/aderyn

Aderyn 🦜 Rust-based Solidity AST analyzer.

Primary LanguageRustMIT LicenseMIT



A powerful Solidity static analyzer that takes a bird's eye view over your smart contracts.



Twitter Website Discord


Stargazers Forks Contributors Issues MIT License

What is Aderyn?

Aderyn is a Rust-based static analyzer specifically designed for Web3 smart contract security and development. It takes a bird's eye view over your smart contracts, traversing the Abstract Syntax Trees (AST) to pinpoint suspected vulnerabilities. Aderyn prints out these potential issues in an easy-to-consume markdown format.

Features

Usage

To get started using Aderyn make sure to have Rust installed on your device. For more information, refer to the official Rust documentation.

Mac, Linux, Unix

You can install Rust and Cargo by running the following command on your terminal:

curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

Windows

You can install Rust and Cargo by downloading and running rustup-init.exe.

Docker

You can run Aderyn from Docker container.

Build the image:

  docker build -t aderyn .

/path/to/project/root should be the path to your Foundry or Hardhat project root directory and it will be mounted to /share in the container.

Run the container in an interactive mode:

  docker run -it -v /path/to/project/root/:/share aderyn

Run aderyn:

  aderyn /share

Installation

In the command line, run:

cargo install aderyn

Quick Start

The root path you're running Aderyn on should be either a Foundry or compiled Hardhat project.

aderyn /path/to/your/foundry/project/root/directory/

That's it! Aderyn identifies whether the project root is a Foundry or Hardhat repo, then uses the compiled AST files to hunt for vulnerabilities.

report.md will be output in the directory in which you ran the command.

Arguments

Usage: aderyn [OPTIONS] <ROOT>

<ROOT>: The path to the root of the codebase to be analyzed. Defaults to the current directory.

Options:

  • -o, --output <OUTPUT>: Desired file path for the final report (will overwrite existing one) [default: report.md]
  • -s, --scope <SCOPE>: List of path strings to include, delimited by comma (no spaces). Any solidity file path not containing these strings will be ignored
  • -e, --exclude <EXCLUDE>: List of path strings to exclude, delimited by comma (no spaces). Any solidity file path containing these strings will be ignored
  • -n, --no-snippets: Do not include code snippets in the report (reduces report size in large repos)
  • -h, --help: Print help
  • -V, --version: Print version

You must provide the root directory of the repo you want to analyze. Alternatively, you can provide a single Solidity filepath (this mode requires Foundry to be installed).

Examples:

aderyn /path/to/your/foundry/project/root/directory/

Run Aderyn in the folder you're currently in:

aderyn

Output to a different markdown file:

aderyn -o output.md ./path/to/repo/

Refine the scope to a subdirectory called /uniswap/:

aderyn --scope uniswap ./path/to/repo/

Exclude a contract called Counter.sol:

aderyn --exclude Counter.sol ./path/to/repo/

Run on a single Solidity file (requires Foundry to be installed on your machine):

aderyn src/MyContract.sol

Supported Development Frameworks

If the <ROOT> is a directory, Aderyn automatically detects the development framework so long as it's Foundry or Hardhat.

Foundry

If Foundry is detected in the project root, Aderyn will first run forge build to ensure that the contract compiles correctly and the latest artifacts are available.

Hardhat

If Hardhat is detected, Aderyn does not auto-compile. Make sure to run hardhat compile BEFORE running Aderyn.

Single Solidity File Mode

If it is a Solidity file path, then Aderyn will create a temporary Foundry project, copy the contract into it, compile the contract and then analyze the AST generated by that temporary project.

Contributing & License

Help us build Aderyn 🦜 Please see our contribution guidelines. Aderyn is an open source software licensed under the MIT License.

To build Aderyn locally, install Rust, clone this repo, and use cargo commands to build, test and run locally

Credits

This project exists thanks to all the people who contribute.

Attribution