Solaudit

Security scanner for Solidity smart contracts. Find vulnerabilities before deployment.

Installation

npm install -g solaudit-cli

Commands

Full Audit

solaudit audit Contract.sol
solaudit audit ./contracts/ -r              # Recursive
solaudit audit . -s high                    # Only high+ severity
solaudit audit . --gas --best-practices     # Include all checks

Quick Check

solaudit check Token.sol
solaudit check Vault.sol -s critical

Gas Analysis

solaudit gas Contract.sol

List Patterns

solaudit patterns
solaudit patterns --category reentrancy

Vulnerability Detection

Critical

• Reentrancy attacks
• Unprotected selfdestruct
• Delegatecall injection
• Signature replay

High

• Integer overflow/underflow
• Access control issues
• Unchecked return values
• Price manipulation

Medium

• tx.origin authentication
• Floating pragma
• Timestamp dependence
• Front-running risks

Low

• Unused variables
• Missing events
• Implicit visibility
• Magic numbers

Output Formats

solaudit audit Contract.sol              # Table (default)
solaudit audit Contract.sol -o json      # JSON
solaudit audit Contract.sol -o markdown  # Markdown report

CI/CD Integration

# Fail on critical issues
solaudit audit ./contracts/ -s critical && echo "Passed"

# GitHub Actions
- run: npm install -g solaudit-cli
- run: solaudit audit ./contracts/ -r -s high

Common Use Cases

Pre-deployment check:

solaudit audit ./contracts/ -r -s high

Generate audit report:

solaudit audit . -o markdown --save AUDIT.md

Gas optimization:

solaudit gas Contract.sol

---

Built by LXGIC Studios

🔗 GitHub · Twitter