Skip to content

zororaka00/kritisi

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
.github
.github
 
 
example
example
 
 
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

Kritisi: AI-Powered Security Audit Tool for Solidity Smart Contracts

Kritisi is an AI-powered tool designed to analyze the security and documentation of Solidity code. This tool helps developers detect vulnerabilities, improve code quality, and ensure compliance with best practices.

✨ Key Features

  • Security Audit: Analyze Solidity code to identify security vulnerabilities with structured reporting.
  • NatSpec Documentation: Automatically add NatSpec documentation to functions within Solidity code.
  • Code Merging: Merge all imported Solidity files into a single file for streamlined development.
  • Ease of Use: CLI-based, allowing for simple and efficient interaction.
  • AI Service Support: Supports OpenAI and Claude services for flexibility.

🚀 Installation

To use Kritisi, make sure you have the latest version of Node.js installed. Then, install the tool globally using the following command:

npm install -g kritisi

📘 Usage Instructions

Once Kritisi is installed globally, you can use it from the command line by typing kritisi followed by the desired command. Here are the available commands:

  1. View Help To see a list of available commands, use:

    kritisi help

    Example output:

    Usage: kritisi [options] [command]

A powerful AI-driven security audit tool for Solidity smart contracts.
Detect vulnerabilities, enhance code quality, and ensure compliance with best practices.

Options:
  -V, --version           output the version number
  -h, --help              display help for command

Commands:
  setkey                 Set an API key for the selected service
  setmodel               Set the AI model for the selected service
  natspec                Process NatSpec documentation for Solidity files
  security               Run a security audit for Solidity smart contracts
  merger                 Merge all imported Solidity files into a single file
  help                   Display help information for available commands

Run 'kritisi <command> --help' for detailed usage of a specific command.

  2. Set API Key Before using the AI services, you need to set up your API key. Use the following command:

    kritisi setkey --service <service>

    <service>: Specify the service to be used, such as openai or claude. Example:

    kritisi setkey --service openai

    You will be prompted to enter your API key.

  3. Set AI Model Set the AI model for the selected service, use the following command:

    kritisi setmodel --service <service>

    <service>: Specify the service to be used, such as openai or claude. Example:

    kritisi setmodel --service openai

    You will be prompted to input the model name interactively.

  4. Add NatSpec Documentation To automatically add NatSpec documentation to your Solidity code, use the following command:

    kritisi natspec --service <service> --path <path>

    <service>: Specify the AI service (e.g., openai or claude).
    <path>: Specify the path to your Solidity file. Example:

    kritisi natspec --service openai --path ./contracts/MyContract.sol

  5. Security Audit To run a security audit on your Solidity contracts, use:

    kritisi security --service <service> --path <path>

    <service>: Specify the AI service (e.g., openai or claude).
    <path>: Specify the path to your Solidity file. Example:

    kritisi security --service claude --path ./contracts/MyContract.sol

    The audit results will be saved as a PDF file in the same location as your Solidity file.

  6. Merge Solidity Files To merge all imported Solidity files into a single file, use:

    kritisi merger --path <path>

    <path>: Specify the path to your Solidity file. Example:

    kritisi merger --path ./contracts/MyContract.sol

    The merged file will be saved with _merge appended to the original file name.

📂 Example Output

Security Audit

The results are presented as a JSON report converted into a PDF file like this:

{
  "high": [
    {
      "issue": "Reentrancy vulnerability in withdraw function.",
      "suggestion": "Use the Checks-Effects-Interactions pattern.",
      "code_highlight": "function withdraw() public { ... }"
    }
  ],
  "medium": [],
  "low": []
}

File Merge

Upon successful merging, the output will indicate the location of the merged file:

✔ Files merged successfully. Output file: /absolute/path/to/MyContract_merge.sol

🤝 Contributing

We greatly appreciate your contributions! Please fork this repository and submit a pull request with your changes or additions.

🛠 Support

If you encounter any issues or have questions, please open an issue in this repository or contact us at rakawidhiantoro@gmail.com.

📄 License

This project is licensed under the MIT License.

🎉 Thank you for using Kritisi! We hope this tool proves beneficial in enhancing the security and quality of your smart contracts.

About

A powerful AI-driven security audit tool for Solidity smart contracts, designed to detect vulnerabilities, enhance code quality, and ensure compliance with best practices. Ideal for developers seeking fast, reliable security insights.

www.npmjs.com/package/kritisi

Topics

security ai tooling ethereum blockchain audit solidity vulnerability smart-contract chatgpt

Resources

Readme

License

MIT license

Contributing

Contributing
Activity

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

8 tags

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

 
 
 

Contributors

Languages