Skip to content

Commit

Permalink
config
Browse files Browse the repository at this point in the history
  • Loading branch information
@Dharma-09
Dharma-09 committed May 8, 2024
1 parent 377e143 commit 6fbfe19
Show file tree
Hide file tree
Showing 3 changed files with 26 additions and 44 deletions.
44 changes: 1 addition & 43 deletions CONTRIBUTING.md
View file
Original file line number Diff line number Diff line change
@@ -1,48 +1,6 @@
Feel free to open PRs or open issues within this repository.

To add an issue to the analyzer, you have 2 choices:
To add an issue to the Arjun, you have 2 choices:

- use a detector based on a simple regex
- use a detector based on the analysis of the Abstract Syntax Tree generated by the `solc` compiler

### Regex-based detector:

Examples:

- [Cache Array Length](src/issues/GAS/cacheArrayLength.ts)
- [Custom Errors](src/issues/GAS/customErrors.ts)

Following this type, just add a file in the `issues/<X>` folder:

```js
type RegexIssue = {
type: IssueTypes.GAS | IssueTypes.NC | IssueTypes.L | IssueTypes.M | IssueTypes.H,
regex: RegExp,
title: string,
impact?: string,
description?: string,
regexOrAST: 'Regex',
};
```

### AST-based detector:

Examples:

- [Use Assembly when querying balances](src/issues/GAS/addressBalance.ts)
- [Use Assembly to check `address != 0`](src/issues/GAS/addressZero.ts)

Following this type, just add a file in the `issues/<X>` folder:

```js
type ASTIssue = {
type: IssueTypes.GAS | IssueTypes.NC | IssueTypes.L | IssueTypes.M | IssueTypes.H,
title: string,
impact?: string,
description?: string,
detector: (files: InputType) => Instance[], // Function analyzing the AST and returning instances of the issue
regexOrAST: 'AST',
};
```


26 changes: 25 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@

![alt text](image-1.png)
<h2 align="center">Smart Contract Vulnerability analyzer</h4>

Expand All @@ -11,6 +10,26 @@
</a>
</p>

## Table of Contents
- [Table of Contents](#table-of-contents)
- [Prerequisite](#prerequisite)
- [How Arjun works?](#how-arjun-works)
- [Example](#example)
- [Credits](#credits)
- [Contributing](#contributing)

### Prerequisite
You'll need [Node.js](https://nodejs.org/) and [Yarn](https://nodejs.org/). Then clone the repo and run:

```sh
yarn or npm

npm i @solidity-parser/parser

npm i ast-node-builder
```
You're all set!

### How Arjun works?

```shell
Expand All @@ -27,3 +46,8 @@ yarn analyze contracts scope.txt https://github.com/repo/repo
- `GITHUB_URL` is an optional url to generate links to github in the report
- For remappings, add remappings.txt to `BASE_PATH`.
- The output will be saved in a `report.md` file.

### Credits

### Contributing
You're more than welcome to contribute! For help you can check [CONTRIBUTING.md](CONTRIBUTING.md)
Binary file removed image.png
View file
Binary file not shown.

0 comments on commit 6fbfe19

Please sign in to comment.