Get Project Audits

The folllowing endpoint lets you query all audits related to a project. You can adjust the paging paramaters to limit the information that's provided to you.

GET https://shield-api.quillai.network/api/v1/projects/audit/history

200 Audits Found

{
    "audits": [
        {
            "totalLines": 707,
            "securityScore": 97.69,
            "vulnerabilityCount": {
                "high": 0,
                "medium": 0,
                "low": 3,
                "informational": 0,
                "optimization": 0
            },
            "vulnerabilities": [
                {
                    "name": "Local Variables Being Shadowed",
                    "severity": "low",
                    "snippet": "function owner() public view returns (address) {\r\n        return _owner;\r\n    }",
                    "lineNumbers": [
                        64,
                        66
                    ],
                    "confidence": "high",
                    "recommendation": "To resolve this issue, the variable in the 'approve' function should be renamed to something that does not conflict with the 'owner()' function, such as 'ownerAddress'. This will prevent the shadowing and make the code clearer and less error-prone.",
                    "explanation": "The function 'owner()' in the Ownable contract is being shadowed by a variable with the same name in the approve function of the GrinchCoin contract. This can lead to confusion and potentially to errors if the 'owner' variable were to be used instead of the 'owner()' function, as it would refer to the shadowed variable within the scope of the 'approve' function.",
                    "file": "GrinchCoin/src/backend/contracts/FeesHiddenV13/GrinchCoin.sol"
                },
                {
                    "name": "Local Variables Being Shadowed",
                    "severity": "low",
                    "snippet": "function owner() public view returns (address) {\r\n        return _owner;\r\n    }",
                    "lineNumbers": [
                        64,
                        66
                    ],
                    "confidence": "high",
                    "recommendation": "To resolve this issue, the local variable 'owner' in the 'increaseAllowance' and 'decreaseAllowance' functions should be renamed to avoid shadowing the 'owner' function of the 'Ownable' contract. This can prevent confusion and potential bugs that may arise from the overloading of the 'owner' function. For instance, the local variable 'owner' could be renamed to 'functionOwner' or something similar.",
                    "explanation": "The issue reported is a shadowing of the 'owner' function within the 'Ownable' contract by the 'owner' variable within the 'increaseAllowance' and 'decreaseAllowance' functions of the 'GrinchCoin' contract. In Solidity, a function can be overloaded within the same contract, but this can lead to confusion and potential bugs if not used carefully. In this case, the 'owner' function in the 'Ownable' contract is a public function that returns the owner's address, and the 'owner' variable within the 'increaseAllowance' and 'decreaseAllowance' functions of the 'GrinchCoin' contract is a local variable that shadows the 'owner' function, which is not intended.",
                    "file": "GrinchCoin/src/backend/contracts/FeesHiddenV13/GrinchCoin.sol"
                },
                {
                    "name": "Local Variables Being Shadowed",
                    "severity": "low",
                    "snippet": "function owner() public view returns (address) {\r\n        return _owner;\r\n    }",
                    "lineNumbers": [
                        64,
                        66
                    ],
                    "confidence": "high",
                    "recommendation": "To resolve this issue, the variable declaration 'address owner = _msgSender();' in the 'transfer' function should be renamed to avoid shadowing the 'owner()' function. A common convention is to use a prefix like 'msgSender' for variables that represent the message sender, which would make the intention clearer and avoid shadowing conflicts.",
                    "explanation": "The 'owner()' function in the 'Ownable' contract is being shadowed by a variable declaration with the same name in the 'transfer' function of the 'GrinchCoin' contract. This can lead to confusion and potential bugs when the 'owner()' function is intended to be called, but the compiler or reader interprets it as a reference to the 'owner' variable declared in the 'transfer' function. This issue is confirmed by the static analysis report which identifies the 'shadowing-local' vulnerability.",
                    "file": "GrinchCoin/src/backend/contracts/FeesHiddenV13/GrinchCoin.sol"
                }
            ],
            "projectReportLink": "https://quillshield-git-dev-front-qa.vercel.app/testzip/shareablelink/819824988da830d72be8519a9d2887773b9608be27c901f01598a2a9588a199a?type=3&projectID=11"
        }
    ],
    "auditCount": 2
}

400 Bad Request

{
    "message": "must have required property 'userId'"
}

Query Parameters

Parameter	Description	Data Type	Requirement
projectId	Id of project created	String	Required
userId	User identifier	String	Required
limit	Limit count for number of records	String	Optional
page	page number for pagination	String	Optional

Response Codes

Responses	Description
🟢 200	Success
🟠 400	Error
🔴 401	Unauthorised

Sample Response