Surya is a tool developed by ConsenSys that help us to explore smart contracts.

First, to install locally use npm:

$ npm install surya 
npm WARN deprecated [email protected]: Version 1.x or earlier is no longer supported.

added 64 packages, and audited 65 packages in 9s

3 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

Run `npm audit` for details.

Command line options:

$ node_modules/surya/bin/surya help
surya <cmd> [args]

Commands:
  surya describe <files..>                  show file contracts structure.
  surya graph <files..>                     generate graph of contract function
                                            calls.
  surya inheritance <files..>               generate graph of contract
                                            inheritance tree.
  surya dependencies <target_contract>      output a linearized list of smart
  <files..>                                 contract dependencies (linerized
                                            inherited parents).
  surya flatten <files..>                   output to a single flattened
                                            solidity file
  surya parse <file>                        output AST generated by the parser
                                            for the specified file in a textual
                                            tree format.
  surya ftrace <function_identifier>        output the selected function call
  <function_visibility_restrictor>          trace in a textual tree format.
  <files..>                                 External calls are marked in
                                            `orange` and internal calls are
                                            `uncolored`.
  surya mdreport <outfile> <infiles..>      output a markdown file

Options:
  -h, --help     Show help                                             [boolean]
  -v, --version  Show version number                                   [boolean]

Usage against a vulnerable contract (public burn method):

$ node_modules/surya/bin/surya describe ShadowFiToken.sol 
 + [Lib] SafeMath 
    - [Int] add
    - [Int] sub
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] div

 + [Int] IBEP20 
    - [Ext] totalSupply
    - [Ext] decimals
    - [Ext] symbol
    - [Ext] name
    - [Ext] getOwner
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Int] IDEXFactory 
    - [Ext] createPair #

 + [Int] IDEXRouter 
    - [Ext] factory
    - [Ext] WETH
    - [Ext] addLiquidity #
    - [Ext] addLiquidityETH ($)
    - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
    - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
    - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #

 +  ShadowAuth 
    - [Pub] <Constructor> #
    - [Pub] authorizeFor #
       - modifiers: authorizedFor
    - [Pub] authorizeForMultiplePermissions #
       - modifiers: authorizedFor
    - [Pub] unauthorizeFor #
       - modifiers: authorizedFor
    - [Pub] unauthorizeForMultiplePermissions #
       - modifiers: authorizedFor
    - [Pub] isOwner
    - [Pub] isAuthorizedFor
    - [Pub] isAuthorizedFor
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Pub] getPermissionNameToIndex
    - [Pub] getPermissionUnlockTime
    - [Pub] isLocked
    - [Pub] lockPermission #
       - modifiers: authorizedFor
    - [Pub] unlockPermission #

 + [Int] IDividendDistributor 
    - [Ext] setDistributionCriteria #
    - [Ext] setShare #
    - [Ext] deposit ($)
    - [Ext] process #
    - [Ext] claimDividend #

 +  DividendDistributor (IDividendDistributor)
    - [Pub] <Constructor> #
    - [Ext] setDistributionCriteria #
       - modifiers: onlyToken
    - [Ext] setShare #
       - modifiers: onlyToken
    - [Ext] deposit ($)
       - modifiers: onlyToken
    - [Ext] process #
       - modifiers: onlyToken
    - [Int] shouldDistribute
    - [Int] distributeDividend #
    - [Ext] claimDividend #
    - [Pub] getUnpaidEarnings
    - [Int] getCumulativeDividends
    - [Int] addShareholder #
    - [Int] removeShareholder #

 +  ShadowFi (IBEP20, ShadowAuth)
    - [Pub] <Constructor> #
       - modifiers: ShadowAuth
    - [Ext] <Receive Ether> ($)
    - [Ext] totalSupply
    - [Ext] decimals
    - [Ext] symbol
    - [Ext] name
    - [Ext] getOwner
    - [Pub] balanceOf
    - [Ext] allowance
    - [Pub] approve #
    - [Ext] approveMax #
    - [Ext] transfer #
    - [Ext] transferFrom #
    - [Int] _transferFrom #
    - [Int] _basicTransfer #
    - [Int] checkTxLimit
    - [Int] shouldTakeFee
    - [Pub] getTotalFee
    - [Pub] getMultipliedFee
    - [Int] takeFee #
    - [Int] isSell
    - [Int] shouldSwapBack
    - [Int] swapBack #
       - modifiers: swapping
    - [Ext] triggerBuyback #
       - modifiers: authorizedFor
    - [Ext] clearBuybackMultiplier #
       - modifiers: authorizedFor
    - [Int] buyTokens #
       - modifiers: swapping
    - [Ext] setBuybackMultiplierSettings #
       - modifiers: authorizedFor
    - [Int] launched
    - [Int] launch #
    - [Ext] setTxLimit #
       - modifiers: authorizedFor
    - [Ext] setIsDividendExempt #
       - modifiers: authorizedFor
    - [Ext] setIsFeeExempt #
       - modifiers: authorizedFor
    - [Ext] setIsTxLimitExempt #
       - modifiers: authorizedFor
    - [Ext] setFees #
       - modifiers: authorizedFor
    - [Ext] setFeeReceivers #
       - modifiers: authorizedFor
    - [Ext] setSwapBackSettings #
       - modifiers: authorizedFor
    - [Ext] setTargetLiquidity #
       - modifiers: authorizedFor
    - [Ext] setDistributionCriteria #
       - modifiers: authorizedFor
    - [Ext] setDistributorSettings #
       - modifiers: authorizedFor
    - [Pub] getCirculatingSupply
    - [Pub] getLiquidityBacking
    - [Pub] isOverLiquified
    - [Ext] claimDividend #
    - [Ext] addPair #
       - modifiers: authorizedFor
    - [Ext] removeLastPair #
       - modifiers: authorizedFor
    - [Ext] setFeesOnNormalTransfers #
       - modifiers: authorizedFor
    - [Ext] setLaunchedAt #
       - modifiers: authorizedFor
    - [Ext] setAllowedAddress #
       - modifiers: onlyOwner
    - [Pub] burn #
    - [Ext] airdrop #
       - modifiers: onlyOwner
    - [Ext] isAirdropped
    - [Ext] setBlackListed #
       - modifiers: onlyOwner


 ($) = payable function
 # = non-constant function

For control flow graph, first install graphviz package:

# apt-get install graphviz

Then,

$ surya graph ShadowFiToken.sol | dot -Tpng > ShadowFiToken.png

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Leave a Reply