41 lines
1.2 KiB
Markdown
41 lines
1.2 KiB
Markdown
---
|
||
title: "Static Analysis"
|
||
type: concept
|
||
tags: [smart-contract, security, tools]
|
||
sources: [blockchain-security-auditor]
|
||
last_updated: 2026-04-20
|
||
---
|
||
|
||
## Definition
|
||
静态分析(Static Analysis)是通过分析代码结构而不执行程序来检测漏洞的方法,是智能合约安全审计的第一道防线。
|
||
|
||
## Tools in Ecosystem
|
||
- **Slither**:Trail of Bits 开发,Python 实现
|
||
- **Mythril**:Consensys Diligence 开发,符号执行
|
||
- **Medusa**:二进制模糊测试框架
|
||
- **Semgrep**:通用代码分析工具
|
||
|
||
## Slither Detectors
|
||
| 严重级别 | 检测器 |
|
||
|---------|--------|
|
||
| High | reentrancy-eth, suicidal, controlled-delegatecall |
|
||
| Medium | reentrancy-benign, timestamp, low-level-calls |
|
||
| Low | naming-convention, unused-state |
|
||
|
||
## Limitations
|
||
- 只能发现约 30% 的真实漏洞
|
||
- 漏报率高(false negatives)
|
||
- 逻辑漏洞和经济漏洞难以发现
|
||
- 依赖工具更新维护
|
||
|
||
## Best Practice
|
||
- 静态分析作为第一轮扫描
|
||
- 人工审查作为主要手段
|
||
- 属性测试补充验证
|
||
|
||
## Connections
|
||
- [[Formal Verification]] ← complements ← [[Static Analysis]]
|
||
- [[Slither]] ← implements ← [[Static Analysis]]
|
||
- [[Mythril]] ← implements ← [[Static Analysis]]
|
||
|