Blog

Category:Developers
The Five Families of Tools In ZIION
profile
Ziion
03.14.2023

The recent release of ZIION 23.1, the first open-source, end-to-end, pre-compiled, multi-architecture, multi-protocol blockchain security testing and development solution, has been a big hit. The ZIION VM contains over 100 tools, utilities, dependencies, and packages to begin working with Solidity/EVM and Rust-based blockchains like Ethereum, Bitcoin, Solana, Polygon, and many more. .


In this blog, we’ll do a deep dive into the five families of tools developers can use within ZIION and learn how they work, and what their uses are.

1. Protocol-specific Tools 

These protocol-specific tools make blockchain development easy as they provide pre-built and easy-to-use environments. 

a) Near-CLI: Contains general-purpose command line tools for interacting with NEAR Protocol.

Website: https://github.com/near/near-cli

Commands: near -h

b) Polkadot: Provides a local Polkadot-JS Node to start Polkadot development.

Website: https://github.com/paritytech/polkadot

Command: polkadot -h

c) Polygon-CLI: Known as the Swiss Army knife of blockchain tools.

Website: https://github.com/maticnetwork/polygon-cli

Commands: polycli -h

d) Solana-CLI: Provides a Solana Command-line interface to interact with a Solana cluster.

Website: https://docs.solana.com/cli/conventions

Commands: solana -h

e) Substrate Node Template: A new FRAME-based substrate node ready for hacking.

Website: https://github.com/substrate-developer-hub/substrate-node-template

Command:node-template --dev

2. EVM Tools

Such tools are specific to Ethereum and provide a ready-to-develop environment for Ethereum-based projects.

a) Foundry: A blazingly fast, portable, and modular toolkit for Ethereum application development written in Rust.

Website: https://github.com/foundry-rs/foundry

Command:cast -h or forge -h

b) Brownie: A Python-based development and testing framework for smart contracts targeting the Ethereum Virtual Machine.

Website: https://github.com/eth-brownie/brownie

Commands: brownie -h

c) Ganache: A tool for creating a local blockchain for fast Ethereum development.

Website: https://github.com/trufflesuite/ganache

Commands: ganache --help

d) Geth (Go-Ethereum): Officially provides Go implementation of the Ethereum protocol.

Website: https://github.com/ethereum/go-ethereum

Commands: geth -h

e) Truffle: A development environment, testing framework, and asset pipeline for Ethereum, aiming to make life as an Ethereum developer easier.

Website: https://github.com/trufflesuite/truffle

Commands: truffle -h

3. Go Tools

This family of tools can help you with checking errors in the Go programs and doing static code analysis.

a) Nancy: A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index.

Website: https://github.com/sonatype-nexus-community/nancy
Commands
: nancy -h

b) StaticCheck: A state-of-the-art linter for the Go programming language.

Website: https://github.com/dominikh/go-tools

Commands: staticcheck -h

c) GoSec: Inspects source code for security problems by scanning the Go AST.

Website: https://github.com/securego/gosec

Commands: gosec -h

d) Go-Geiger: A static code analysis tool to find unsafe usages in Go packages and their dependencies.

e) Delve: A debugger for the Go programming language.

Website: https://github.com/go-delve/delve

Commands: dlv -h

4. Rust Tools

The Rust language is widely used for some renowned blockchains like Solana and also to write smart contracts using CosmWasm.

a) Cargo-Audit: This tool helps in auditing Cargo.lock files for crates with security vulnerabilities reported to the RustSec Advisory Database.

Website: https://github.com/RustSec/rustsec/tree/main/cargo-audit

Commands: cargo audit -h

b) Cargo-Geiger: Detects usage of unsafe Rust in a Rust crate and its dependencies.

Website: https://github.com/rust-secure-code/cargo-geiger

Commands: cargo geiger -h

c) LLVM-Cov: A Cargo subcommand to easily use LLVM source-based code coverage (-C instrument-coverage).

Website: https://github.com/taiki-e/cargo-llvm-cov

Commands: cargo llvm-cov -h

d) Cargo-Expand: A subcommand to show the result of macro expansion.

Website: https://github.com/dtolnay/cargo-expand

Commands: cargo expand -h

e) Siderophile: Finds the “most unsafe” functions in your Rust codebase, so you can fuzz them or refactor them out entirely.

Website: https://github.com/trailofbits/siderophile

Commands: siderophile -h

5. VSCodium Extensions

VSCodium is an IDE (or Integrated Developer Environment) that is widely used in blockchain development and its extensions are helpful in manual code review.

a) Rust-Analyzer: A modular compiler frontend for the Rust language.

Website: https://github.com/rust-lang/rust-analyzer

b) Anchor: This VSCode extension is useful in Solana's Sealevel runtime Framework.

c) Flowistry: An IDE plugin for Rust that helps you focus on relevant code.

Website: https://github.com/willcrichton/flowistry

d) Bookmarks: Helps you to navigate in your code, moving between important positions easily and quickly.

Website: https://github.com/alefragnani/vscode-bookmarks

e) Solidity: A VSCodium language support extension for Solidity smart contracts in Ethereum.

Website: https://github.com/juanfranblanco/vscode-solidity


These five families of tools are part of the most famous ones that a blockchain developer or a security auditor must have in their arsenal. But there are many more unexplored tools and some hidden gems in ZIION VM that one can use.

To check out all the 100+ tools, packages, and dependencies, download ZIION today and start your career in blockchain development and security auditing.

Get Started Today