Overview
Developers sometimes need to suppress a specific ChainProof finding on a known-safe code path without suppressing the entire rule globally. Inline suppression comments (similar to eslint-disable) provide fine-grained control without polluting a baseline file or disabling rules project-wide.
Proposed Syntax
Single-line suppression
(bool ok,) = msg.sender.call{value: amount}(""); // chainproof-disable-next-line CP-107
Block suppression
// chainproof-disable CP-107
function knownSafeWithdraw() external {
// ... reentrancy guard applied via mutex, not CEI pattern
(bool ok,) = msg.sender.call{value: amount}("");
}
// chainproof-enable CP-107
Suppress all rules on a line
someRiskyCall(); // chainproof-disable-line
Require a reason (optional enforcement)
// chainproof-disable-next-line CP-107 -- mutex pattern applied, see AuditReport-2025.pdf
Implementation Plan
- After parsing, extract all comment nodes from the AST
- Build a suppression map: Map<lineNumber, ruleId[]>
- After rule execution, filter findings against the suppression map
- Suppressed findings are included in JSON output with
suppressed: true for auditability
- Report how many findings were suppressed in the summary line
- Add a --no-inline-suppression flag to disable this feature for strict CI modes
Acceptance Criteria
Overview
Developers sometimes need to suppress a specific ChainProof finding on a known-safe code path without suppressing the entire rule globally. Inline suppression comments (similar to eslint-disable) provide fine-grained control without polluting a baseline file or disabling rules project-wide.
Proposed Syntax
Single-line suppression
Block suppression
Suppress all rules on a line
Require a reason (optional enforcement)
// chainproof-disable-next-line CP-107 -- mutex pattern applied, see AuditReport-2025.pdfImplementation Plan
suppressed: truefor auditabilityAcceptance Criteria