Running static analyzers Automated tools such as linters or static analyzers help investigate common Solidity pitfalls or missing smart contract best-practices
- Tools such as Slither and MythX perform control-flow and data-flow analyses on the smart contracts in the context of their detectors which encode common security pitfalls and best-practices.
- Evaluating their findings, which are usually available in seconds/minutes, is a good starting point to detect common vulnerabilities based on well-known constraints/properties of Solidity language, EVM or Ethereum blockchain.
- False positives are possible among some of the detector findings and need to be verified manually if they are true/false positives
- Linters, Static Analyzers
- Run in Seconds
- Common Pitfalls
- Best Practices
- Control/Data Flow
- False Positives/False Negatives
- E.g.: Slither, Maru