S
SkillNav

io.github.Bajuzjefe/aikido-mcp

编码与调试

by bajuzjefe

为Cardano上的Aiken smart contracts提供安全分析,内置75个漏洞检测器。

2GitHub

什么是 io.github.Bajuzjefe/aikido-mcp

为Cardano上的Aiken smart contracts提供安全分析,内置75个漏洞检测器。

README

<p align="center"> <img src="aikido-og.png" alt="Aikido - Security analysis platform for Aiken smart contracts on Cardano" width="100%" /> </p> <p align="center"> <a href="LICENSE"><img src="https://img.shields.io/badge/license-MIT-blue.svg" alt="License" /></a> <img src="https://img.shields.io/badge/rust-%3E%3D1.88.0-orange.svg" alt="Rust" /> <img src="https://img.shields.io/badge/tests-1186%2B-brightgreen.svg" alt="Tests" /> <img src="https://img.shields.io/badge/detectors-75-2EFFB5.svg" alt="Detectors" /> <img src="https://img.shields.io/badge/crashes-0-2EFFB5.svg" alt="Crashes" /> <img src="https://img.shields.io/badge/audit_coverage-85%25-2EFFB5.svg" alt="Audit Coverage" /> </p>

Security analysis platform for Aiken smart contracts on Cardano.

Aikido goes beyond static analysis. It combines a 75-detector suite with SMT verification, transaction simulation, compliance analysis, protocol pattern detection, and grammar-aware fuzzing to find vulnerabilities in Aiken smart contracts before they reach mainnet. Multi-lane analysis cross-correlates evidence across techniques, producing findings with source context, severity ratings, CWE/CWC classifications, and actionable remediation guidance.

Built in Rust. Fast. Zero configuration required.

Why Aikido

Cardano smart contracts are immutable once deployed. A vulnerability in production means lost funds with no recourse. Manual audits are expensive, slow, and bottlenecked. Aikido catches the classes of bugs that auditors find most often - double satisfaction, missing signature checks, unbounded iteration, unsafe datum handling - automatically, in seconds.

  • The only security tool for Aiken - no alternatives exist in the ecosystem
  • 75 detectors with CWC (Cardano Weakness Classification) and CWE mappings
  • Multi-lane analysis - static detectors, compliance, SMT verification, transaction simulation, protocol detection, fuzzing
  • Validated against professional audit - 85% coverage on TxPipe's Strike Finance audit findings (full comparison)
  • Evidence framework - findings corroborated across multiple analysis techniques (PatternMatch -> SmtProven -> SimulationConfirmed)
  • 9 output formats - terminal, JSON, SARIF, Markdown, HTML, PDF, CSV, GitLab SAST, reviewdog
  • Ecosystem proven - 10+ real-world projects including SundaeSwap, Anastasia Labs, Strike Finance, and Seedelf (0 crashes)

Quick Start

Install

bash
# Homebrew (macOS/Linux)
brew install Bajuzjefe/tap/aikido

# Cargo (Rust >= 1.88.0)
cargo install --git https://github.com/Bajuzjefe/Aikido-Security-Analysis-Platform aikido-cli

# npm (wrapper)
npx aikido-aiken /path/to/project

# Docker
docker run --rm -v $(pwd):/project ghcr.io/bajuzjefe/aikido:0.3.1 /project

# From source
git clone https://github.com/Bajuzjefe/Aikido-Security-Analysis-Platform.git
cd aikido && cargo build --release

Run

bash
aikido /path/to/your-aiken-project

Example Output

code
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  AIKIDO v0.3.1  Static Analysis Report
  Project: test/simple-treasury v0.1.0
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  [CRITICAL] (definite) double-satisfaction - Handler treasury.spend iterates
    outputs without own OutputReference - validators/treasury.ak:23

    Spend handler accesses tx.outputs but never uses __own_ref to identify
    its own input. An attacker can satisfy multiple script inputs with a
    single output, draining funds.

        22 | validator treasury {
    >   23 |   spend(
    >   24 |     datum: Option<TreasuryDatum>,
    >   25 |     redeemer: TreasuryRedeemer,

    Suggestion: Use the OutputReference parameter to correlate outputs
    to this specific input.

  ...

  1 critical, 5 high, 7 medium, 0 low, 0 info
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

Analysis Architecture

Aikido uses a multi-lane approach where independent analysis techniques cross-validate each other:

mermaid
graph TB
    subgraph Input
        A[Aiken Project] --> B[Typed AST]
    end

    subgraph Analysis Lanes
        B --> C[Detector Suite<br/>75 detectors]
        B --> D[Compliance<br/>Securify2-style]
        B --> E[SMT Verification<br/>Cardano axioms]
        B --> F[Tx Simulation<br/>exploit generation]
        B --> G[Protocol Detection<br/>DeFi classification]
        B --> H[Fuzz Lane<br/>grammar-aware]
    end

    subgraph Evidence Correlation
        C --> I[Evidence Framework]
        D --> I
        E --> I
        F --> I
        G --> I
        H --> I
    end

    I --> J[PatternMatch]
    J --> K[PathVerified]
    K --> L[SmtProven]
    L --> M[SimulationConfirmed]
    M --> N[Corroborated]

    N --> O[Report<br/>9 output formats]

    style C fill:#2EFFB5,color:#0a0a0a
    style D fill:#2EFFB5,color:#0a0a0a
    style E fill:#2EFFB5,color:#0a0a0a
    style F fill:#2EFFB5,color:#0a0a0a
    style G fill:#2EFFB5,color:#0a0a0a
    style H fill:#2EFFB5,color:#0a0a0a
    style I fill:#111111,color:#e0e0e0
    style O fill:#111111,color:#e0e0e0

Lane Details

LaneWhat it does
Detector SuiteCross-module interprocedural analysis, taint tracking, symbolic execution, delegation-aware suppression, transitive signal merging, datum continuity tracking
ComplianceSecurify2-style dual-pattern system: every security property has compliance (safe) and violation (unsafe) patterns. 10 security property variants
SMT VerificationSolver-independent interface with Cardano domain axioms (value conservation, signature semantics, minting policy). Constraint solving for reachability
Tx SimulationScriptContext builder generates concrete exploit scenarios. Tests 6 detector categories against simulated transactions
Protocol DetectionAutomatic DeFi protocol classification (DEX, Lending, Staking, DAO, NFT, Options, Escrow). Token flow and authority analysis
Fuzz LaneGrammar-aware Cardano transaction generation, Echidna-style stateful protocol fuzzing, deterministic PRNG

Supporting modules: CWC Registry (30 entries mapping all 75 detectors), Scorecard (Experimental -> Beta -> Stable promotion with quality gates), SSA IR (phi nodes, dominators, use-def chains).

Real-World Validation

Strike Finance Audit Comparison

Aikido was benchmarked against TxPipe's professional audit of Strike Finance (perpetuals + forwards contracts):

MetricResult
TxPipe security findings analyzed24
Full match (true positive)12
Partial match5
Correctly not flagged (code fixed)4
False negatives3
Aikido unique findings26
Coverage (unfixed findings)85%

Full methodology and per-finding breakdown: AUDIT_COMPARISON.md

Ecosystem Validation

Validated against 10+ real-world Aiken smart contract projects with zero crashes:

ProjectFindingsSeverity Distribution
SundaeSwap DEX471 critical, 13 high, 24 medium, 3 low, 6 info
Anastasia Design Patterns243 critical, 10 high, 8 medium, 2 low, 1 info
Anastasia Multisig62 critical, 4 medium
Seedelf Wallet41 high, 2 medium, 1 low
Strike Finance (4 repos)755 critical, 18 high, 40 medium, 8 low, 4 info
Acca2020 medium
Total17681% estimated true positive rate

Detectors

75 detectors mapped to CWE identifiers.

<details> <summary><strong>Critical (5)</strong></summary>
DetectorCWEDescription
double-satisfactionCWE-362Spend handler iterates outputs without referencing own input
missing-minting-policy-checkCWE-862Mint handler doesn't validate which token names are minted
missing-utxo-authenticationCWE-345Reference inputs used without authentication
unrestricted-mintingCWE-862Minting policy with no authorization check at all
output-address-not-validatedCWE-20Outputs sent to unchecked addresses
</details> <details> <summary><strong>High (19)</strong></summary>
DetectorCWEDescription
missing-redeemer-validationCWE-20Catch-all redeemer pattern trivially returns True
missing-signature-checkCWE-862Authority datum fields with no extra_signatories check
unsafe-datum-deconstructionCWE-252Option datum not safely deconstructed with expect Some
missing-datum-in-script-outputCWE-404Script output without datum attachment (funds locked forever)
arbitrary-datum-in-outputCWE-20Outputs produced without validating datum correctness
division-by-zero-riskCWE-369Division with attacker-controlled denominator
token-name-not-validatedCWE-20Mint policy checks auth but not token names
value-not-preservedCWE-682Spend handler doesn't verify output value >= input value
unsafe-match-comparisonCWE-697Value compared with match instead of structural equality
integer-underflow-riskCWE-191Subtraction on redeemer-controlled values
quantity-of-double-countingCWE-682Token quantity checked without isolating input vs output
state-transition-integrityCWE-20Redeemer actions without datum transition validation
withdraw-zero-trickCWE-863Withdraw handler exploitable with zero-value withdrawal
other-token-mintingCWE-862Mint policy allows minting tokens beyond intended scope
unsafe-redeemer-arithmeticCWE-682Arithmetic on redeemer-tainted values without bounds
value-preservation-gapCWE-682Lovelace checked but native assets not preserved
uncoordinated-multi-validatorCWE-362Multi-handler validator without cross-handler coordination
missing-burn-verificationCWE-862Token burning without proper verification
oracle-manipulation-riskCWE-20Oracle data used without manipulation safeguards
</details> <details> <summary><strong>Medium (24)</strong></summary>
DetectorCWEDescription
missing-validity-rangeCWE-613Time-sensitive datum without validity_range check
insufficient-staking-controlCWE-863Outputs don't constrain staking credential
unbounded-datum-sizeCWE-400Datum fields with unbounded types (List, ByteArray)
unbounded-value-sizeCWE-400Outputs don't constrain native asset count
unbounded-list-iterationCWE-400Direct iteration over raw transaction list fields
oracle-freshness-not-checkedCWE-613Oracle data used without recency verification
non-exhaustive-redeemerCWE-478Redeemer match doesn't cover all constructors
hardcoded-addressesCWE-798ByteArray literals matching Cardano address lengths
utxo-contention-riskCWE-400Single global UTXO contention pattern
cheap-spam-vulnerabilityCWE-770Validator vulnerable to cheap UTXO spam
unsafe-partial-patternCWE-252Expect pattern on non-Option type that may fail at runtime
unconstrained-recursionCWE-674Self-recursive handler without clear termination
empty-handler-bodyCWE-561Handler with no meaningful logic
unsafe-list-headCWE-129list.head() / list.at() without length guard
missing-datum-field-validationCWE-20Spend handler accepts datum fields but never validates them
missing-token-burnCWE-862Minting policy with no burn handling
missing-state-updateCWE-665State machine without datum update
rounding-error-riskCWE-682Integer division on financial values
missing-input-credential-checkCWE-862Input iteration without credential check
duplicate-asset-name-riskCWE-694Minting without unique asset name enforcement
fee-calculation-uncheckedCWE-682Fee or protocol payment without validation
datum-tampering-riskCWE-20Datum passed through without field-level validation
missing-protocol-tokenCWE-862State transition without protocol token verification
unbounded-protocol-operationsCWE-400Both input and output lists iterated without bounds
</details> <details> <summary><strong>Low / Info (12)</strong></summary>
DetectorSeverityDescription
reference-script-injectionLowOutputs don't constrain reference_script field
unused-validator-parameterLowValidator parameter never referenced
fail-only-redeemer-branchLowRedeemer branch that always fails
missing-min-ada-checkInfoScript output without minimum ADA check
dead-code-pathLowUnreachable code paths
redundant-checkLowTrivially true conditions
shadowed-variableInfoHandler parameter shadowed by pattern binding
magic-numbersInfoUnexplained numeric literals
excessive-validator-paramsInfoToo many validator parameters
unused-importInfoImported module with no function calls
</details>

Each detector has detailed documentation with vulnerable examples, safe examples, and remediation guidance. Use aikido --explain <detector-name> or see docs/detectors/.

Output Formats

9 formats for different workflows:

bash
aikido /path/to/project                        # Colored terminal output (default)
aikido /path/to/project --format json          # JSON (machine-readable)
aikido /path/to/project --format sarif         # SARIF v2.1.0 (GitHub Code Scanning)
aikido /path/to/project --format markdown      # Markdown report
aikido /path/to/project --format html          # Standalone HTML report
aikido /path/to/project --format pdf           # PDF audit report
aikido /path/to/project --format csv           # CSV export
aikido /path/to/project --format gitlab-sast   # GitLab SAST
aikido /path/to/project --format rdjson        # reviewdog

Configuration

.aikido.toml

toml
# Use a preset as a starting point
extends = "strict"      # or "lenient" for fewer warnings

[detectors]
disable = ["magic-numbers", "unused-import"]

[detectors.severity_override]
unbounded-datum-size = "low"

# Per-file overrides
[[files]]
pattern = "tests/**"
disable = ["hardcoded-addresses", "magic-numbers"]

Inline Suppression

rust
// aikido:ignore[double-satisfaction] -- false positive: own_ref checked in helper
spend(datum, redeemer, own_ref, tx) {
  ...
}

Baseline Support

bash
aikido /path --accept-baseline    # Save current findings as baseline
aikido /path                      # Only new findings reported

CI/CD Integration

GitHub Actions

yaml
name: Security
on: [push, pull_request]
jobs:
  aikido:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Install Aikido
        run: cargo install --git https://github.com/Bajuzjefe/Aikido-Security-Analysis-Platform aikido-cli
      - name: Run analysis
        run: aikido . --format sarif --fail-on high > results.sarif
      - name: Upload SARIF
        if: always()
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: results.sarif

Docker

bash
docker run --rm -v $(pwd):/project ghcr.io/bajuzjefe/aikido:0.3.1 /project --format json

CLI Reference

bash
aikido /path                        # Analyze project
aikido /path --fail-on high         # Exit non-zero for high+ findings
aikido /path --min-severity medium  # Filter to medium+ only
aikido /path --verbose              # Include UPLC metrics and budget
aikido /path --list-rules           # Show all detectors
aikido /path --explain <rule>       # Detailed explanation with examples
aikido /path --diff main            # Only report findings in changed files
aikido /path --watch                # Re-run on file changes
aikido /path -q                     # Quiet mode
aikido /path --config my.toml       # Use specific config file
aikido /path --accept-baseline      # Save current findings as baseline
aikido /path --lsp                  # LSP JSON-RPC diagnostics
aikido /path --interactive          # Terminal navigator for findings
aikido /path --fix                  # Insert suppression comments
aikido /path --generate-config      # Generate .aikido.toml from findings
aikido /path --strict-stdlib        # Reject stdlib v1.x (default: warn)
aikido --git <url>                  # Clone and analyze remote repo
aikido --benchmark-manifest benchmarks/local-fixtures.toml --format json
aikido --benchmark-manifest benchmarks/local-fixtures.toml --benchmark-enforce-gates

Architecture

code
aikido/
├── crates/
│   ├── aikido-core/           # Library: analysis engine
│   │   ├── src/
│   │   │   ├── project.rs            # Aiken project loading & compilation
│   │   │   ├── ast_walker.rs         # Typed AST traversal -> ModuleInfo
│   │   │   ├── body_analysis.rs      # Handler body signal extraction + taint tracking
│   │   │   ├── call_graph.rs         # Function dependency graph
│   │   │   ├── cross_module.rs       # Cross-module interprocedural analysis
│   │   │   ├── symbolic.rs           # Symbolic execution & constraints
│   │   │   ├── delegation.rs         # Delegation-aware suppression
│   │   │   ├── evidence.rs           # 5-level evidence framework
│   │   │   ├── cwc.rs               # Cardano Weakness Classification registry
│   │   │   ├── scorecard.rs          # Detector quality tracking & promotion
│   │   │   ├── ssa.rs               # SSA IR with phi nodes & use-def chains
│   │   │   ├── compliance.rs         # Securify2-style compliance analysis
│   │   │   ├── smt.rs               # SMT verification with Cardano axioms
│   │   │   ├── path_analysis.rs      # Path-sensitive analysis & CFG
│   │   │   ├── invariant_spec.rs     # .aikido-invariants.toml DSL
│   │   │   ├── protocol_patterns.rs  # DeFi protocol detection & classification
│   │   │   ├── tx_simulation.rs      # ScriptContext builder & exploit generation
│   │   │   ├── fuzz_lane.rs          # Grammar-aware tx fuzzing
│   │   │   ├── config.rs             # .aikido.toml configuration
│   │   │   ├── suppression.rs        # Inline suppression comments
│   │   │   ├── baseline.rs           # Baseline file support
│   │   │   ├── uplc_analysis.rs      # UPLC bytecode analysis & budgets
│   │   │   └── detector/             # 75 detector implementations
│   │   └── tests/                    # 1186+ tests
│   └── aikido-cli/            # Binary: clap-based CLI
├── fixtures/                  # Test contracts (7 fixtures)
├── audits/                    # Audit comparison artifacts
├── docs/detectors/            # Per-detector documentation
├── .github/workflows/         # CI, cross-platform, release, fuzz
├── homebrew/                  # Homebrew formula
├── npm/                       # npm wrapper package
├── vscode-extension/          # VS Code extension
├── fuzz/                      # cargo-fuzz targets
└── Dockerfile                 # Multi-stage build

Building from Source

bash
git clone https://github.com/Bajuzjefe/Aikido-Security-Analysis-Platform.git
cd aikido
cargo build --release          # Binary at target/release/aikido
cargo test                     # Run test suite (1186+ tests)
cargo clippy --all-targets     # Lint (zero warnings)

Requires Rust >= 1.88.0.

Vulnerability Coverage

Detectors are derived from real vulnerabilities found in published Cardano smart contract audits:

SourceFindings Covered
MLabs audit reportsDouble satisfaction, missing minting policy, arbitrary datum, unbounded size
Vacuumlabs audit reportsUnbounded value size, token dust attacks
PlutonomiconUnrestricted minting, double satisfaction patterns
Anastasia Labs audit reportsStaking credential theft, datum handling
TxPipe audit reportsOracle manipulation, state transition integrity, value preservation
CWE Database75 detectors mapped to specific CWE identifiers

License

MIT

<!-- Current detector count: 75 -->

常见问题

io.github.Bajuzjefe/aikido-mcp 是什么?

为Cardano上的Aiken smart contracts提供安全分析,内置75个漏洞检测器。

相关 Skills

网页构建器

by anthropics

Universal
热门

面向复杂 claude.ai HTML artifact 开发,快速初始化 React + Tailwind CSS + shadcn/ui 项目并打包为单文件 HTML,适合需要状态管理、路由或多组件交互的页面。

在 claude.ai 里做复杂网页 Artifact 很省心,多组件、状态和路由都能顺手搭起来,React、Tailwind 与 shadcn/ui 组合效率高、成品也更精致。

编码与调试
未扫描114.1k

前端设计

by anthropics

Universal
热门

面向组件、页面、海报和 Web 应用开发,按鲜明视觉方向生成可直接落地的前端代码与高质感 UI,适合做 landing page、Dashboard 或美化现有界面,避开千篇一律的 AI 审美。

想把页面做得既能上线又有设计感,就用前端设计:组件到整站都能产出,难得的是能避开千篇一律的 AI 味。

编码与调试
未扫描114.1k

网页应用测试

by anthropics

Universal
热门

用 Playwright 为本地 Web 应用编写自动化测试,支持启动开发服务器、校验前端交互、排查 UI 异常、抓取截图与浏览器日志,适合调试动态页面和回归验证。

借助 Playwright 一站式验证本地 Web 应用前端功能,调 UI 时还能同步查看日志和截图,定位问题更快。

编码与调试
未扫描114.1k

相关 MCP Server

GitHub

编辑精选

by GitHub

热门

GitHub 是 MCP 官方参考服务器,让 Claude 直接读写你的代码仓库和 Issues。

这个参考服务器解决了开发者想让 AI 安全访问 GitHub 数据的问题,适合需要自动化代码审查或 Issue 管理的团队。但注意它只是参考实现,生产环境得自己加固安全。

编码与调试
83.4k

Context7 文档查询

编辑精选

by Context7

热门

Context7 是实时拉取最新文档和代码示例的智能助手,让你告别过时资料。

它能解决开发者查找文档时信息滞后的问题,特别适合快速上手新库或跟进更新。不过,依赖外部源可能导致偶尔的数据延迟,建议结合官方文档使用。

编码与调试
52.2k

io.github.tldraw/tldraw

编辑精选

by tldraw

热门

tldraw 是让 AI 助手直接在无限画布上绘图和协作的 MCP 服务器。

这解决了 AI 只能输出文本、无法视觉化协作的痛点——想象让 Claude 帮你画流程图或白板讨论。最适合需要快速原型设计或头脑风暴的开发者。不过,目前它只是个基础连接器,你得自己搭建画布应用才能发挥全部潜力。

编码与调试
46.3k

评论