kritisi v1.5.2

Kritisi: AI-Powered Security Audit Tool for Solidity Smart Contracts

Kritisi is an AI-powered tool designed to analyze the security and documentation of Solidity code. This tool helps developers detect vulnerabilities, improve code quality, and ensure compliance with best practices.

✨ Key Features

• Security Audit: Analyze Solidity code to identify security vulnerabilities with structured reporting.
• NatSpec Documentation: Automatically add NatSpec documentation to functions within Solidity code.
• Code Merging: Merge all imported Solidity files into a single file for streamlined development.
• Ease of Use: CLI-based, allowing for simple and efficient interaction.
• AI Service Support: Supports OpenAI and Groq services for flexibility.

🚀 Installation

To use Kritisi, make sure you have the latest version of Node.js installed. Then, install the tool globally using the following command:

npm install -g kritisi

📘 Usage Instructions

Once Kritisi is installed globally, you can use it from the command line by typing kritisi followed by the desired command. Here are the available commands:

1. View Help To see a list of available commands, use:

   kritisi help

   Example output:

   Usage: kritisi [options] [command]
   
   A powerful AI-driven security audit tool for Solidity smart contracts.
   Detect vulnerabilities, enhance code quality, and ensure compliance with best practices.
   
   Options:
     -V, --version           output the version number
     -h, --help              display help for command
   
   Commands:
     setkey                 Set an API key for the selected service
     setmodel               Set the AI model for the selected service
     natspec                Process NatSpec documentation for Solidity files
     security               Run a security audit for Solidity smart contracts
     merger                 Merge all imported Solidity files into a single file
     help                   Display help information for available commands
   
   Run 'kritisi <command> --help' for detailed usage of a specific command.

2. Set API Key Before using the AI services, you need to set up your API key. Use the following command:

   kritisi setkey --service <service>

   <service>: Specify the service to be used, such as openai or groq. Example:

   kritisi setkey --service openai

   You will be prompted to enter your API key.

3. Set AI Model Set the AI model for the selected service, use the following command:

   kritisi setmodel --service <service>

   <service>: Specify the service to be used, such as openai or groq. Example:

   kritisi setmodel --service openai

   You will be prompted to input the model name interactively.

4. Add NatSpec Documentation To automatically add NatSpec documentation to your Solidity code, use the following command:

   kritisi natspec --service <service> --path <path>

   <service>: Specify the AI service (e.g., openai or groq).
   <path>: Specify the path to your Solidity file. Example:

   kritisi natspec --service openai --path ./contracts/MyContract.sol

5. Security Audit To run a security audit on your Solidity contracts, use:

   kritisi security --service <service> --path <path>

   <service>: Specify the AI service (e.g., openai or groq).
   <path>: Specify the path to your Solidity file. Example:

   kritisi security --service groq --path ./contracts/MyContract.sol

   The audit results will be saved as a PDF file in the same location as your Solidity file.

6. Merge Solidity Files To merge all imported Solidity files into a single file, use:

   kritisi merger --path <path>

   <path>: Specify the path to your Solidity file. Example:

   kritisi merger --path ./contracts/MyContract.sol

   The merged file will be saved with _merge appended to the original file name.

📂 Example Output

Security Audit

The results are presented as a JSON report converted into a PDF file like this:

{
  "high": [
    {
      "issue": "Reentrancy vulnerability in withdraw function.",
      "suggestion": "Use the Checks-Effects-Interactions pattern.",
      "code_highlight": "function withdraw() public { ... }"
    }
  ],
  "medium": [],
  "low": []
}

File Merge

Upon successful merging, the output will indicate the location of the merged file:

✔ Files merged successfully. Output file: /absolute/path/to/MyContract_merge.sol

🤝 Contributing

We greatly appreciate your contributions! Please fork this repository and submit a pull request with your changes or additions.

🛠 Support

If you encounter any issues or have questions, please open an issue in this repository or contact us at rakawidhiantoro@gmail.com.

📄 License

This project is licensed under the MIT License.

🎉 Thank you for using Kritisi! We hope this tool proves beneficial in enhancing the security and quality of your smart contracts.