Zokyo Automated Tools
  • πŸ€–Unlocking Smart Contract Security: A Comprehensive Guide to Automated Vulnerability Analysis
  • 🐍Mastering Slither: A Comprehensive Guide to Smart Contract Vulnerability Detection
    • πŸš€Prerequisites
      • πŸ’»Code Editor
      • 🐍Setting up Python and Configuring Virtual Environments
      • πŸ”­Setting Up Git
      • πŸ‘ŠGit Bash
    • ⚑What Is Static Analysis
    • 🐍What Is Slither
    • πŸ“©Setting Up Slither: Installation and Virtual Environment Configuration
    • πŸ”©Installing solc and Crytic Compile: Foundation Tools for Slither
    • πŸ”Analyzing Smart Contracts Locally with Slither
      • πŸ—ΊοΈHandling Import Errors in Slither: A Guide on Solc Remappings
      • πŸ›£οΈHandling Path Errors In Slither
    • 🌍Analyzing Smart Contracts Already Deployed On Main-nets
    • πŸ”ŒExploring Slither's Tools and Printers: A Comprehensive Tutorial
    • πŸ€–Using Bash Scripts for Batch Analysis with Slither
    • πŸ’»Slither Intermediate Representation
    • 🌐Slither Python API
    • ⚠️Custom Detectors in Slither
      • 🀝Leveraging Custom Detectors from the Community
        • πŸ€—Leveraging Custom Detectors from the Community: Spotlight on the pessimistic.io Team
      • 🌱Making your own detectors
  • βš›οΈOyente: Symbolic Execution Tool
    • 😎What Is Symbolic Execution?
Powered by GitBook
On this page
  1. Mastering Slither: A Comprehensive Guide to Smart Contract Vulnerability Detection

Slither Python API

Book an audit with Zokyo

A Slither object has:

  • contracts (list(Contract): list of contracts

  • contracts_derived (list(Contract): list of contracts that are not inherited by another contract (subset of contracts)

  • get_contract_from_name (str): Return a contract from its name

contracts_derived iterates over contracts that are not inherited. It is useful to prevent duplicate findings. If you find an issue in a derived contract, then one of its inherited contracts is likely to have the same issue.

A Contract object has:

  • name (str): Name of the contract

  • functions (list(Function)): List of functions

  • modifiers (list(Modifier)): List of functions

  • all_functions_called (list(Function/Modifier)): List of all the internal functions reachable by the contract

  • inheritance (list(Contract)): List of inherited contracts

  • get_function_from_signature (str): Return a Function from its signature

  • get_modifier_from_signature (str): Return a Modifier from its signature

  • get_state_variable_from_name (str): Return a StateVariable from its name

A Function or a Modifier object has:

  • name (str): Name of the function

  • nodes (list(Node)): List of the nodes composing the CFG of the function/modifier

  • entry_point (Node): Entry point of the CFG

  • variables_read (list(Variable)): List of variables read

  • variables_written (list(Variable)): List of variables written

  • state_variables_read (list(StateVariable)): List of state variables read (subset of variables`read)

  • state_variables_written (list(StateVariable)): List of state variables written (subset of variables`written)

Variables can be different types, such as StateVariable, or LocalVariable. All variables have:

  • name (str): Name of the variable

  • initialized (boolean): True if the variable is initialized at declaration

A Node object has:

  • type (NodeType): The type of the node (ex: If a control flow node, RETURN is for the node containing the return statement).

  • expression (Expression): Expression associated with the node (not all nodes contain an expression)

  • variables_read (list(Variable)): List of variables read

  • variables_written (list(Variable)): List of variables written

  • state_variables_read (list(StateVariable)): List of state variables read (subset of variables_read)

  • state_variables_written (list(StateVariable)): List of state variables written (subset of variables_written)

An Expression is an AST-based representation of the code executed.

For example, the following code explores all the functions of all the contracts and prints what state variables are read or written:

from slither.slither import Slither  
  
slither = Slither('file.sol')  
  
for contract in slither.contracts:  
    print 'Contract: '+ contract.name  
  
    for function in contract.functions:  
        print('Function: {}'.format(function.name))  
  
        print('\tRead: {}'.format([v.name for v in function.state_variables_read]))  
        print('\tWritten {}'.format([v.name for v in function.state_variables_written]))

You will find more Slither API examples here. For example:

  • functions_writing.py: Where the state variable a is written?

  • variable_in_condition.py: Is the variable a used in a condition?

  • functions_called.py: What are all the functions reached by a call to entry_point()?

  • slithIR.py: Print the SlithIR operations

Full Documentation: https://github.com/crytic/slither/wiki/Python-API

PreviousSlither Intermediate RepresentationNextCustom Detectors in Slither

Last updated 1 year ago

🐍
🌐