A personal blog for Glider queries, tips, and guides.
It's a security/research tool that lets you query multiple contracts on EVM blockchains at once by certain logic, parameters, dependencies, variable names, or anything else you can think of.
In terms of traditional private audits (companies like Trail of Bits), bug bounties (like Immunefi), and public contests (like Code4rena), Glider differentiates because its purpose is to act on scale, while they only provide security to a researcher's chosen project. With only one effective Glider query (aka glide) and a good negotiation team, you can contact tens or hundreds of projects that share some vulnerability.
The research part is the ability to get statistics on logic, libraries, standards, etc., directly from the source code of smart contracts. For example, it's quite easy to get the total number of smart contracts named Test, the total number of payable functions, or the total number of ecrecover instructions. You can also find more specific occurrences of these instances based on your custom logic.
Disclaimer! Glider is still in beta; a lot of things to do, and a lot of things can go wrong. If you encounter any issues, please feel free to contact the team in the Discord channel.
If you're already familiar with smart contracts in general, I'd suggest you to:
- Go to the Glider official website
- Register an account
- Browse the provided basic queries
- Try to run and see how it works
Otherwise, start with this awesome repo!