🤗Leveraging Custom Detectors from the Community: Spotlight on the pessimistic.io Team

Book an audit with Zokyo

The open-source nature of the blockchain community encourages sharing and collaboration, allowing developers and auditors to benefit from each other's work and insights. A notable example of this collaborative spirit is seen in the pessimistic.io team, who have been actively developing and sharing their custom detectors for Slither.

How to Utilize Detectors from the pessimistic.io Team:

1. Visit Their Repository:

   • Go to pessimistic.io’s Slitherin GitHub repository.

2. Explore Their Custom Detectors:

   • They have a variety of custom detectors targeting different areas, from basic issues like "Magic Numbers" to more complex patterns like "Read-only Reentrancy."

3. Review Documentation and Setup Guides:

   • Detailed documentation is provided for each detector, ensuring you understand its purpose and how to properly set it up and use it.

4. Clone or Download the Detectors:

   • Follow their guidance to clone or download the detectors, making them available for your use.

5. Integrate with Your Slither Setup:

   • Configure Slither to recognize and utilize the downloaded custom detectors when analyzing your contracts.

Some Detectors They Offer:

• Unprotected Setter

• TX Gasprice Warning

• UniswapV2 Integration

• Token Fallback

• Timelock Controller

• Strange Setter

• Read-only Reentrancy

• NFT Approve Warning

• Multiple Storage Read

• Magic Number

• And Many More...

Each detector targets specific patterns, vulnerabilities, or code smells, enhancing the comprehensiveness of your smart contract security analysis.

Why Use These Custom Detectors?

• Enhanced Detection: The diversity of detectors available helps identify a broader range of potential issues in smart contract code.

• Community Validation: The shared detectors are likely tested and validated by the community, increasing their reliability.

• Continuous Improvement: Actively maintained detectors benefit from continuous improvements, bug fixes, and updates.

Conclusion

The custom detectors provided by teams like pessimistic.io significantly enhance the capabilities of tools like Slither, providing a richer, more comprehensive analysis of smart contracts. Utilizing such resources fosters a collaborative ecosystem, promotes shared expertise, and contributes to the overall security and robustness of blockchain technologies and applications. Remember always to review and understand the workings of any third-party detectors you choose to use, ensuring that they align with your analysis goals and standards.