building-secure-contracts
Guidelines and training material to write secure smart contracts (by crytic)
slither
Static Analyzer for Solidity and Vyper (by crytic)
| building-secure-contracts | slither | |
|---|---|---|
| 10 | 36 | |
| 2,076 | 5,019 | |
| 0.6% | 1.5% | |
| 8.4 | 9.6 | |
| 9 days ago | 3 days ago | |
| Solidity | Python | |
| GNU Affero General Public License v3.0 | GNU Affero General Public License v3.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
building-secure-contracts
Posts with mentions or reviews of building-secure-contracts.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-07-26.
-
Smart Contract Security Field Guide
I appreciate how organized the Consensys guide is laid out. It's pretty easy to read. Trail of Bits has a similar guide that is a little more in-the-weeds technically. It also covers, what we think is, essential background about certain automated analysis techniques like static analysis and how fuzzers work. Check it out!
https://secure-contracts.com/
- Trail of Bits Building Secure Contracts: Now with support for Cosmos
- Trail of Bits Building Secure Contracts: Now with support for Substrate
- New release of Building-secure-contracts: it introduces not so smart contracts for Algorand/Cairo/Cosmos/Substrate - a set of common vulnerabilities for these chains. The release contains also new training materials for Echidna and new guidelines
- Trail of Bits added Algorand to their "Building Secure Contracts" developer guide
-
Launching your Ethereum dApp on Avalanche
We highly recommend using at least one of them if professional contract security review is not possible. A more comprehensive look into secure development practices can be found here.
-
Smart Contract Exploitation Repository
If you need more reading about building secure smart contracts and auditing workflows, see here: https://github.com/crytic/building-secure-contracts
- Any recommendations for smart contract auditing ?
slither
Posts with mentions or reviews of slither.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-02-26.
-
Hidden Risks Lurking in Ethereum's Smart Contract Proxies
Yes exactly! However, >99% of the time this wouldn't happen unintentionally, and typically static analysis frameworks will detect function clashing like slither: https://github.com/crytic/slither.
- Slither 0.9.3 is out - improvements to the detectors, solidity support and more
-
Are there cases where installing a command line tool via pipx won't work, but installing via pip will?
I don't know these tools but took a look at the slither-analyze deps, and see that solc-select is not a hard dependency, but part of the extra dep group called dev. So with a normal pipx install slither-analyze, solc-select is probably absent from the relevant venv.
-
WTS: certiK audit credit ?
Congrats, you just wasted money for an audit you could have done for free with https://github.com/crytic/slither.
-
Crypto devs, what tools am I missing? Trying to build a decent list of dev resources.
Vulnerability Infrastructure: Slither
-
Solidity documentation using AI
What are the differences of your solution to `slither documentation`?
- Slither 0.9.2: finds bugs and auto-creates docs with GPT
What are some alternatives?
When comparing building-secure-contracts and slither you can also consider the following projects:
eth-security-toolbox - A Docker container preconfigured with all of the Trail of Bits Ethereum security tools.
solc-select - Manage and switch between Solidity compiler versions
pooltogether-community-ui - UI to use when creating your own custom pools, prize strategies or as reference code for integrating your own pools.
manticore - Symbolic execution tool
coreth - Code and wrapper to extract Ethereum blockchain functionalities without network/consensus, for building custom blockchain services.
echidna - Ethereum smart contract fuzzer
avalanche-faucet - Avalanche Faucet for Fuji Network and Subnets.
mythril - Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Rootstock, Tron and other EVM-compatible blockchains.
avalanchego - Go implementation of an Avalanche node.
publications - Publications from Trail of Bits
building-secure-contracts vs eth-security-toolbox
slither vs solc-select
building-secure-contracts vs pooltogether-community-ui
slither vs manticore
building-secure-contracts vs coreth
slither vs echidna
building-secure-contracts vs avalanche-faucet
slither vs mythril
building-secure-contracts vs avalanchego
slither vs eth-security-toolbox
building-secure-contracts vs mythril
slither vs publications