This endpoint allows you to initiate a scan of a specific smart contract on a blockchain via a block explorer interface. By providing the smart contract's address and the chain ID, users can receive detailed security scan of the contract's source code.
Once a scan completes, AuditBase will callback a webhook with the following data:
{"success":true,"scan_id":"60188023-0b6f-4994-ba15-3d973efb0711","data":{"findings":[ {"id":"cb775b85-a334-4096-bbb6-1ec3540b46c4","title":"Centralization risk for trusted owners", "description":"Having a single EOA as the only owner of contracts is a large centralization risk and a single point of failure. A single private key may be taken in a hack, or the sole holder of the key may become unable to retrieve the key when necessary. Consider changing to a multi-signature setup, or having a role-based authorization model.",
"identifier":"M001","count":1,"gas_savings":"-","severity":"M", "snippet":"```solidity\nFile: tmp/0bd226dd-a4da-4dbe-8005-6616cae58949/contract.sol\n\n559 function renounceOwnership() public onlyOwner {\n568 function transferOwnership(address newOwner) public onlyOwner {\n602 function changeName(string memory name) public onlyOwner{\n\n```\n"
}, {"id":"bae2e591-5fca-48ed-8233-eaceec8649c2","title":"Use `Ownable2Step` rather than `Ownable`", "description":"`Ownable2Step` and `Ownable2StepUpgradeable` prevent the contract ownership from mistakenly being transferred to an address that cannot handle it (e.g. due to a typo in the address), by requiring that the recipient of the owner permissions actively accept via a contract call of its own.",
"identifier":"L001","count":1,"gas_savings":"-","severity":"L", "snippet":"```solidity\nFile: tmp/0bd226dd-a4da-4dbe-8005-6616cae58949/contract.sol\n\n590 contract Token is ERC20, ERC20Detailed, ERC20Burnable, Ownable {\n\n```\n"
}, {"id":"d49b8e59-5c39-4a28-9500-bd1a434e8125","title":"Burn functions should be protected with a modifier","description":" ","identifier":"L002","count":1,"gas_savings":"-","severity":"L", "snippet":"```solidity\nFile: tmp/0bd226dd-a4da-4dbe-8005-6616cae58949/contract.sol\n\n492 function burn(uint256 amount) public {\n493 _burn(msg.sender, amount);\n494 }\n\n```\n"
}, {"id":"e489b2cf-7385-4945-a971-d2a2d56a5831","title":"No limits when setting state variable amounts","description":"It is important to ensure state variables numbers are set to a reasonable value.","identifier":"L003","count":1,"gas_savings":"-","severity":"L", "snippet":"```solidity\nFile: tmp/0bd226dd-a4da-4dbe-8005-6616cae58949/contract.sol\n\n441 _decimals = decimals;\n\n```\n"
} ] }}
