minor

Author: montyly

program-analysis/slither/api.md

@@ -3,6 +3,7 @@
 Slither has an API that allows you to explore basic attributes of contracts and their functions.
 
 On a high level there are 6 layers:
+
 - `Slither` - main slither object
 - `SlitherCompilationUnit` - group of files used by one call to solc
 - `Contract` - contract level
@@ -29,28 +30,29 @@ slither = Slither('0x..') # assuming the code is verified on etherscan
 ```
 
 Use `etherscan_api_key` to provide an [Etherscan API KEY](https://docs.etherscan.io/getting-started/viewing-api-usage-statistics)
+
 ```python
-slither = Slither('0x..', etherscan_api_key='..') 
+slither = Slither('0x..', etherscan_api_key='..')
 ```
 
 You can retrieve the list of compilation units with:
-- `sl.compilation_units # array of SlitherCompilationUnit`
 
+- `sl.compilation_units # array of SlitherCompilationUnit`
 
 ## SlitherCompilationUnit object
+
 - ~ group of files used by one call to solc
 - Most targets have 1 compilation, but not always true
   - Partial compilation for optimization
   - Multiple solc version used
   - Etc..
 - Why compilation unit matters?
-  - Some APIs might be not intuitive 
+  - Some APIs might be not intuitive
   - Ex: looking for a contract based on the name?
     - Can have multiple contracts
 - For hacking you can (probably) use the first compilation unit
   - `compilation_unit = sl.compilation_units[0]`
 
-
 A [`SlitherCompilationUnit`](https://github.com/crytic/slither/blob/master/slither/core/compilation_unit.py) has:
 
 - `contracts (list(Contract))`: A list of contracts
@@ -59,6 +61,7 @@ A [`SlitherCompilationUnit`](https://github.com/crytic/slither/blob/master/slith
 - `[structures | enums | events | variables | functions]_top_level`: Top level object
 
 Example
+
 ```python
 from slither import Slither
 sl = Slither("0xdac17f958d2ee523a2206206994597c13d831ec7")
@@ -70,6 +73,7 @@ print([str(c) for c in compilation_unit.contracts])
 # Print the most derived contracts from the USDT address
 print([str(c) for c in compilation_unit.contracts_derived])
 ```
+
 ```bash
 % python test.py
 ['SafeMath', 'Ownable', 'ERC20Basic', 'ERC20', 'BasicToken', 'StandardToken', 'Pausable', 'BlackList', 'UpgradedStandardToken', 'TetherToken']
@@ -78,6 +82,7 @@ print([str(c) for c in compilation_unit.contracts_derived])
 ```
 
 ## Contract Object
+
 A [`Contract`](https://github.com/crytic/slither/blob/master/slither/core/declarations/contract.py) object has:
 
 - `name: str`: The name of the contract
@@ -93,10 +98,11 @@ A [`Contract`](https://github.com/crytic/slither/blob/master/slither/core/declar
 - `state_variables_ordered: List[StateVariable]`: all variable ordered by declaration
 
 Example
+
 ```python
 from slither import Slither
 sl = Slither("0xdac17f958d2ee523a2206206994597c13d831ec7")
-compilation_unit = sl.compilation_units[0] 
+compilation_unit = sl.compilation_units[0]
 
 # Print all the state variables of the USDT token
 contract = compilation_unit.get_contract_from_name("TetherToken")[0]
@@ -117,8 +123,8 @@ A [`Function`](https://github.com/crytic/slither/blob/master/slither/core/declar
 - `nodes: list[Node]`: A list of nodes composing the CFG of the function/modifier
 - `entry_point: Node`: The entry point of the CFG
 - `[state |local]_variable_[read |write]: list[StateVariable]`: A list of local/state variables read/write
-   - All can be prefixed by “all_” for recursive lookup
-   - Ex: `all_state_variable_read`: return all the state variables read in internal calls
+  - All can be prefixed by “all\_” for recursive lookup
+  - Ex: `all_state_variable_read`: return all the state variables read in internal calls
 - `slithir_operations: List[Operation]`: list of IR operations
 
 ```python
@@ -129,7 +135,7 @@ contract = compilation_unit.get_contract_from_name("TetherToken")[0]
 
 transfer = contract.get_function_from_signature("transfer(address,uint256)")
 
-# Print all the state variables read by the transfer function 
+# Print all the state variables read by the transfer function
 print([str(v) for v in transfer.state_variables_read])
 # Print all the state variables read by the transfer function and its internal calls
 print([str(v) for v in transfer.all_state_variables_read])
@@ -142,12 +148,15 @@ print([str(v) for v in transfer.all_state_variables_read])
 ```
 
 ## Node object
+
 [Node](https://github.com/crytic/slither/blob/master/slither/core/cfg/node.py)
 
 To explore the nodes:
+
 - If order does not matter
   - `for node in function.nodes`
 - If order matters, walk through the nodes
+
 ```python
 def visit_node(node: Node, visited: List[Node]):
 
@@ -159,21 +168,22 @@ def visit_node(node: Node, visited: List[Node]):
     for son in node.sons:
         visit_node(son, visited)
 ```
-- If need to iterate more than once (advanced usages)
- -  Bound the iteration X times
- -  Create a fix-point - abstract interpretation style analysis
 
+- If need to iterate more than once (advanced usages)
+- Bound the iteration X times
+- Create a fix-point - abstract interpretation style analysis
 
 ## SlithIR
+
 - [slither/slithir](https://github.com/crytic/slither/tree/master/slither/slithir)
 - Every IR operation has its own methods
 - Check if an operation is of a type:
   - `isinstance(ir, TYPE)`
   - Ex: `isinstance(ir, Call)`
 - Check if the operation is an addition
- - `isinstance(ir, Binary) & ir.type == BinaryType.ADDITION`
+- `isinstance(ir, Binary) & ir.type == BinaryType.ADDITION`
 - Check if the operation is a call to MyContract
- - `isinstance(ir, HighLevelCall) & ir.destination == MyContract`
+- `isinstance(ir, HighLevelCall) & ir.destination == MyContract`
 
 ```python
 from slither import Slither

program-analysis/slither/examples/coin.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: AGPL-3.0
-pragma solidity ^0.5.0;
+pragma solidity ^0.8.0;
 
 contract Coin {
     address owner = msg.sender;

program-analysis/slither/exercise1.md

@@ -2,15 +2,15 @@
 
 The goal is to create a script that performs a feature that was not present in previous version of Solidity: function overriding protection.
 
-[exercises/exercise1/coin.sol](exercises/exercise1/coin.sol) contains a function that must never be overridden:
+[exercises/exercise1/coin.sol](https://github.com/crytic/building-secure-contracts/tree/master/program-analysis/slither/exercises/exercise1/coin.sol) contains a function that must never be overridden:
 
 ```solidity
 _mint(address dst, uint256 val)
 ```
 
 Use Slither to ensure that no contract inheriting Coin overrides this function.
 
-Use `solc-select install 0.5.0 && solc-select use 0.5.0` to switch to solc 0.5.0 
+Use `solc-select install 0.5.0 && solc-select use 0.5.0` to switch to solc 0.5.0
 
 ## Proposed Algorithm
 
@@ -30,4 +30,4 @@ Get the Coin contract
 
 ## Solution
 
-See [exercises/exercise1/solution.py](exercises/exercise1/solution.py).
+See [exercises/exercise1/solution.py](https://github.com/crytic/building-secure-contracts/tree/master/program-analysis/slither/exercises/exercise1/solution.py).

program-analysis/slither/exercise2.md

@@ -1,6 +1,6 @@
 # Exercise 2: Access Control
 
-The [exercises/exercise2/coin.sol](exercises/exercise2/coin.sol) file contains an access control implementation with the `onlyOwner` modifier. A common mistake is forgetting to add the modifier to a crucial function. In this exercise, we will use Slither to implement a conservative access control approach.
+The [exercises/exercise2/coin.sol](https://github.com/crytic/building-secure-contracts/tree/master/program-analysis/slither/exercises/exercise2/coin.sol) file contains an access control implementation with the `onlyOwner` modifier. A common mistake is forgetting to add the modifier to a crucial function. In this exercise, we will use Slither to implement a conservative access control approach.
 
 Our goal is to create a script that ensures all public and external functions call `onlyOwner`, except for the functions on the whitelist.
 
@@ -18,4 +18,4 @@ Explore all the functions
 
 ## Solution
 
-Refer to [exercises/exercise2/solution.py](exercises/exercise2/solution.py) for the solution.
+Refer to [exercises/exercise2/solution.py](https://github.com/crytic/building-secure-contracts/tree/master/program-analysis/slither/exercises/exercise2/solution.py) for the solution.

program-analysis/slither/exercise3.md

@@ -1,14 +1,13 @@
 # Exercise 3: Find function that use a given variable in a condition
 
-The [exercises/exercise3/find.sol](exercises/exercise3/find.sol) file contains a contract that use `my_variable` variable in multiple locations. 
+The [exercises/exercise3/find.sol](https://github.com/crytic/building-secure-contracts/tree/master/program-analysis/slither/exercises/exercise3/find.sol) file contains a contract that use `my_variable` variable in multiple locations.
 
 Our goal is to create a script that list all the functions that use `my_variable` in a conditional or require statement.
 
 ## Proposed Approach
 
 Explore all the helpers provided by [`Function`](https://github.com/crytic/slither/blob/master/slither/core/declarations/function.py) object to find an easy way to reach the goal
 
-
 ## Solution
 
-Refer to [exercises/exercise3/solution.py](exercises/exercise3/solution.py) for the solution.
+Refer to [exercises/exercise3/solution.py](https://github.com/crytic/building-secure-contracts/tree/master/program-analysis/slither/exercises/exercise3/solution.py) for the solution.

program-analysis/slither/exercises/exercise3/find.sol

@@ -1,19 +1,15 @@
-contract Find{
-
+contract Find {
     uint my_variable;
 
-    function condition() public{
-        if(my_variable==0){
-
-        }
+    function condition() public {
+        if (my_variable == 0) {}
     }
 
-    function call_require() public{
-        require(my_variable==0);
+    function call_require() public {
+        require(my_variable == 0);
     }
-    
-    function read_and_write() public{
+
+    function read_and_write() public {
         my_variable = my_variable + 1;
     }
-
-}
+}

program-analysis/slither/scripts/gh_action_test.sh

@@ -55,13 +55,15 @@ test_exercise(){
 
 cd program-analysis/slither
 pip install slither-analyzer
+solc-select install 0.8.20
+solc-select use 0.8.20
 
 test_examples
+
 solc-select install 0.5.11
 solc-select use 0.5.11
 test_exercise 1
 
-solc-select install 0.8.20
 solc-select use 0.8.20
 test_exercise 2