Skip to main content

Per-entry-point navigable call-graph visualizations of Solidity repositories, for Web3 security auditors.

Project description

SolFlow (Solidity Flow Navigator)

CI

Read a contract the way it executes, not the way its files are organized.

SolFlow compiles a Solidity repository, extracts call-graph facts with Slither, and serves one interactive call-flow visualization per external entry point. Every panel shows the function's real source. Built for smart contract auditing.

SolFlow navigating Morpho Blue: the entry-point index, the fully expanded liquidate flow, and the same flow zoomed to source level

SolFlow on Morpho Blue: the entry-point index, the fully expanded liquidate flow, and the same flow zoomed to source level. Pausable stills are under Screenshots.

Why

The first job in any audit is reconstructing what actually happens when someone calls an entry point. The answer is scattered across base contracts, libraries, and modifiers in a dozen files. SolFlow lays it out as a graph you can read:

  • One Flow per entry point. The index lists every externally callable function, grouped by contract and split into mutating vs read-only, with modifier badges, call-tree depth, and unresolved-target counts per entry: the whole audit surface on one page.
  • Real source, not boxes. Every node renders the target function's actual code, syntax-highlighted and line-numbered. Click a call site and the callee expands beside it, the edge anchored to the exact line that makes the call.
  • It never silently lies. When a call target can't be resolved statically (an interface with no bound implementation, addr.call(...), computed-target Yul), the node is explicitly marked unresolved, with the reason. No guessing, no silent omissions.
  • Local and private. Analysis runs entirely on your machine and the server binds only to 127.0.0.1. Audit code is never uploaded anywhere.

SolFlow is not a vulnerability scanner. It emits no findings and makes no security claims. It shows you the code's shape so you can find the problems faster.

Install

Requires Python 3.11+ and a solc matching your target, via solc-select (Slither needs it to compile):

pipx install solflow
pipx install solc-select
solc-select install <version> && solc-select use <version>

For the latest development version instead: pipx install git+https://github.com/norah1499/solidity-flow-navigator.

To uninstall: pipx uninstall solflow removes the tool and all its bundled dependencies; SolFlow writes nothing outside its own install directory, so nothing else is left behind. solc-select and its downloaded compilers are a separate install, removable with pipx uninstall solc-select.

Use

solflow path/to/your/solidity/project

Point it at the repository root, where Slither can resolve dependencies. SolFlow compiles the project, binds 127.0.0.1:8080 (or the next free port), and prints the URL.

Compilation goes through crytic-compile, so any build system it detects should work (Foundry, Hardhat, Truffle, Brownie, plain solc); Foundry projects are what SolFlow is tested against. If compilation fails, SolFlow prints the compiler error verbatim and exits without producing anything. No partial Flows, by design: a half-compiled picture would silently mislead. The usual fix is matching the project's pragma with solc-select use <version>.

Useful flags (run solflow --help for the full reference, grouped into Scope, Resolution, Rendering, and Server):

Flag What it does
--expand-all Open every Flow fully expanded, for a bird's-eye view
--exclude-path GLOB, --exclude-contract PATTERN Narrow which contracts produce Flows
--inline-library NAME Recurse into a lib/<NAME>/ dependency instead of stubbing it
--port N Bind a specific port

Screenshots

Stills from the demo above (Morpho Blue)

The index lists every external entry point of the analyzed repository:

Index view listing the entry points of Morpho Blue

Opening an entry point renders its full call flow; every callee panel shows the real source:

Expanded call-flow graph of Morpho.liquidate

Zoomed view of the liquidate flow with inherited library functions

Contributing

Issues and pull requests are welcome. Before opening a PR, make sure these pass:

pytest
black --check .
ruff check

License

AGPL-3.0, and not a free choice: SolFlow builds on Slither and crytic-compile, both AGPL-3.0. If you host an instance for others, the license requires offering them the source; the index footer links back here.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

solflow-0.13.0.tar.gz (216.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

solflow-0.13.0-py3-none-any.whl (222.4 kB view details)

Uploaded Python 3

File details

Details for the file solflow-0.13.0.tar.gz.

File metadata

  • Download URL: solflow-0.13.0.tar.gz
  • Upload date:
  • Size: 216.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for solflow-0.13.0.tar.gz
Algorithm Hash digest
SHA256 afc9cab30a41bf00d1bb079ac83fbb97558f22e9e70eeb678cbf82f4ce5cfba9
MD5 864d13932a52b1e7240c94037fa6f561
BLAKE2b-256 bf2814aa6bfe10f424ca6d1c6452a91eded1c58808617d496e58ba12bf140622

See more details on using hashes here.

Provenance

The following attestation bundles were made for solflow-0.13.0.tar.gz:

Publisher: release.yml on norah1499/solidity-flow-navigator

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file solflow-0.13.0-py3-none-any.whl.

File metadata

  • Download URL: solflow-0.13.0-py3-none-any.whl
  • Upload date:
  • Size: 222.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for solflow-0.13.0-py3-none-any.whl
Algorithm Hash digest
SHA256 47b2a4ad43121a2b9a0bd345def5fc971d082eccbc4169ea0af9ac6cc5b359d6
MD5 1d4bf786311eacb571842b51696cbf1e
BLAKE2b-256 365239599ffecb6f3dacd18a5ecfe2658b32c594cd877ec49b4c0540da148232

See more details on using hashes here.

Provenance

The following attestation bundles were made for solflow-0.13.0-py3-none-any.whl:

Publisher: release.yml on norah1499/solidity-flow-navigator

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page