Getting Started
Start scouting your project for security issues in less than 5 minutes.
About Scout
Scout is an extensible open-source tool intended to assist smart contract developers and auditors detect common security issues and deviations from best practices. This tool helps developers write secure and more robust smart contracts.
Supported Technologies
Currently, Scout can be executed on the following technlogies, with tailor-made detectors for each one.
Features
- A list of vulnerabilities, best practices and enhancements, together with associated detectors to identify these issues in your code.
- Command Line Interface (CLI).
- Scout VS Code Extension.
- Scout GitHub Action.
Install and execute Scout
Make sure that Cargo is installed on your computer. Then, install Scout with the following command:
cargo install cargo-scout-audit
To run Scout on your project execute the following command:
cargo scout-audit
💡 Scout supports Cargo Workspaces. When run on a workspace, Scout will be executed on all packages specified as members of the workspace.
⚠️ Make sure that your smart contracts compile properly. Scout won't run if any compilation errors exist.
Privacy
Scout Audit includes telemetry to track usage, but your data remains completely secure.
All reports sent to Scout are stored locally and can be viewed at:
$HOME/.scout-audit/telemetry/reports
To disable telemetry, navigate to:
$HOME/.scout-audit/telemetry, open user_id.txt, and replace its content with DONOTTRACK.
If you want to permanently delete your data from Scout's database, visit:
https://scout-api.coinfabrik.com/user/delete/<your-user-id>.