author: Rick Fontein
title: Comparison of static analysis tooling for smart contracts on the EVM
keywords: Blockchain, Smart Contracts, Ethereum, EVM, Static Analysis
topics: Dependability, security and performance , Software Technology
committee: Jaco van de Pol
started: November 2017
end: February 2018

Description

The interest in smart contracts running on a blockchain has increased lately. Since smart contracts live in a particularly hostile environment, they should be under rigorous scrutiny before deployment. Formal verification is desired, but often hard and time consuming. Static analysis tools can help detecting common mistakes and errors. Recently a set of static analysis tools have been developed specifically targeting the smart contract platform of the Ethereum project. This study aims to compare a set of these tools. A comparison study of static analysis tools can help inform smart contract developers of what these tools are capable of. Whether running a single of these tools would be sufficient to detect most errors and mistakes, or maybe a combination. Secondly, the results of this study highlights the features and accuracy of the tools, and suggest improvements.