Key Features

What does Herbicide detect?

Analyzable Hook Condition

The analysis is supported for Uniswap V4 Hook Contracts interacting with the Uniswap V4 Pool Manager. The exact initialized values in the Pool Manager must be correctly entered. Each hook should be implemented per the IHook and BaseHook interfaces, interacting with v4-core:9293e5a and v4-periphery:1dc3a34.

Detectable Security Threat

ReInitializable

Detects changes in the Hook's storage due to the actions of beforeInitialize / afterInitialize if the same Hook can be deployed to the PoolManager. Confirms whether the storage accessed by the beforeInitialize/afterInitialize functions during Hook initialization is managed by PoolId.

Time Lock

Detects cases where a specific Hook does not operate after a certain period has elapsed.

External Callable Hook Functions

For Hook functions such as beforeInitialize / afterInitialize / beforeSwap / afterSwap / etc., detects whether entities other than the PoolManager can execute each function.

Malicious Hook Detection

Can identify risks of gas griefing through gas usage and warns if it can steal user funds or take more tokens than the user intends to pay.

Price Abnormality

Warns when there is a significant difference between the price simulated by Herbicide and the actual price at which the swap occurs.

Proxy Detection

Detects and warns if the Hook Contract is implemented as a proxy.

Contract Information Analysis

With PoolKey

Hook Delta Simulation: Simulates the amount of funds moved during Swap/ModifyLiquidity, allowing users to directly understand the characteristics of the fund flow in the Hook.
Static Analysis with Slither: Provides processed information such as security checks and contract information for Hook Contracts verified on BlockScout using Slither, making audits more convenient.

With Hook Contract

Static Analysis with Semgrep: Based on the Herbicide Semgrep Script, it extracts and displays information about the Contract as follows.
1. Library Information
2. Modifier Information
3. Inheritance Information
4. Variable Information

PreviousVulnerable Hook Detection NextDynamic Analysis

Last updated 1 year ago

Was this helpful?

hashtagAnalyzable Hook Condition

hashtagDetectable Security Threat

hashtagReInitializable

hashtagTime Lock

hashtagExternal Callable Hook Functions

hashtagMalicious Hook Detection

hashtagPrice Abnormality

hashtagProxy Detection

hashtagContract Information Analysis

hashtagWith PoolKey

hashtagWith Hook Contract