Vulnerabilities Detected by Oyente

[TlxTejaswi]

Hello Group,

I am researching on various tools for detecting smart contract vulnerabilities and came across Oyente. Through certain documents along with running some tests ran locally on my system, I got to know that besides ensuring good EVM code coverage Oyente catches the following vulnerabilities:

Re-entrancy Integer overflow/underflow Transaction order dependence Timestamp dependence Callstack Depth EVM Code Coverage Parity Multisig bug

I request the members to help me with the complete list of vulnerabilities as it would help us make an important decision regarding the smart contract security tool.

[yxliang01]

@TlxTejaswi I think you can just refer to their paper (making smart contract smarter)?

[TlxTejaswi]

Thanks for the response yxliang01. I have referred to the paper titled "Making Smart Contracts Smarter", and there the vulnerabilities listed are:

Transaction Ordering Dependence Timestamp Dependence Mishandled Exceptions Re-entrancy vulnerability

I have tested the tool against a sample contract and that could detect 8 critical vulnerabilities. So I just want to know whether the 8 is the final or whether the tool is capable of doing more.

[omarandres2803]

@TlxTejaswi Did you get any answer from the project members ? I'm considering using this tool but it seems to me documentation is not so clear and I'm not sure the project is maintained.