Преглед изворни кода

Add conclustions and open challenges

master
Ivaylo Ivanov пре 11 месеци
родитељ
комит
84e1fbdce2
2 измењених фајлова са 11 додато и 3 уклоњено
  1. BIN
      SemSEreport/exercises.pdf
  2. 11
    3
      SemSEreport/exercises.tex

BIN
SemSEreport/exercises.pdf Прегледај датотеку


+ 11
- 3
SemSEreport/exercises.tex Прегледај датотеку

@@ -131,7 +131,6 @@ We attempted to implement an automatic weakness detection pipeline by using a mu
131 131
 	\item \textbf{Slither}: A highly useful tool that offers a large static analysis toolkit for solidity, it not only allows the extraction of contract data like storage layouts but also automatic scanning for common weaknesses. Although it did not seem to be able to detect SWC-124, the storage layout functionality was used extensively by our team.
132 132
 \end{itemize}
133 133
 
134
-
135 134
 \section{Exploit Creation}\label{sec:exploit-creation}
136 135
 
137 136
 \subsection{Short recap of weakness definitions}
@@ -193,7 +192,7 @@ Using the heuristics above, we were not able to find a contract that is vulnerab
193 192
 
194 193
 \subsection{Non-exploitable contracts}
195 194
 
196
-\noindent Solidity files that contained no contracts:
195
+\noindent Solidity files that contained no contracts, just libraries, that would not introduce SWC-124 to the contracts using them as per the heuristics:
197 196
 
198 197
 \begin{itemize}
199 198
 	\item AuctionLib.sol
@@ -213,7 +212,7 @@ Using the heuristics above, we were not able to find a contract that is vulnerab
213 212
 	\item GovernmentAlpha.sol
214 213
 	\item HedgeSwap.sol
215 214
 	\item HermesImplementation.sol
216
-	\item IMETACoin223Token\_13.sol - had this contract been compiled with solidity under 0.8.0, it could have been vulnerable.
215
+	\item IMETACoin223Token\_13.sol - had this contract been compiled with solidity under 0.8.0, it would have been vulnerable.
217 216
 	\item UniswapV3PoolAdapter.sol
218 217
 	\item UserDeposit.sol
219 218
 	\item WPCMainnetBridge.sol
@@ -223,10 +222,19 @@ Using the heuristics above, we were not able to find a contract that is vulnerab
223 222
 
224 223
 \subsection{Conclusions}
225 224
 
225
+We have proposed initial heuristics which can show us whether a contract is vulnerable to SWC-124. They are easy to understand and apply even in large contracts.
226
+We have demonstrated an example workflow that uses the tool Slither as a data-gathering aid and applies the heuristics. As a result of this workflow, we were unable to find
227
+vulnerable specimen from the examples provided.
228
+
226 229
 \subsection{Lessons learned: what works, what doesn't}
227 230
 
231
+% TODO: Do we have something to add?
232
+
228 233
 \subsection{Open challenges}
229 234
 
235
+The initial heuristics are easy to add to a static code analysis tool, such as Slither.
236
+Afterwards, it can be used to develop a dataset of vulnerable or non-vulnerable samples, which, alongside with manually verified contracts, can be used to improve or expand the heuristics.
237
+
230 238
 \bibliography{exercise.bib}
231 239
 
232 240
 \end{document}

Loading…
Откажи
Сачувај