2 个版本
0.1.2 | 2022 年 9 月 28 日 |
---|---|
0.1.0 | 2022 年 9 月 28 日 |
#19 in #audit
18KB
300 行
审计文件
审计文件是一种新的标准,它为任何审计提供了一个正式的 JSON 规范。它目前正在开发中。
{
"metadata": {
"title": "XFarm Vaults",
"source": "https://github.com/xfarms/vaults",
"status": "auditing",
"languages": [
"solidity"
],
"categories": [
"vaults"
],
"tags": [
"medium"
],
"networks": [
"bsc"
],
"timestamps": {
"onboarded": 12312312312,
"commencement": 12313212312,
"completion": 12312321312
},
"project": {
"title": "XFarm",
"website": "https://xfarms.io",
"twitter": "uno_farm",
"github": "https://github.com/xfarms"
}
},
"revisions": [
{
"id": "preliminary",
"title": "Preliminary",
"source.commit": "https://github.com/xfarms/vaults/tree/4a6a247e017f96cb5f569331ca64c7f5fd41189d",
"timestamps": {
"commencement": 12312312312,
"completion": 1231232131
},
"status": "auditing"
}
],
"contracts": [{
"id": "farm",
"revisions": {
"preliminary": {
"file": "contracts/Farm.sol",
"name": "Farm",
}
},
"metadata": {
"livematch": {
"link": "https://bscscan.com/address/0xDeadDeAddeAddEAddeadDEaDDEAdDeaDDeAD0000",
"status": "MATCHED",
"timestamps": {
"commencement": 123123213,
"completion": 12312312312
},
},
"privileged": [
"transferOwnership",
"renounceOwnership",
"pause",
"unpause"
]
}
}],
"audit": {
"contracts": {
"farm": {
"description": "The Farm contract is responsible for blabla",
"issues": {
"count": 1,
"severities": {
"info": {
"count": 1,
"issues": [
{
"id": "farm-typographicerrors",
"title": "Typographic Errors",
"description": "The contract contains the following typographic errors:\n\nLine 3\n ```uint256 precsicion```",
"recommendation": "Consider resolving the aforementioned errors.",
"resolution": "",
"status": "pending",
"revisions": {
"raised": "preliminary",
"resolved": "resolutions1",
},
"timestamps": {
"commencement": 12312321,
"completion": 123123123
}
}
]
}
}
}
}
}
}
}
原则
- 可解释性:审计文件应该易于由模板工具和前端使用,以便向用户显示所有相关信息。
- 完整性:审计文件应存储至少审计所需的所有必要细节。审计后端应最多只需在数据库中存储其最小子集(例如,没有计数)
待办事项
- 基于时间戳的日期打破了可解释性原则
依赖关系
~0.7–1.6MB
~36K SLoC