Skip to content

Commit

Permalink
Updated readme w/@moodmosaic (#16)
Browse files Browse the repository at this point in the history
  • Loading branch information
@faculerena
faculerena authored Jul 8, 2024
1 parent 3470eb4 commit b1a14f9
Showing 1 changed file with 16 additions and 16 deletions.
32 changes: 16 additions & 16 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ This tool will help developers write secure and more robust smart contracts.
## Install

```shell
pip install git+https://github.com/xlittlerag/tree-sitter-clarity
pip install git+https://github.com/xlittlerag/tree-sitter-clarity@6eb27feb
pip install stacy-analyzer
```

Expand All @@ -21,21 +21,21 @@ pip install stacy-analyzer

Severities are based on worst case scenarios and the detector's finding may vary depending on the context.

| Detector ID | What it Detects | Test Cases | Severity |
| ------------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- |
| [assert-block-height](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/1-assert-block-height.md) | Usage of `block-height` as time tracker. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/assert_block_height) | Critical |
| [call-inside-as-contract](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/2-call-inside-as-contract.md) | Calling another contract losing the first contract's context. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/call_inside_as_contract) | Critical |
| [divide-before-multiply](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/3-divide-before-multiply.md) | Performing a division operation before a multiplication, leading to loss of precision. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/divide_before_multiply) | Critical |
| [private-function-not-used](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/4-private-function-not-used.md) | Dead code(private functions) inside the smart contract. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/private_function_not_used) | Enhancement |
| [todo-comment](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/5-todo-comment.md) | TODO comments left in the smart contract. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/todo_comment) | Enhancement |
| [tx-sender-in-assert](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/5-tx-sender-in-assert.md) | Usage of tx-sender in assert is truly intended. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/tx_sender_in_assert) | High |
| [unwrap-panic-usage](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/6-unwrap-panic-usage.md) | Inappropriate usage of the `unwrap-panic` method, causing unexpected program crashes. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/unwrap_panic_usage) | Enhancement |
| [unused-arguments](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/10-unused-arguments.md) | Arguments passed but not used. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/unused_arguments) | Enhancement |
| [unused-let-variables](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/11-unused-let-variables.md) | Local variables declared but not used. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/unused_let_variables) | Enhancement |
| [updated-functions](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/9-updated-functions.md) | Old functions. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/updated_functions) | Enhancement |
| [var-could-be-constant](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/7-var-could-be-constant.md) | Code that does not change and could be re-define. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/var_could_be_constant) | Enhancement |

## Contribution guildelines
| Detector ID | What it Detects | Test Cases | Severity |
|--------------------------------------------------------------------------------------------------------------------------------| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- |
| [assert-block-height](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/1-assert-block-height.md) | Usage of `block-height` as time tracker. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/assert_block_height) | Critical |
| [call-inside-as-contract](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/2-call-inside-as-contract.md) | Calling another contract losing the first contract's context. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/call_inside_as_contract) | Critical |
| [divide-before-multiply](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/3-divide-before-multiply.md) | Performing a division operation before a multiplication, leading to loss of precision. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/divide_before_multiply) | Critical |
| [private-function-not-used](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/4-private-function-not-used.md) | Dead code(private functions) inside the smart contract. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/private_function_not_used) | Enhancement |
| [todo-comment](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/5-todo-comment.md) | TODO comments left in the smart contract. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/todo_comment) | Enhancement |
| [tx-sender-in-assert](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/6-tx-sender-in-assert.md) | Usage of tx-sender in assert is truly intended. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/tx_sender_in_assert) | High |
| [unwrap-panic-usage](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/7-unwrap-panic-usage.md) | Inappropriate usage of the `unwrap-panic` method, causing unexpected program crashes. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/unwrap_panic_usage) | Enhancement |
| [var-could-be-constant](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/8-var-could-be-constant.md) | Code that does not change and could be re-define. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/var_could_be_constant) | Enhancement |
| [updated-functions](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/9-updated-functions.md) | Old functions. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/updated_functions) | Enhancement |
| [unused-arguments](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/10-unused-arguments.md) | Arguments passed but not used. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/unused_arguments) | Enhancement |
| [unused-let-variables](https://github.com/CoinFabrik/stacy/blob/main/docs/vulnerabilities/11-unused-let-variables.md) | Local variables declared but not used. | [1](https://github.com/CoinFabrik/stacy/tree/main/tests/unused_let_variables) | Enhancement |

## Contribution guidelines

You can find our contribution guidelines [here](https://github.com/CoinFabrik/stacy/tree/main/docs/contribution_guidelines/contribute.md)

Expand Down

0 comments on commit b1a14f9

Please sign in to comment.