Best Solidity Smart Contract Audit Tools

Every year, the technology of using smart contracts attracts more and more attention from users due to its unique advantages: the automatic execution of transactions in a traceable and immutable way without authorization by a third party.

At the same time, a smart contract is one of the most vulnerable elements in distributed ledger systems that intruders can attack. Analyzing smart contracts, many teams use a range of tools and techniques to improve smart contract security and ensure the health of all systems.

Solidity Vulnerabilities in Smart Contracts

Security researchers and verifier developers need a tool to explore the working Ethereum smart contracts and networks. Building a database with information and statistics on contracts can solve this problem. Such a database can store function prototypes, storage sizes, checking results by the most popular verifiers, branching complexity, error statistics: calls that led to gas overruns, and transaction rollbacks. Calls of all contracts are stored in the blockchain, so this information is available to everyone but is not described anywhere.

Thanks to the creation of an application for collecting statistics on contracts and the timely transmission of information about vulnerabilities through the Ethereum Bounty Program, it is possible to achieve minimal losses from users and owners of distributed applications. There are no rewards for contract vulnerabilities under this program, but assistance will be provided in communicating information to developers.

Top 6 Solidity Security Analysis Tools in 2022

There are many auditing tools, but there is no complete database for all blockchain contracts, and analyzing even one contract can take a significant amount of time.

1) Mythril Classic

Mythril Classic is an open-source analysis tool for contract security. Symbolic execution is used for analysis. Can explore both by source code and contracts in the blockchain by their address. Checks contracts for the following types of vulnerabilities:

• Integer Overflow/Underflow;
• Reentrancy;
• Delegatecall to Untrusted Callee;
• Unprotected SELFDESTRUCT Instruction;
• Authorization through tx.origin;
• Assert Violation.

2) MAIAN

MAIAN is an open source tool for analyzing three types of vulnerabilities:

1. Prodigal contracts (“wasteful” contracts, i.e., they can send tokens to anyone);
2. Suicidal contracts (any user can call “suicidal” contracts, i.e., the contract destructor);
3. Greedy contracts (“greedy” contracts, i.e., no one can withdraw tokens). It can also analyze both based on source code and contract address.

3) Manticore

Manticore is a tool for symbolic execution of Ethereum contracts and Linux-ELF executables. Checks contracts for the following types of vulnerabilities:

• Integer Overflow/Underflow;
• Reentrancy;
• Delegatecall to Untrusted Callee;
• Unprotected SELFDESTRUCT Instruction;
• Uninitialized Storage Pointer;
• Use of Deprecated Solidity Functions.

4) Securify

Securify is a web service for smart contract state analysis. The analysis is performed only on the source code. Contains brief statistics on the analyzed contracts. As of mid-December 2018, 31,649 contracts have been analyzed from over a million blockchain contracts.

Securify assesses the security risks of hundreds of smart contracts. This can occur automatically or with additional manual verification of unique features. The solution uses a large database of vulnerabilities and a pattern matching engine to reliably identify the features and risks of smart contracts, standardize and evaluate them, propose vulnerability fixes, and generate detailed reports. As a result, this tool is one of the best and most progressive.

5) Oyente

Oyente is a smart contract vulnerability static analysis tool that works with opcodes through symbolic execution. Analyzes the following types of vulnerabilities:

• Integer Overflow/Underflow;
• Reentrancy;
• Timestamp Dependence;
• Transaction-Order Dependence;
• Uninitialized Storage Pointer.

6) Transaction-Order Dependence

The Ethereum network processes transactions in blocks and new blocks are confirmed every few seconds. Miners look at the transactions they have received and choose which transactions to include in a block based on who paid a high enough fee to include them. In addition, when transactions are sent to the Ethereum network, they are sent to each node for processing.

This way, the person who runs an Ethereum node can tell what transactions will happen before they are completed. Transaction-Order Dependence occurs when code depends on the order of transactions.

The 4 Types of Smart Contract Vulnerabilities

An audit helps to find critical and more common errors in smart contracts. For example, problems with integer arithmetic, a block gas limit vulnerability when an array overflows, missing parameters or preconditions (the result of careless development), potential front-running (overtaking an unconfirmed transaction), as well as a great many logical flaws. We will give specific examples below.

Integer Overflow/Underflow

Integer Overflow/Underflow occurs when arithmetic the operation reaches the maximum or minimum size of the type. Without proper checks, getting a zero or maximum balance on the account is dangerous.

Reentrancy

Reentrancy is one of the most serious security vulnerabilities based on the largest attack ever. It consists in intercepting control when calling an external contract. In this attack, the malicious contract calls the target contract’s function again before the first function call completes.

Delegatecall to Untrusted Callee

Delegatecall is a call to the code of an external contract in the caller’s context. This can be dangerous when calling unreliable contracts or contracts passed as arguments to the call. This is because the external contract has full control over the caller’s data and can control the caller’s balance without any restrictions.

Unprotected SELFDESTRUCT Instruction

The Unprotected SELFDESTRUCT Instruction lies in the insufficient protection of the contract destructor (for example, leaving it in the public modifier), which leads to an undesirable termination of the contract. One of the most famous cases is the Parity Multi-Sig Wallet Attack.

Interaction of Smart Contracts and Blockchain Security

A blockchain is a continuous chain of records, called blocks, linked using cryptography. Blockchain is essentially a data-resistant decentralized database. A smart contract is a computer program that contains agreements between parties. The use of contracts is advantageous in situations where classical means of contract enforcement are too expensive, or the parties do not have access to a common arbitrator or legal system. The main principle of a smart contract is the full automation and reliability of the execution of contractual relations.

Conclusion

Every day, smart contracts are becoming increasingly popular, allowing you to automate many key tasks in different industries. In addition, security audits are also very popular with attackers trying to identify a vulnerability in the code of smart contracts and, having exploited it, gain access to financial assets.

At the moment, there are a large number of static and dynamic analysis tools, which are based on different methods for finding and identifying vulnerable structures. This provides a wide range of services for security professionals and audit companies, whose contribution to secure smart contracts is very high, especially in the field of blockchain.

FAQ