Movatterモバイル変換

Cyfrin/aderynPublic

NotificationsYou must be signed in to change notification settings
Fork86
Star564

Solidity Static Analyzer that easily integrates into your editor

cyfrin.gitbook.io/cyfrin-docs/aderyn-cli/readme

License

GPL-2.0 license

564 stars 86 forks Branches Tags Activity

Star

Notifications

You must be signed in to change notification settings

Branches Tags

Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 708 Commits
.cargo		.cargo
.github		.github
.vscode		.vscode
aderyn		aderyn
aderyn_core		aderyn_core
aderyn_driver		aderyn_driver
benchmarks		benchmarks
cli		cli
cyfrinup		cyfrinup
node_modules		node_modules
reports		reports
tests		tests
tools/xtask		tools/xtask
.git-blame-ignore-revs		.git-blame-ignore-revs
.gitattributes		.gitattributes
.gitignore		.gitignore
.gitmodules		.gitmodules
CODEOWNERS		CODEOWNERS
CONTRIBUTING.md		CONTRIBUTING.md
Cargo.lock		Cargo.lock
Cargo.toml		Cargo.toml
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
RELEASE_CHECKLIST.md		RELEASE_CHECKLIST.md
bacon.toml		bacon.toml
deny.toml		deny.toml
dist-workspace.toml		dist-workspace.toml
funding.json		funding.json
package-lock.json		package-lock.json
package.json		package.json
rust-toolchain.toml		rust-toolchain.toml
rustfmt.toml		rustfmt.toml
typos.toml		typos.toml

Repository files navigation

A powerful Solidity static analyzer that takes a bird's eye view over your smart contracts.

Docs Discord Twitter

What is Aderyn?

Aderyn is an open-source public good developer tool. It is a Rust-based solidity smart contract static analyzer designed to help protocol engineers and security researchers find vulnerabilities in Solidity code bases.

You can read theCyfrin official documentation for an in-depth look at Aderyn's functionalities.

There is also an officially supportedVSCode extension for Aderyn. Download from theVisual Studio Marketplace and start identifying vulnerabilities in your Soliditycode with ease.

Features

Off the shelf support for Foundry projects.
Off the shelf support for Hardhat projects. (Sometimesremappings.txt maybe required)
Configuration file (adeyrn.toml) needed to support custom frameworks.
Markdown, JSON and Sarif reports

Installation

NOTE Windows users must have WSL installed

Using Cyfrinup

Cyfrinup is the cross platform installation manager for Cyfrin tools.

One time setup.

Runaderyn --version to check the installation.

Runcyfrinup to upgrade everything to the latest version.

Using curl

curl --proto'=https' --tlsv1.2 -LsSf https://github.com/cyfrin/aderyn/releases/latest/download/aderyn-installer.sh| bash

Upgrade older versions by running:`aderyn-update`

Using Homebrew

brew install cyfrin/tap/aderyn

Upgrade older versions by running:`brew upgrade cyfrin/tap/aderyn`

Using npm

npm install @cyfrin/aderyn -g

Upgrade older versions by (re)running:`npm install @cyfrin/aderyn -g`

If you are installing with Curl or Homebrew or npm, ensure that the correct version of Aderyn in your path comes from either the Homebrew or npm global packages directory. If an older version exists at~/.cyfrin/bin/aderyn, remove it usingrm -f ~/.cyfrin/bin/aderyn, as this is no longer the default installation location.

Quick Start

Quick Start example with video guide.

cd path/to/solidity/project/rootaderyn

This generates areport.md

See examples using more CLI optionshere

VS Code extension

Officially supportedVSCode extension for Aderyn.Download fromVisual Studio Marketplace

Contributing & License

Help us build Aderyn 🦜 Please see ourcontribution guidelines for in-depth developer environment setup and PR approval process.Aderyn is an open-source software licensed under theGPL-3.0 License.

Building a custom Aderyn detector

Aderyn makes it easy to build Static Analysis detectors that can adapt to any Solidity codebase and protocol. This guide will teach you how to build, test, and run your custom Aderyn detectors.To learn how to create your custom Aderyn detectors,checkout the official docs