Filecoin Security Plugin

Screenshots

Problem Statement

A plugin to perform a static analysis for projects that aim to integrate with Filecoin. The plugin looks for potential security vulnerabilities in a targetted codebase and, in the case of detection, outputs the result: what are the issues, at what lines are the issues, and recommendations on how to fix them.

Solution

The plugin is based on @Slither engine, which allows to create custom security detectors (the detectors are created in Python). The potential vulnerabilities are uncovered with the analysis of the @filecoin-solidity library, which is supposed to be the main resource for projects that would like to onboard on the Filecoin blockchain. The plugin is created specifically for Filecoin sponsors to help them to create a secure ecosystem.