A powerful Solidity static analyzer that takes a bird's eye view over your smart contracts.

Twitter Website Discord

Aderyn is a Solidity Static Analyzer. It takes a bird's eye view over your smart contracts, traversing the Abstract Syntax Trees (AST) to pinpoint suspected vulnerabilities. Aderyn prints out these potential issues in an easy-to-consume markdown format.

Use Aderyn when developing or auditing Solidity smart contracts to quickly identify areas where the code may not be following best practices or has potential vulnerabilities.

• Hardhat and Foundry support
• Modular detectors
• AST Traversal
• Markdown reports

To get started using Aderyn make sure to have Rust installed on your device. For more information, refer to the official Rust documentation.

You can install Rust and Cargo by running the following command on your terminal:

curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

You can install Rust and Cargo by downloading and running rustup-init.exe.

In the command line, run:

cargo install aderyn

The root path you're running Aderyn on should be either a Foundry or compiled Hardhat project.

aderyn /path/to/your/foundry/project/root/directory/

That's it! Aderyn identifies whether the project root is a Foundry or Hardhat repo, then uses the compiled AST files to hunt for vulnerabilities.

report.md will be output in the directory in which you ran the command.

Usage: aderyn [OPTIONS] <ROOT>

Options:

• -o, --output <OUTPUT>: Desired file path for the final report (will overwrite existing one) [default: report.md]
• -s, --scope <SCOPE>: List of path strings to include, delimited by comma (no spaces). Any solidity file path not containing these strings will be ignored
• -e, --exclude <EXCLUDE>: List of path strings to exclude, delimited by comma (no spaces). Any solidity file path containing these strings will be ignored
• -n, --no-snippets: Do not include code snippets in the report (reduces report size in large repos)
• -h, --help: Print help
• -V, --version: Print version

You must provide the root directory of the repo you want to analyze. Alternatively, you can provide a single Solidity filepath (this mode requires Foundry to be installed).

Examples:

aderyn /path/to/your/foundry/project/root/directory/

Run Aderyn in the folder you're currently in:

aderyn .

Output to a different markdown file:

aderyn -o output.md .

Refine the scope to a subdirectory called /uniswap/:

aderyn . --scope uniswap

Exclude a contract called Counter.sol:

aderyn . --exclude Counter.sol

Run on a single Solidity file (requires Foundry to be installed on your machine):

aderyn src/MyContract.sol

If the <ROOT> is a directory, Aderyn automatically detects the development framework so long as it's Foundry or Hardhat.

If Foundry is detected in the project root, Aderyn will first run forge build to ensure that the contract compiles correctly and the latest artifacts are available.

If Hardhat is detected, Aderyn does not auto-compile. Make sure to run hardhat compile BEFORE running Aderyn.

If it is a Solidity file path, then Aderyn will create a temporary Foundry project, copy the contract into it, compile the contract and then analyze the AST generated by that temporary project.

Help us build Aderyn 🦜 Please see our contribution guidelines. Aderyn is an open source software licensed under the MIT License.

To build Aderyn locally, install Rust, clone this repo, and use cargo commands to build, test and run locally

This project exists thanks to all the people who contribute.

• AST Visitor code from solc-ast-rs.
• Original detectors based on 4naly3er detectors.