Smart Contract Security Analyzer

User Guide

Smart Contract Security Analyzer by H-X Technologies (hereinafter - Analyzer) is a professional automated service designed to protect your smart contracts and the resources they manage. This guide will help you make the best use of our service, even if you are not a cybersecurity expert.
First, if you have not read our articles Basics of smart contracts: operation and security and Smart contract security analysis tools, we suggest you do so because they contain some important initial information about security assessment and smart contract issues.
Our free Analyzer uses multiple vulnerability databases and scanning engines to better detect various smart contract issues. Here are some of the engines that we are using or planning to use: Mythril, Securify, Slither, Echidna, Etheno, Manticore, Rattle, Not So Smart Contract. You do not need to install these engines on your computer, configure them and run them manually. We do it for you. Now let's see how to use this service.

Analyzer provides a free automated analysis of your smart contract including one file, without dependencies.
Go to the main page of the Analyzer, upload the file with the source code of your smart contract, enter your name, email address, set the checkbox that you agree with the Terms of Use and Privacy Policy, set the checkbox ‘I'm not a robot’ (CAPTCHA), click «Start analysis» and follow the instructions.
Since the Analyzer sends a lot of reports and notifications to users' mailboxes, sometimes these emails come to SPAM folders. You should always check your SPAM folder not to miss our messages. You can use a "Not Spam" or a similar button in your email client to prevent further false spam filtering.
What if you received our analysis report indicating that your smart contract is potentially VULNERABLE? Well, don't panic! Not every vulnerability is exploitable or dangerous. You should show the report to an information security analyst for verification and vulnerability assessment. All automatic vulnerability analyzers usually give a lot of false positives. We always insist that the results of any automated analysis must be checked manually, and we are happy to help you.
What if the report indicates that your smart contract is potentially SECURE? Well, don't relax! There is no omniscient automated vulnerability analyzer, and never will be. However, our analysis systems are constantly learning. Try running the analysis later and you may get different results.