Greetings, dear readers! Today we’ll look at the significant news and updates pertaining to our Slitherin project in this article. We at Pessimistic assure you that it will be fascinating — Slitherin, our own set of custom detectors for Slither, got another awesome update!
We’ve applied some significant updates during this time, and we appreciate all of your love and attention. Please let us know if you have discovered an issue/bug/vulnerability via our custom Slither detectors. You may contact us via opening a PR/Issue or directly, whichever is more convenient for you!
You can now install a fresh package: pypi.org/project/slitherin!
Thank you, let’s get it started!
In recent months we at Pessimistic have been actively developing our own Slither detectors to help with code review and audit process. More recently, we have released several new detectors and we encourage you to use them for your initial internal audit!
pess-uni-v2 detector: Added a check of functions where
path parameter is set through an external invocation. Thx @idrocortisone;
pess-readonly-reentrancy detector: Added a check of potential vulnerabilities through interfaces. Thx @Yhtiyar;
pess-dubious-typecast detector: Complete rework. Looks for typecasts that can break contract logic. Thx @Yhtiyar.
pess-double-entry-token detector: Fixed paths to utils files and fixed usage through a Python package;
pess-nft-approve-warning detector: Fixed running on contracts with immutable types. Thx name less!
OZ dependencies updated to the newest versions;
pess-for-continue-increment detector: Updated the version to run all tests simultaneously.
pess-strange-setter detector: Should produce less FP;
pess-unprotected-setter detector: Ignores interfaces. Thx @Yhtiyar;
pess-unprotected-initialize detector: Ignores interfaces. Thx @Yhtiyar
Readonly-reentrancy now checks for potential vulnerabilities through interfaces;
Don’t forget to pull the changes: github.com/pessimistic-io/slitherin;
You can now install a fresh package: pypi.org/project/slitherin;
Optimizations to our detectors are coming soon. Much thanks to Idrocortisone and his own tool which helps us to check the FP rate!
More detectors to be released soon as well!
Our Pessimistic team would also like to express our deepest gratitude to the Slither tool creators: Josselin Feist, Gustavo Grieco, and Alex Groce, as well as Crytic, Trail of Bits’ blockchain security division, and all the people who believe in the original tool and its evolution:
We at pessimistic.io sincerely hope you find our work useful and appreciate any feedback, so please do not hesitate to contact us! The best answers and questions may be included in the next blog post. We hope that this article was informative and useful for you!
Support is very important to me, with it I can do what I love — educating users!
If you want to support my work, please, consider donating me:
4AhpUrDtfVSWZMJcRMJkZoPwDSdVG6puYBE3ajQABQo6T533cVvx5vJRc5fX7sktJe67mXu1CcDmr7orn1CrGrqsT3ptfds — Monero XMR