Releases: blocksecteam/rustle
Releases · blocksecteam/rustle
v2.0
v1.3
What's Changed
- add 3 new detectors
- unclaimed-storage-fee: find functions without balance check before storage unregister (based on NEP-145)
- nft-approval-check: find
nft_transferwithout checkingapproval id(based on NEP-171) - nft-owner-check: find approve or revoke functions without owner check (based on NEP-178)
- add new detector group
nep-ft,nep-storageandnep-nft
Full Changelog: v1.2...v1.3
v1.2
What's Changed
- add 6 new detectors
- public-interface: find all public interfaces
- dup-collection-id: find duplicate id uses in collections
- storage-gas: find missing balance checks for storage expansion
- unregistered-receiver: find transfer functions with no panic on unregistered transfer receivers
- unsaved-changes: find changes to collections that are not saved
- nep${id}-interface: do interface integrity check for different NEP specification
- add support for rustc v1.65.0
- integrate clang-tidy for code optimization
Full Changelog: v1.1...v1.2
v1.1
Changes
- docs: add examples for every detector
- feat: bump LLVM version to 15 (but we are still working on supporting Rust v1.65.0, refer to this PR for more)
- feat: add unit test scripts
- feat: add
--outputflag to rustle script - feat: split vulnerabilities into different severity groups in the audit report
- fix several bugs
Full Changelog: v1.0...v1.1
v1.0
We are thrilled to release Rustle: the first automatic auditor offered by BlockSec for NEAR community.
Rustle has several great features:
- Rustle can currently detect 20+ types of issues in the NEAR contract. See the section Detectors for the full detector list.
- Rustle is easy to use. We provide thorough installation commands and tutorials. Furthermore, we also prepare a docker for users for quick start.
- Rustle is rather swift, most of the NEAR contracts can be analyzed within 3 minutes.
- Rustle is user-friendly with reports in both CSV and JSON format. We also provide a script to help you import the result to Notion.