v0.6.13

0.6.13 - 2020-09-08

This releases improves support for Solidity 0.6, adds partial support for YUL, and fixes many bugs. Internally, we improved the parsing architecture, easing the addition of a new parser and added type annotations. Additionally, slither now runs GitHub super-linter, and the regression tests were improved (see the new CONTRIBUTING.md guidelines).

We also want to thanks our contributors for reporting issues, and helping to improve Slither:

• @elenadimitrova
• @elopez
• @priyankabose
• @Pet3ris

If you want access to additional detectors, try Crytic. It now has 96 detectors, including 2 YUL specific detectors.

Added

• Add partial, experimental YUL support (#502, #575, #617). YUL AST is parsed and converted into slithIR. Raw memory access are not supported. Solidity 0.6 is required to enable YUL support.
• Improve 0.6 support:
  • Add support for C{value:1} syntax (#498)
  • Add support for top level structures and enums (#499, #522)
• Add support for type(I).interfaceId (#497)
• List external publications (#512)
• Github super linter, and lgtm (#614, #620, #626)
• Added new tool: slither-mutator. PoC of fault injection based on Using Fault Injection to Assess Blockchain Systems in Presence of Faulty Smart Contracts

Internal

• Add type annotations (#514)
• Add storage layout information (#507, #540)
• Add --disallow-partial flag (#560). This hidden flag will prevent Slither from catching exceptions, and simplify debugging
• Add support for function pointers in the RETURN operator (#601)

Changed

• Copy editing on detectors (#572)
• Use crytic-compile@0.1.9
• Improve human-summary printer (#477, #478)
• Improve dupplicate name report (#489)
• slither-flat: Improve utf8 support and mapping/array lookup (#494)
• Filter contract to contract_declarer in call graph printer (#491)
• Several improvements in slither-flat, including new strategies, json/zip export (#496). Read the new documentation.
• Add check on public state variables in slither-erc (#528)
• suicidal detector: add detection on external functions (#527)
• Add padding to function id printer (#546)
• Update the recommended Solidity version in the solc-version detector (#577). This might result in disabling triaged solc-version results with Slither < 0.6.13

Internal

• Change the parsing architecture: parser objects are separate objects and do not inherit from the core. This will ease the creation of new parsers (#514)
• Improve support for tuple (#536, #539, #541, #548, #563, #564, #576)
• Improve abi.decode support (#475, #548, #551, #567, #598)
• Temporary array slice support (#550)
• Allow converting library to address (#561)
• Allow total ordering on Constant (#565)
• Improve fixpoint on are_variables_written (#480)
• Improve support for type() (#569)
• Increase the default python stack depth limit (#599)
• Refactor regression tests (#610)

Fixed

• Fix incorrect sons information on loop (#524)
• Fix numpy error on slither-simil (#484)
• Fix infinite loop on try statements (#535)
• Fix incorrect parsing in case of variables name reused (#538)
• Linting issue (#555)
• Issues on this. usage (#600, #623)
• Out of memory on large exponent (#608)
• All pylint issues (#616)
• Incorrect support of using for on functions pointers (#624)

v0.6.12

0.6.12 - 2020-04-24

This release fixes a bug that was found in 0.6.11 preventing Slither to work on several codebases. Additional this release contains several minor fixes, and support for buidler.

We would like to thanks @elenadimitrova for quickly reporting issues #456 and #457.

Consider using crytic.io to get access to 48 additional detectors and GitHub integration.

Added

• zip export (#453)

Changed

• Use crytic-compile 0.1.8, which adds buidler support.
• Human summary printer: run the detectors only once, and add their results to the printer's json (#451)
• Echidna printer: export the constant values as string to facilitate Echidna's parsing (#454) [BREAKING CHANGE]

Fixed

• Revert the changes made in (#445) which lead to incorrectly parse functions with a contract used in a parameter (#458)
• Use Decimal instead of float to prevent loss of precision (#454)
• Echidna printer: fix incorrect support of state variable calls (#455)

v0.6.11

0.6.11 - 2020-04-17

This release introduces slither-prop, a tool that will automatically generate properties to be tested through unit tests and Echidna. In this release, slither-prop can generate 18 tests for ERC20 contracts; More tests, and support for other ERCs are planned. Additionally, the support for Solidity 0.6 was improved, and the release fixes multiple minor bugs.

Consider using crytic.io to get access to additional detectors and GitHub integration.

Added

• slither-prop (#428). See its documentation.
• New Solidity call syntax support (#424)
• Number of assembly lines in the human summary printer (#438)
• --convert-private in slither-flat, allowing to change private variables to internal (#446)
• API: true/false branch for IF nodes (#433)

Changed

• Echidna printer: several new features are extracted (#431, #437).
• Reentrancy: better support of constant function called with Solidity 0.6 (#441)
• Add support for now in timestamp detector (#447)

Fixed

• Name reused (#423)
• Ternary on unary operator conversion (#439)
• Incorrect slithir_cfg_to_dot function (#432)
• Incorrect function id generated if a parameter is a contract (#445)
• slither-check-upgradeability: --list-detectors-json will use the field check instead of detector [BREAKING CHANGE] (#448)

v0.6.10

0.6.10 - 2020-03-23

This release adds 5 new detectors, improves the support of codebase with contract's name duplicate, and the support for Solidity 0.6. Additionally, several internal improvements lead existing detectors to report less false alarms. slither-check-upgradeability was refactored and it has now 17 documented upgradeability checks.

Consider using https://crytic.io/ to get access to additional detectors and GitHub integration.

Added

• 5 new detectors (#396)
  • boolean-cst
  • tautology
  • boolean-equal
  • divide-before-multiply
  • name-reused
• Codebase with contract name dupplicates will not anymore throw an error, slither will do a partial analysis and report the issue as a contract's bug (#413)
• Improve support for Solidity 0.6 (receive() and try/catch) (#415)
• New data dependencies user-API (#409)
• contract.functions_signatures_declared: return the signatures of the function declared in the contract (#391)

Changed

• Refactor slither-check-upgradeability: the checks follow the same coding pattern than the bug detectors (#410)
• Change how modifiers and constructor calls are integrated in the CFG. This removes false positives created because of unreachable nodes (#406)
• Use crytic-compile 0.1.7
• Remove false positives in uninitialized-state (#407)

Fixed

• Incorrect get_dependencies (#400, #409)
• Incorrect lvalue on Delete (#412)
• Incorrect constructor called if the contructor does not exist (#416)

v0.6.9

0.6.9 - 2019-12-20

This release fixes minor bugs and updates Slither to crytic-compile 0.1.6. Additionally, we moved from Travis CI to GitHub actions.

Thanks to our external contributors:

• @erib3
• @uivlis
• @yxliang01

Added

• --remove-assert flag to slither-flat. Use this feature to write custom properties for Echidna with assert and have them automatically removed by slither-flat when the code is deployed. (#366)

Changed

• constant-function detector is split into constant-function-asm and constant-function-state and will not raise an issue if solc >= 0.5 is used (#380)
• Use GitHub Actions instead of Travis CI (#381, #385)
• Use upper and lower bounds for the solc-version detector (#378)
• solc-version now recommends solc 0.5.11 over 0.5.3 (#390)

Fixed

• Detector ID generation leading to collisions for pragma objects (#388)
• FPs on event-based reentrancy (#377)
• Non-solidity pragma that were reported as incorrect solidity version by the pragma detector (#387)
• Incorrect field access on the contract-summary printer (#384)

v0.6.8

0.6.8 - 2019-11-22

This release introduces two new utilities: slither-check-erc to check ERC conformance, and slither-check-kspec to report the coverage of a K specification. New types of reentrancy are detected (send/transfer and event-based) and several improvements were made to slither-check-upgradeability. Internally, this release introduces a new JSON output API. All printers and most of the utilities now have JSON output.

Thanks to our external contributors:

• @yxliang01
• @enderphan94

Added

• slither-check-erc: check for conformance to the most used ERCs #350
• slither-check-kspec: report K specification coverage #364
• Each detector result has a unique ID, allowing for duplicate removal (#367)
• pop to SlithIR conversion (#359)
• New printer: evm to print the source code that matches EVM bytecode (#281)
• New reentrancy detectors: send/transfer and event-based (#375)

Changed

• The JSON output API was replaced with a simpler and standardized API (#355, #362)
• All the printers have JSON output (#356)
• slither-check-upgradeability: several improvements (#354), including:
  • Check for constant conformance
  • Remove false positive on fallback function
  • Allow the CLI to work without the proxy contract. Note: the CLI flags were changed [BREAKING CHANGE]
  • JSON output
• Contract summary printer: add upgradeability info (#369) and
  remove shadowed function (#353)
• Docker improvements (#244)
• Remove false positive on uninitialized state variable detector due to delegatecall proxy (#370)

Fixed

• slither-flat: handle cycles (#373)

v0.6.7

0.6.7 - 2019-10-04

This release introduces slither-format, a tool that automatically generates patches for discovered vulnerabilities, and slither-flat, which flattens the codebase. Thanks to crytic-compile, slither-flat enables contract flattening for nearly all available smart contract development frameworks.

If you like Slither, consider subscribing to crytic.io for access to additional private detectors and GitHub integrations. Follow @CryticCI for more information.

Added

• slither-format: automatic patch generation. Features:
  • Supports issues discovered by the unused-state, solc-version, pragma, naming-convention, external-function, constable-states, and constant-function detectors.
  • Generates git patches
  • JSON integration
• slither-flat: flatten a codebase. Features:
  • --contract contract_name: outputs only the contracts necessary to compile contract_name
  • --convert-external: converts an external function to public. This is meant to help developers use Echidna.
• Echidna printer: Displays information useful for guiding fuzzing.
• IR conversion for constant variables declaration (#333, #338)

Changed:

• Update to crytic-compile 0.1.4 (which adds support for Brownie)
• CLI: print the number of detectors run (#322)
• Dapp test: use cache to seep up travis (#339)
• External function detectors: merge shadowed functions (#334)
• Add optimization detection to human summary printer (#330)
• Silence reports about _echidna or _crytic properties in the naming convention detector (#317)

Fixed

• Incorrect parsing of infinite loops (#329)
• Incorrect inheritance order
• Incorrect abi.decode parsing (#332)

v0.6.6

0.6.6 - 2019-08-16

This release changes internal functions and how modifiers are represented, improves the JSON format, removes detectors' false positives, and fixes numerous bugs.

Thanks to our external contributors:

• @ChrisChinchilla
• @Abhimanyu121

Thanks to our users for reporting numerous bugs, in particular @elenadimitrova, @yxliang01, and @sobolev-igor.

Added

• Add exclude-dependencies flag (#269)
• Add Optimization type and --exclude-optimization flag (#265), #269)
• AragonOS detection (#276)
• New printer: constructor calls (#299)

Changed

• [Breaking change] Remove the instance sharing for functions and modifiers. Each function or modifier has now contract and contract_declarer properties, where contract points to the contract's instance and the contract declarer to the contract where the function was originally declared (#213).
• [Breaking change] Use unique JSON element per detector finding (#263)
• [Breaking change] Add type to JSON result and improve the log in console/file (#266)
• Move third parties tools to slither.tools (#313)
• Remove false positive in external function detector in case of parameter written (#257)
• Remove false positive in naming convention in case of unnamed parameters (#260)
• Remove false positive in naming convention for constructor (aec680c)
• Improve ternary operators support (#301)
• Late conversion of the subdenomination value (#305)
• Refactor reentrancy detector and add support for create-based reentrancy (#311)

Fixed

• Incorrect source mapping for if/while/for condition (#245)
• Incorrect variable order in printer (#254)
• Incorrect source mapping due to text conversion (#252)
• Incorrect type for constant with implicit conversion (#283)
• Incorrect arguments to crytic-compile (4cbe048)

Note: 0.6.5 contained a bug in the reentrancy detector. Please avoid this version since it unnecessarily reported false-positives.

v0.6.4

0.6.4 - 2019-05-14

This release brings new detectors, several bugfixes, and a new util slither-simil, to perform code similarity. Additionally, the json output was heavily improved.

This release is also the first one compatible with our new Visual Studio Code plugin, try it out!

Thanks to your external contributors, for their work and their suggestions!
@GillesdeB
@sobolev-igor
@yxliang01

Added

• New detectors:
  • ERC721 incorrect interface: erc721-interface (#215)
  • Conformance to numeric notation best practices: too-many-digits (#216)
  • Unchecked low level call: unchecked-lowlevel (#230)
  • Unchecked send: unchecked-send (#230)
• slither-simil: code similarity using machine learning (see the documentation)

Changed

• Improve unused-return results (#230)
• Improve solc-version results #240
• Update to crytic-compile version 0.1.1
• Add crytic-compile options to slither-check-upgradeability and slither-find-paths (#231)
• The json format was heavily changed. See its documentation for more details. Notable changes:
  • At the top level, the json contains information about the success of the Slither's run
  • Each element has 3 required information (type, name, source_mapping), and two optional ones: type_specific_fields and additional_fields
  • The source_mapping has not four types of filename, as well as the column information (see Source mapping documentation
• Improvement of the human summary printer: lines and contracts number, ERCs and standard libraries detection (#228)
• Improve parsing of Literals (fbd1ddb), and type propagation
• Remove FPs on the incorrect erc20 interface dettector (#215)
• Clean exception handling (#229)

Fixed

• Re-add --solc-ast flag (12cdcc2)
• Incorrect function ids printer info (#211)
• Several minor bug fixes, including incorrect type propagation if a variable is accessed through the contract's basename (6834d4c), add bytes.push() support (1d2997b)

v0.6.3

0.6.3 - 2019-04-24

This release is the first one based on crytic-compile, the library standardizes smart contracts compilation and allows Slither to work natively on new platforms. Additionally, this release brings one new detector.

Thanks to our external contributor, @shshzi, who worked on the Right-To-Left-Override character detector

For Embark users: make sure to update embark-contract-info to 1.1.0

Added

• Native support to Dapp, Etherlime, and Etherscan (see the documentation)
• New detector: Right-To-Left-Override character #201

Changed

• Json output: source mappings contain now four filenames (absolute/relative/short/used)
• The command line options now match crytic-compile options (ex: --disable-solc-warnings is renamed --solc-disable-warnings). See the crytic-compileDocumentation for more details.