^{[ 🌐 📩 🔥 ]}

_{Note: This extension might hallucinate 😵‍💫🤷‍♂️. Don't trust, verify.}

Solidity AI ✨ - Jr. Security Assistant for VSCode

A junior auditing buddy and assistant, but it's AI

• Contract System Exploration
• Code Interrogation
• Auto-draft security vulnerability issues from inline 🔖 @audit - Bookmarks
• Smart Contract VulnDB 🍋 integration

Feedback (or ApiKey request) 🙏 👉 Feedback Form

What it is 👌

Think of it as an auditor that is new to the solidity ecosystem but knows a lot about computers.

• Delegate tasks
  • let it find all deployable contracts and generate breakdown/summary reports dissecting the systems into subcomponents and listing common security issues
  • let it generate breakdown/summaries contract-by-contract along listing typical security issues and suggestions for next steps reviewing them
  • let it generate mutations/variants of functions you select to compare it to alternative implementations (differential analysis)
  • let it ELI5 functions or contracts
  • let it add extensive commentation to selected code
  • let it rewrite code to a much simpler form
• Discuss and play "What if!?" games
  • ask it to generate valid inputs that pass all requires in a function
  • ask it what would happen if an input would be address(0)
  • let it come up with attack vectors for specific vulnerabilities you find
• Support your report writing efforts
  • let it turn 🔖 @audit - Bookmarks and annotations into draft findings for your audit report.

You are Batman 🦇, the extension is Robin 🍼. Don't trust 👉 discuss + verify.

What it is -NOT- ⭕

It is not a skilled solidity auditor.

• It will not take your job.
• It will not produce good outputs for detailed solidity questions.
• It will eventually hallucinate.

What do you need? 🙇

An apiKey for the AI back-end. Ping me on github: @tintinweb / twitter: @nicht_tintin or fill out this form for a demo key.

First Steps: 2 - Try it out

Select some code, right click, "Solidity AI✨: ask ..."

How to?! 🥷

From the File Explorer

Contract System Summary, Subsystems, Security Report

Generate contract system summary and breakdown reports contract-by-contract (all individual contracts) or for deployable contracts only.

• In the file explorer, select multiple files and folders (glob includes solidity files; see configuration),
  • select Solidity AI✨: Summarize to create a system summary report with contract-by-contract breakdowns.
  • select Solidity AI✨: Summarize Deployable to create a system summary report for flattened deployable contracts.

From the Editor Context Menu

Perform custom or template queries for the (a) selected file or (b) a code selection in the editor.

• (a) right click without a code selection and inside a solidity function, assumes you're asking something about the selected and downstream functions.
• (b) right click without a code selection and outside a solidity function, assumes you're asking something about the file open in the editor.
• (c) right click -WITH- a code selection, assumes you're asking something about the selected code, only.

From the Command Menu

cmd + shift + p --> ask

• if current editor window is without a code selection, assumes you're asking something about the file open in the editor.
• if current editor window is -WITH- a code selection, assumes you're asking somethint about the selected code, only.

Acknowledgements 🧘

• SvgIcons: svgrepo.com
• extension logo: @gnsps

Release Notes

Changelog