Table of Contents
We’re all familiar with smart contracts and how they work. In one of our previous blogs, we talked about another smart contract tool Echidna. And in this blog, we’re going to take an in-depth look at Slither and how to use it!
Introduction to Slither
Slither, a static analyzer for smart contracts security developed by Trail Of Bits and made its first public release in the year 2018.
As described by the company, Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. It enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses.
Slither provides fine-grained information about smart contract code and has the necessary flexibility to support many applications. The framework is currently used for the following:
- Automated vulnerability detection. A large variety of smart contract bugs can be detected without user intervention or additional specification effort.
- Automated optimization detection. Slither detects code optimizations that the compiler misses.
- Code understanding. Slither summarizes and displays contracts’ information to aid your study of the codebase.
- Assisted code review. A user can interact with Slither through its API.
It is the first open-source static analysis framework for Solidity. If you are a smart-contract developer, a security expert, a security audit company, or an academic researcher, then you might find Slither invaluable!
Features of Slither
Slither is fast and precise; it can find real vulnerabilities in a few seconds without user intervention. It is highly customizable and provides a set of APIs to inspect and analyze Solidity code easily. Other than these, let’s take a look at some of its other features!
- Detects vulnerable Solidity code with low false positives (see the list of trophies)
- Identifies where the error condition occurs in the source code
- Easily integrates into continuous integration and Truffle builds
- Built-in ‘printers’ quickly report crucial contract information
- Detector API to write custom analyses in Python
- Ability to analyze contracts written with Solidity >= 0.4
- Intermediate representation (SlithIR) enables simple, high-precision analyses
- Correctly parses 99.9% of all public Solidity code
- Average execution time of less than 1 second per contract
Here’s a contrast between Slither (release 0.5.0) and other open-source static analysis tools to detect vulnerabilities in Ethereum smart contracts:
Fig: Comparing Slihter to other smart contract tools
So many features! But how does it do that? Let’s find out.
How Does Slither Work?
Slither operates as the integration of Slither core and its vulnerability detection system. Not getting into much detail about what it’s made of, but here’s a diagram to give you an overview!
- It takes as initial input the Solidity Abstract Syntax Tree (AST) generated by the Solidity compiler. Slither works out of the box with the most common frameworks, including Truffle, Embark, and Dapp.
- It then generates important information, such as the contract’s inheritance graph, the control flow graph (CFG), and the list of all expressions in the contract.
- Slither then translates the code of the contract into SlithIR, an internal representation language that makes precise and accurate analyses easier to write.
- Finally, Slither runs a set of pre-defined analyses that provide enhanced information to other modules (e.g., computing data flow, protected function calls, etc.).
That’s that but how do we make it work?
Vulnerability Detection with Slither
Slither requires Python 3.6+ and solc, the Solidity compiler.
|pip install slither-analyzer|
Slither has a simple command-line interface. To run all of its detectors on a Solidity file, this is all you need: $ slither contract. sol
You can integrate Slither into your development process without any configuration. Run it on each commit to ensure that you are not adding new bugs.
Identifying Security Bugs with Slither
Slither also provides an API to inspect Solidity code via custom scripts. You can use this API to:
- Identify code that can modify a variable’s value.
- Isolate the conditional logic statements that are influenced by a particular variable’s value.
- Find other functions that are transitively reachable as a result of a call to a particular function.
Other functions/features of Slither are listed below.
1. Contract summary printer
Gives a quick summary of the contract, showing the functions and their visibility:
2. Function summary printer
Shows useful information for each function, such as the state variables read and written, or the functions called:
3. Inheritance printer
Outputs a graph highlighting the inheritance dependencies of all the contracts:
4. Authorization printer
Shows what a user with privileges can do on the contract:
Slither can find real vulnerabilities in a few seconds with minimal or no user interaction. We employ it in most of our audits to strengthen security.
Slither is a versatile and flexible tool, having powerful, simple, and easy-to-follow analysis scripts, written in Python, with excellent CI compatibility.
Slither is in constant evolution. It can detect a serious WARNING relating to the Ether sending function and detects all and any pseudo-bugs. It failed only at dynamic analysis — the one it’s not supposed to do by design. Otherwise, it would lose its main advantages — predictability, usability, and simplicity.
At ImmuneBytes, we have adopted this new technology in our smart contract audits to ensure maximum efficiency and risk coverage. We leave no stone unturned in making your smart contract vulnerability-free!
Connect with the ImmuneBytes team to get audited at immunebytes.com/contact-us
ImmuneBytes is a Blockchain security auditing firm that employs the industry’s best tools and practices to provide a comprehensive smart contract audit. We have a team of robust and experienced security professionals who are adept at their niches and provide you with a quality service. We have worked on 175+ projects spread across the world on different Blockchain frameworks with some of the industry’s top firms and we continue to unfold the decentralized movement.
We are also providing consultancy, coming up with a bug bounty platform, and also an insurance product to provide our clients with a hassle-free security product catalog. Stay tuned.