Smart contract security scanner — Slither + ML exploitability prediction
Project description
ChainAudit
Smart contract security scanner powered by Slither + ML exploitability prediction.
Install
Mac / Linux / Ubuntu
pip install chainaudit
pip install slither-analyzer
pip install solc-select
solc-select install 0.8.24
solc-select use 0.8.24
Windows
Requires Python 3.12. Download from python.org — check "Add Python to PATH" during install. Python 3.13 not yet supported on Windows.
pip install chainaudit
pip install slither-analyzer
pip install solc-select
solc-select install 0.8.24
solc-select use 0.8.24
If on a college/office network, use mobile hotspot for installation.
Usage
chainaudit scan contract.sol # single file
chainaudit scan ./contracts --recursive # directory
chainaudit scan contracts.zip # zip archive
chainaudit scan contract.sol --json # JSON output
chainaudit scan contract.sol --ml-only # skip simulation
chainaudit --version # show version
Exit code 1 if CRITICAL vulnerabilities found — blocks deployments in CI.
GitHub Action
- uses: aizen299/smart-contract-auditor@v1
with:
target: contracts/
fail-on-critical: true
What It Detects
EVM (Ethereum, Polygon, BNB Chain...)
| Severity | Examples |
|---|---|
| CRITICAL | Reentrancy, Controlled Delegatecall |
| HIGH | Unchecked Token Transfer, Weak Randomness, tx.origin Auth |
| MEDIUM | Timestamp Dependence, Unchecked Send |
| LOW | Missing Zero Check, Missing Events |
L2 / Arbitrum / Optimism — auto-detected
| Severity | Examples |
|---|---|
| CRITICAL | Cross-Chain Replay Attack, Bridge Reentrancy |
| HIGH | L2 Block Number Assumption, Sequencer Dependence, Address Aliasing |
| MEDIUM | Force-Include Griefing, Gas Price Assumption |
L2 rules activate automatically when the scanner detects Arbitrum/Optimism identifiers (ArbSys, xDomainMessageSender etc.) in the contract source.
ML Predictions
Each finding includes an ML-predicted exploitability score trained on the SmartBugs dataset (143 contracts, 88% accuracy).
{
"title": "Reentrancy",
"severity": "CRITICAL",
"ml_exploitability": "CRITICAL",
"ml_confidence": 0.96
}
Links
- GitHub: aizen299/smart-contract-auditor
- Web app: chainaudit.vercel.app
- Issues: GitHub Issues
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file chainaudit-1.0.8.tar.gz.
File metadata
- Download URL: chainaudit-1.0.8.tar.gz
- Upload date:
- Size: 23.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e55bfbae84669d9dc646eb9b8857197a848a891b8ed7236d0a1b5618730b7fd5
|
|
| MD5 |
bcea0129d92e410719f3852f9e62a8bc
|
|
| BLAKE2b-256 |
21b93905860bb4548b8b999695e8449bd7a5cfd5b72fa879ae4bb003c8adfc0d
|
File details
Details for the file chainaudit-1.0.8-py3-none-any.whl.
File metadata
- Download URL: chainaudit-1.0.8-py3-none-any.whl
- Upload date:
- Size: 18.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ec8ef3a9e8f999c44429cc0c7d20d45dbe30baf0ae896d56a1c7de28e5264947
|
|
| MD5 |
dd76d4b677204a838f40376349254bd6
|
|
| BLAKE2b-256 |
59a1ba8f8bb98aa1c46542d7cfa2933dafcfcc6fcb51099bf1280e8ad9d96ad6
|
