Skip to content

malturki/tealer

 
 

Repository files navigation

Tealer

Tealer is a static analyzer for Teal code. It parses the Teal program, and builds its CFG. The analyzer comes with a set of vulnerabilities detectors and printers allowing to quickly review the contracts.

Features

Detectors

Num Check What it Detects Type
1 canDelete Detect paths that can delete the application Stateful
2 canUpdate Detect paths that can update the application Stateful
3 groupSize Detect paths with a missing GroupSize check StatefulGroup
4 rekeyTo Detect paths with a missing RekeyTo check StatefulGroup

All the detectors are run by default

Printers

  • Print CFG (--print-cfg)

Printers output dot files. Use xdot to open the files (sudo apt install xdot).

How to install

Run

python3 setup.py install

We recommend to install the tool in a virtualenv.

How to run

tealer code.teal

Example

The following shows the CFG from algorand/smart-contracts.

git clone https://github.com/algorand/smart-contracts.git
cd smart-contracts
tealer ./devrel/permission-less-voting/vote_opt_out.teal --print-cfg

Example

About

Static Analyzer for Teal

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 99.6%
  • Shell 0.4%