking the time to contribute! Contributions are welcomed and greatly appreciated.

If you are interested in contributing, please check out Contributing.md.

Dependencies

~9–20MB
~265K SLoC