kritisi
v1.5.2
Published
A powerful AI-driven security audit tool for Solidity smart contracts, designed to detect vulnerabilities, enhance code quality, and ensure compliance with best practices. Ideal for developers seeking fast, reliable security insights.
Downloads
10
Maintainers
Readme
Kritisi: AI-Powered Security Audit Tool for Solidity Smart Contracts
Kritisi is an AI-powered tool designed to analyze the security and documentation of Solidity code. This tool helps developers detect vulnerabilities, improve code quality, and ensure compliance with best practices.
✨ Key Features
- Security Audit: Analyze Solidity code to identify security vulnerabilities with structured reporting.
- NatSpec Documentation: Automatically add NatSpec documentation to functions within Solidity code.
- Code Merging: Merge all imported Solidity files into a single file for streamlined development.
- Ease of Use: CLI-based, allowing for simple and efficient interaction.
- AI Service Support: Supports OpenAI and Groq services for flexibility.
🚀 Installation
To use Kritisi, make sure you have the latest version of Node.js installed. Then, install the tool globally using the following command:
npm install -g kritisi
📘 Usage Instructions
Once Kritisi is installed globally, you can use it from the command line by typing kritisi
followed by the desired command. Here are the available commands:
View Help To see a list of available commands, use:
kritisi help
Example output:
Usage: kritisi [options] [command] A powerful AI-driven security audit tool for Solidity smart contracts. Detect vulnerabilities, enhance code quality, and ensure compliance with best practices. Options: -V, --version output the version number -h, --help display help for command Commands: setkey Set an API key for the selected service setmodel Set the AI model for the selected service natspec Process NatSpec documentation for Solidity files security Run a security audit for Solidity smart contracts merger Merge all imported Solidity files into a single file help Display help information for available commands Run 'kritisi <command> --help' for detailed usage of a specific command.
Set API Key Before using the AI services, you need to set up your API key. Use the following command:
kritisi setkey --service <service>
<service>
: Specify the service to be used, such asopenai
orgroq
. Example:kritisi setkey --service openai
You will be prompted to enter your API key.
Set AI Model Set the AI model for the selected service, use the following command:
kritisi setmodel --service <service>
<service>
: Specify the service to be used, such asopenai
orgroq
. Example:kritisi setmodel --service openai
You will be prompted to input the model name interactively.
Add NatSpec Documentation To automatically add NatSpec documentation to your Solidity code, use the following command:
kritisi natspec --service <service> --path <path>
<service>
: Specify the AI service (e.g.,openai
orgroq
).<path>
: Specify the path to your Solidity file. Example:kritisi natspec --service openai --path ./contracts/MyContract.sol
Security Audit To run a security audit on your Solidity contracts, use:
kritisi security --service <service> --path <path>
<service>
: Specify the AI service (e.g.,openai
orgroq
).<path>
: Specify the path to your Solidity file. Example:kritisi security --service groq --path ./contracts/MyContract.sol
The audit results will be saved as a PDF file in the same location as your Solidity file.
Merge Solidity Files To merge all imported Solidity files into a single file, use:
kritisi merger --path <path>
<path>
: Specify the path to your Solidity file. Example:kritisi merger --path ./contracts/MyContract.sol
The merged file will be saved with
_merge
appended to the original file name.
📂 Example Output
Security Audit
The results are presented as a JSON report converted into a PDF file like this:
{
"high": [
{
"issue": "Reentrancy vulnerability in withdraw function.",
"suggestion": "Use the Checks-Effects-Interactions pattern.",
"code_highlight": "function withdraw() public { ... }"
}
],
"medium": [],
"low": []
}
File Merge
Upon successful merging, the output will indicate the location of the merged file:
✔ Files merged successfully. Output file: /absolute/path/to/MyContract_merge.sol
🤝 Contributing
We greatly appreciate your contributions! Please fork this repository and submit a pull request with your changes or additions.
🛠 Support
If you encounter any issues or have questions, please open an issue in this repository or contact us at [email protected].
📄 License
This project is licensed under the MIT License.
🎉 Thank you for using Kritisi! We hope this tool proves beneficial in enhancing the security and quality of your smart contracts.