Tealer is a static analyzer for Teal code. It parses the Teal program, and builds its CFG. The analyzer comes with a set of vulnerabilities detectors and printers allowing to quickly review the contracts.
Num | Check | What it Detects | Type |
---|---|---|---|
1 | canDelete | Detect paths that can delete the application | Stateful |
2 | canUpdate | Detect paths that can update the application | Stateful |
3 | groupSize | Detect paths with a missing GroupSize check | StatefulGroup |
4 | rekeyTo | Detect paths with a missing RekeyTo check | StatefulGroup |
All the detectors are run by default
- Print CFG (
--print-cfg
)
Printers output dot
files.
Use xdot
to open the files (sudo apt install xdot
).
Run
python3 setup.py install
We recommend to install the tool in a virtualenv.
tealer code.teal
The following shows the CFG from algorand/smart-contracts.
git clone https://github.com/algorand/smart-contracts.git
cd smart-contracts
tealer ./devrel/permission-less-voting/vote_opt_out.teal --print-cfg