How to audit Solana smart contracts Part 2: automated scanning

Following Part 1: a systematic approach, this article introduces a few automated scanning tools to help audit Solana smart contracts.

• Soteria: dedicated scanner for Solana programs that finds all the common security vulnerabilities (e.g., missing checks, arithmetic overflows, etc).
• cargo-audit: audit Cargo.lock files for known security vulnerabilities
• cargo-clippy: a collection of lints to catch common mistakes.
• cargo-geiger: reports usage of…