v0.3.0
0.3.0 - 2018-11-20
This release brings 4 new detectors, 1 new printer, improved UX, and several bug fixes.
Thanks to the Ethereum Community Fund for funding Gitcoin bounties!
Thanks also to our external contributors!
@anukul
@benstew
@rmi7
@rluijk
@samparsky
Added
- New detectors:
controlled-delegatecall
: Detect user-controlled delegatecall destinationconstant-function
: Detect constant functions that change stateuninitialized-local
: Detect uninitialized local variablesunused-return-value
: Detect unused return values
- New printer:
human-summary
: Print a human readable summary of the contracts
Changed
- Refactored the output of the detectors:
- Bug descriptions are more verbose
- Add line number information
- Create vulnerability descriptions with short descriptions, exploit scenarios, and recommendations
- Refactored unit tests to output to JSON
- Simplified integration with Truffle (slither now runs
truffle compile
automatically when applied to a Truffle directory)
Recommendation
- Use the
constant-function
detector to ensure correct interactions between contracts compiled with Solidity <0.5 and >=0.5