SecurityKit

Automated security scanning for blockchain nodes via JSON-RPC. No SSH, no agents. 8 checks covering critical vulnerabilities. Markdown reports for compliance.

Quick Start

pip install securitykit

# Scan a node
securitykit scan --rpc-url https://eth.llamarpc.com

# JSON output for CI/CD
securitykit scan --rpc-url $NODE_URL --output json

# Generate audit report
securitykit report --rpc-url $NODE_URL --output audit.md

Security Checks

ID	Check	Severity	Why It Matters
`SK-001`	RPC Reachability	Critical	If unreachable, node is down or misconfigured
`SK-002`	Unlocked Accounts	Critical	#1 cause of fund loss — anyone with RPC access can sign txs
`SK-003`	Admin API Exposed	Critical	Allows peer manipulation, data export, node control
`SK-004`	Debug API Exposed	High	Leaks internal state, enables DoS via expensive traces
`SK-005`	Mining Status	Medium	Should be disabled unless intentional miner node
`SK-006`	Peer Count	High	Low peers = network isolation, missed attestations
`SK-007`	Sync Status	High	Unsynced node should not validate or serve RPC
`SK-008`	Chain ID	Medium	Catches testnet/mainnet misconfigurations

Audit Reports

The report command generates a markdown file with:

• Target URL
• Findings table (rule ID, check, severity, status)
• Summary counts (passed, failed, skipped)
• Remediation section for every failed check

Attach to SOC2 evidence, internal security reviews, or validator onboarding checklists.

Custom Checks

Every check is a function: (rpc_url: str) → Finding

from securitykit.models import Finding, Severity, Status

def check_max_peers(rpc_url: str) -> Finding:
    result = _rpc_call(rpc_url, "net_peerCount")
    peers = int(result.get("result", "0x0"), 16)
    if peers > 100:
        return Finding(
            rule_id="CUSTOM-001",
            title="Excessive peer count",
            severity=Severity.MEDIUM,
            status=Status.FAIL,
            detail=f"{peers} peers (max: 100)",
            remediation="Set --maxpeers flag",
        )
    return Finding(
        rule_id="CUSTOM-001", title="Peer count normal",
        severity=Severity.MEDIUM, status=Status.PASS,
        detail=f"{peers} peers",
    )

# Add to ALL_CHECKS list in checks.py — auto-picked up by CLI

CLI Reference

Command	Description
`securitykit scan --rpc-url <url>`	Run all checks (text output)
`securitykit scan --rpc-url <url> --output json`	JSON for CI/CD (exit code 1 on fail)
`securitykit report --rpc-url <url> --output report.md`	Markdown audit report