DEV Community

Raka Widhi Antoro
Raka Widhi Antoro

Posted on

๐Ÿš€ Getting Started with kritisi CLI: An AI-Driven Security Tool for Solidity

The kritisi CLI is a powerful tool for developers working with Solidity smart contracts. It leverages AI to enhance code quality, detect vulnerabilities, and ensure compliance with best practices. Letโ€™s dive into how to install and use this tool step by step.


โœจ Features

  • ๐Ÿ” Set API Keys for AI services like OpenAI and Groq.
  • ๐Ÿค– Set AI Models for tailored results.
  • ๐Ÿ› ๏ธ Merge Solidity Files with ease.
  • ๐Ÿ“ Generate NatSpec Documentation using AI.
  • ๐Ÿ“Š Run Security Audits with detailed severity reports.

๐Ÿš€ Installation

First, ensure you have Node.js installed on your system. Then install the kritisi CLI globally:

npm install -g kritisi
Enter fullscreen mode Exit fullscreen mode

Verify the installation:

kritisi --version
Enter fullscreen mode Exit fullscreen mode

๐Ÿ› ๏ธ Usage Guide

1. Register for API Keys

To use AI features, you need API keys from OpenAI and Groq. Follow these steps:

OpenAI

  1. Go to OpenAI.
  2. Sign up or log in to your account.
  3. Navigate to the API section and generate a new API key.
  4. Save the API key securely.

Groq

  1. Visit Groq and create an account.
  2. Once logged in, go to the developer section to generate an API key.
  3. Save the API key securely.

2. Set Your API Key

After obtaining API keys, set them up for the selected service.

Command:

kritisi setkey --service <service>
Enter fullscreen mode Exit fullscreen mode

Example:

kritisi setkey --service openai
Enter fullscreen mode Exit fullscreen mode

You will be prompted to enter your API key interactively. For example:

Enter the API key openai:
Enter fullscreen mode Exit fullscreen mode

Once entered, the key will be securely saved.

3. Set AI Model

Select the AI model for the service youโ€™re using.

Command:

kritisi setmodel --service <service>
Enter fullscreen mode Exit fullscreen mode

Example:

kritisi setmodel --service openai
Enter fullscreen mode Exit fullscreen mode

You will be prompted to enter the model name interactively:

Enter the model name for openai (e.g., 'gpt-4'):
Enter fullscreen mode Exit fullscreen mode

4. Merge Solidity Files

Combine all imported Solidity files into a single file with this handy command.

Command:

kritisi merger --path <path-to-solidity-file>
Enter fullscreen mode Exit fullscreen mode

Example:

kritisi merger --path ./contracts/MyContract.sol
Enter fullscreen mode Exit fullscreen mode

This will generate a merged file with _merge appended to the original file name.

5. Add NatSpec Documentation

Automatically add NatSpec comments to your Solidity code.

Command:

kritisi natspec --service <service> --path <path-to-solidity-file>
Enter fullscreen mode Exit fullscreen mode

Example:

kritisi natspec --service openai --path ./contracts/MyContract.sol
Enter fullscreen mode Exit fullscreen mode

6. Run Security Audit

Analyze your smart contract for security vulnerabilities and generate a detailed report.

Command:

kritisi security --service <service> --path <path-to-solidity-file>
Enter fullscreen mode Exit fullscreen mode

Example:

kritisi security --service groq --path ./contracts/MyContract.sol
Enter fullscreen mode Exit fullscreen mode

The security report will be saved as a PDF in the same directory.


๐Ÿ“š Example Workflow

Letโ€™s walk through a simple example:

  1. Register for API Keys:

  2. Set the OpenAI API Key:

    kritisi setkey --service openai
    

    Enter your API key when prompted.

  3. Set the AI Model:

    kritisi setmodel --service openai
    

    Provide the model name (e.g., gpt-4).

  4. Run a Security Audit:

    kritisi security --service openai --path ./contracts/MyContract.sol
    

    Check the generated PDF for the detailed report.


๐Ÿ”ง Troubleshooting

  • If you encounter errors related to missing API keys, ensure you have set them using the setkey command.
  • Use the --help flag with any command to get detailed usage instructions:
kritisi <command> --help
Enter fullscreen mode Exit fullscreen mode

๐ŸŒŸ Conclusion

The kritisi CLI empowers Solidity developers with AI-driven insights, streamlining the auditing and documentation process. Whether you're ensuring security compliance or generating comprehensive documentation, this tool has you covered.


๐Ÿ› ๏ธ Resources

Happy Coding! ๐ŸŽ‰

Heroku

This site is built on Heroku

Join the ranks of developers at Salesforce, Airbase, DEV, and more who deploy their mission critical applications on Heroku. Sign up today and launch your first app!

Get Started

Top comments (0)

Sentry image

See why 4M developers consider Sentry, โ€œnot bad.โ€

Fixing code doesnโ€™t have to be the worst part of your day. Learn how Sentry can help.

Learn more

๐Ÿ‘‹ Kindness is contagious

Immerse yourself in a wealth of knowledge with this piece, supported by the inclusive DEV Communityโ€”every developer, no matter where they are in their journey, is invited to contribute to our collective wisdom.

A simple โ€œthank youโ€ goes a long wayโ€”express your gratitude below in the comments!

Gathering insights enriches our journey on DEV and fortifies our community ties. Did you find this article valuable? Taking a moment to thank the author can have a significant impact.

Okay