Skip to content
This is an open source project for linting solidity code.
Branch: master
Clone or download
Pull request Compare This branch is 236 commits behind protofire:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Solhint Project

Build Status npm version Coverage Status

This is an open source project for linting Solidity code. This project provide both Security and Style Guide validations.


For install project you need to execute next commands

npm install -g solhint
solhint -V


For linting Solidity files you need to execute next command

solhint *.sol **/*.sol <any_other_glob_pattern>

Solhint command description

Usage: solhint [options] <file> [...other_files]

Linter for Solidity programming language


  -V, --version           output the version number
  -f, --formatter [name]  report formatter name (stylish, table, tap, unix)
  -h, --help              output usage information


  stdin [options]         put source code to stdin of this utility   
  init-config             create sample solhint config in current folder 


Configuration file has next format:

    "extends": "default",
    "rules": {
      "avoid-throw": false,
      "avoid-suicide": "error",
      "avoid-sha3": "warn",
      "indent": ["warn", 4]

Configure linter with comments

Disable validation on next line

  // solhint-disable-next-line
  uint[] a;

Disable validation of fixed compiler version validation on next line

  // solhint-disable-next-line compiler-fixed, compiler-gt-0_4
  pragma solidity ^0.4.4; 

Disable validation on current line

  pragma solidity ^0.4.4; // solhint-disable-line

Disable validation of fixed compiler version validation on current line

  pragma solidity ^0.4.4; // solhint-disable-line compiler-fixed, compiler-gt-0_4

Disable linter rules for code fragment

  /* solhint-disable avoid-throw */
  if (a > 1) {
  /* solhint-enable avoid-throw */

Disable all linter rules for code fragment

  /* solhint-disable */
  if (a > 1) {
  /* solhint-enable */

Security Rules

Rule ID Error
reentrancy Possible reentrancy vulnerabilities. Avoid state changes after transfer.
avoid-sha3 Use "keccak256" instead of deprecated "sha3"
avoid-suicide Use "selfdestruct" instead of deprecated "suicide"
avoid-throw "throw" is deprecated, avoid to use it
func-visibility Explicitly mark visibility in function
state-visibility Explicitly mark visibility of state
check-send-result Check result of "send" call
avoid-call-value Avoid to use ".call.value()()"
compiler-fixed Compiler version must be fixed
compiler-gt-0_4 Use at least '0.4' compiler version
no-complex-fallback Fallback function must be simple
mark-callable-contracts Explicitly mark all external contracts as trusted or untrusted
multiple-sends Avoid multiple calls of "send" method in single transaction
no-simple-event-func-name Event and function names must be different
avoid-tx-origin Avoid to use tx.origin
no-inline-assembly Avoid to use inline assembly. It is acceptable only in rare cases
not-rely-on-block-hash Do not rely on "block.blockhash". Miners can influence its value.
avoid-low-level-calls Avoid to use low level calls.

* - All security rules implemented according ConsenSys Guide for Smart Contracts

Style Guide Rules

Rule ID Error
func-name-mixedcase Function name must be in camelCase
func-param-name-mixedcase Function param name must be in mixedCase
var-name-mixedcase Variable name must be in mixedCase
event-name-camelcase Event name must be in CamelCase
const-name-snakecase Constant name must be in SNAKE_CASE
modifier-name-mixedcase Modifier name must be in mixedCase
contract-name-camelcase Contract name must be in CamelCase
use-forbidden-name Avoid to use letters 'I', 'l', 'O' as identifiers
visibility-modifier-order Visibility modifier must be first in list of modifiers
imports-on-top Import statements must be on top
two-lines-top-level-separator Definition must be surrounded with two blank line indent
func-order Function order is incorrect
quotes Use double quotes for string literals
no-mix-tabs-and-spaces Mixed tabs and spaces
indent Indentation is incorrect
bracket-align Open bracket must be on same line. It must be indented by other constructions by space
array-declaration-spaces Array declaration must not contains spaces
separate-by-one-line-in-contract Definitions inside contract / library must be separated by one line
expression-indent Expression indentation is incorrect.
statement-indent Statement indentation is incorrect.
space-after-comma Comma must be separated from next element by space
no-spaces-before-semicolon Semicolon must not have spaces before

* - All style guide rules implemented according Solidity Style Guide

Best Practise Rules

Rule ID Error
max-line-length Line length must be no more than 120 but current length is 121.
payable-fallback When fallback is not payable you will not be able to receive ethers
no-empty-blocks Code contains empty block
no-unused-vars Variable "name" is unused
function-max-lines Function body contains "count" lines but allowed no more than "maxLines" lines
code-complexity Function has cyclomatic complexity "current" but allowed no more than "max"
max-states-count Contract has "curCount" states declarations but allowed no more than "max"


Related documentation you may find there.

IDE Integrations



You can’t perform that action at this time.