UNPKG

@smartdec/smartcheck

Version:

SmartCheck is an extensible static analysis tool for discovering vulnerabilities and other code issues in Ethereum smart contracts written in the Solidity programming language.

tool.smartdec.ru

smartdec/smartcheck

68 lines (48 loc) 2.08 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
# SmartCheck SmartCheck is an extensible static analysis tool for discovering vulnerabilities and other code issues in Ethereum smart contracts written in the Solidity programming language. SmartCheck is described in the academic paper titled ["SmartCheck: Static Analysis of Ethereum Smart Contracts"](https://orbilu.uni.lu/bitstream/10993/35862/1/smartcheck-paper.pdf) as released on May 27, 2018. An online version of SmartCheck is available on [our website](https://tool.smartdec.net/). ## Using NPM package ### Install SmartCheck globally To install SmartCheck globally to your system run (administrative rights required) ```bash npm install @smartdec/smartcheck -g ``` ### (Optional) Add SmartCheck as development dependency To add and install SmartCheck as development dependency to your npm project run: ```bash npm install --save-dev @smartdec/smartcheck ``` ### Start the analysis To start analysis simply run: ```bash smartcheck -p ./ ``` Argument: `-p <path to directory or file>` Optional argument: `-r <path to .xml-file with rules>`; by default it uses the built-in rules files. ## Using source code of SmartCheck ### Building the project The project uses Maven. To build it, execute in the project directory: ```bash $ mvn clean package ``` ### Start the analysis ```bash $ java -jar target/smartcheck-2.0-SNAPSHOT-jar-with-dependencies.jar -p <path to directory or file> ``` Optional argument: `-r <path to .xml-file with rules>`; by default it uses the built-in rules files. Analysis can also be started from an IDE by running the `ru.smartdec.smartcheck.app.cli.Tool.main()` method. ## Advanced ### View the parse tree in a graphical form ```bash $ mvn exec:java@tree -Dexec.args="-p <path to the file>" ``` It can also be done from an IDE by running the `ru.smartdec.smartcheck.app.cli.TreeView.main()` method. ### View the parse tree as XML ```bash $ mvn exec:java@xml -Dexec.args="-t <path to save xml-tree> -s <path to the file>" ``` It can also be done from an IDE by running the `ru.smartdec.smartcheck.app.cli.XmlView.main()` method.