verifier.py

import subprocess
import tempfile
import re

def analyze_contract(code: str):
    """
    Run Slither and extract a high-level summary and detailed CVE-style report.

    Returns:
        (summary_str, detailed_report_str)
    """
    # Save code to a temporary file
    with tempfile.NamedTemporaryFile(suffix=".sol", delete=False, mode='w') as f:
        f.write(code)
        filepath = f.name

    try:
        # Run Slither on the Solidity file
        result = subprocess.run(["slither", filepath], capture_output=True, text=True, timeout=30)
        raw_output = result.stdout

        if not raw_output:
            return ("No issues found.", "No issues were detected by Slither.")

        # High-level summary: list detected detectors and counts
        summary_lines = []
        for line in raw_output.splitlines():
            match = re.match(r"(.*) \- (.*)\n?", line)
            if match and "https://github.com/crytic/slither" not in line:
                summary_lines.append(f"- {line.strip()}")

        summary = "\n".join(summary_lines[:10]) if summary_lines else "No significant vulnerabilities found."

        # Simulated CVE mapping (placeholder)
        cve_report = "\n[Detailed CVE-style Report]\n\n"
        for line in summary_lines:
            cve_report += f"{line}\n  CVE Reference: CVE-2021-XXXX (simulated)\n\n"

        return (summary, raw_output + cve_report)

    except Exception as e:
        return ("Analysis failed.", f"Error: {str(e)}")