Identifying broken dependencies & potential attack vectors
TD

TJ Dunham

Created Dec 13, 2022

Identifying broken dependencies & potential attack vectors

Auditing smart contracts are the first line of defense against any potential exploits. Using the reactor, broken dependencies, as well as all potential exploits are highlighted both visually in the problem console as well as diagrammatically in the Macro view & Micro view of the codebase (ERD,AD).

This workflow is designed to help users identify potential issues in their source code or in the source code of any other projects smart contracts.

127
1

Select desired contract file

Select desired contract file
2

Notice that when ERD populates, problems appear in the bottom right console

The ERD diagram is the connective tissue of the entire repository or set of contracts. When dependencies don't match up, problems are logged.

Notice that when ERD populates, problems appear in the bottom right console
3

Select the problem console

Select the problem console
4

Notice that contract files have drop-down bars, select to see missing file

Notice that contract files have drop-down bars, select to see missing file
5

View missing file via arrow pointing to blank area

Due to the relational source code mapping capabilities of our system, you are able to see visually where the dependencies don't line up. As well as knowing for the most part what type of contract needs to be injected via the editor, or from on-chain/ repo.

Source code with missing dependencies won't compile

View missing file via arrow pointing to blank area
Well done!
Create how-to guides like this in a snap. Get Tango now.