Slitherin Timeline 2.0

Greetings, dear readers! Today we’ll look at the significant news and updates pertaining to our Slitherin project in this article. We at Pessimistic assure you that it will be fascinating — Slitherin, our own set of custom detectors for Slithergot another awesome update!

We’ve applied some significant updates during this time, and we appreciate all of your love and attention. Please let us know if you have discovered an issue/bug/vulnerability via our custom Slither detectors. You may contact us via opening a PR/Issue or directly, whichever is more convenient for you!

You can now install a fresh package: pypi.org/project/slitherin!

If you have any further questions or suggestions, please join our Discord Server or Telegram chat. We hope to see you there, and we intend to support the community and its initiatives.

Thank you, let’s get it started!


I — Slitherin Major Updates

In recent months we at Pessimistic have been actively developing our own Slither detectors to help with code review and audit process. More recently, we have released several new detectors and we encourage you to use them for your initial internal audit!

Reworks and additions

  1. pess-uni-v2 detector: Added a check of functions where path parameter is set through an external invocation. Thx @idrocortisone;

  2. pess-readonly-reentrancy detector: Added a check of potential vulnerabilities through interfaces. Thx @Yhtiyar;

  3. pess-dubious-typecast detector: Complete rework. Looks for typecasts that can break contract logic. Thx @Yhtiyar.

Crucial Fixes

  1. All Slitherin detectors work correctly when installed as a Python package;

  2. pess-double-entry-token detector: Fixed paths to utils files and fixed usage through a Python package;

  3. pess-nft-approve-warning detector: Fixed running on contracts with immutable types. Thx name less!


II — Slitherin Minor Updates and Optimization

Minor Fixes

  1. OZ dependencies updated to the newest versions;

  2. pess-for-continue-increment detector: Updated the version to run all tests simultaneously.

Optimization

  1. pess-strange-setter detector: Should produce less FP;

  2. pess-unprotected-setter detector: Ignores interfaces. Thx @Yhtiyar;

  3. pess-unprotected-initialize detector: Ignores interfaces. Thx @Yhtiyar


III — Other Updates

  1. Readonly-reentrancy now checks for potential vulnerabilities through interfaces;

  2. Don’t forget to pull the changes: github.com/pessimistic-io/slitherin;

  3. You can now install a fresh package: pypi.org/project/slitherin;

  4. Optimizations to our detectors are coming soon. Much thanks to Idrocortisone and his own tool which helps us to check the FP rate!

  5. More detectors to be released soon as well!

Stay tuned!


If you have any further questions or suggestions, please join our Discord Server or Telegram chat! We hope to see you there, and we intend to support the community and its initiatives!

Several audits have been completed successfully! By the way, here are some vacant slots now so if your project needs an audit — feel free to write to us, visit our public reports page here!

Our Pessimistic team would also like to express our deepest gratitude to the Slither tool creators: Josselin Feist, Gustavo Grieco, and Alex Groce, as well as CryticTrail of Bits’ blockchain security division, and all the people who believe in the original tool and its evolution:

We at pessimistic.io sincerely hope you find our work useful and appreciate any feedback, so please do not hesitate to contact us! The best answers and questions may be included in the next blog post. We hope that this article was informative and useful for you!


Support is very important to me, with it I can do what I love — educating users!

If you want to support my work, please, consider donating me:

Stay safe!

Subscribe to Officer's Blog
Receive the latest updates directly to your inbox.
Mint this entry as an NFT to add it to your collection.
Verification
This entry has been permanently stored onchain and signed by its creator.