SherlockChain is a powerful smart contract analysis framework that combines the capabilities of the renowned Slither tool with advanced AI-powered features. Developed by a team of security experts and AI researchers, SherlockChain offers unparalleled insights and vulnerability detection for Solidity, Vyper and Plutus smart contracts.
Key Features
- Comprehensive Vulnerability Detection: SherlockChain's suite of detectors identifies a wide range of vulnerabilities, including high-impact issues like reentrancy, unprotected upgrades, and more.
- AI-Powered Analysis: Integrated AI models enhance the accuracy and precision of vulnerability detection, providing developers with actionable insights and recommendations.
- Seamless Integration: SherlockChain seamlessly integrates with popular development frameworks like Hardhat, Foundry, and Brownie, making it easy to incorporate into your existing workflow.
- Intuitive Reporting: SherlockChain generates detailed reports with clear explanations and code snippets, helping developers quickly understand and address identified issues.
- Customizable Analyses: The framework's flexible API allows users to write custom analyses and detectors, tailoring the tool to their specific needs.
- Continuous Monitoring: SherlockChain can be integrated into your CI/CD pipeline, providing ongoing monitoring and alerting for your smart contract codebase.
Installation
To install SherlockChain, follow these steps:
코드:
git clone https://github.com/0xQuantumCoder/SherlockChain.git
cd SherlockChain
pip install .AI-Powered Features
SherlockChain's AI integration brings several advanced capabilities to the table:- Intelligent Vulnerability Prioritization: AI models analyze the context and potential impact of detected vulnerabilities, providing developers with a prioritized list of issues to address.
- Automated Remediation Suggestions: The AI component suggests potential fixes and code modifications to address identified vulnerabilities, accelerating the remediation process.
- Proactive Security Auditing: SherlockChain's AI models continuously monitor your codebase, proactively identifying emerging threats and providing early warning signals.
- Natural Language Interaction: Users can interact with SherlockChain using natural language, allowing them to query the tool, request specific analyses, and receive detailed responses. he
--helpcommand in the SherlockChain framework provides a comprehensive overview of all the available options and features. It includes information on: - Vulnerability Detection: The
--detectand--exclude-detectorsoptions allow users to specify which vulnerability detectors to run, including both built-in and AI-powered detectors. - Reporting: The
--report-format,--report-output, and various--report-*options control how the analysis results are reported, including the ability to generate reports in different formats (JSON, Markdown, SARIF, etc.). - Filtering: The
--filter-*options enable users to filter the reported issues based on severity, impact, confidence, and other criteria. - AI Integration: The
--ai-*options allow users to configure and control the AI-powered features of SherlockChain, such as prioritizing high-impact vulnerabilities, enabling specific AI detectors, and managing AI model configurations. - Integration with Development Frameworks: Options like
--truffleand--truffle-build-directoryfacilitate the integration of SherlockChain into popular development frameworks like Truffle. - Miscellaneous Options: Additional options for compiling contracts, listing detectors, and customizing the analysis process.
--help command provides a detailed explanation of each option, its purpose, and how to use it, making it a valuable resource for users to quickly understand and leverage the full capabilities of the SherlockChain framework.Example usage:
sherlockchain --helpThis will display the comprehensive usage guide for the SherlockChain framework, including all available options and their descriptions.
코드:
usage: sherlockchain [-h] [--version] [--solc-remaps SOLC_REMAPS] [--solc-settings SOLC_SETTINGS]
[--solc-version SOLC_VERSION] [--truffle] [--truffle-build-directory TRUFFLE_BUILD_DIRECTORY]
[--truffle-config-file TRUFFLE_CONFIG_FILE] [--compile] [--list-detectors]
[--list-detectors-info] [--detect DETECTORS] [--exclude-detectors EXCLUDE_DETECTORS]
[--print-issues] [--json] [--markdown] [--sarif] [--text] [--zip] [--output OUTPUT]
[--filter-paths FILTER_PATHS] [--filter-paths-exclude FILTER_PATHS_EXCLUDE]
[--filter-contracts FILTER_CONTRACTS] [--filter-contracts-exclude FILTER_CONTRACTS_EXCLUDE]
[--filter-severity FILTER_SEVERITY] [--filter-impact FILTER_IMPACT]
[--filter-confidence FILTER_CONFIDENCE] [--filter-check-suicidal]
[--filter-check-upgradeable] [--f ilter-check-erc20] [--filter-check-erc721]
[--filter-check-reentrancy] [--filter-check-gas-optimization] [--filter-check-code-quality]
[--filter-check-best-practices] [--filter-check-ai-detectors] [--filter-check-all]
[--filter-check-none] [--check-all] [--check-suicidal] [--check-upgradeable]
[--check-erc20] [--check-erc721] [--check-reentrancy] [--check-gas-optimization]
[--check-code-quality] [--check-best-practices] [--check-ai-detectors] [--check-none]
[--check-all-detectors] [--check-all-severity] [--check-all-impact] [--check-all-confidence]
[--check-all-categories] [--check-all-filters] [--check-all-options] [--check-all]
[--check-none] [--report-format {json,markdown,sarif,text,zip}] [--report-output OUTPUT]
[--report-severity REPORT_SEVERITY] [--report-impact R EPORT_IMPACT]
[--report-confidence REPORT_CONFIDENCE] [--report-check-suicidal]
[--report-check-upgradeable] [--report-check-erc20] [--report-check-erc721]
[--report-check-reentrancy] [--report-check-gas-optimization] [--report-check-code-quality]
[--report-check-best-practices] [--report-check-ai-detectors] [--report-check-all]
[--report-check-none] [--report-all] [--report-suicidal] [--report-upgradeable]
[--report-erc20] [--report-erc721] [--report-reentrancy] [--report-gas-optimization]
[--report-code-quality] [--report-best-practices] [--report-ai-detectors] [--report-none]
[--report-all-detectors] [--report-all-severity] [--report-all-impact]
[--report-all-confidence] [--report-all-categories] [--report-all-filters]
[--report-all-options] [- -report-all] [--report-none] [--ai-enabled] [--ai-disabled]
[--ai-priority-high] [--ai-priority-medium] [--ai-priority-low] [--ai-priority-all]
[--ai-priority-none] [--ai-confidence-high] [--ai-confidence-medium] [--ai-confidence-low]
[--ai-confidence-all] [--ai-confidence-none] [--ai-detectors-all] [--ai-detectors-none]
[--ai-detectors-specific AI_DETECTORS_SPECIFIC] [--ai-detectors-exclude AI_DETECTORS_EXCLUDE]
[--ai-models-path AI_MODELS_PATH] [--ai-models-update] [--ai-models-download]
[--ai-models-list] [--ai-models-info] [--ai-models-version] [--ai-models-check]
[--ai-models-upgrade] [--ai-models-remove] [--ai-models-clean] [--ai-models-reset]
[--ai-models-backup] [--ai-models-restore] [--ai-models-export] [--ai-models-import]
[--ai-models-config AI_MODELS_CONFIG] [--ai-models-config-update] [--ai-models-config-reset]
[--ai-models-config-export] [--ai-models-config-import] [--ai-models-config-list]
[--ai-models-config-info] [--ai-models-config-version] [--ai-models-config-check]
[--ai-models-config-upgrade] [--ai-models-config-remove] [--ai-models-config-clean]
[--ai-models-config-reset] [--ai-models-config-backup] [--ai-models-config-restore]
[--ai-models-config-export] [--ai-models-config-import] [--ai-models-config-path AI_MODELS_CONFIG_PATH]
[--ai-models-config-file AI_MODELS_CONFIG_FILE] [--ai-models-config-url AI_MODELS_CONFIG_URL]
[--ai-models-config-name AI_MODELS_CONFIG_NAME] [--ai-models-config-description AI_MODELS_CONFIG_DESCRIPTION]
[--ai-models-config-version-major AI_MODELS_CONFIG_VERSION_MAJOR]
[--ai-models-config- version-minor AI_MODELS_CONFIG_VERSION_MINOR]
[--ai-models-config-version-patch AI_MODELS_CONFIG_VERSION_PATCH]
[--ai-models-config-author AI_MODELS_CONFIG_AUTHOR]
[--ai-models-config-license AI_MODELS_CONFIG_LICENSE]
[--ai-models-config-url-documentation AI_MODELS_CONFIG_URL_DOCUMENTATION]
[--ai-models-config-url-source AI_MODELS_CONFIG_URL_SOURCE]
[--ai-models-config-url-issues AI_MODELS_CONFIG_URL_ISSUES]
[--ai-models-config-url-changelog AI_MODELS_CONFIG_URL_CHANGELOG]
[--ai-models-config-url-support AI_MODELS_CONFIG_URL_SUPPORT]
[--ai-models-config-url-website AI_MODELS_CONFIG_URL_WEBSITE]
[--ai-models-config-url-logo AI_MODELS_CONFIG_URL_LOGO]
[--ai-models-config-url-icon AI_MODELS_CONFIG_URL_ICON]
[--ai-models-config-url-banner AI_MODELS_CONFIG_URL_BANNER]
[--ai-models-config-url-screenshot AI_MODELS_CONFIG_URL_SCREENSHOT]
[--ai-models-config-url-video AI_MODELS_CONFIG_URL_VIDEO]
[--ai-models-config-url-demo AI_MODELS_CONFIG_URL_DEMO]
[--ai-models-config-url-documentation-api AI_MODELS_CONFIG_URL_DOCUMENTATION_API]
[--ai-models-config-url-documentation-user AI_MODELS_CONFIG_URL_DOCUMENTATION_USER]
[--ai-models-config-url-documentation-developer AI_MODELS_CONFIG_URL_DOCUMENTATION_DEVELOPER]
[--ai-models-config-url-documentation-faq AI_MODELS_CONFIG_URL_DOCUMENTATION_FAQ]
[--ai-models-config-url-documentation-tutorial AI_MODELS_CONFIG_URL_DOCUMENTATION_TUTORIAL]
[--ai-models-config-url-documentation-guide AI_MODELS_CONFIG_URL_DOCUMENTATION_GUIDE]
[--ai-models-config-url-documentation-whitepaper AI_MODELS_CONFIG_URL_DOCUMENTATION_WHITEPAPER]
[--ai-models-config-url-documentation-roadmap AI_MODELS_CONFIG_URL_DOCUMENTATION_ROADMAP]
[--ai-models-config-url-documentation-blog AI_MODELS_CONFIG_URL_DOCUMENTATION_BLOG]
[--ai-models-config-url-documentation-community AI_MODELS_CONFIG_URL_DOCUMENTATION_COMMUNITY]- Vulnerability detection options:
--detect,--exclude-detectors - Reporting options:
--report-format,--report-output,--report-* - Filtering options:
--filter-* - AI integration options:
--ai-* - Integration with development frameworks:
--truffle,--truffle-build-directory - Miscellaneous options:
--compile,--list-detectors,--list-detectors-info
AI-Powered Detectors
| Num | Detector | What it Detects | Impact | Confidence |
|---|---|---|---|---|
| 1 | ai-anomaly-detection | Detect anomalous code patterns using advanced AI models | High | High |
| 2 | ai-vulnerability-prediction | Predict potential vulnerabilities using machine learning | High | High |
| 3 | ai-code-optimization | Suggest code optimizations based on AI-driven analysis | Medium | High |
| 4 | ai-contract-complexity | Assess contract complexity and maintainability using AI | Medium | High |
| 5 | ai-gas-optimization | Identify gas-optimizing opportunities with AI | Medium | Medium |
| ## Detectors |
| Num | Detector | What it Detects | Impact | Confidence |
|---|---|---|---|---|
| 1 | abiencoderv2-array | Storage abiencoderv2 array | High | High |
| 2 | arbitrary-send-erc20 | transferFrom uses arbitrary from | High | High |
| 3 | array-by-reference | Modifying storage array by value | High | High |
| 4 | encode-packed-collision | ABI encodePacked Collision | High | High |
| 5 | incorrect-shift | The order of parameters in a shift instruction is incorrect. | High | High |
| 6 | multiple-constructors | Multiple constructor schemes | High | High |
| 7 | name-reused | Contract's name reused | High | High |
| 8 | protected-vars | Detected unprotected variables | High | High |
| 9 | public-mappings-nested | Public mappings with nested variables | High | High |
| 10 | rtlo | Right-To-Left-Override control character is used | High | High |
| 11 | shadowing-state | State variables shadowing | High | High |
| 12 | suicidal | Functions allowing anyone to destruct the contract | High | High |
| 13 | uninitialized-state | Uninitialized state variables | High | High |
| 14 | uninitialized-storage | Uninitialized storage variables | High | High |
| 15 | unprotected-upgrade | Unprotected upgradeable contract | High | High |
| 16 | codex | Use Codex to find vulnerabilities. | High | Low |
| 17 | arbitrary-send-erc20-permit | transferFrom uses arbitrary from with permit | High | Medium |
| 18 | arbitrary-send-eth | Functions that send Ether to arbitrary destinations | High | Medium |
| 19 | controlled-array-length | Tainted array length assignment | High | Medium |
| 20 | controlled-delegatecall | Controlled delegatecall destination | High | Medium |
| 21 | delegatecall-loop | Payable functions using delegatecall inside a loop | High | Medium |
| 22 | incorrect-exp | Incorrect exponentiation | High | Medium |
| 23 | incorrect-return | If a return is incorrectly used in assembly mode. | High | Medium |
| 24 | msg-value-loop | msg.value inside a loop | High | Medium |
| 25 | reentrancy-eth | Reentrancy vulnerabilities (theft of ethers) | High | Medium |
| 26 | return-leave | If a return is used instead of a leave. | High | Medium |
| 27 | storage-array | Signed storage integer array compiler bug | High | Medium |
| 28 | unchecked-transfer | Unchecked tokens transfer | High | Medium |
| 29 | weak-prng | Weak PRNG | High | Medium |
| 30 | domain-separator-collision | Detects ERC20 tokens that have a function whose signature collides with EIP-2612's DOMAIN_SEPARATOR() | Medium | High |
| 31 | enum-conversion | Detect dangerous enum conversion | Medium | High |
| 32 | erc20-interface | Incorrect ERC20 interfaces | Medium | High |
| 33 | erc721-interface | Incorrect ERC721 interfaces | Medium | High |
| 34 | incorrect-equality | Dangerous strict equalities | Medium | High |
| 35 | locked-ether | Contracts that lock ether | Medium | High |
| 36 | mapping-deletion | Deletion on mapping containing a structure | Medium | High |
| 37 | shadowing-abstract | State variables shadowing from abstract contracts | Medium | High |
| 38 | tautological-compare | Comparing a variable to itself always returns true or false, depending on comparison | Medium | High |
| 39 | tautology | Tautology or contradiction | Medium | High |
| 40 | write-after-write | Unused write | Medium | High |
| 41 | boolean-cst | Misuse of Boolean constant | Medium | Medium |
| 42 | constant-function-asm | Constant functions using assembly code | Medium | Medium |
| 43 | constant-function-state | Constant functions changing the state | Medium | Medium |
| 44 | divide-before-multiply | Imprecise arithmetic operations order | Medium | Medium |
| 45 | out-of-order-retryable | Out-of-order retryable transactions | Medium | Medium |
| 46 | reentrancy-no-eth | Reentrancy vulnerabilities (no theft of ethers) | Medium | Medium |
| 47 | reused-constructor | Reused base constructor | Medium | Medium |
| 48 | tx-origin | Dangerous usage of tx.origin | Medium | Medium |
| 49 | unchecked-lowlevel | Unchecked low-level calls | Medium | Medium |
| 50 | unchecked-send | Unchecked send | Medium | Medium |
| 51 | uninitialized-local | Uninitialized local variables | Medium | Medium |
| 52 | unused-return | Unused return values | Medium | Medium |
| 53 | incorrect-modifier | Modifiers that can return the default value | Low | High |
| 54 | shadowing-builtin | Built-in symbol shadowing | Low | High |
| 55 | shadowing-local | Local variables shadowing | Low | High |
| 56 | uninitialized-fptr-cst | Uninitialized function pointer calls in constructors | Low | High |
| 57 | variable-scope | Local variables used prior their declaration | Low | High |
| 58 | void-cst | Constructor called not implemented | Low | High |
| 59 | calls-loop | Multiple calls in a loop | Low | Medium |
| 60 | events-access | Missing Events Access Control | Low | Medium |
| 61 | events-maths | Missing Events Arithmetic | Low | Medium |
| 62 | incorrect-unary | Dangerous unary expressions | Low | Medium |
| 63 | missing-zero-check | Missing Zero Address Validation | Low | Medium |
| 64 | reentrancy-benign | Benign reentrancy vulnerabilities | Low | Medium |
| 65 | reentrancy-events | Reentrancy vulnerabilities leading to out-of-order Events | Low | Medium |
| 66 | return-bomb | A low level callee may consume all callers gas unexpectedly. | Low | Medium |
| 67 | timestamp | Dangerous usage of block.timestamp | Low | Medium |
| 68 | assembly | Assembly usage | Informational | High |
| 69 | assert-state-change | Assert state change | Informational | High |
| 70 | boolean-equal | Comparison to boolean constant | Informational | High |
| 71 | cyclomatic-complexity | Detects functions with high (> 11) cyclomatic complexity | Informational | High |
| 72 | deprecated-standards | Deprecated Solidity Standards | Informational | High |
| 73 | erc20-indexed | Un-indexed ERC20 event parameters | Informational | High |
| 74 | function-init-state | Function initializing state variables | Informational | High |
| 75 | incorrect-using-for | Detects using-for statement usage when no function from a given library matches a given type | Informational | High |
| 76 | low-level-calls | Low level calls | Informational | High |
| 77 | missing-inheritance | Missing inheritance | Informational | High |
| 78 | naming-convention | Conformity to Solidity naming conventions | Informational | High |
| 79 | pragma | If different pragma directives are used | Informational | High |
| 80 | redundant-statements | Redundant statements | Informational | High |
| 81 | solc-version | Incorrect Solidity version | Informational | High |
| 82 | unimplemented-functions | Unimplemented functions | Informational | High |
| 83 | unused-import | Detects unused imports | Informational | High |
| 84 | unused-state | Unused state variables | Informational | High |
| 85 | costly-loop | Costly operations in a loop | Informational | Medium |
| 86 | dead-code | Functions that are not used | Informational | Medium |
| 87 | reentrancy-unlimited-gas | Reentrancy vulnerabilities through send and transfer | Informational | Medium |
| 88 | similar-names | Variable names are too similar | Informational | Medium |
| 89 | too-many-digits | Conformance to numeric notation best practices | Informational | Medium |
| 90 | cache-array-length | Detects for loops that use length member of some storage array in their loop condition and don't modify it. | Optimization | High |
| 91 | constable-states | State variables that could be declared constant | Optimization | High |
| 92 | external-function | Public function that could be declared external | Optimization | High |
| 93 | immutable-states | State variables that could be declared immutable | Optimization | High |
| 94 | var-read-using-this | Contract reads its own variable using this | Optimization | High |