Sizing Tool for Smart Contract Audits

4D Ago

When a customer asks for a solidity audit, we need a proper estimation of the required hours to complete the task in order to schedule it. In order to do so, among other factors, we use the size of the contract(s) code. To assist with this endeavor, we developed an internal tool that:

Can count either the number of lines in the source code or the punctuations (not including comments or empty lines). Tracks solidity dependencies, letting us know if the code to audit has additional dependencies that we need to look at. Those dependencies may be weighted differently if desired. Separately counts assembly code. This code may be weighted differently if desired. Makes an educated guess on the size of the audit, using the item count defined above.

We believe that this tool may be of interest for people outside CoinFabrik, for this reason we make this tool publicly available to the crypto community. We named this tool estimate-sol and published it in pypi. It can be easily installed by running pip install estimate-sol in a shell. You need to have Python 3.8 (or superior) installed in order to use it. After installing, pass the files to size via the command line. The tool comes with its own help, which is self explanatory:

$ estimate-sol -h usage: estimate-sol [-h] [--punctuations] [--encoding ENCODING] [--dependencies-multiplier DEPENDENCIES_MULTIPLIER] [--assembly-multiplier ASSEMBLY_MULTIPLIER] [--week-size WEEK_SIZE] [-a] [-V] files [files ...] Estimate solidity audit sizes. positional arguments: files Files to be audited. optional arguments: -h, --help show this help message and exit --punctuations, -p Use punctuations for counting (default: lines) --encoding ENCODING, -e ENCODING File encoding (default=utf-8). --dependencies-multiplier DEPENDENCIES_MULTIPLIER, -d DEPENDENCIES_MULTIPLIER Multiplier to estimate non-audited dependencies (default=1.0). --assembly-multiplier ASSEMBLY_MULTIPLIER Multiplier to estimate assembly code (default=1.0). --week-size WEEK_SIZE, -w WEEK_SIZE Number of items to audit per week. Defaults: (lines:1.0, punct:1.0) -a, --absolute_paths Show all paths as absolute (by default relative paths are shown if inside current directory). -V, --version show program's version number and exit