Skip to main content

Developers: API Documentation

Introduction

CodeHound provides an API that allows Business Plan users to integrate our Solidity code analysis tool directly into their platforms. This API gives you the ability to upload smart contract files or projects, scan them for vulnerabilities, and receive a detailed report.

To use the API, you’ll need an API key, which can be obtained by navigating to your profile and selecting "View API Key." The API key is structured like a JWT token and is included in the endpoint URL to authenticate your requests.

File Archive

Perform a Scan on ZIP File Upload

The API accepts a ZIP file containing either a smart contract project (such as Hardhat, Truffle, or Foundry) or standalone Solidity files.

Endpoint:

POST https://api.cybersanctus.com/api/v1/users/scanFile/{{API_KEY}}

In this endpoint, replace {{API_KEY}} with your actual API key. No additional authentication headers are required.

Request Body:

The request body should contain form-data with the following key:

  • file: This should be the ZIP archive containing your Solidity files or project.

Example: JavaScript Code to Perform a Scan

Here’s an example of how you can submit a scan request using JavaScript with axios:

const scanFile = async () => {
  if (scanZIP) {
    const formData = new FormData();
    formData.append("file", scanZIP);
    const link = 'https://api.cybersanctus.com/api/v1/users/scanFile/{{API_KEY}}';

    try {
      const response = await axios({
        method: "post",
        url: link,
        data: formData,
        headers: {
          "Content-Type": "multipart/form-data"
        }
      });
    } catch (error) {}
  } else {}
};

In this example, replace {{API_KEY}} with your actual API key.

Response

A successful request returns a JSON response containing a URL to the scan results, typically in the form of a downloadable PDF report. Use this URL to view and download the results.

Error Handling

In case a scan fails, check for the following common issues:

Incorrect file structure: Ensure your files or project are structured correctly. For instance, projects must include a package.json file for Hardhat or Truffle, or standalone Solidity files must include a pragma solidity line.

File format: Only ZIP archives are supported. Uploading an unsupported file format will result in a failed scan.

Beta-related issues: As CodeHound is still in early beta, some scans may fail unexpectedly. If you encounter such issues, simply retry the scan or contact support. Common Issues

Project Structure: Ensure the uploaded project includes all necessary files (such as package.json for Hardhat or Truffle projects). If the project is not structured correctly, the scan will fail.

Standalone Files: When uploading standalone Solidity files, ensure that they are flattened and include a pragma solidity version.

Retrying Failed Scans: If a scan fails unexpectedly due to an AI-related issue, retry the scan.

Contact Support

If you experience repeated issues with the API or scans, feel free to contact our support team. We are always here to help ensure that your experience with CodeHound is smooth and successful.