LLM-powered Ethereum protocol security linter that compares consensus/execution specifications against client implementations, flagging inconsistencies and spec drift.
pip install -e .# Copy and edit config
cp config.example.yml eth-spec-lint.yml
# Full scan
eth-spec-lint scan
# PR-scoped scan (only changed files)
eth-spec-lint check-pr --base origin/main
# List matched spec<->client pairs
eth-spec-lint list-mappingsSee config.example.yml for all options. Key settings:
spec.repo_path: Path toethereum/consensus-specscheckoutclient.repo_path: Path to client repo (e.g.,ChainSafe/lodestar)llm.provider:anthropicoropenaireport.formats:json,markdown,sarif
Set ANTHROPIC_API_KEY or OPENAI_API_KEY in environment.
- uses: nichechristie/Awesome-ETH-Linter@main
with:
config: eth-spec-lint.yml
mode: pr
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}| Category | Severity | Description |
|---|---|---|
| LOGIC_DIVERGENCE | error | Implementation doesn't match spec logic |
| MISSING_CHECK | error | Validation present in spec but absent in client |
| CONSTANT_MISMATCH | error | Constant value differs |
| TYPE_MISMATCH | warning | Type/structure differs meaningfully |
| OFF_BY_ONE | error | Off-by-one in bounds/indexing |
| OPTIMIZATION_SAFE | note | Different but provably equivalent |
pip install -e ".[dev]"
pytestMIT