/Masamune

A smart contract security search utility

Primary LanguageJavaScriptGNU General Public License v3.0GPL-3.0

The smart contract security search utility tool.

What is Masamune?

Masamune is a search utility tool that allows you to search for smart contract security vulnerabilities, from a curated list of sources.

To access Masamune, visit masamune.app.

How does it work?

Masamune V1.

The search utility is powered by Lunr.js, a full-text search library for the browser.

We have developed custom scrapers for each data source, which are run periodically to retrieve the latest data.

The data is stored within the results directory; for each of the queries, a pattern match is tried against the data, and the results are displayed.

To build locally, just open index.html using a live server, eg. this extension for VSCode.

Masamune V2.

Beta version is available at masamune.app. V2 is powered by the OpenAI's Embeddings API, which allows for more advanced search queries, as well as more context aware search results. Currently, the text-embedding-3-large model is in use.

Retrieving the data

Currently, Masamune works on the following data sources:

  1. Zellic
  2. Code4rena findings
  3. DeFi Hacks Analysis
  4. Immunefi bugfixes
  5. yAudit
  6. Trail of Bits
  7. Various Gitbooks, such as the Layer Zero Docs, Curve Finance Docs, MEV Wiki, etc
  8. Certora
  9. Consensys
  10. Dedaub
  11. Halborn
  12. Least Authority
  13. Oak Security
  14. SlowMist
  15. OpenZeppelin
  16. Spearbit
  17. ChainSecurity