Greetings, dear readers! We are the pessimistic.io team, and in recent months we have been actively developing our to help with code review and process. own Slither detectors audit This is merely a release article that largely repeats what is stated in our readme; however, this article will serve as the start of a series of articles in which we will explain the development, new detectors, and improvements! everything you may require to work with them! This repository contains Stay tuned for more updates! Our team would like to express our deepest gratitude to the creators: , as well as , blockchain security division, and all the people who believe in the original tool and its evolution! Slither tool Josselin Feist, Gustavo Grieco, and Alex Groce Crytic Trail of Bits’ Our aim was to increase the sensitivity of the detectors to assist our auditors, so they are quite and not written in the “original style.” As a result, they produce FPs ( ) more frequently than original ones. straightforward False Positives As such, our detectors are a kind of automation of the checks implemented in the checklist, their main purpose is to look for issues and assist the code auditor. https://github.com/pessimistic-io/slitherin?embedable=true Please let us know if you have discovered an issue/bug/vulnerability via our custom Slither detectors. You may contact us via opening a or , whichever is more convenient for you. PR/Issue directly By the way, here are some vacant slots in the second quarter of 2023 now so if your project needs an audit — feel free to to us, visit our public reports page! write What’s a Slither? In short, Slither is a Python-based contract security framework first proposed in a by Josselin Feist, Gustavo Grieco, and Alex Groce. The Slither Framework offers automated detection of vulnerabilities and optimizations, as well as codebase summaries to aid developer comprehension. 2019 paper Born from Crytic, the blockchain security division of Trail of Bits, Slither is compatible with Hardhat and Truffle and supports Solidity code written beginning with V0.4. Besides its excellent analysis capabilities, it also includes a bunch of printers that summarize different aspects of the contract in a digestible form. One can even use them to quickly build a mental contract model before diving deeply into the code! We tend to think that plugins are actually one of the most important aspects of properly setting up and running Slither because they significantly increase functionality! However, multiple printers lose their value for more complex projects since their output becomes unmanageable… Also, keep in mind that it is the most convenient way to add your own detectors. Check out our recent article about the Slither, if you haven’t already: https://blog.pessimistic.io/slither-an-auditors-cornucopia-a8793ea96e67?embedable=true This article also has a second purpose: being a systematization of knowledge for the Slither tools usage, in which I will rely on authors that I myself trust in this matter and, of course, our pessimistic.io auditors. With all said, here are some mentions of Slither in the following : research papers Slither: A Static Analysis Framework For Smart Contracts Detecting Vulnerable Ethereum Smart Contracts via Abstracted Vulnerability Signatures Evaluating Smart Contract Static Analysis Tools Using Bug Injection We would also like to invite you to and ! visit our blog read our article about the Slither Slither: In-Depth The list of resources you’ll see thereafter will help you learn more about and our version of detectors, , and we think you’ll find them to be very helpful: Slither Slitherin Accessing Private Data in Smart Contracts Simplest way to run Slither for your Smart Contract project Dataset Card for Slither Audited Smart Contracts Slither & Echidna + Remappings Static Analysis of Smart Contracts with Slither & GitHub Actions We have meticulously studied all of the above, performed multiple backtests, and are proud to present ! our own detectors It would be fantastic if you could bookmark, share, star, or fork the following repository. Any attention will help us achieve our common goal of making Web3 a little bit safer than it was before: therefore, we require your support! For our part, we’ll do everything in our power to ensure that this project continues to grow successfully in terms of both code and technology as well as community and professional interaction! The following links and resources may be useful to you in your work; please carefully check them out: Slither Slitherin How do we use Slither at Pessimistic.io Slither Explained Slither: In-Depth Slither Review Slither — Python Reentrancy Attacks on Smart Contracts Distilled Be sure to as well! check out our blog If you have any further questions or suggestions, please or ! We hope to see you there, and we intend to support the community and its initiatives! join our Discord Server Telegram chat We sincerely hope you find our work useful and appreciate any feedback, so please do not hesitate to ! contact us Also published here.

This is a PR written by or for the company mentioned within it. The writer has a vested interest in the company and products mentioned within.

Make Web3 secure

Too Long; Didn't Read

Make resilience your competitive advantage

Slitherin: Our Very Own Slither detectors

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

(1/100) Crypto Countdown: Golem

A Research Report on the Trader $JOE DeFi Platform

07/03/2018: Biggest Stories in the Cryptosphere

05/02/2018: Biggest Stories in the Cryptosphere

01/06/2018: Biggest Stories in the Cryptosphere

(1/100) Crypto Countdown: Golem

A Research Report on the Trader $JOE DeFi Platform

07/03/2018: Biggest Stories in the Cryptosphere

05/02/2018: Biggest Stories in the Cryptosphere

01/06/2018: Biggest Stories in the Cryptosphere

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps