Repository files navigation

A powerful Solidity static analyzer that takes a bird's eye view over your smart contracts.

DocsGet supportWebsiteTwitter

Aderyn is an open-source public good developer tool. It is a Rust-based solidity smart contract static analyzer designed to help protocol engineers and security researchers find vulnerabilities in Solidity code bases.

Thanks to its collection of static vulnerability detectors, running Cyfrin Aderyn on your Solidity codebase willhighlight potential vulnerabilities, drastically reducing the potential for unknown issues in your Solidity code and giving you the time to focus on more complex problems.

Built usingRust, Aderyn integrates seamlessly into small andenterprise-level development workflows, offering lighting-fast command-line functionality and a framework tobuild custom detectors to adapt to your codebase.

You can read theCyfrin official documentation for an in-depth look at Aderyn's functionalities.

• Supports any development framework (Foundry/Hardhat/Truffle/etc)
• Modulardetectors
• AST Traversal
• Markdown reports

NOTE Windows users must have WSL installed

Cyfrinup simplifies the installation and management of Cyfrin tools.

Follow the instructions to installhere.

Runaderyn --version to check the installation.

brew install cyfrin/tap/aderyn

npm install @cyfrin/aderyn -g

If you are installing with Homebrew or npm, ensure that the correct version of Aderyn in your path comes from either the Homebrew or npm global packages directory. If an older version exists at~/.cyfrin/bin/aderyn, remove it usingrm -f ~/.cyfrin/bin/aderyn, as this is no longer the default installation location.

Once Aderyn is installed on your system, you can run it against your Foundry-based codebase to find vulnerabilities in your code.

We will use theaderyn-contracts-playground repository in this example. You can follow along by cloning it to your system:

git clone https://github.com/Cyfrin/aderyn-contracts-playground.git

Navigate inside the repository:

cd aderyn-contracts-playground

We usually use several smart contracts and tests to try new detectors. Build the contracts by running:

forge build

Once your smart contracts have been successfully compiled, run Aderyn using the following command:

aderyn [OPTIONS] path/to/your/project

Replace [OPTIONS] with specific command-line arguments as needed.

For an in-depth walkthrough on how to get started using Aderyn, check theCyfrin official docs

Usage:aderyn [OPTIONS] <ROOT>

<ROOT>: The path to the root of the codebase to be analyzed. Defaults to the current directory.

Options:

• -s,--src: Path to the source contracts. Used to avoid analyzing libraries, tests or scripts and focus on the contracts. If not provided, or if aderyn can't find famous files to read (likefoundry.toml, which it automatically searches for) the ROOT directory will be used.
  • In foundry projects, this is usually thesrc/ folder unless stated otherwise infoundry.toml.
  • In Hardhat projects, this is usually thecontracts/ folder unless stated otherwise in the config.
• -i,--path-includes <PATH_INCLUDES>: List of path strings to include, delimited by comma (no spaces). It allows to include only one or more specific contracts in the analysis. Any solidity file path not containing these strings will be ignored.
• -x,--path-excludes <PATH_EXCLUDES>: List of path strings to exclude, delimited by comma (no spaces). It allows to exclude one or more specific contracts from the analysis. Any solidity file path containing these strings will be ignored
• -o,--output <OUTPUT>: Desired file path for the final report (will overwrite the existing one) [default: report.md]
• -n,--no-snippets: Do not include code snippets in the report (reduces report size in large repos)
• -h,--help: Print help
• -V,--version: Print version

You must provide the root directory of the repo you want to analyze. Alternatively, you can provide a single Solidity file path (this mode requiresFoundry to be installed).

Examples:

aderyn /path/to/your/foundry/project/root/directory/

Find more examples on the officialCyfrin Docs

Aderyn makes it easy to build Static Analysis detectors that can adapt to any Solidity codebase and protocol. This guide will teach you how to build, test, and run your custom Aderyn detectors.To learn how to create your custom Aderyn detectors,checkout the official docs

You can run Aderyn from a Docker container.

Build the image:

  docker build -t aderyn.

/path/to/project/root should be the path to your Foundry or Hardhat project root directory and it will be mounted to/share in the container.

Run Aderyn:

  docker run -v /path/to/project/root/:/share aderyn

Run with flags:

  docker run -v /path/to/project/root/:/share aderyn -h

Help us build Aderyn 🦜 Please see ourcontribution guidelines.Aderyn is an open-source software licensed under theGPL-3.0 License.

To build Aderyn locally:

1. Install Rust,
2. Clone this repo andcd aderyn/,
3. make,
4. Usecargo commands to build, test and run locally.

Suggested VSCode extensions:rust-analyzer - Rust language support for Visual Studio CodeRust Syntax - Improved Rust syntax highlighting

This project exists thanks to all the people whocontribute.

• AST Visitor code fromsolc-ast-rs.
• Original detectors based on4naly3er detectors.
• Shoutout to the original king of static analysisslither.