How to audit Solana smart contracts Part 2: automated scanning
Published in
6 min readNov 12, 2021
Following Part 1: a systematic approach, this article introduces a few automated scanning tools to help audit Solana smart contracts.
- Soteria: dedicated scanner for Solana programs that finds all the common security vulnerabilities (e.g., missing checks, arithmetic overflows, etc).
- cargo-audit: audit Cargo.lock files for known security vulnerabilities
- cargo-clippy: a collection of lints to catch common mistakes.
- cargo-geiger: reports usage of…