Solidity smart contract Static Code Analysis and common tools

Static Code Analysis commonly refers to the running of Static Code Analysis tools that attempt to highlight possible vulnerabilities within ‘static’ (non-running) source code by using techniques such as Taint Analysis and Data Flow Analysis.

Solidity smart contract Static Code Analysis and common tools
by Nikhil M posted on Fri, Dec 17, 2021 in SCAudit

Static Code Analysis

Static code analysis is a method of debugging by examining source code before a program is run. It’s done by analyzing a set of code against a set (or multiple sets) of coding rules. Static code analysis and static analysis are often used interchangeably, along with source code analysis.

Static Analysis vs Dynamic Analysis

So, what’s the difference between static analysis and dynamic analysis?

Both types detect defects. The big difference is where they find defects in the development lifecycle. Static analysis identifies defects before you run a program (e.g., between coding and unit testing).

Dynamic code analysis identifies defects after you run a program (e.g., during unit testing). However, some coding errors might not surface during unit testing. So, there are defects that dynamic testing might miss that static code analysis can find.

List of Static and Dynamic Analysis tools

  • Mythril: Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains.
  • Echidna: Echidna is a weird creature that eats bugs and is highly electrosensitive (with apologies to Jacob Stanley)
  • MythX™: With MythX, you get increased scalability and performance, continual improvements to our security analysis engines, and higher vulnerability detection than locally-run security tools.
  • Slither: Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses.
  • Octopus: Security Analysis tool for WebAssembly module (wasm) and Blockchain Smart Contracts (BTC/ETH/NEO/EOS)

Weakness OSS Classifcation & Test Cases

  • SWC-registry: SWC definitions and a large repository of crafted and real-world samples of vulnerable smart contracts.

Further reading