caracal
« Back to VersTracker
Description:
Static analyzer for Starknet smart contracts
Type: Formula  |  Latest Version: 0.2.3@0  |  Tracked Since: Dec 17, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: starknet cairo static-analysis security smart-contracts
Install: brew install caracal
About:
Caracal is a static analyzer designed specifically for Starknet smart contracts written in Cairo. It detects security vulnerabilities and logic flaws by analyzing contract code without execution, helping developers identify potential issues early in the development cycle. The tool provides detailed reports to improve the security posture of decentralized applications on the Starknet network.
Key Features:
  • Vulnerability detection for Cairo contracts
  • Static analysis without code execution
  • Detailed security reporting
  • Integration with development workflows
Use Cases:
  • Auditing Starknet smart contracts before deployment
  • Continuous security testing in CI/CD pipelines
  • Identifying vulnerabilities in existing contract codebases
Alternatives:
  • Slither – Slither is for EVM chains; Caracal is specifically built for Cairo/Starknet
  • Cairo analyzer – More limited scope; Caracal provides deeper security-focused analysis
License: AGPL-3.0-only
Bottles available for: arm64_tahoe, arm64_sequoia, arm64_sonoma, arm64_ventura, arm64_monterey, sonoma, ventura, monterey, arm64_linux, x86_64_linux
Version History
Detected Version Rev Change Commit
Sep 12, 2025 6:00pm 0 VERSION_BUMP 2c7de1b4