Skip to content

EVMGuard v1.3.0

Latest
Latest

Choose a tag to compare

View all tags
@zanzarini zanzarini released this 22 Jun 17:22
v1.3.0
db70c95
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Adds batch and multicall decoding.

Added

  • The analyzer now unwraps batched calls and recursively analyzes each inner call, so a dangerous action hidden inside a batch is caught instead of reported as an unknown selector. Supported wrappers:
    • Multicall3 aggregate, aggregate3, aggregate3Value, tryAggregate
    • OpenZeppelin multicall(bytes[])
    • Gnosis Safe multiSend(bytes)
  • Inner findings are labeled with their position and target, and a critical inner finding raises the overall severity. Nesting is followed up to a depth of 5.
  • The decoder is dependency-free and bounds-checked; malformed batch calldata yields a transaction.batch-malformed warning rather than a failure.

Install with cargo install evmguard. Linux, Windows, and macOS binaries are attached below.

Assets 5
Loading