A static tool to check and detect potentially risky codes in smart contracts (a.k.a, chaincodes).
The aim of Chaincode Analyzer is to provide the way to check whether the smart contracts includes potentially risky codes or not. The tool performs static analysis on chaincode source codes written in Golang and detects potentially risky parts such as generating random values, accessing outside of blockchain networks and iteration on map object. For more details of the tool and target risks: https://github.com/FujitsuLaboratories/ChaincodeAnalyzer
- https://github.com/kzhry (Kazuhiro Yamashita)
- https://github.com/Chinlying (Ence Zhou)
- https://github.com/hartm (Hart Montgomery) - Member of Hyperledger TSC
- There is pre-existing public repository available at (https://github.com/FujitsuLaboratories/ChaincodeAnalyzer) as explained above. We would like to copy all the code since we did not use sign-off option.