Slither: The Leading Static Analyzer for Smart Contracts

We have published an academic paper on Slither, our static analysis framework for smart contracts, in the International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), colocated with ICSE.

Our paper shows that Slither’s bug detection outperforms other static analysis tools for finding issues in smart contracts in terms of speed, robustness, and balance of detection and false positives. The paper provides more details on how the use of a sophisticated intermediate language based on Static Single Assignment (SSA) form, a key advance in the development of modern optimizing compilers, lets Slither go about its work quickly and effectively, and makes it easy to extend Slither to new tasks.

Overview and applications

First, we describe how Slither was designed and what it can do. Slither was designed to be a static analysis framework that provides fine-grained information about smart contract code and has the necessary flexibility to support many applications. The framework is currently used for the following:

  • Automated vulnerability detection. A large variety of smart contract bugs can be detected without user intervention or additional specification effort.
  • Automated optimization detection. Slither detects code optimizations that the compiler misses.
  • Code understanding. Slither summarizes and displays contracts’ information to aid your study of the codebase.
  • Assisted code review. A user can interact with Slither through its API.

Slither works as follows:

  1. It takes as initial input the Solidity Abstract Syntax Tree (AST) generated by the Solidity compiler. Slither works out of the box with the most common frameworks, including Truffle, Embark, and Dapp. You just point Slither at a contract to analyze.
  2. It then generates important information, such as the contract’s inheritance graph, the control flow graph (CFG), and the list of all expressions in the contract.
  3. Slither then translates the code of the contract into SlithIR, an internal representation language that makes precise and accurate analyses easier to write.
  4. Finally, Slither runs a set of pre-defined analyses that provide enhanced information to other modules (e.g., computing data flow, protected function calls, etc.).

Fig. 1: How Slither works

Slither vs. the World

An important part of our paper focuses on comparing Slither to other smart contract static analysis tools. We contrast Slither (release 0.5.0) with other open-source static analysis tools to detect vulnerabilities in Ethereum smart contracts: Securify (revision 37e2984), SmartCheck (revision 4d3367a) and Solhint (release 1.1.10). We decided to focus our evaluation almost exclusively on the tools’ reentrancy detectors, since reentrancy is one of the oldest, best understood, and most dangerous security issues. Figure 2 shows the classic example of a simple reentrant contract that can be exploited to drain all of its ether by calling withdrawBalance with a fallback function that calls withdrawBalance again.

Fig. 2: An exploitable reentrant contract

The reentrancy detector is one of the few that is available in all the tools we evaluated. Furthermore, we experimented with one thousand of the most used contracts (those with the largest number of transactions) for which Etherscan provides the source code, to obtain the following results:

Fig. 3: Slither outperforms the other tools in every category

Using a dataset of one thousand contracts, the tools were run on each contract with a timeout of 120 seconds, using only reentrancy detectors. We manually disabled other detection rules to avoid the introduction of bias in the measurements.

In summary, we observed the following strengths in our tool in terms of vulnerability detection:

  • Accuracy. The False positives, Flagged contracts, and Detections per contract rows summarize accuracy results. Our experiments reveal that Slither is the most accurate tool with the lowest false positive rate of 10.9%; followed by Securify with 25%. On the contrary, SmartCheck and Solhint have extremely high false positive rates: 73.6% and 91.3% (!) respectively.
    Additionally, we include the number of contracts for which at least one reentrancy is detected (flagged contracts) and the average number of findings per flagged contract. On one hand, SmartCheck flags a larger number of contracts, confirming its high false positive rate (it flags about seven times as many contracts as Slither, and has a false positive rate roughly seven times higher). On the other hand, Securify flags a very small number of contracts, which indicates that the tool fails to detect a number of true positives found by other tools; note that Securify flags far fewer contracts than Slither, but still flags more that are false positives.
  • Performance. The Average execution time and Timed-out analyses rows summarize performance results, confirming that Slither is the fastest tool, followed by Solhint, SmartCheck, and, finally, Securify. In our experiments, Slither was typically as fast as a simple linter. Other tools, such as Solhint and SmartCheck, parse Solidity source code or analyze precompiled contracts, such as Securify.
  • Robustness. The Failed analyses row summarizes robustness results, showing that Slither is the most robust tool, followed by Solhint, SmartCheck, and Securify. Slither failed only for 0.1% of the contracts; meanwhile, Solhint failed around 1.2%. SmartCheck and Securify are less robust, failing 10.22% and 11.20% of the time, respectively.

We also compared Slither to Surya, the most similar tool for smart contract code understanding. We found that Slither includes all the important information provided by Surya, but is able to integrate more advanced information due to the static analyses it performs. Code understanding tools that do not incorporate deeper analyses are limited to superficial information, while Slither is easily extensible to more sophisticated code summarization tasks.

The Talk

This paper will be presented by our security engineers, Josselin Feist and Gustavo Grieco, at WETSEB 2019 on May 27th at 11am.

Beyond the Paper

Slither is in constant evolution. We recently released the version 0.6.4 and several improvements and features were added since we wrote the paper, including automated checks for upgradeable contracts, and Visual Studio integration. We are proud to have more than 30 detectors that are open source, and Slither has about the same amount of private detectors for race conditions, weak cryptography, and other critical flaws.

Slither is the core of, our continuous assurance system (think “Travis-CI but for Ethereum”), which unleashes all the Slither analyses to protect smart contracts.

Contact us, or join the Empire Hacking Slack, if you need help to integrate Slither to your development process, or if you want to learn more about Slither capacities.

4 thoughts on “Slither: The Leading Static Analyzer for Smart Contracts

  1. Nice writeup, and thanks for comparing against Securify! This kind of thing keeps a healthy competition going to develop the best tools out there to secure Ethereum.

    Just wanted to mention that both the original DAO reentrancy and the Spankchain one are detected by Securify. Due to focuses on usability, code written with v0.3 solc can not be compiled conveniently (of course you can still run against the bytecode).

    The SpankChain reentrancy can be detected with the current version (older ones timed out on this):

  2. Hi Matthias,

    Thank you for the additional information. It’s nice to see that Securify is now able to detect the spankchain bug and that all our tools are improving over time.

    However, I just tested the latest version of Securify on the DAO, and it does not find the reentrancy that was used during the hack. I opened an issue

    Please let us know if there is something we are missing!

  3. Pingback: Trail of Bits @ ICSE 2019 – Recap | Trail of Bits Blog

Leave a Reply