Codex
/
Defend
Process
Line-by-line Code Review
Last updated:
October 28, 2021

The line-by-line code review is self explanatory – it involves reading all the source code. Unfortunately, a line-by-line review is unlikely to immediately lead to discovering all the issues in the code (in fact there are better ways to systemically go through all the code when incorporating the specification).

The goals of line-by-line review, especially when conducted early in the process are the following:

  • Continue building an understanding of the code base
  • Identify code quality and documentation issues
  • Highlight sensitive/ambiguous/suspicious areas for further testing/review
  • Ensure all behavior is covered under the specification

A good tool to use for line-by-line review is the Solidity Visual Developer. It offers security-aware syntax highlighting and other visualization tools.

See Also:
Risk Communication
Potential Integrations Review
Oracle Review
How to Do a Security Review
Formal Verification
Test Quality Review
Fuzzing
Echidna
Assembly Code Review
How to Prepare for a Security Audit
Code Quality Review
Storage Analysis
Numerical Review
External Interactions Review
ERC Standards Review
Upgradeability Review
Visual Inspection Tool
Flow of Value Analysis
Solidity Visual Developer
Vulnerability Scanning
Use Both Internal and External Security Reviews
State Transition Review
Access Control Review
Surya
How to Assess Security Risk?
What is the Defend Phase?
Slither
Static Analysis
Twitter
Medium
Terms
Privacy
Cookies
© 2021 Auditless Limited