Click the Use this template button at the top of the page to
create a new repository with this repo as the initial state.
Spritz Finance contracts make use of the trailofbits/eth-security-toolbox to analyze it's contracts with the most popular eth security tools.
To download the toolbox, run docker pull trailofbits/eth-security-toolbox
The toolbox isstance can then be launched by running the command yarn toolbox or docker run -it --rm -v $PWD:/src trailofbits/eth-security-toolbox from the PWD.
Open the docker shell:
yarn toolbox
Then, run:
slither /src/contracts/ --solc-remaps @openzeppelin=/src/node_modules/@openzeppelin --exclude naming-convention,external-function,low-level-calls --filter-paths @openzeppelin
To exit:
exit
Open the docker shell:
yarn toolbox
Then, run this:
echidna-test /src/test/fuzzing/SpritzPayFuzzTest.sol --contract SpritzPayFuzzTest --config /src/test/fuzzing/config.yaml
To exit:
exit
Before being able to run any command, you need to create a .env file and set a BIP-39 compatible mnemonic as an environment
variable. You can follow the example in .env.example. If you don't already have a mnemonic, you can use this website to generate one.
Then, proceed with installing dependencies:
$ yarn installCompile the smart contracts with Hardhat:
$ yarn compileCompile the smart contracts and generate TypeChain bindings:
$ yarn typechainRun the tests with Hardhat:
$ yarn testLint the Solidity code:
$ yarn lint:solLint the TypeScript code:
$ yarn lint:tsGenerate the code coverage report:
$ yarn coverageSee the gas usage per unit test and average gas per method call:
$ REPORT_GAS=true yarn testDelete the smart contract artifacts, the coverage reports and the Hardhat cache:
$ yarn cleanDeploy the contracts to Hardhat Network:
$ yarn deploy --greeting "Bonjour, le monde!"If you use VSCode, you can get Solidity syntax highlighting with the hardhat-solidity extension.
MIT © Spritz Finance