/Ethsential

EthSential is a security analysis framework for Ethereum smart contracts. It bundles other tools to find vulnerabilities in smart contracts code.

Primary LanguagePythonApache License 2.0Apache-2.0

EthSential - Security analysis for Ethereum smart contracts

Test Release PyPI

Marketplace Version

EthSential is a security analysis framework for Ethereum smart contracts. It bundles security analysis tools to find vulnerabilities in smart contracts code.

Features

  • A system that uses analysis tools based on Docker images.
  • Provides two types of interfaces for the command-line interface and language server protocol (lsp).
  • Normalize the output of the tools in a single file or lsp response.

Supported Tools

Prerequisites

EthSential requires Docker and Python3 to be installed in the system.

Install

Install from Pypi:

$ pip install ethsential

Usage

Run ethsent -h to get more information:

Usage: solhint [actions] [options] <file>

Actions:

  tcp                                                Use TCP server
  cli                                                Use command line interface
  install, i, isntall, add                           Install tools

tcp optional arguments:
  -h, --help                                         show this help message and exit
  --host HOST                                        Bind to address (default=127.0.0.1)
  -p, --port PORT                                    Bind to port (default=2087)

cli arguments:
  -h, --help                                         show this help message and exit
  -f, --file FILE [FILE ...]                         select file(s) or directories to be analysed
  -t, --tools [{all,mythril,securify,slither} ...]   select tool(s)
  -op, --outputPath                                  The full path for the new output directory, relative to the current workspace. (default=result/).

IDE Integrations

How to contribute

Please read CONTRIBUTING.md for details about how to proceed.

Everyone interacting in Ethsential and its sub-projects' codebases and issue trackers, is expected to follow the Contributor Covenant code of conduct.

License

This project is licensed under the Apache-2.0 license - see the LICENSE.md file for details.

Feedback

It would be great if you could spare 10 minutes of your time to fill out this usability questionnaire.