created_at2023-10-26 11:07:00.341626
updated_at2024-06-24 16:08:25.767598
descriptionRust based Solidity AST analyzer
Alex Roan (alexroan)



A powerful Solidity static analyzer that takes a bird's eye view over your smart contracts.

Docs Get support Website Twitter

Stargazers Forks Contributors Issues GPL-3.0 License

What is Aderyn?

Aderyn is an open-source public good developer tool. It is a Rust-based solidity smart contract static analyzer designed to help protocol engineers and security researchers find vulnerabilities in Solidity code bases.

Thanks to its collection of static vulnerability detectors, running Cyfrin Aderyn on your Solidity codebase will highlight potential vulnerabilities, drastically reducing the potential for unknown issues in your Solidity code and giving you the time to focus on more complex problems.

Built using Rust, Aderyn integrates seamlessly into small and enterprise-level development workflows, offering lighting-fast command-line functionality and a framework to build custom detectors to adapt to your codebase.

You can read the Cyfrin official documentation for an in-depth look at Aderyn's functionalities.


  • Supports any development framework (Foundry/Hardhat/Truffle/etc)
  • Modular detectors
  • AST Traversal
  • Markdown reports


Suggested VSCode extensions: rust-analyzer - Rust language support for Visual Studio Code Rust Syntax - Improved Rust syntax highlighting

Installing Aderyn

You can install Aderyn using Cargo, Rust's package manager, or with cyfrinup, the Cyfrin CLI tool.

Using Cyfrinup

Note: If you previously installed aderyn using cargo, run cargo uninstall aderyn before using cyfrinup to avoid conflicts.

Step 1: Install Cyfrinup

Cyfrinup is a CLI tool that simplifies the installation and management of Cyfrin tools. To install Cyfrinup, run the following command in your terminal:

curl -L | bash

Step 2: Update Path

The installer will prompt you to run a source command. Either run this command, or reload your terminal.

Step 3: Install Aderyn using Cyfrinup

After installing Cyfrinup, you can use it to install Aderyn. Run the following command in your terminal:


Step 4: Verify installation

aderyn --version

Future Updates

To update Aderyn to the latest version, you can run the cyfrinup:


Cyfrinup will replace the existing version with the latest one.

Using Cargo

Step 1: Install Rust

Before installing Aderyn, ensure you have the following:

  • Rust: Aderyn is built in Rust. Before running, you must install Rust and Cargo (Rust's package manager). If you still need to install Rust, follow the instructions on the official Rust website.

Step 2: Install Aderyn using cargo

Aderyn is currently installed using Cargo, Rust's package manager. Open your command line interface and run the following command:

cargo install aderyn

This command downloads and installs the Aderyn package.

Step 3: Verify installation

After the installation, you can verify that Aderyn is correctly installed by checking its version. In your command line, execute:

aderyn --version

This command should return the installed version of Aderyn, confirming that the installation was successful.

Step 4: Update PATH (if necessary)

If you cannot run the aderyn after installation, you may need to add Cargo's bin directory to your PATH. The exact instructions can vary based on your operating system. Typically, it involves adding ~/.cargo/bin to your PATH in your shell profile script (like .bashrc or .zshrc).

Step 5: Future Updates

To update Aderyn to the latest version, you can run the install command again:

cargo install aderyn

Cargo will replace the existing version with the latest one.

Quick Start

Once Aderyn is installed on your system, you can run it against your Foundry-based codebase to find vulnerabilities in your code.

We will use the aderyn-contracts-playground repository in this example. You can follow along by cloning it to your system:

git clone

Navigate inside the repository:

cd aderyn-contracts-playground

We usually use several smart contracts and tests to try new detectors. Build the contracts by running:

forge build

Once your smart contracts have been successfully compiled, run Aderyn using the following command:

aderyn [OPTIONS] path/to/your/project

Replace [OPTIONS] with specific command-line arguments as needed.

For an in-depth walkthrough on how to get started using Aderyn, check the Cyfrin official docs


Usage: aderyn [OPTIONS] <ROOT>

<ROOT>: The path to the root of the codebase to be analyzed. Defaults to the current directory.


  • -s, --src: Path to the source contracts. If not provided, or if aderyn can't find famous files to read (like foundry.toml, which it automatically searches for) the ROOT directory will be used.

    • In foundry projects, this is usually the src/ folder unless stated otherwise in foundry.toml.
    • In Hardhat projects, this is usually the contracts/ folder unless stated otherwise in the config.
  • -i, --path-includes <PATH_INCLUDES>: List of path strings to include, delimited by comma (no spaces). Any solidity file path not containing these strings will be ignored

  • -x, --path-excludes <PATH_EXCLUDES>: List of path strings to exclude, delimited by comma (no spaces). Any solidity file path containing these strings will be ignored

  • -o, --output <OUTPUT>: Desired file path for the final report (will overwrite the existing one) [default:]

  • -n, --no-snippets: Do not include code snippets in the report (reduces report size in large repos)

  • -h, --help: Print help

  • -V, --version: Print version

You must provide the root directory of the repo you want to analyze. Alternatively, you can provide a single Solidity file path (this mode requires Foundry to be installed).


aderyn /path/to/your/foundry/project/root/directory/

Find more examples on the official Cyfrin Docs

Building a custom Aderyn detector

Aderyn makes it easy to build Static Analysis detectors that can adapt to any Solidity codebase and protocol. This guide will teach you how to build, test, and run your custom Aderyn detectors. To learn how to create your custom Aderyn detectors, checkout the official docs


You can run Aderyn from a Docker container.

Build the image:

  docker build -t aderyn .

/path/to/project/root should be the path to your Foundry or Hardhat project root directory and it will be mounted to /share in the container.

Run Aderyn:

  docker run -v /path/to/project/root/:/share aderyn

Run with flags:

  docker run -v /path/to/project/root/:/share aderyn -h

Single Solidity File Mode

If it is a Solidity file path, then Aderyn will create a temporary Foundry project, copy the contract into it, compile the contract and then analyze the AST generated by that temporary project.

Contributing & License

Help us build Aderyn 🦜 Please see our contribution guidelines. Aderyn is an open-source software licensed under the GPL-3.0 License.

To build Aderyn locally:

  1. Install Rust,
  2. Clone this repo and cd aderyn/,
  3. make,
  4. Use cargo commands to build, test and run locally.


This project exists thanks to all the people who contribute.


  • AST Visitor code from solc-ast-rs.

  • Original detectors based on 4naly3er detectors.

  • Shoutout to the original king of static analysis slither.

Commit count: 0

cargo fmt