slither/README.md

# Slither, the Solidity source analyzer
[![Build Status](https://travis-ci.com/trailofbits/slither.svg?token=JEF97dFy1QsDCfQ2Wusd&branch=master)](https://travis-ci.com/trailofbits/slither)
[![Slack Status](https://empireslacking.herokuapp.com/badge.svg)](https://empireslacking.herokuapp.com)
[![PyPI version](https://badge.fury.io/py/slither-analyzer.svg)](https://badge.fury.io/py/slither-analyzer)

Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comphrehension, and quickly prototype custom analyses.

## Features

* Detects vulnerable Solidity code with low false positives
* Identifies where the error condition occurs in the source code
* Easy integration into continuous integration and Truffle builds
* Built-in 'printers' quickly report crucial contract information
* Detector API to write custom analyses in Python
* Ability to analyze contracts written with Solidity >= 0.4
* Intermediate representation ([SlithIR](https://github.com/trailofbits/slither/wiki/SlithIR)) enables simple, high-precision analyses

## Usage

Run Slither on a Truffle application:
```
truffle compile
slither .
```

Run Slither on a single file:
``` 
$ slither tests/uninitialized.sol # argument can be file, folder or glob, be sure to quote the argument when using a glob
[..]
INFO:Detectors:Uninitialized state variables in tests/uninitialized.sol, Contract: Uninitialized, Vars: destination, Used in ['transfer']
[..]
``` 

If Slither is run on a directory, it will run on every `.sol` file in the directory.

###  Configuration

* `--solc SOLC`: Path to `solc` (default 'solc')
* `--solc-args SOLC_ARGS`: Add custom solc arguments. `SOLC_ARGS` can contain multiple arguments
* `--disable-solc-warnings`: Do not print solc warnings
* `--solc-ast`: Use the solc AST file as input (`solc file.sol --ast-json > file.ast.json`)
* `--json FILE`: Export results as JSON

## Detectors

By default, all the detectors are run.

Num | Detector | What it Detects | Impact | Confidence
--- | --- | --- | --- | ---
1 | `suicidal` | [Functions allowing anyone to destruct the contract](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#suicidal) | High | High
2 | `uninitialized-local` | [Uninitialized local variables](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#uninitialized-local-variables) | High | High
3 | `uninitialized-state` | [Uninitialized state variables](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#uninitialized-state-variables) | High | High
4 | `uninitialized-storage` | [Uninitialized storage variables](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#uninitialized-storage-variables) | High | High
5 | `arbitrary-send` | [Functions that send ether to arbitrary destinations](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#functions-that-send-ether-to-arbitrary-destinations) | High | Medium
6 | `controlled-delegatecall` | [Controlled delegatecall function id](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#controlled-delegatecall) | High | Medium
7 | `reentrancy` | [Reentrancy vulnerabilities](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#reentrancy-vulnerabilities) | High | Medium
8 | `locked-ether` | [Contracts that lock ether](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#contracts-that-lock-ether) | Medium | High
9 | `tx-origin` | [Dangerous usage of `tx.origin`](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#dangerous-usage-of-txorigin) | Medium | Medium
10 | `assembly` | [Assembly usage](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#assembly-usage) | Informational | High
11 | `constable-states` | [State variables that could be declared constant](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#state-variables-that-could-be-declared-constant) | Informational | High
12 | `external-function` | [Public function that could be declared as external](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#public-function-that-could-be-declared-as-external) | Informational | High
13 | `low-level-calls` | [Low level calls](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#low-level-calls) | Informational | High
14 | `naming-convention` | [Conformance to Solidity naming conventions](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#conformance-to-solidity-naming-conventions) | Informational | High
15 | `pragma` | [If different pragma directives are used](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#state-variables-that-could-be-declared-constant) | Informational | High
16 | `solc-version` | [Old versions of Solidity (< 0.4.23)](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#old-versions-of-solidity) | Informational | High
17 | `unused-state` | [Unused state variables](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#unused-state-variables) | Informational | High

[Contact us](https://www.trailofbits.com/contact/) to get access to additional detectors.

### Printers

To run a printer, use `--print` and a comma-separated list of printers.

Num | Printer | Description
--- | --- | ---
1 | `call-graph` | Export the call-graph of the contracts to a dot file
2 | `contract-summary` | Print a summary of the contracts
3 | `function-summary` | Print a summary of the functions
4 | `human-summary` | Print a human readable summary of the contracts
5 | `inheritance` | Print the inheritance relations between contracts
6 | `inheritance-graph` | Export the inheritance graph of each contract to a dot file
7 | `slithir` | Print the slithIR representation of the functions
8 | `vars-and-auth` | Print the state variables written and the authorization of the functions

## How to install

Slither requires Python 3.6+ and [solc](https://github.com/ethereum/solidity/), the Solidity compiler.

### Using Pip

```
$ pip install slither-analyzer
```

### Using Git

```bash
$ git clone https://github.com/trailofbits/slither.git && cd slither
$ python setup.py install 
```

## Getting Help

Feel free to stop by our [Slack channel](https://empireslacking.herokuapp.com) (#ethereum) for help using or extending Slither.

* The [Printer documentation](https://github.com/trailofbits/slither/wiki/Printer-documentation) describes the information Slither is capable of visualizing for each contract.

* The [Detector documentation](https://github.com/trailofbits/slither/wiki/Adding-a-new-detector) describes how to write a new vulnerability analyses.

* The [API documentation](https://github.com/trailofbits/slither/wiki/API-examples) describes the methods and objects available for custom analyses.

* The [SlithIR documentation](https://github.com/trailofbits/slither/wiki/SlithIR) describes the SlithIR intermediate representation.

## License

Slither is licensed and distributed under the AGPLv3 license. [Contact us](mailto:opensource@trailofbits.com) if you're looking for an exception to the terms.
Initial public commit 6 years ago			`# Slither, the Solidity source analyzer`
			`[![Build Status](https://travis-ci.com/trailofbits/slither.svg?token=JEF97dFy1QsDCfQ2Wusd&branch=master)](https://travis-ci.com/trailofbits/slither)`
Update README.md 6 years ago			`[![Slack Status](https://empireslacking.herokuapp.com/badge.svg)](https://empireslacking.herokuapp.com)`
Update README.md 6 years ago			`[![PyPI version](https://badge.fury.io/py/slither-analyzer.svg)](https://badge.fury.io/py/slither-analyzer)`
Initial public commit 6 years ago
better features list 6 years ago			`Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comphrehension, and quickly prototype custom analyses.`
Update README.md 6 years ago
			`## Features`
Initial public commit 6 years ago
better features list 6 years ago			`* Detects vulnerable Solidity code with low false positives`
Update README.md 6 years ago			`* Identifies where the error condition occurs in the source code`
Update README.md 6 years ago			`* Easy integration into continuous integration and Truffle builds`
Update README.md 6 years ago			`* Built-in 'printers' quickly report crucial contract information`
better features list 6 years ago			`* Detector API to write custom analyses in Python`
Update README.md 6 years ago			`* Ability to analyze contracts written with Solidity >= 0.4`
Update README.md 6 years ago			`* Intermediate representation ([SlithIR](https://github.com/trailofbits/slither/wiki/SlithIR)) enables simple, high-precision analyses`
Initial public commit 6 years ago
Update README.md 6 years ago			`## Usage`
Update README 6 years ago
Update README.md 6 years ago			`Run Slither on a Truffle application:`
			```
			`truffle compile`
			`slither .`
			```

			`Run Slither on a single file:`
Initial public commit 6 years ago			```
add support for supplying a glob in addition to file and folder 6 years ago			`$ slither tests/uninitialized.sol # argument can be file, folder or glob, be sure to quote the argument when using a glob`
Initial public commit 6 years ago			`[..]`
Update README example Clean code in solidity_variables 6 years ago			`INFO:Detectors:Uninitialized state variables in tests/uninitialized.sol, Contract: Uninitialized, Vars: destination, Used in ['transfer']`
Initial public commit 6 years ago			`[..]`
			```

Update README.md 6 years ago			If Slither is run on a directory, it will run on every `.sol` file in the directory.
Update README.md 6 years ago
			`### Configuration`

Update README.md 6 years ago			* `--solc SOLC`: Path to `solc` (default 'solc')
			* `--solc-args SOLC_ARGS`: Add custom solc arguments. `SOLC_ARGS` can contain multiple arguments
			* `--disable-solc-warnings`: Do not print solc warnings
			* `--solc-ast`: Use the solc AST file as input (`solc file.sol --ast-json > file.ast.json`)
			* `--json FILE`: Export results as JSON
Command line changes: - Add exclude flag for each detector - replace -low, -medium, -high by -exclude-low, ... - clean detectors/printers information and flags - detector follow this format '--detect-name' - close #1 and #10 Update README 6 years ago
cli improvements - help is printed when no arguments are supplied - rework detector arguments: detectors are now a comma-separated list, defaults to all - rework printer arguments: printers are now a comma-separated list, defaults to contract-summary - add version command - add --list-detectors and --list-printers - update README 6 years ago			`## Detectors`
Update README.md 6 years ago
Update README.md 6 years ago			`By default, all the detectors are run.`
cli improvements - help is printed when no arguments are supplied - rework detector arguments: detectors are now a comma-separated list, defaults to all - rework printer arguments: printers are now a comma-separated list, defaults to contract-summary - add version command - add --list-detectors and --list-printers - update README 6 years ago
			`Num \| Detector \| What it Detects \| Impact \| Confidence`
Update README.md 6 years ago			`--- \| --- \| --- \| --- \| ---`
Improve output format Group info of informational issues into one log action per detector Add WIKI information 6 years ago			1 \| `suicidal` \| [Functions allowing anyone to destruct the contract](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#suicidal) \| High \| High
Add Uninitialized local variable detector 6 years ago			2 \| `uninitialized-local` \| [Uninitialized local variables](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#uninitialized-local-variables) \| High \| High
			3 \| `uninitialized-state` \| [Uninitialized state variables](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#uninitialized-state-variables) \| High \| High
			4 \| `uninitialized-storage` \| [Uninitialized storage variables](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#uninitialized-storage-variables) \| High \| High
			5 \| `arbitrary-send` \| [Functions that send ether to arbitrary destinations](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#functions-that-send-ether-to-arbitrary-destinations) \| High \| Medium
Update README 6 years ago			6 \| `controlled-delegatecall` \| [Controlled delegatecall function id](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#controlled-delegatecall) \| High \| Medium
			7 \| `reentrancy` \| [Reentrancy vulnerabilities](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#reentrancy-vulnerabilities) \| High \| Medium
			8 \| `locked-ether` \| [Contracts that lock ether](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#contracts-that-lock-ether) \| Medium \| High
			9 \| `tx-origin` \| [Dangerous usage of `tx.origin`](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#dangerous-usage-of-txorigin) \| Medium \| Medium
			10 \| `assembly` \| [Assembly usage](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#assembly-usage) \| Informational \| High
			11 \| `constable-states` \| [State variables that could be declared constant](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#state-variables-that-could-be-declared-constant) \| Informational \| High
			12 \| `external-function` \| [Public function that could be declared as external](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#public-function-that-could-be-declared-as-external) \| Informational \| High
			13 \| `low-level-calls` \| [Low level calls](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#low-level-calls) \| Informational \| High
			14 \| `naming-convention` \| [Conformance to Solidity naming conventions](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#conformance-to-solidity-naming-conventions) \| Informational \| High
			15 \| `pragma` \| [If different pragma directives are used](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#state-variables-that-could-be-declared-constant) \| Informational \| High
			16 \| `solc-version` \| [Old versions of Solidity (< 0.4.23)](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#old-versions-of-solidity) \| Informational \| High
			17 \| `unused-state` \| [Unused state variables](https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#unused-state-variables) \| Informational \| High
ExternalFunction: Simplify codebase and example 6 years ago
Update README.md 6 years ago			`[Contact us](https://www.trailofbits.com/contact/) to get access to additional detectors.`
Initial public commit 6 years ago
Update README.md 6 years ago			`### Printers`

Change --printers to --print and --detectors to --detect (close #71) 6 years ago			To run a printer, use `--print` and a comma-separated list of printers.
Update README.md 6 years ago
			`Num \| Printer \| Description`
			`--- \| --- \| ---`
Update printers description 6 years ago			1 \| `call-graph` \| Export the call-graph of the contracts to a dot file
			2 \| `contract-summary` \| Print a summary of the contracts
			3 \| `function-summary` \| Print a summary of the functions
Update README 6 years ago			4 \| `human-summary` \| Print a human readable summary of the contracts
			5 \| `inheritance` \| Print the inheritance relations between contracts
			6 \| `inheritance-graph` \| Export the inheritance graph of each contract to a dot file
			7 \| `slithir` \| Print the slithIR representation of the functions
			8 \| `vars-and-auth` \| Print the state variables written and the authorization of the functions
Update README.md 6 years ago
Update README.md 6 years ago			`## How to install`

			`Slither requires Python 3.6+ and [solc](https://github.com/ethereum/solidity/), the Solidity compiler.`
Update README.md 6 years ago
Add slither-analyzer to pypi (close #41) Version 0.1.0 6 years ago			`### Using Pip`
Update README.md 6 years ago
			```
			`$ pip install slither-analyzer`
			```

Add slither-analyzer to pypi (close #41) Version 0.1.0 6 years ago			`### Using Git`
Update README.md 6 years ago
			```bash
Fix typo in the installation instruction 6 years ago			`$ git clone https://github.com/trailofbits/slither.git && cd slither`
Update README.md 6 years ago			`$ python setup.py install`
			```

			`## Getting Help`
Initial public commit 6 years ago
Update README 6 years ago			`Feel free to stop by our [Slack channel](https://empireslacking.herokuapp.com) (#ethereum) for help using or extending Slither.`
Initial public commit 6 years ago
Update README.md 6 years ago			`* The [Printer documentation](https://github.com/trailofbits/slither/wiki/Printer-documentation) describes the information Slither is capable of visualizing for each contract.`
Update README 6 years ago
Update README.md 6 years ago			`* The [Detector documentation](https://github.com/trailofbits/slither/wiki/Adding-a-new-detector) describes how to write a new vulnerability analyses.`
Update README 6 years ago
Update README.md 6 years ago			`* The [API documentation](https://github.com/trailofbits/slither/wiki/API-examples) describes the methods and objects available for custom analyses.`
Initial public commit 6 years ago
Update README 6 years ago			`* The [SlithIR documentation](https://github.com/trailofbits/slither/wiki/SlithIR) describes the SlithIR intermediate representation.`

Update README.md 6 years ago			`## License`
Initial public commit 6 years ago
Update README.md (#15) 6 years ago			`Slither is licensed and distributed under the AGPLv3 license. [Contact us](mailto:opensource@trailofbits.com) if you're looking for an exception to the terms.`