Advanced Move Language Analyzer Toolkit
All-in-one skill for managing analyze code packages for quality and patterns. Built for Claude Code with best practices and real-world patterns.
Move Language Analyzer Toolkit
Comprehensive Move programming language analysis toolkit for developing, auditing, and optimizing smart contracts on Aptos, Sui, and other Move-based blockchains.
When to Use This Skill
Choose Move Language Analyzer when:
- Developing smart contracts in the Move programming language
- Auditing Move modules for security vulnerabilities
- Optimizing Move code for gas efficiency
- Learning Move's resource-oriented programming model
- Building applications on Aptos or Sui blockchain
Consider alternatives when:
- Developing on Ethereum — use Solidity tools
- Need general blockchain analysis — use chain-specific explorers
- Building dApps without smart contracts — use SDK-only approaches
Quick Start
# Install Aptos CLI curl -fsSL "https://aptos.dev/scripts/install_cli.py" | python3 # Create new Move project aptos move init --name my_project # Activate Move analyzer claude skill activate advanced-move-language-analyzer-toolkit # Analyze Move module claude "Audit this Move module for security issues and gas optimization"
Example: Move Smart Contract
module my_addr::token_vault { use std::signer; use aptos_framework::coin; use aptos_framework::account; /// Error codes const E_NOT_INITIALIZED: u64 = 1; const E_INSUFFICIENT_BALANCE: u64 = 2; const E_NOT_OWNER: u64 = 3; /// Vault resource stored in owner's account struct Vault<phantom CoinType> has key { coins: coin::Coin<CoinType>, owner: address, } /// Initialize a new vault public entry fun initialize<CoinType>(account: &signer) { let addr = signer::address_of(account); assert!(!exists<Vault<CoinType>>(addr), E_NOT_INITIALIZED); move_to(account, Vault<CoinType> { coins: coin::zero<CoinType>(), owner: addr, }); } /// Deposit coins into the vault public entry fun deposit<CoinType>( account: &signer, amount: u64, ) acquires Vault { let addr = signer::address_of(account); assert!(exists<Vault<CoinType>>(addr), E_NOT_INITIALIZED); let vault = borrow_global_mut<Vault<CoinType>>(addr); let coins = coin::withdraw<CoinType>(account, amount); coin::merge(&mut vault.coins, coins); } /// Withdraw coins from the vault (owner only) public entry fun withdraw<CoinType>( account: &signer, amount: u64, ) acquires Vault { let addr = signer::address_of(account); let vault = borrow_global_mut<Vault<CoinType>>(addr); assert!(vault.owner == addr, E_NOT_OWNER); assert!(coin::value(&vault.coins) >= amount, E_INSUFFICIENT_BALANCE); let withdrawn = coin::extract(&mut vault.coins, amount); coin::deposit(addr, withdrawn); } #[view] public fun balance<CoinType>(addr: address): u64 acquires Vault { let vault = borrow_global<Vault<CoinType>>(addr); coin::value(&vault.coins) } }
Core Concepts
Move Language Features
| Feature | Description | Benefit |
|---|---|---|
| Resource Types | Linear types that can't be copied or dropped | Prevents asset duplication |
| Abilities | has key, store, copy, drop | Fine-grained type control |
| Modules | Namespaced code units | Encapsulation, access control |
| Generics | Parameterized types and functions | Reusable, type-safe code |
| Acquires | Explicit global state access annotations | State dependency clarity |
| Move Semantics | Values are moved, not copied by default | Ownership tracking |
Move vs Solidity Comparison
| Aspect | Move | Solidity |
|---|---|---|
| Type Safety | Linear types, compile-time resource safety | Runtime checks, reentrancy guards |
| Asset Model | Resources can't be duplicated | Token balances are integers |
| Verification | Built-in formal verification (Move Prover) | External tools (Certora, etc.) |
| Upgradability | Module upgrade with compatibility checks | Proxy patterns, storage collisions |
| Gas Model | Storage-based pricing | Computation-based pricing |
Configuration
| Parameter | Description | Default |
|---|---|---|
blockchain | Target chain: aptos, sui | aptos |
move_version | Move language version | latest |
prover_enabled | Enable Move Prover for verification | true |
optimization_level | Gas optimization: none, basic, aggressive | basic |
test_coverage | Minimum test coverage requirement | 80% |
Best Practices
-
Leverage Move's type system to enforce invariants at compile time — Use phantom types, abilities, and generics to make invalid states unrepresentable. If a resource shouldn't be copied, don't give it the
copyability. The compiler enforces what Solidity requires runtime checks for. -
Use the Move Prover for critical contracts — Move includes a formal verification tool that mathematically proves your contract satisfies specified properties. Add specification blocks (
spec) to critical functions to verify safety properties. -
Define granular error codes for every failure path — Use unique error constants for each
assert!condition. Generic errors make debugging nearly impossible on-chain. Document what each error code means in module comments. -
Test with Move's built-in testing framework — Write
#[test]functions in the same module or companion test modules. Use#[expected_failure]annotations to test error conditions. Run tests withaptos move testbefore deployment. -
Minimize global storage operations for gas efficiency —
borrow_global,borrow_global_mut,move_to, andmove_fromare the most expensive operations. Batch storage reads, minimize the number of resources accessed per transaction, and use events for data that doesn't need on-chain storage.
Common Issues
Move Prover reports spurious verification failures. Prover failures often indicate missing preconditions or overly strict specifications. Add requires clauses to specify expected input constraints, and ensures clauses for postconditions. Start with simple properties and gradually increase specification coverage.
Module upgrade fails with compatibility errors. Move enforces strict compatibility rules for upgrades: you can't change struct layouts, remove public functions, or modify function signatures. Design modules with upgradeability in mind — use versioned structs and avoid exposing implementation details in public interfaces.
Resource operations cause "already exists" or "not found" errors. Always check resource existence with exists<T>(addr) before move_to (which fails if resource exists) and borrow_global/move_from (which fail if resource doesn't exist). Design clean initialization and cleanup paths.
Reviews
No reviews yet. Be the first to review this template!
Similar Templates
Full-Stack Code Reviewer
Comprehensive code review skill that checks for security vulnerabilities, performance issues, accessibility, and best practices across frontend and backend code.
Test Suite Generator
Generates comprehensive test suites with unit tests, integration tests, and edge cases. Supports Jest, Vitest, Pytest, and Go testing.
Pro Architecture Workspace
Battle-tested skill for architectural, decision, making, framework. Includes structured workflows, validation checks, and reusable patterns for development.