Akropolis Delphi package provides abilities to run security tools upon its code for continuous development. Tools included:
Before launching any of the utilities, verify that you have installed all dependencies for the project:
npm installThe project includes script for flattening Delphi smart contracts. Script is built with the usage of Brownie framework APIs.
Run:
npm run sec:flattenVerify, that flattened files has appeared in the the flattened directory.
The first step is to install Slither (if it is not installed yet). Full recommendations for installation can be found on Slither's GitHub.
Dependency: python3 version 3.6 or greater, python3-dev.
To install the tool run the command:
pip3 install slither-analyzer- Flatten necessary contracts:
npm run sec:flatten- Run script for Slither launching:
npm run sec:slitherDetectors' settings can be corrected in Slither's config file
Test contracts for Echidna with defined properties to be tested are located in contracts/test/echidna directory. Configuration file contains necessary settings.
To start the analysis you need to load echidna binary file in the root directory of the project: Run the script:
npm run sec:load-echidnaAlso, be awared, that Echidna requires Slither to be installed as well. The main restirction: Echidna does not work correctly on Windows.
- Flatten necessary echidna contracts:
npm run sec:flatten-echidna- Compile all contracts:
npm run compile- Run the analyzer:
npm run sec:echidnaInstall Manticore:
pip3 install "manticore[native]"
- Flatten necessary contracts:
npm run sec:flatten- Compile the flattened files:
npx truffle compile- Run the analyzer
manticore flattened/VaultSavings.sol --contract VaultSavings