Solana Breakpoint 2022 slides video
Each subdirectory of lints contains a Solana lint in the form of a Dylint library.
The lints are inspired by the Sealevel Attacks. (See also @pencilflip's Twitter thread.)
The current lints are:
| Library | Description |
|---|---|
arbitrary_cpi |
lint for 5-arbitrary-cpi |
bump_seed_canonicalization |
lint for 6-bump-seed-canonicalization |
insecure_account_close |
lint for 9-closing-accounts |
missing_owner_check |
lint for 2-owner-checks |
missing_signer_check |
lint for 0-signer-authorization |
type_cosplay |
lint for 3-type-cosplay |
To use these lints, do the following:
-
Install
cargo-dylintanddylint-link:cargo install cargo-dylint dylint-link
-
Add the following to your workspace's
Cargo.tomlfile:[workspace.metadata.dylint] libraries = [ { git = "https://github.com/crytic/solana-lints", pattern = "lints/*" }, ]
-
Run
cargo-dylint:cargo dylint --all --workspace