Chainstack is the leading suite of services connecting developers with Web3 infrastructure

         

Supported protocols • Chainstack blog • Chainstack docs • Blockchain API reference • Start for free

Introduction to smart contract auditing with Foundry and Slither

This repository provides a hands-on tutorial on how to conduct a smart contract audit using Slither and Foundry. By following the steps in this guide, you will learn how to uncover potential vulnerabilities, bugs, and areas of concern within your smart contracts.

Find the full guide in the Chainstack Developer Portal:

Project Description

The purpose of this project is to introduce users through the process of auditing Ethereum smart contracts using the tools Slither and Foundry.

Slither, created by Trail of Bits, is a static analysis framework that checks for security vulnerabilities in Solidity contracts. Foundry, on the other hand, is a toolkit for building Ethereum applications, comprising of various tools that facilitate the development and testing process.

The project consists of a series of Solidity contracts located in the audit/src directory which we'll use for demonstration purposes. Alongside the contracts, you'll find a detailed guide that walks you through the process of setting up your environment, installing the necessary tools, and finally auditing the provided smart contracts.

Getting Started

Follow the instructions detailed in the guide to setup your environment and begin auditing the contracts.

• Clone this repository

git clone https://github.com/chainstacklabs/smart-contracts-audit-foundry-slither.git

• Install Slither and Foundry

pip3 install slither-analyzer

For Linux and macOS

curl -L https://foundry.paradigm.xyz | bash

Then

foundryup

• Move the terminal in audit-practice

cd audit-practice

Then

forge install

forge build

Prerequisites

• Python 3.8+
• curl