-
Notifications
You must be signed in to change notification settings - Fork 1
/
constant.js
59 lines (56 loc) · 2.06 KB
/
constant.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
const os = require('os');
const path = require('path');
const BLAZO_PATH = path.join(os.homedir(), '.blazo');
const INVARIANTS_ITEMS = {
'Common Vulnerabilities': [
{
name: 'Balance Extraction',
description:
'Detect whether the attackers can steal ETH / native tokens from the contract.',
},
{
name: 'Token Extraction',
description:
'Detect whether the attackers can steal ERC20 / ERC721 tokens from the contract.',
},
{
name: 'Uniswap Pair Issues',
description:
'Identify misuse of Uniswap pair that could lead to price manipulation attacks.',
},
{
name: 'ChainLink Issues',
description:
'Identify misuse of Chainlink that could lead to a range of different attacks.',
},
{
name: 'Arbitrary Selfdestruct',
description:
'Detect whether the attackers can make contract self-destruct.',
},
],
'Custom Invariants': [
{
name: 'FuzzLand Violations',
description:
'You can insert <code>emit AssertionFailed(string)</code> into your code to indicate that the invariant is broken and the violation has happened. Blaz uses this event to determine whether a violation has happened.',
keys: ['bug', 'typed_bug'],
},
{
name: 'Echidna Violations',
description:
'You can insert Echidna invariants into your code. Blaz will use those invariant functions to determine whether a violation has happened.',
keys: ['echidna'],
},
{
name: 'Scribble Violations',
description:
'You can insert Scribble assertions into your code and Blaz would check those assertions. Note that you need to upload the Scribble instrumented file to Blaz.',
keys: ['scribble'],
},
],
};
module.exports = {
INVARIANTS_ITEMS,
BLAZO_PATH,
};