This repo hosts an open-source Python branch of the static analysis tool Vanguard developed by Veridise. This version is optimized for analyzing Leo/Aleo programs.
The following libraries are required for running (different components of) the tool:
- Rust (1.73+) for running
aleo2json - Python (3.10+) for running Vanguard and its Aleo detectors
- NetworkX (2.8.4+) for speeding up graph reachability in detectors
Running of Vanguard for Aleo relies on a compiler that converts Aleo programs into JSON, which allows the program to be further analyzed by various tools and extensions. It's adapted from Aleo's snarkVM. To allow Vanguard to directly process Aleo programs, we recommend installing the compiler while testing out the tool via:
cd vanguard/aleo2json/
cargo install --path .To remove it in the future, simply do:
cargo uninstall aleo2jsonThe aleo2json tool takes as input a path to *.aleo file, and directly outputs the compiled JSON, which includes enhanced information of the program and basic analysis results (e.g., variable types, visibilities, etc.):
aleo2json <path-to-aleo-file>The library of Vanguard for Aleo provides both integration with the aleo2json tool, as well as basic utilities for writing detectors based on static analysis. We've also included detectors for several common vulnerabilities.
The analyzer can be installed via pip setup tools by running:
pip install .and if you want to remove it:
pip uninstall vanguardYou can write detectors by simply utilizing some functions provided by the analyzer. Here's an example that analyze and get all public outputs/signals from a given Aleo program:
from vanguard.aleo.common import aleo2json, get_public_outputs
aleo_path = ...
aleo_json = aleo2json(aleo_path)
pub_outs = get_public_outputs(aleo_json["functions"]["main"])
if len(pub_outs)>0:
print(f"There are public outputs: {pub_outs}.")APIs are located in vanguard/aleo/common.py and vanguard/aleo/detectors/*, we are working on adding more of them as well as a documentation. Stay tuned!