Compact Security Detectors

A suite of tools and libraries for analyzing Compact language for security vulnerabilities within the Midnight platform.

Repository Structure

This workspace includes the following crates:

• sdk: Core SDK for building the AST, codebase, and writing custom security detectors.
• detectors: Built-in security detectors for common vulnerability patterns.
• compact-scanner: CLI tool to scan .compact files and run detectors.

Quickstart

1. Clone the repository:

   git clone https://github.com/OpenZeppelin/compact-security-detectors-sdk.git

2. Restore submodules:

   git submodule update --init --recursive

3. Build the project:

   cargo build

4. Scan a directory of .compact files:

   compact-scanner scan ./path/to/compact/files

Documentation

Detailed developer guides for each crate:

• SDK: README
• Detectors: README
• CLI Scanner: README

Architecture Overview

graph TD;
  subgraph Parser Layer
    I[Compact code] --> G[tree-sitter-compact]
  end
  subgraph Core SDK
    G --> C[sdk]
  end
  subgraph Analysis
    C --> D[detectors]
    C --> S[compact-scanner]
  end
  S -->|Results| O[Output JSON/Console]

Loading

Contributing

See contributing.md for guidelines.

Style Guidelines

See style guidelines for coding standards and best practices.

License

AGPLv3