Seven validated findings: SDK risks, Solana logic, attack chains, fixes.
7 findings2 Critical · 3 High · 1 Medium · 1 InfoSAST + on-chain review
Architecture
Static checks for Solana-shaped Rust
Generic lint lags Solana. Core stack is regex, macro-aware AST, taint, and a local judge. Same inputs, same findings. Models stay optional and off detections.
Audit spotlight
Pact audit: SDK and chain
Report covers @q3labs/pact-monitor v0.1.4 and pact-protocol on-chain logic.
Deployment
One core, pick your surface
Analyzer stays local; optional layers add reports without changing core outputs.
Local CLI
Scan workspaces, export JSON or Markdown locally. No API keys required.
- Deterministic output for identical inputs
- Workspace walk + skip bad files instead of aborting
- Pairs with CI and pre-push hooks
API server & orchestration
Optional, non-coreKB, chain, and MCP context; capped correction loops; narrative reports, all layered on reruns of the same deterministic engine.
Server mode
- Dispatch + policy hooks
- Capped validator iterations
- Inspectible suppression log
IDE extension
Roadmap: inline diagnostics on save, jump-to-span, same binaries as CLI and API.
- Tight loop for protocol engineers
- Complements local `scan` in CI
Open source under MIT / Apache-2.0. No surprise tiers. Clone, skim the preprint, run the harness on hardware you control.
FAQ
What stays deterministic, what does not, and where a human still signs off.
No. The four-phase core (regex, AST after macros, taint, local judge) is deterministic: feed it the same bytes, you get the same filtered findings and suppression log. If an LLM shows up at all, it lives in orchestration or reporting and must not feed back into detections. That split is how the preprint draws the architecture.
Anchor `#[derive(Accounts)]` and Solitaire `#[derive(FromAccounts)]` generate the checks that actually execute. Regex on pre-expanded source can miss validation that only appears after macro expansion. That gap is what this pipeline is aimed at.
No. Static analysis still burps false positives that deserve human triage. The paper frames the judge as trimming high-confidence noise, not handing down verdicts. Treat alerts as structured starting points.
Stick to the published two-segment story: Segment A proves regressions stay caught; Segment B scores recall and precision against audit-derived labels on public repos. Run `cargo run -p ares-cli -- benchmark` on your checkout. If you cannot reproduce a number, do not ship it.
No. Think of it as fast, local signal before you pay for deep review. Economic exploit proofs, mainnet-fork sandboxes, and full formal verification are called out as future or explicitly out of scope in the paper.
No account required
GitHub source: clone, run, rerun benchmarks. Email only for release pings.
or
Open repositoryQuestions first? Read the FAQ.
ARES V3
Regex, AST, taint, judge pipeline; LLMs never feed detections per preprint.
Benchmark on your own machine
Clone, run harness, diff ground_truth.json. Real metrics survive any laptop.
cargo run -p ares-cli --release -- benchmark --dataset dataset --output ./report.md