v0.2.1

Installation

Install the latest version with:

cargo install sentri-cli --version 0.2.1

Or download pre-built binaries from the Assets section below.

Quick Start

# Check an EVM contract
sentri check ./contracts --chain evm

# Check a Solana program
sentri check ./programs --chain solana

# Initialize config file
sentri init

# Verify installation
sentri doctor

New in v0.2.1

• Multi-chain invariant checking: EVM, Solana, and Move support
• 22 built-in security invariants: Comprehensive checks across all chains
• Structured output: JSON and HTML report generation
• Violation suppression: Inline comments and config-level control
• Health checks: sentri doctor command for component verification
• Professional CLI: Colored output, TTY detection, responsive design
• Cross-platform binaries: Linux (glibc/musl), macOS (Intel/ARM), Windows

Verification

Verify artifact integrity:

sha256sum -c SHA256SUMS

Multi-Platform Binaries

• Linux (x86_64, glibc): Standard Linux distributions
• Linux (x86_64, musl): Alpine and other musl-based systems
• Linux (aarch64): ARM64 Linux servers
• macOS (Intel): x86_64 Mac systems
• macOS (Apple Silicon): aarch64 M1/M2/M3 Macs
• Windows (x86_64): Windows 10/11

All binaries are deterministically built and reproducible.

Sentri v0.2.0 — Anchor-Aware AST Analysis

Sentri v0.2.0 — Anchor-Aware AST Analysis

What changed

v0.1 used pattern matching against raw source text. It worked well for general vulnerability detection but had no awareness of Anchor's type system, producing false positives on correct idiomatic Anchor code.

v0.2 replaces pattern matching with real Rust AST parsing using the syn crate. Sentri now reads your code as a syntax tree, understands what each Anchor type enforces, and only fires violations where there is genuine risk.

---

False positives eliminated

Pattern	v0.1 result	v0.2 result
Signer<'info>	❌ CRITICAL false positive	✅ Correctly silent
Account<'info, T>	❌ Flagged	✅ Recognized as safe
Program<'info, T>	❌ Flagged	✅ Recognized as safe
SystemAccount<'info>	❌ Flagged	✅ Recognized as safe
AccountInfo + seeds = [...]	❌ CRITICAL false positive	✅ Correctly silent
AccountInfo + owner = ...	❌ CRITICAL false positive	✅ Correctly silent
AccountInfo + /// CHECK:	❌ CRITICAL false positive	✅ Downgraded to INFO
AccountInfo — no constraint	✅ CRITICAL	✅ Still CRITICAL

Checksums: SHA256SUMS

---

What is next — v0.3

Runtime fuzzing via embedded revm for EVM and solana-program-test for Solana. Throw randomized inputs at your programs and watch invariants break before attackers find them. This makes Sentri the only dedicated invariant fuzzer for Solana programs in existence.

Full changelog: CHANGELOG.md

## Sentri v0.2.0 — Anchor-Aware AST Analysis

What changed

v0.1 used pattern matching against raw source text. It worked well for
general vulnerability detection but had no awareness of Anchor's type
system, producing false positives on correct idiomatic Anchor code.

v0.2 replaces pattern matching with real Rust AST parsing using the
syn crate. Sentri now reads your code as a syntax tree, understands
what each Anchor type enforces, and only fires violations where there
is genuine risk.

---

False positives eliminated

Pattern	v0.1 result	v0.2 result
Signer<'info>	❌ CRITICAL false positive	✅ Correctly silent
Account<'info, T>	❌ Flagged	✅ Recognized as safe
Program<'info, T>	❌ Flagged	✅ Recognized as safe
SystemAccount<'info>	❌ Flagged	✅ Recognized as safe
AccountInfo + seeds = [...]	❌ CRITICAL false positive	✅ Correctly silent
AccountInfo + owner = ...	❌ CRITICAL false positive	✅ Correctly silent
AccountInfo + /// CHECK:	❌ CRITICAL false positive	✅ Downgraded to INFO
AccountInfo — no constraint	✅ CRITICAL	✅ Still CRITICAL

---

Still correctly flagged

• AccountInfo<'info> with no seeds, owner, address, or CHECK comment
• Integer overflow and underflow in arithmetic
• Missing PDA validation where no constraint exists
• Unchecked return values on external calls
• All 22 built-in invariant checks remain active

---

Upgrade

cargo install sentri-cli --force
sentri --version   # sentri 0.2.0

npm install -g @dextonicx/cli@latest
sentri --version   # sentri 0.2.0

---

Stats since launch

• 900+ downloads on crates.io
• Available on cargo, npm, and direct binary download
• 6 pre-built platform binaries attached to this release

---

Platform binaries

Platform	File
Linux x86_64	sentri-0.2.0-x86_64-unknown-linux-gnu.tar.gz
Linux aarch64	sentri-0.2.0-aarch64-unknown-linux-gnu.tar.gz
Linux musl	sentri-0.2.0-x86_64-unknown-linux-musl.tar.gz
macOS x86_64	sentri-0.2.0-x86_64-apple-darwin.tar.gz
macOS Apple Silicon	sentri-0.2.0-aarch64-apple-darwin.tar.gz
Windows x86_64	sentri-0.2.0-x86_64-pc-windows-msvc.zip

Checksums: SHA256SUMS

---

What is next — v0.3

Runtime fuzzing via embedded revm for EVM and solana-program-test
for Solana. Throw randomized inputs at your programs and watch invariants
break before attackers find them. This makes Sentri the only dedicated
invariant fuzzer for Solana programs in existence.

Full changelog: [CHANGELOG.md](https://github.com/geekstrancend/Sentri/blob/main/CHANGELOG.md)

v0.1.10

Installation

Install the latest version with:

cargo install sentri-cli --version 0.1.10

Or download pre-built binaries from the Assets section below.

Quick Start

# Check an EVM contract
sentri check ./contracts --chain evm

# Check a Solana program
sentri check ./programs --chain solana

# Initialize config file
sentri init

# Verify installation
sentri doctor

New in v0.1.10

• Multi-chain invariant checking: EVM, Solana, and Move support
• 22 built-in security invariants: Comprehensive checks across all chains
• Structured output: JSON and HTML report generation
• Violation suppression: Inline comments and config-level control
• Health checks: sentri doctor command for component verification
• Professional CLI: Colored output, TTY detection, responsive design
• Cross-platform binaries: Linux (glibc/musl), macOS (Intel/ARM), Windows

Verification

Verify artifact integrity:

sha256sum -c SHA256SUMS

Multi-Platform Binaries

• Linux (x86_64, glibc): Standard Linux distributions
• Linux (x86_64, musl): Alpine and other musl-based systems
• Linux (aarch64): ARM64 Linux servers
• macOS (Intel): x86_64 Mac systems
• macOS (Apple Silicon): aarch64 M1/M2/M3 Macs
• Windows (x86_64): Windows 10/11

All binaries are deterministically built and reproducible.

v0.1.7

Installation

Install the latest version with:

cargo install sentri-cli --version 0.1.7

Or download pre-built binaries from the Assets section below.

Quick Start

# Check an EVM contract
sentri check ./contracts --chain evm

# Check a Solana program
sentri check ./programs --chain solana

# Initialize config file
sentri init

# Verify installation
sentri doctor

New in v0.1.7

• Multi-chain invariant checking: EVM, Solana, and Move support
• 22 built-in security invariants: Comprehensive checks across all chains
• Structured output: JSON and HTML report generation
• Violation suppression: Inline comments and config-level control
• Health checks: sentri doctor command for component verification
• Professional CLI: Colored output, TTY detection, responsive design
• Cross-platform binaries: Linux (glibc/musl), macOS (Intel/ARM), Windows

Verification

Verify artifact integrity:

sha256sum -c SHA256SUMS

Multi-Platform Binaries

• Linux (x86_64, glibc): Standard Linux distributions
• Linux (x86_64, musl): Alpine and other musl-based systems
• Linux (aarch64): ARM64 Linux servers
• macOS (Intel): x86_64 Mac systems
• macOS (Apple Silicon): aarch64 M1/M2/M3 Macs
• Windows (x86_64): Windows 10/11

All binaries are deterministically built and reproducible.

v0.1.3

Installation

Install the latest version with:

cargo install sentri-cli --version 0.1.3

Or download pre-built binaries from the Assets section below.

Quick Start

# Check an EVM contract
sentri check ./contracts --chain evm

# Check a Solana program
sentri check ./programs --chain solana

# Initialize config file
sentri init

# Verify installation
sentri doctor

New in v0.1.3

• Multi-chain invariant checking: EVM, Solana, and Move support
• 22 built-in security invariants: Comprehensive checks across all chains
• Structured output: JSON and HTML report generation
• Violation suppression: Inline comments and config-level control
• Health checks: sentri doctor command for component verification
• Professional CLI: Colored output, TTY detection, responsive design
• Cross-platform binaries: Linux (glibc/musl), macOS (Intel/ARM), Windows

Verification

Verify artifact integrity:

sha256sum -c SHA256SUMS

Multi-Platform Binaries

• Linux (x86_64, glibc): Standard Linux distributions
• Linux (x86_64, musl): Alpine and other musl-based systems
• Linux (aarch64): ARM64 Linux servers
• macOS (Intel): x86_64 Mac systems
• macOS (Apple Silicon): aarch64 M1/M2/M3 Macs
• Windows (x86_64): Windows 10/11

All binaries are deterministically built and reproducible.