Skip to content

BeosinBlockchainSecurity/Move-Lint

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits

.vscode

.vscode

 
 

src

src

 
 

tests

tests

 
 

.gitignore

.gitignore

 
 

Cargo.lock

Cargo.lock

 
 

Cargo.toml

Cargo.toml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

Move Lint

A static detection tool for Move language. The tool takes a smart contract as input and can automatically discover potential security vulnerabilities in the contract, locate the codes which generate the vulnerabilities, and enhance the security of the contract.

The tool mainly includes two types of detection:

  1. Code conventions detection. It detects any violations of certain code conventions during the development of a smart contract. The possibility of introducing security vulnerabilities is greatly increased by inappropriate code writing.
  2. Regular security issues detection. It detects regular security issues in the contracts. Regular security issues are issues that may exist in any contract and are independent of business logic, e.g. division before multiplication.

The tool has a detection rule library, providing convenient addition and deletion interfaces. It can quickly adapt to new detection rules and improve its detection abilities as the business development of the Move smart contracts.

Development

Building

git clone https://github.com/BeosinBlockchainSecurity/Move-Lint.git
cd move-lint
cargo build --release

Help

cd target/release
./move-lint -h
USAGE:
    move-lint [OPTIONS]

OPTIONS:
    -h, --help                   Print help information
    -j, --json                   Print results as json if available
    -p, --path <PACKAGE_PATH>    Path to a package which the command should be run with respect to
    -v                           Print additional diagnostics if available
    -V, --version                Print version information

Example

./move-lint -p ../../tests/cases/Detector1
no: 1
wiki: 
title: parameter validation can be placed in the first line
verbose: Parameter validation with assertions can be placed at the beginning of functions. If failed, gas can be saved.
level: Warning
description: None
file: ./sources/Detector.move
range: (128, 129)
lines: [5]


no: 1
wiki: 
title: parameter validation can be placed in the first line
verbose: Parameter validation with assertions can be placed at the beginning of functions. If failed, gas can be saved.
level: Warning
description: None
file: ./sources/Detector.move
range: (237, 238)
lines: [9]


no: 1
wiki: 
title: parameter validation can be placed in the first line
verbose: Parameter validation with assertions can be placed at the beginning of functions. If failed, gas can be saved.
level: Warning
description: None
file: ./sources/Detector.move
range: (349, 350)
lines: [13]

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

4 stars

Watchers

0 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages