Vulnerability Overview
Understanding how BlockSecOps identifies and presents security findings. Vulnerabilities are security issues in your smart contracts that could be exploited by...
Vulnerability Overview
Understanding how BlockSecOps identifies and presents security findings.
What Are Vulnerabilities?
Vulnerabilities are security issues in your smart contracts that could be exploited by attackers. BlockSecOps detects:
- Code vulnerabilities - Bugs that enable attacks
- Logic issues - Flawed business logic
- Best practice violations - Deviations from security standards
- Gas inefficiencies - Optimization opportunities
How Findings Are Generated
Detection Flow
Upload Contract → Run Scanners → Collect Results →
Deduplicate → Enrich → Score Risk → Present Findings
Multiple Scanner Approach
BlockSecOps runs 17+ scanners, each with different detection capabilities:
| Scanner Type | Finds | Example Scanners |
|---|---|---|
| Static Analysis | Known patterns | Slither, Aderyn |
| Symbolic Execution | Deep logic bugs | Mythril, Halmos |
| Fuzzing | Edge cases | Echidna, Medusa |
| Linting | Code quality | Solhint |
Finding Structure
Each vulnerability finding contains:
Core Information
| Field | Description |
|---|---|
| Title | Brief description of the issue |
| Severity | Critical, High, Medium, or Low |
| Location | File and line number |
| Description | Detailed explanation |
| Recommendation | How to fix |
Additional Details
| Field | Description |
|---|---|
| Scanner | Which scanner found it |
| Confidence | How certain the scanner is |
| Category | Vulnerability type |
| Code Snippet | Relevant source code |
| References | Links to documentation |
Vulnerability Categories
Common Categories
| Category | Examples |
|---|---|
| Reentrancy | Cross-function, read-only reentrancy |
| Access Control | Missing modifiers, incorrect ownership |
| Integer Issues | Overflow, underflow, division |
| External Calls | Unchecked returns, arbitrary calls |
| Logic Errors | Incorrect conditions, wrong calculations |
| Front-running | Transaction ordering attacks |
| Oracle Issues | Price manipulation, stale data |
Category Icons
In the dashboard, categories have icons for quick recognition:
- 🔄 Reentrancy
- 🔐 Access Control
- 🔢 Integer Issues
- 📞 External Calls
Severity Levels
Critical
Immediate exploitation possible with significant impact.
Examples:
- Direct fund theft
- Complete access control bypass
- Contract destruction
Action: Fix immediately.
High
Significant security risk.
Examples:
- Conditional fund loss
- Privilege escalation
- Major logic errors
Action: Fix before deployment.
Medium
Moderate concern, should be addressed.
Examples:
- Potential DoS vectors
- Centralization risks
- Missing events
Action: Plan to address.
Low
Minor issues or informational.
Examples:
- Gas optimizations
- Code style
- Documentation gaps
Action: Consider addressing.
Deduplication
Why Deduplicate?
Multiple scanners often find the same issue. BlockSecOps:
- Groups identical findings
- Shows one entry per unique issue
- Lists all scanners that found it
How It Works
Findings are matched by:
- Location - Same file and line
- Type - Same vulnerability category
- Code - Same code pattern
Benefits
- Cleaner results
- Less noise
- Accurate issue count
Risk Scoring
ML-Powered Scoring
BlockSecOps uses machine learning to assess:
- Exploitability
- Impact
- Confidence
- Context
Risk Score
Each finding gets a risk score (0-100):
| Score | Risk Level |
|---|---|
| 80-100 | Critical |
| 60-79 | High |
| 40-59 | Medium |
| 0-39 | Low |
Prioritization
Use risk scores to:
- Focus on highest-risk issues first
- Triage effectively
- Make informed decisions
Finding Lifecycle
States
| State | Description |
|---|---|
| Open | New, not reviewed |
| Acknowledged | Reviewed, plan to fix |
| In Progress | Currently being fixed |
| Fixed | Resolved |
| False Positive | Not a real issue |
| Won't Fix | Accepted risk |
Workflow
Open → Acknowledged → In Progress → Fixed
↘ ↗
→ False Positive
→ Won't Fix
Viewing Findings
Summary View
The scan results page shows:
- Count by severity
- Filter by category
- Sort by various fields
Detail View
Click any finding to see:
- Full description
- Code in context
- Recommendation
- Scanner details
FAQ
Q: Are all findings real vulnerabilities?
A: No. Some may be false positives. Review each finding carefully.
Q: Why do severities differ between scanners?
A: Scanners have different severity definitions. BlockSecOps normalizes them.
Q: How accurate is the detection?
A: Very accurate for known patterns. Novel attacks may require manual review.
Next Steps
- Severity Levels - Detailed severity guide
- Reading Findings - Interpret findings
- Managing Findings - Triage workflow