Greetings, dear readers! Today we’ll look at the significant news and updates pertaining to our Slitherin project in this article. We at Pessimistic assure you that it will be fascinating — Slitherin, our own set of custom detectors for Slither, got another awesome update!
We’ve applied some significant updates during this time, and we appreciate all of your love and attention. Please let us know if you have discovered an issue/bug/vulnerability via our custom Slither detectors. You may contact us via opening a PR/Issue or directly, whichever is more convenient for you!
You can now install a fresh package: pypi.org/project/slitherin!
If you have any further questions or suggestions, please join our Discord Server or Telegram chat. We hope to see you there, and we intend to support the community and its initiatives.
Thank you, let’s get it started!
In recent months we at Pessimistic have been actively developing our own Slither detectors to help with code review and audit process. More recently, we have released several new detectors and we encourage you to use them for your initial internal audit!
pess-uni-v2
detector: Added a check of functions where path
parameter is set through an external invocation. Thx @idrocortisone;
pess-readonly-reentrancy
detector: Added a check of potential vulnerabilities through interfaces. Thx @Yhtiyar;
pess-dubious-typecast
detector: Complete rework. Looks for typecasts that can break contract logic. Thx @Yhtiyar.
All Slitherin detectors work correctly when installed as a Python package;
pess-double-entry-token
detector: Fixed paths to utils files and fixed usage through a Python package;
pess-nft-approve-warning
detector: Fixed running on contracts with immutable types. Thx name less!
OZ dependencies updated to the newest versions;
pess-for-continue-increment
detector: Updated the version to run all tests simultaneously.
pess-strange-setter
detector: Should produce less FP;
pess-unprotected-setter
detector: Ignores interfaces. Thx @Yhtiyar;
pess-unprotected-initialize
detector: Ignores interfaces. Thx @Yhtiyar
Readonly-reentrancy now checks for potential vulnerabilities through interfaces;
Don’t forget to pull the changes: github.com/pessimistic-io/slitherin;
You can now install a fresh package: pypi.org/project/slitherin;
Optimizations to our detectors are coming soon. Much thanks to Idrocortisone and his own tool which helps us to check the FP rate!
More detectors to be released soon as well!
If you have any further questions or suggestions, please join our Discord Server or Telegram chat! We hope to see you there, and we intend to support the community and its initiatives!
Several audits have been completed successfully! By the way, here are some vacant slots now so if your project needs an audit — feel free to write to us, visit our public reports page here!
Our Pessimistic team would also like to express our deepest gratitude to the Slither tool creators: Josselin Feist, Gustavo Grieco, and Alex Groce, as well as Crytic, Trail of Bits’ blockchain security division, and all the people who believe in the original tool and its evolution:
We at pessimistic.io sincerely hope you find our work useful and appreciate any feedback, so please do not hesitate to contact us! The best answers and questions may be included in the next blog post. We hope that this article was informative and useful for you!
Support is very important to me, with it I can do what I love — educating users!
If you want to support my work, please, consider donating me:
0xB25C5E8fA1E53eEb9bE3421C59F6A66B786ED77A or officercia.eth — ETH, BSC, Polygon, Optimism, Zk, Fantom, etc
4AhpUrDtfVSWZMJcRMJkZoPwDSdVG6puYBE3ajQABQo6T533cVvx5vJRc5fX7sktJe67mXu1CcDmr7orn1CrGrqsT3ptfds — Monero XMR