HTTP API
Start a project scan
POST
https://api.solidityscan.com/private/api-project-scan/
Name | Type | Description |
---|---|---|
Authorization* | String | Bearer <token> |
Request Body
Name | Type | Description |
---|---|---|
project_url* | string | url of the project |
project_branch | string | branch of the repository to scan |
skip_file_paths | [string] | list of paths to skip when scanning |
rescan | boolean | true if this scan has already been scanned, false if not. |
Project Scan Example
curl --location 'https://api.solidityscan.com/private/api-project-scan/' \
--header 'accept: application/json, text/plain, */*' \
--header 'accept-language: en-GB,en-US;q=0.9,en;q=0.8' \
--header 'sec-ch-ua-mobile: ?0' \
--header 'sec-fetch-dest: empty' \
--header 'sec-fetch-mode: cors' \
--header 'sec-fetch-site: same-origin' \
--header 'sec-gpc: 1' \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '{
"provider": "github"
"project_name": "SolidityScan",
"project_url": "https://github.com/Shashank-In/SmartContract",
"project_branch": "master",
"project_skip_files":[]
}'
{
"scan_report": {
"client_id": 326,
"file_url_list": null,
"multi_file_scan_details": [
{
"issue_id": "SOLIDITY_PUBLIC_BURN",
"metric_wise_aggregated_findings": [
{
"bug_hash": "865MXqQZ2gXMX6bMC6Dak67NXD8=",
"bug_id": "SSP_2115_8",
"bug_status": "pending_fix",
"comment": "",
"description_details": {
"function_name": ""
},
"findings": [
{
"file_path": "/contracts/bep20/BEP20TokenImplementation.sol",
"line_nos_end": [
241
],
"line_nos_start": [
238
]
}
],
"scan_id": "c209c67e4fc786aa"
}
],
"no_of_findings": 36,
"template_details": {
"_created": "Thu, 01 Jan 1970 00:00:00 GMT",
"_id": "64142385f39e851afed3ecc8",
"_links": {
"self": {
"href": "issue_details/SOLIDITY_LONG_REQUIRE_REVERT_STRINGS",
"title": "issues"
}
},
"_updated": "Thu, 01 Jan 1970 00:00:00 GMT",
"description_keys": [],
"detection_logic": "not defined yet",
"is_production_disabled": false,
"issue_confidence": "2",
"issue_description": "<p>The <code>require()</code> and <code>revert()</code> functions take an input string to show errors if the validation fails.</br>This strings inside these functions that are longer than <code>32 bytes</code> require at least one additional <code>MSTORE</code>, along with additional overhead for computing memory offset, and other parameters.</p>",
"issue_id": "SOLIDITY_LONG_REQUIRE_REVERT_STRINGS",
"issue_name": "LONG REQUIRE/REVERT STRINGS",
"issue_remediation": "<p>It is recommended to short the strings passed inside <code>require()</code> and <code>revert()</code> to fit under <code>32 bytes</code>. This will decrease the gas usage at the time of deployment and at runtime when the validation condition is met.</p>",
"issue_severity": "gas",
"issue_status": "true",
"multi_file_supported": "true",
"version": "1"
}
}
],
"multi_file_scan_status": "scan_done",
"multi_file_scan_summary": {
"count_files_analyzed": 15,
"issue_severity_distribution": {
"critical": 21,
"gas": 120,
"high": 20,
"informational": 18,
"low": 58,
"medium": 10
},
"issues_count": 247,
"lines_analyzed_count": 3183,
"scan_time_taken": 16,
"scans_ran": [
"static_template_based"
],
"score": "4.26",
"score_v2": "85.27"
},
"project_branch": "master",
"project_id": "bf4b2e27a7eca4a04c2e5b2f768e4054",
"project_name": "mano-credshields-eth-bsc-swap-contracts",
"project_sequence_id": 2115,
"project_url": "https://github.com/mano-credshields/eth-bsc-swap-contracts",
"quick_file_scan_details": "c209c67e4fc786aa",
"reporting_status": "not_generated",
"scan_id": "c209c67e4fc786aa",
"scan_init_time": "2023-06-12T10:18:51.367790",
"scan_status": "scan_done",
"scan_type": "project",
"skip_file_paths": []
}
}
Verified Contract Scans
Start a block scan
POST
https://api.solidityscan.com/private/api-start-scan-block/
Name | Type | Description |
---|---|---|
Authorization* | String | Bearer <token> |
Request Body
Name | Type | Description |
---|---|---|
contract_address* | string | address of the contract |
contract_platform* | string | |
contract_chain* | strin | chain which the contract belongs to |
Block Scan CURL Example
curl --location 'https://api.solidityscan.com/private/api-start-scan-block/' \
--header 'accept: application/json, text/plain, */*' \
--header 'accept-language: en-GB,en-US;q=0.9,en;q=0.8' \
--header 'sec-ch-ua-mobile: ?0' \
--header 'sec-fetch-dest: empty' \
--header 'sec-fetch-mode: cors' \
--header 'sec-fetch-site: same-origin' \
--header 'sec-gpc: 1' \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '{
"contract_address": "0x814d65082Bbfbf45130741018772143b690609CE",
"contract_platform": "bscscan",
"contract_chain": "mainnet"
}'
{
"scan_report": {
"client_id": 326,
"compilerversion": "v0.8.11+commit.d7f03943",
"contract_address": "0x814d65082Bbfbf45130741018772143b690609CE",
"contract_chain": "mainnet",
"contract_platform": "bscscan",
"contract_url": "https://bscscan.com/address/0x814d65082Bbfbf45130741018772143b690609CE",
"contractname": "TestCA",
"currency": "BNB",
"evmversion": "Default",
"licensetype": "None",
"multi_file_scan_details": [
{
"issue_id": "SOLIDITY_INCORRECT_ACCESS_CONTROL",
"metric_wise_aggregated_findings": [
{
"bug_hash": "wgs1VNce9tUpqOF1jt-bwauTY14=",
"bug_id": "SSB_3940_74",
"bug_status": "pending_fix",
"comment": "",
"description_details": {
"contract_name": "DividendPayingToken",
"function_name": "rescueTokens",
"library_name": "@openzeppelin/contracts/access/Ownable.sol",
"modifier_name": "onlyOwner"
},
"findings": [
{
"file_path": "contract.sol",
"line_nos_end": [
430
],
"line_nos_start": [
427
]
}
],
"scan_id": "7c96cf7b20b42c92"
},
{
"bug_hash": "YpFgK9IcmIEX723u-T3R7MgtPZs=",
"bug_id": "SSB_3940_75",
"bug_status": "pending_fix",
"comment": "",
"description_details": {
"contract_name": "TestCA",
"function_name": "rescueTokens",
"library_name": "@openzeppelin/contracts/access/Ownable.sol",
"modifier_name": "onlyOwner"
},
"findings": [
{
"file_path": "contract.sol",
"line_nos_end": [
605
],
"line_nos_start": [
600
]
}
],
"scan_id": "7c96cf7b20b42c92"
},
{
"bug_hash": "XiHaPHM4bJptrgKBwt5LpePsjws=",
"bug_id": "SSB_3940_76",
"bug_status": "pending_fix",
"comment": "",
"description_details": {
"contract_name": "TestCA",
"function_name": "processDividendTracker",
"library_name": "@openzeppelin/contracts/access/Ownable.sol",
"modifier_name": "onlyOwner"
},
"findings": [
{
"file_path": "contract.sol",
"line_nos_end": [
690
],
"line_nos_start": [
687
]
}
],
"scan_id": "7c96cf7b20b42c92"
},
{
"bug_hash": "abpAYui5sZSDJjtZ1iUoH4dDtoU=",
"bug_id": "SSB_3940_77",
"bug_status": "pending_fix",
"comment": "",
"description_details": {
"contract_name": "TestCA",
"function_name": "claim",
"library_name": "@openzeppelin/contracts/access/Ownable.sol",
"modifier_name": "onlyOwner"
},
"findings": [
{
"file_path": "contract.sol",
"line_nos_end": [
694
],
"line_nos_start": [
692
]
}
],
"scan_id": "7c96cf7b20b42c92"
},
{
"bug_hash": "6mNWpIIeI-jESDh_QxqdkbJ_djo=",
"bug_id": "SSB_3940_78",
"bug_status": "pending_fix",
"comment": "",
"description_details": {
"contract_name": "TESTDividendTracker",
"function_name": "process",
"library_name": "@openzeppelin/contracts/access/Ownable.sol",
"modifier_name": "onlyOwner"
},
"findings": [
{
"file_path": "contract.sol",
"line_nos_end": [
1020
],
"line_nos_start": [
975
]
}
],
"scan_id": "7c96cf7b20b42c92"
}
],
"no_of_findings": 5,
"template_details": {
"_created": "Thu, 01 Jan 1970 00:00:00 GMT",
"_id": "64142385f39e851afed3ecfb",
"_links": {
"self": {
"href": "issue_details/SOLIDITY_INCORRECT_ACCESS_CONTROL",
"title": "issues"
}
},
"_updated": "Thu, 01 Jan 1970 00:00:00 GMT",
"description_keys": [
"contract_name",
"library_name",
"function_name",
"modifier_name"
],
"detection_logic": "not defined yet",
"is_production_disabled": false,
"issue_confidence": "1",
"issue_description": "<p>Access control plays an important role in segregation of privileges in smart contracts and other applications. If this is misconfigured or not properly validated on sensitive functions, it may lead to loss of funds, tokens and in some cases compromise of the smart contract. <br><br>The contract ${contract_name} is importing an access control library ${library_name} but the function ${function_name} is missing the modifier ${modifier_name}.</p>",
"issue_id": "SOLIDITY_INCORRECT_ACCESS_CONTROL",
"issue_name": "INCORRECT ACCESS CONTROL",
"issue_remediation": "<p>It is recommended to go through the contract and observe the functions that are lacking an access control modifier. If they contain sensitive administrative actions, it is advised to add a suitable modifier to the same</p>",
"issue_severity": "critical",
"issue_status": "true",
"multi_file_supported": "true",
"version": "1"
}
}
],
"multi_file_scan_status": "scan_done",
"multi_file_scan_summary": {
"count_files_analyzed": 1,
"issue_severity_distribution": {
"critical": 5,
"gas": 91,
"high": 7,
"informational": 24,
"low": 22,
"medium": 1
},
"issues_count": 150,
"lines_analyzed_count": 1033,
"scan_time_taken": 9,
"scans_ran": [
"static_template_based"
],
"score": "3.96",
"score_v2": "79.19",
"threat_score": "76.19"
},
"node_reference_id": null,
"project_id": "a3b0fbb769c94f1733e2beeaee692dd6",
"project_sequence_id": 3940,
"quick_file_scan_details": "7c96cf7b20b42c92",
"reporting_status": "not_generated",
"scan_id": "7c96cf7b20b42c92",
"scan_init_time": "2023-06-12T10:27:28.468226",
"scan_status": "scan_done",
"scan_type": "block",
"value": "8.761483474979001e-06"
}
}
Generate Report
Generate Report
POST
https://api.solidityscan.com/private/api-generate-report/
Name | Type | Description |
---|---|---|
Authorization* | String | Bearer <token> |
Request Body
Name | Type | Description |
---|---|---|
project_id* | string | project_id to generate report for |
scan_id* | string | id of the scan associated |
Generate Report CURL Example
curl --location 'https://api.solidityscan.com/private/api-generate-report/' \
--header 'accept: application/json, text/plain, */*' \
--header 'accept-language: en-GB,en-US;q=0.9,en;q=0.8' \
--header 'sec-ch-ua-mobile: ?0' \
--header 'sec-fetch-dest: empty' \
--header 'sec-fetch-mode: cors' \
--header 'sec-fetch-site: same-origin' \
--header 'sec-gpc: 1' \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '{
"project_id": "abcdefgh12345",
"scan_id": "abcdef123"
}'
{
"scan_id": "abcdefgh",
"status": "started"
}
Last updated