Security Rules
Rule ID | Error | Options |
---|
reentrancy | Possible reentrancy vulnerabilities. Avoid state changes after transfer. | default |
avoid-sha3 | Use “keccak256” instead of deprecated “sha3” | default |
avoid-suicide | Use “selfdestruct” instead of deprecated “suicide” | default |
avoid-throw | “throw” is deprecated, avoid to use it | default |
func-visibility | Explicitly mark visibility in function | default |
state-visibility | Explicitly mark visibility of state | default |
check-send-result | Check result of “send” call | default |
avoid-call-value | Avoid to use “.call.value()()” | default |
compiler-fixed | Compiler version must be fixed | default |
compiler-gt-0_4 | Use at least ‘0.4’ compiler version | default |
no-complex-fallback | Fallback function must be simple | default |
mark-callable-contracts | Explicitly mark all external contracts as trusted or untrusted | default |
multiple-sends | Avoid multiple calls of “send” method in single transaction | default |
no-simple-event-func-name | Event and function names must be different | default |
avoid-tx-origin | Avoid to use tx.origin | default |
no-inline-assembly | Avoid to use inline assembly. It is acceptable only in rare cases | default |
not-rely-on-block-hash | Do not rely on “block.blockhash”. Miners can influence its value. | default |
avoid-low-level-calls | Avoid to use low level calls. | default |
* - All security rules implemented according ConsenSys Guide for Smart Contracts
Style Guide Rules
Rule ID | Error | Options |
---|
func-name-mixedcase | Function name must be in camelCase | default |
func-param-name-mixedcase | Function param name must be in mixedCase | default |
var-name-mixedcase | Variable name must be in mixedCase | default |
event-name-camelcase | Event name must be in CamelCase | default |
const-name-snakecase | Constant name must be in capitalized SNAKE_CASE | default |
modifier-name-mixedcase | Modifier name must be in mixedCase | default |
contract-name-camelcase | Contract name must be in CamelCase | default |
use-forbidden-name | Avoid to use letters ‘I’, ‘l’, ‘O’ as identifiers | default |
visibility-modifier-order | Visibility modifier must be first in list of modifiers | default |
imports-on-top | Import statements must be on top | default |
two-lines-top-level-separator | Definition must be surrounded with two blank line indent | default |
func-order | Function order is incorrect | default |
quotes | Use double quotes for string literals. Default quotes values is “double”. Values must be ‘single’ or ‘double’. | [\<default>, \<quotes>] |
no-mix-tabs-and-spaces | Mixed tabs and spaces | default |
indent | Indentation is incorrect | [\<default>, \ |
Best Practise Rules
Rule ID | Error | Options |
---|
max-line-length | Line length must be no more than maxlen. | [\<default>, \] Default maxlen is 120. |
payable-fallback | When fallback is not payable you will not be able to receive ethers | default |
no-empty-blocks | Code contains empty block | default |
no-unused-vars | Variable “name” is unused | default |
function-max-lines | Function body contains “count” lines but allowed no more than maxlines. | [\<default>, \] Default maxlines is 45. |
code-complexity | Function has cyclomatic complexity “current” but allowed no more than maxcompl. | [\<default>, \] Default maxcompl is 7. |
max-states-count | Contract has “some count” states declarations but allowed no more than maxstates | [\<default>, \] Default maxstates is 15. |