slither
slither copied to clipboard
crytic
Static Analyzer for Solidity and Vyper
should be comma `,` rather than dot `.` when separating Event arguments
Fixes https://github.com/crytic/slither/issues/1153 I'm not sure if there's a better way to address unused tuple members, but this works. slither 0xed3a954c0adfc8e3f85d92729c051ff320648e30 --print slithir ``` Expression: guni.token1() == DAI IRs: TMP_121(address) =...
As discussed with @0xalpharush in https://github.com/crytic/slither/pull/1196 I now wrote a small test suite that checks if path filtering across POSIX and Windows works. The CI tests will fail with the...
### Describe the desired feature Since 0.8.3 we support custom code comment (ex: `@custom:security non-reentrant`), we can add the support for things like: - `@custom:security isProxy` - `@custom:security isUpgradeable` -...
The Solc Compiler does not help checking that the arguments used in when building the transaction calldata with encodeWhitSelector matches the target function. This detector look for miss-matching encodeWithSelector arguments...
I'm in a fresh virtual environment so I installed solc doing this: `sudo add-apt-repository ppa:ethereum/ethereum` `sudo apt-get update` `sudo apt-get install solc` note that this is _not_ the nightly version...
### Describe the issue: When running Slither on this UUPS upgradeable contract](https://github.com/OpenQDev/OpenQ-Contracts/blob/development/contracts/OpenQ/Implementations/OpenQV0.sol), it triggers the `unprotected-upgradeable-contract` critical warning as shown below: However, the latest OpenZeppelin [UUPSUpgradeable.sol](https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/blob/3dec82093ea4a490d63aab3e925fed4f692909e8/contracts/proxy/utils/UUPSUpgradeable.sol#L73) does indeed protect its...
### Describe the issue: ``` Missing function 'value' Missing function 'value' Missing function 'value' Missing function 'value' Missing function 'value' Missing function 'value' Missing function 'value' Missing function Variable not...
@0xalpharush responded to feature request https://github.com/crytic/slither/issues/1202 suggesting to start of with identifying functions that use msg.data similar to the way msg.sender and msg.gas is being identified. That step of the...
The parsing was failing due to the new `IdentifierPath` in case of modifier: the modifier name needs to be used instead of its signature