SolidityScan is a Visual Studio Code extension that provides scanning capabilities for Solidity smart contracts. It allows you to scan a single .sol file or an entire workspace and gives a security profile for your contract with a security score, vulnerability distribution according to criticality levels & highlights the lines of code containing the vulnerabilities.
Scan Current File: Allows you to scan the open Solidity file for vulnerabilities.
Scan Entire Workspace: Allows you to scan the all the solidity files in the existing workspace for a comprehensive security profile.
Vulnerability distribution: Displays all types of vulnerabilities detected in the file distributed according to criticality levels.
Detailed results: Shows descriptions & remediations for the detected vulnerabilities along with highlighting the piece of code where they are present.
Gas optimizations: Gives you possible ways of optimising your Solidity files for gas.
Visual Studio Code version 1.54.0 or later.
Install the extension from the Visual Studio Code Marketplace.
Reload or restart Visual Studio Code.
To use SolidityScan, you may configure an API Access Token for authentication.
Open Visual Studio Code settings (File > Preferences > Settings or Ctrl + ,).
Search for "SolidityScan" and set the solidityscan.apiToken property with your API Access Token.
Scan Current File: Ctrl+K Ctrl+S (macOS: Cmd+K Cmd+S)