-
Notifications
You must be signed in to change notification settings - Fork 968
Usage
All the crytic-compile
options are available through Slither.
To run Slither on a Truffle/Dapp/Etherlime directory:
slither .
To run Slither on a Embark directory, on the first run, use:
slither . --embark-overwrite-config
It will:
- install @trailofbits/embark-contract-plugin.
- add
@trailofbits/embark-contract-plugin
toembark.json
plugin list.
Following runs will not need the --embark-overwrite-config
flag, you can run Slither with slither .
.
Alternatively, you can do those two steps manually, and then directly run slither .
Ensure that you have embark-contract-info >= 1.1.0
To run Slither from a Solidity file:
slither file.sol
To run Slither from a contract hosted on Etherscan, run
slither 0x7F37f78cBD74481E593F9C737776F7113d76B315
We recommend installing solc-select so Slither can switch to the expected solc version automatically.
To run Slither on a AST file generated by solc, run:
slither file.ast.json
- To disable the solc warnings:
--solc-disable-warnings
- To disable the output colorization:
--disable-color
- To export the result to a json file:
--json file.json
- To export to stdout instead of a file, simply replace the filename with
-
- To export to stdout instead of a file, simply replace the filename with
Slither runs all its detectors by default.
To run only selected detectors, use --detect detector1,detector2
. For example:
slither file.sol --detect arbitrary-send,pragma
To exclude detectors, use --exclude detector1,detector2
. For example:
slither file.sol --exclude naming-convention,unused-state,suicidal
To exclude detectors with an informational or low severity, use --exclude-informational
or --exclude-low
.
--list-detectors
lists available detectors.
By default, no printers are run.
To run selected printers, use --print printer1,printer2
. For example:
slither file.sol --print inheritance-graph
--list-printers
lists available printers.
--filter-paths path1
will exclude all the results that are only related to path1
. The path specified can be a path directory or a filename. Direct string comparison and Python regular expression are used.
Examples:
slither . --filter-paths "openzepellin"
Filter all the results only related to openzepellin.
slither . --filter-paths "Migrations.sol|ConvertLib.sol"
Filter all the results only related to the file SafeMath.sol
or ConvertLib.sol
.
Slither offers two ways to remove results:
- By adding
//slither-disable-next-line DETECTOR_NAME
before the issue - By adding
// slither-disable-start [detector] ... // slither-disable-end [detector]
around the code to disable the detector on a large section - By adding
@custom:security non-reentrant
before the variable declaration will indicate to Slither that the external calls from this variable are non-reentrant - By running the triage mode (see below)
--triage-mode
runs Slither in its triage mode. For every finding, Slither will ask if the result should be shown for the next run. Results are saved in slither.db.json
.
Examples:
slither . --triage-mode
[...]
0: C.destination (test.sol#3) is never initialized. It is used in:
- f (test.sol#5-7)
Reference: https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#uninitialized-state-variables
Results to hide during next runs: "0,1,..." or "All" (enter to not hide results): 0
[...]
The second run of Slither will hide the above result.
To show the hidden results again, delete slither.db.json
.
Some options can be set through a json configuration file. By default, slither.config.json
is used if present (it can be changed through --config-file file.config.json
).
Options passed via the CLI have priority over options set in the configuration file.
The following flags are supported:
{
"detectors_to_run": "all",
"printers_to_run": None,
"detectors_to_exclude": None,
"detectors_to_include": None,
"exclude_dependencies": False,
"exclude_informational": False,
"exclude_optimization": False,
"exclude_low": False,
"exclude_medium": False,
"exclude_high": False,
"fail_on": FailOnLevel.PEDANTIC,
"json": None,
"sarif": None,
"disable_color": False,
"filter_paths": None,
"include_paths": None,
"generate_patches": False,
"skip_assembly": False,
"legacy_ast": False,
"zip": None,
"zip_type": "lzma",
"show_ignored_findings": False,
"sarif_input": "export.sarif",
"sarif_triage": "export.sarif.sarifexplorer",
"triage_database": "slither.db.json",
# codex
"codex": False,
"codex_contracts": "all",
"codex_model": "text-davinci-003",
"codex_temperature": 0,
"codex_max_tokens": 300,
"codex_log": False,
}
For flags related to the compilation, see the crytic-compile
configuration
- Remix: https://remix-ide.readthedocs.io/fr/latest/slither.html
- Sarif viewer: https://marketplace.visualstudio.com/items?itemName=MS-SarifVSCode.sarif-viewer (use slither's sarif export)