UNPKG

solidity-sentinel

Version:

A tool to analyze Ethereum smart contracts using Slither and provide solutions using OpenAI.

129 lines (86 loc) 3.37 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
# Solidity Sentinel Solidity Sentinel is a powerful **npm package** designed for smart contract developers. It leverages **Slither**, a static analysis framework for Solidity, to detect vulnerabilities in Ethereum smart contracts. Additionally, it integrates with **OpenAI GPT** to provide solutions for the issues detected. --- ## Features - **Static Analysis**: Analyze Ethereum smart contracts using Slither. - **Error Reporting**: Export results in JSON and Excel formats. - **Solutions**: Fetch solutions for detected vulnerabilities using OpenAI's GPT (requires OpenAI API key). - **Ease of Use**: Simple commands to analyze, report, and fix issues. --- ## Installation ### Prerequisites 1. **Node.js** and **npm** installed on your system. 2. **Python 3+** and **pip** for installing Slither. 3. **Slither Analyzer**: Install Slither globally using: ```bash pip install slither-analyzer ``` ### Install Solidity Sentinel ```bash npm install solidity-sentinel ``` --- ## Usage ### Analyze a Contract Run the following command to analyze a smart contract: ```bash npx solidity-sentinel analyze <contractAddress> ``` This will run Slither and generate a JSON report at `results/errors.json`. --- ### Generate an Excel Report After running the analysis, generate a detailed Excel report for easy readability: ```bash npx solidity-sentinel excel ``` The report will be saved as `results/errors.xlsx`. --- ### Fetch Solutions for Errors To fetch solutions for the detected vulnerabilities: 1. Add your **OpenAI API key** to a `.env` file in the project root: ```plaintext OPENAI_API_KEY=your_openai_api_key ``` 2. Run the command: ```bash npx solidity-sentinel solutions ``` Solutions will be saved in `results/solutions.json`. --- ## Commands | Command | Description | |---------------------------------------|-----------------------------------------------| | `npx solidity-sentinel analyze <contractAddress>` | Analyze a smart contract and save results in JSON. | | `npx solidity-sentinel excel` | Generate an Excel report from the JSON results. | | `npx solidity-sentinel solutions` | Fetch solutions for errors using OpenAI GPT. | --- ## Output Structure - **`results/errors.json`**: Contains the raw output from Slither. - **`results/errors.xlsx`**: A formatted Excel report of the errors. - **`results/solutions.json`**: Suggested solutions for errors (requires OpenAI API key). --- ## Workflow 1. Analyze a contract: ```bash npx solidity-sentinel analyze MyContract.sol ``` 2. Generate a report in Excel: ```bash npx solidity-sentinel excel ``` 3. Fetch solutions (requires OpenAI API key): ```bash npx solidity-sentinel solutions ``` --- ## Prerequisites for Development - Node.js - Python and Slither Analyzer (`pip install slither-analyzer`) - OpenAI GPT API (optional for solutions) --- ## License This project is licensed under the **MIT License**. --- ## Disclaimer This package is designed to assist developers by analyzing smart contracts and suggesting solutions. However, it is not a substitute for thorough manual review or professional auditing.