# AI Analysis API

## Create an AI Scan

<mark style="color:green;">`POST`</mark> `/v1/ai-scan/upload`

The AI scan endpoint allows users to submit Solidity source code for analysis. By sending a POST request to `/v1/ai-scan/upload` with the source code and a callback URL in the request body, the system initiates an AI-driven scan of the provided code. Upon completion, the system will send the results of the scan to the specified callback URL. This process facilitates automatic security and optimization checks for Smart Contracts written in Solidity, enabling developers to identify and address potential issues efficiently.

**Headers**

| Name          | Value              |
| ------------- | ------------------ |
| Content-Type  | `application/json` |
| Authorization | `Bearer <token>`   |

**Body**

Include a "params" object with the following key/value pairs:

| Name         | Type   | Description                                                         |
| ------------ | ------ | ------------------------------------------------------------------- |
| `name`       | string | User scan label                                                     |
| files        | JSON   | {"file1.sol": "file content",  ... ,"filelast.sol": "file content"} |
| webhook\_url | string | URL to callback after the AI scan completes.                        |
| scan\_type   | string | "solidity" or "cosmos"                                              |

**Example**

```python
file1 = Path('./example.sol').read_text()
file2 = Path('./example2.sol').read_text()
file3 = Path('./example3.sol').read_text()
    
key = "<your auditbase key>"
route = 'v1/scans/ai/upload'
url = host + route
post_data = {
    "params":{
        "name": "scan1",
        "files": {"file1.sol": file1, "file2.sol": file2, "file3.sol": file3},
        "webhook_url": "https://<your call url>/webhook",
        "scan_type": "cosmos"
    },
}

headers = {
    'Content-Type': 'application/json',
    'Authorization': f'Bearer {key}',
}

response = requests.post(url, json=post_data, headers=headers)
print("response: ", response.json())

```

**Response**

{% tabs %}
{% tab title="200" %}

```json
{
  "success": true,
  "scan_id": "1234-5678-abcd-efgh",
  "callback_url": "https://your-callback-url.com",
}
```

{% endtab %}

{% tab title="400" %}

```json
{
  "error": "Invalid request"
}
```

{% endtab %}
{% endtabs %}

**Webhook Response**

{% tabs %}
{% tab title="200" %}

```json
{
   "success": true,
   "data": { 
      "summary": {
        "high_issue_count": severities.get('high', 0),
        "medium_issue_count": severities.get('medium', 0), 
        "low_issue_count": severities.get('low', 0), 
         "num_lines": sloc, 
         "score": score
      },
      "findings": [
         {
            "title":"Propose Function Signature and Calldata Length Mismatch",
            "description":"The `propose` function enforces that the lengths of `_signatures` and `_calldatas` arrays must match. If the length of signatures does not match the calldata, the function reverts to prevent mismatches that could be exploited. If different lengths are intended for proper operation, this could inadvertently break business logic.",
            "snippet":"if (_signatures.length != _calldatas.length) revert TG_INVALID_SIGNATURES_LENGTH();",
            "confidence":0.8,
            "severity":"Medium"
         },
         {
            "title":"Protection Against Flash Loan Attacks",
            "description":"The contract uses a fixed `votingDelay` to allow token holders time to prepare for a vote and to protect against flash loan attacks. This is generally considered good practice, but the actual delay should be assessed to ensure it is sufficient based on the project's parameters.",
            "snippet":"function votingDelay() public pure override returns (uint256) { return 7200; } // 1 day",
            "confidence":1.0,
            "severity":"Non-critical"
         }
      ]
   }
}
```

{% endtab %}

{% tab title="400" %}

```json
{
    "success": false,
    "error": "the reason for the error",
}
```

{% endtab %}
{% endtabs %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.auditbase.com/api-access/v-1.0/ai-analysis-api.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.