Misti is a static analysis tool designed for smart contracts on the TON blockchain written in Tact.
- Code Analysis: Built-in suite of 38 detectors for identifying security vulnerabilities and anti-patterns.
- CI/CD Integration: Integrate Misti into your CI/CD pipeline to ensure continuous code quality checks.
- Custom Detectors: Create custom detectors to solve specific problems in your code or to provide a thorough security review if you are an auditor.
- Custom Tools: Extend Misti with your own tools for custom analysis and reporting capabilities.
- (optional) Install Soufflé to enable more built-in detectors.
- Install Misti:
npm install -g @nowarp/misti- Run Misti by specifying a Tact contract, project config, or directory to check:
misti path/to/src/contracts- Use built-in tools:
misti path/to/src/contracts -t DumpAst- Use external tools:
misti path/to/src/contracts -t /path/to/custom-tool.js:CustomToolClassNameSee Misti Configuration for available options, or Developing Misti for advanced instructions. Blueprint users should refer to the appropriate documentation page.
- nowarp.io: We are doing other TON Security stuff beyond Misti.
- Documentation: Comprehensive guide on detectors, architecture, and development.
- API Reference: Useful for contributors or developers creating custom detectors.
- Blueprint Plugin: A plugin for the Blueprint Framework to enhance your workflow.
- Community Chat: Join the conversation and get help with Misti-related questions.