Caracal is a static analysis tool for Starknet smart contracts, specifically analyzing their SIERRA representation.


  • Vulnerability detectors for Cairo code.
  • Report printers.
  • Taint analysis.
  • Data flow analysis framework.
  • Compatibility with Scarb projects.


Precompiled Binaries

Download precompiled binaries from the releases page. Use binary version v0.1.x for Cairo compiler 1.x.x, and v0.2.x for Cairo compiler 2.x.x.

Building from Source


  • Rust compiler
  • Cargo

Installation Steps

Clone and build from the repository:

cargo install --git --profile release --force

Building from a Local Copy:

If you prefer to build from a local copy:

git clone
cd caracal
cargo install --path . --profile release --force