Home

Awesome

securify

Securify v2.0

Securify 2.0 is a security scanner for Ethereum smart contracts supported by the Ethereum Foundation and ChainSecurity. The core research behind Securify was conducted at the Secure, Reliable, and Intelligent Systems Lab at ETH Zurich.

It is the successor of the popular Securify security scanner (you can find the old version here).

Features

Docker

To build the container:

sudo docker build -t securify .

To run the container:

sudo docker run -it -v <contract-dir-full-path>:/share securify /share/<contract>.sol

Note: to run the code via Docker with a Solidity version that is different than 0.5.12, you will need to modify the variable ARG SOLC=0.5.12 at the top of the Dockerfile to point to your version. After building with the correct version, you should not run into errors.

Install

Prerequisites

The following instructions assume that a Python is already installed. In addition to that, Securify requires solc, souffle and graphviz to be installed on the system:

Solc

sudo add-apt-repository ppa:ethereum/ethereum
sudo apt-get update
sudo apt-get install solc

Souffle

Follow the instructions here: https://souffle-lang.github.io/download.html

Please do not opt for the unstable version since it might break at any point.

Graphviz / Dot

sudo apt install graphviz

Setting up the virtual environment

After the prerequisites have been installed, we can set up the python virtual environment from which we will run the scripts in this project.

In the project's root folder, execute the following commands to set up and activate the virtual environment:

virtualenv --python=/usr/bin/python3.7 venv
source venv/bin/activate

Verify that the python version is actually 3.7:

python --version

Set LD_LIBRARY_PATH:

cd <securify_root>/securify/staticanalysis/libfunctors
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:`pwd`

Finally, install the project's dependencies by running the following commands from the <securify_root> folder:

pip install --upgrade pip
pip install -r requirements.txt
pip install -e .

Now you're ready to start using the securify framework.

Remember: Before executing the framework's scripts, you'll need to activate the virtual environment with the following command:

source venv/bin/activate

Usage

Analyzing a contract

Currently Securify2 supports only flat contracts, i.e., contracts that do not contain import statements.

To analyze a local contract simply run:

securify <contract_source>.sol [--use-patterns Pattern1 Pattern2 ...]

Or download it from the Blockchain using the Etherscan.io API:

securify <contract_address> --from-blockchain [--key <key-file>]

Notice that you need an API-key from Etherscan.io to use this functionality.

To analyze a contract against specific severity levels run:

securify <contract_source>.sol [--include-severity Severity1 Severity2]
securify <contract_source>.sol [--exclude-severity Severity1 Severity2]

To get all the available patterns run:

securify --list

Supported vulnerabilities

IDPattern nameSeveritySlither IDSWC IDComments
1TODAmountCritical-SWC-114
2TODReceiverCritical-SWC-114
3TODTransferCritical-SWC-114
4UnrestrictedWriteCritical-SWC-124
5RightToLeftOverrideHighrtloSWC-130
6ShadowedStateVariableHighshadowing-state, shadowing-abstractSWC-119
7UnrestrictedSelfdestructHighsuicidalSWC-106
8UninitializedStateVariableHighuninitialized-stateSWC-109
9UninitializedStorageHighuninitialized-storageSWC-109
10UnrestrictedDelegateCallHighcontrolled-delegatecallSWC-112
11DAOHighreentrancy-ethSWC-107
12ERC20InterfaceMediumerc20-interface-
13ERC721InterfaceMediumerc721-interface-
14IncorrectEqualityMediumincorrect-equalitySWC-132
15LockedEtherMediumlocked-ether-
16ReentrancyNoETHMediumreentrancy-no-ethSWC-107
17TxOriginMediumtx-originSWC-115
18UnhandledExceptionMediumunchecked-lowlevel-
19UnrestrictedEtherFlowMediumunchecked-sendSWC-105
20UninitializedLocalMediumuninitialized-localSWC-109
21UnusedReturnMediumunused-returnSWC-104
22ShadowedBuiltinLowshadowing-builtin-
23ShadowedLocalVariableLowshadowing-local-
24CallToDefaultConstructor?Lowvoid-cst-
25CallInLoopLowcalls-loopSWC-104
26ReentrancyBenignLowreentrancy-benignSWC-107
27TimestampLowtimestampSWC-116
28AssemblyUsageInfoassembly-
29ERC20IndexedInfoerc20-indexed-
30LowLevelCallsInfolow-level-calls-
31NamingConventionInfonaming-convention-
32SolcVersionInfosolc-versionSWC-103
33UnusedStateVariableInfounused-state-
34TooManyDigitsInfotoo-many-digits-
35ConstableStatesInfoconstable-states-
36ExternalFunctionsInfoexternal-function-
37StateVariablesDefaultVisibilityInfo-SWC-108

The following Slither patterns are not checked by Securify since they are checked by the Solidity compiler (ver. 0.5.8):

The following SWC vulnerabilities do not apply to Solidity contracts with pragma >=5.8 and are therefore not checked by Securify: