Authentication on Ethereum
Contract-based accounts allow the user to secure their funds with ease-of-mind by allowing tiered keys to act on the contract depending on their permission levels and attestations by higher tiered keys. Authereum is a fully non-custodial login process that utilizes ENS and web 2.0 style security to
Secure Your Smart Contracts
Our mission at SecurEth is to guide software developers in the Ethereum Community towards building Smart Contract Systems that adhere to the highest quality in design and verification, to ensure that we solve problems before they happen so we can build in world-class security for the world of
Unbreakable Cyber Insurance Platform
TabooKey is BUIDLing a decentralized cyber insurance network that buys up cyber security risks for crypto custody & critical infrastructure use cases such as controlling autonomous car fleets. Powered by safe channels, a new blockchain-enabled cyber security building block that keeps critical assets
Aims to solve the biggest usability and security issues of Ethereum.
UniversalLogin is an open-source project that aims to solve the usability problems of Ethereum. Problems : Onboarding users to Ethereum is hard. Onboarding : Entering Ethereum space for new users is hard. A popular tutorial show 17 steps user have to go through to start using Ethereum based dapps
Library for mocking smart contract dependencies during unit testing.
What the Doppelgänger is? doppelgänger /ˈdɒp(ə)lˌɡaŋə, ˈdɒp(ə)lˌɡɛŋə/ - an apparition or double of a living person. It’s a library for mocking smart contract dependencies during unit testing. Reduce the amount of code. Test are more readable. Tests run faster. 10 minutes to learn.
Static Analyzer for Solidity
Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comprehension
Symbolic execution tool on Smart Contracts and Binaries
Features Input Generation : Manticore automatically generates inputs that trigger unique code paths Error Discovery : Manticore discovers bugs and produces inputs required to trigger them Execution Tracing : Manticore records an instruction-level trace of execution for each generated input
Visualise Solidity control flow for smart contract security analysis
Generates a DOT graph that visualizes function control flow of a Solidity contract and highlights potential security vulnerabilities.
Framework for cryptoeconomic contract security, decentralised security bounties.
The Hydra is an Ethereum contract development framework for: decentralized security and bug bounties rigorous cryptoeconomic security guarantees mitigating programmer and compiler error Hydra introduces a concept called an exploit gap , a way for developers to turn crippling exploits into safe
Alternative EVM disassembler
evmdis is an EVM disassembler. It performs static analysis on the bytecode to provide a higher level of abstraction for the bytecode than raw EVM operations. Features include: Separates bytecode into basic blocks. Jump target analysis, assigning labels to jump targets and replacing addresses with
Binary Ninja plugin which enables an EVM disassembler and related analysis tools.
A static analysis tool that detects vulnerabilities and bugs in Solidity programs.
SmartCheck automatically checks Smart Contracts for vulnerabilities and bad practices – it highlights them in the code and gives a detailed explanation of the problem. We already use it in our security audits. SmartCheck engine is now open source
Security scanner for Ethereum smart contracts
It features an extensive list of security patterns commonly found in smart contracts: some forms of the DAO bug (also known as reentrancy) locked ether missing input validation transaction ordering-dependent amount, receiver and transfer unhandled exceptions unrestricted ether flow The project is
Alternative static smart contract security analysis
An Analysis Tool for Smart Contracts. Contributing : Checkout out our contribution guide and the code structure here .
Build security tools using the MythX API
Using MythX API, you can build security tools that find bugs in smart contracts for Ethereum or compatible blockchains such as Tron and Quorum. Currently, we support Solidity code and EVM bytecode, but we are working on support for additional bytecode formats (e.g. eWASM) and languages.
Security analysis platform for Ethereum smart contracts. Direct integration with all major development tools as well as end-user API.
MythX is a smart contract security API that brings advanced security analysis directly into development environments and build pipelines. It detects many common Solidity vulnerabilities and EVM bytecode vulnerabilities. Anyone can use MythX to build purpose-built Ethereum security tools. End users