ShieldContract #328
Open
ShieldContract #328
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
KoushikGavini
requested review from
mbrandenburger,
tkuhrt,
nidhi-singh02,
alvaropicazo and
a team
as code owners
KoushikGavini
force-pushed
the
propose-shieldcontract-analyzer
branch
from
512c137 to
61fd4c0
Compare
Signed-off-by: Koushik Gavini <gavinikoushik@gmail.com>
KoushikGavini
force-pushed
the
propose-shieldcontract-analyzer
branch
from
61fd4c0 to
794c609
Compare
tkuhrt
requested changes
Jul 16, 2025
| @@ -0,0 +1,32 @@ | |||
| # Lab Name | |||
There was a problem hiding this comment.
Suggested change
| # Lab Name | |
| --- | |
| layout: default | |
| title: ShieldContract Analyzer | |
| parent: LFDT Labs | |
| grand_parent: Active Labs | |
| --- | |
| # Lab Name |
| - **Reporting**: Outputs in JSON, Markdown, HTML, and SARIF for CI/CD integration. | ||
| - **Other Features**: Interactive mode, custom rules, Docker support, and configuration via TOML. Stubbed/planned features include full auditing. | ||
|
|
||
| As enterprises and business solutions are looking into developing web3 products such as institutional tokenization and stable coins, there is a pressing need for a quick CLI analyzer tool for smart contracts to see if it meets the standards and that it can fit into a CI/CD workflow. As institutions increasingly tokenize assets, this tool provides a "quick first check" for smart contracts, combining static analysis with AI to flag non-compliance and vulnerabilities early. It aligns with Hyperledger's ecosystem (e.g., Fabric integration) and could expand to support more standards/AI providers. The project is in early ideation (v0.2.0), with some features limited. |
There was a problem hiding this comment.
Suggested change
| As enterprises and business solutions are looking into developing web3 products such as institutional tokenization and stable coins, there is a pressing need for a quick CLI analyzer tool for smart contracts to see if it meets the standards and that it can fit into a CI/CD workflow. As institutions increasingly tokenize assets, this tool provides a "quick first check" for smart contracts, combining static analysis with AI to flag non-compliance and vulnerabilities early. It aligns with Hyperledger's ecosystem (e.g., Fabric integration) and could expand to support more standards/AI providers. The project is in early ideation (v0.2.0), with some features limited. | |
| As enterprises and business solutions are looking into developing web3 products such as institutional tokenization and stable coins, there is a pressing need for a quick CLI analyzer tool for smart contracts to see if it meets the standards and that it can fit into a CI/CD workflow. As institutions increasingly tokenize assets, this tool provides a "quick first check" for smart contracts, combining static analysis with AI to flag non-compliance and vulnerabilities early. It aligns with LF Decentralized Trust's ecosystem (e.g., Fabric integration) and could expand to support more standards/AI providers. The project is in early ideation (v0.2.0), with some features limited. |
There was a problem hiding this comment.
Not sure if this is a correct change. Did you want to only refer to Hyperledger Fabric in this sentence or are you talking about the entire LFDT ecosystem? If the former, maybe the change should be "...with Hyperledger Fabric's ecosystem and could expand..."
|
|
||
| # Pre-existing repository | ||
|
|
||
| - https://github.com/KoushikGavini/ShieldContract |
There was a problem hiding this comment.
It looks like you will need to add DCO sign-offs before we can move this repo. Also, any chance of licensing this under Apache 2.0?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
ShieldContract Analyzer is a Rust-based CLI tool in ideation phase for smart contract security analysis, with a focus on verifying compliance with token standards (e.g., ERC-20, ERC-721, ERC-1155, ERC-777) and providing quick first-check security audits. It integrates with AI providers like OpenAI, Claude, and Gemini for cross-check analysis, helping institutions entering tokenization to rapidly identify vulnerabilities and ensure standards adherence.
Scope of Lab
This lab develops a proof-of-concept CLI tool for blockchain smart contract security, currently supporting Hyperledger Fabric chaincode and Solana programs, with modular extensions for other platforms. Key functionalities include: