Przeglądaj źródła

Expand heuristics, fix formatting

master
Ivaylo Ivanov 11 miesięcy temu
rodzic
commit
fa32eeee94
2 zmienionych plików z 29 dodań i 22 usunięć
  1. BIN
      SemSEreport/exercises.pdf
  2. 29
    22
      SemSEreport/exercises.tex

BIN
SemSEreport/exercises.pdf Wyświetl plik


+ 29
- 22
SemSEreport/exercises.tex Wyświetl plik

@@ -6,6 +6,7 @@
6 6
 \usepackage{epsfig}
7 7
 \usepackage{fullpage}
8 8
 \usepackage{enumerate}
9
+\usepackage{enumitem}
9 10
 \usepackage{xspace}
10 11
 \usepackage{todonotes}
11 12
 \usepackage{listings}
@@ -125,25 +126,33 @@ We attempted to implement an automatic weakness detection pipeline by using a mu
125 126
 
126 127
 \begin{itemize}
127 128
 	\item \textbf{solc}: Using \textbf{solc-select} we select the correct solc version and compile the associated *.sol file. This way we gather compiler hints and warnings.
128
-	\item \textbf{Mythril}: %TODO% Mythril also does something
129
+  \item \textbf{Mythril}: A tool used for analysis of EVM bytecode, one of the de-facto standards for such work. It is unfortunately not able to detect SWC-124, but there is an existing feature request\footnote{\url{https://github.com/Consensys/mythril/issues/861}} for support available.
129 130
 	\item \textbf{teEther}: A tool we found in the last research step of this seminar, teether is a dynamic analysis tool for smart contracts. It is unfortunately hardly documented and has been unmaintained for several years. We were unable to generate usable results with it.
130 131
 	\item \textbf{Slither}: A highly useful tool that offers a large static analysis toolkit for solidity, it not only allows the extraction of contract data like storage layouts but also automatic scanning for common weaknesses. Although it did not seem to be able to detect SWC-124, the storage layout functionality was used extensively by our team.
131 132
 \end{itemize}
132 133
 
133 134
 
134
-\section{Exploit Creation}
135
+\section{Exploit Creation}\label{sec:exploit-creation}
135 136
 
136
-\subsection{extra short recap of weakness definitions}
137
+\subsection{Short recap of weakness definitions}
137 138
 
138 139
 SWC-124 attempts to use the underlying mechanisms that govern dynamic array allocation to deterministically overwrite arbitrary data in smart contracts. An analogous weakness can be created by employing unchecked assembly instructions, although this is a less common attack vector due to its unusual structure.
139 140
 
140
-\subsection{exploit idea(s)}
141
+\subsection{Exploit heuristics}
141 142
 
142
-The workflow of determining the vulnerability of a given contract is straight forward and follows the general approach of automatic detection mechanisms from our last paper. Since SWC-124 requires the presence of very specific code, it is relatively easy to exclude non-vulnerable contracts. Namely any contract without dynamic arrays or raw assembly including a SSTORE instruction can immediately be considered non-vulnerable. The presence of dynamic arrays can be determined using \textbf{slither --print variable-order}. A sample output looks as follows:
143
+The workflow of determining the vulnerability of a given contract is straightforward and follows the general approach of automatic detection mechanisms from our last paper. Since SWC-124 requires the presence of very specific code, it is relatively easy to develop heuristics to exclude non-vulnerable contracts:
144
+\begin{enumerate}[label=\arabic*.]
145
+  \item any contract without dynamic arrays (or mappings with integer keys) or raw assembly including a SSTORE instruction can immediately be considered non-vulnerable;
146
+  \item if heuristic 1 does not hold and there is a dynamic array or mapping with an integer key available, we can then apply a second heuristic and namely: checking the solidity compiler version, specified at the top of the contract. Solidity version 0.8.0+ introduced integer under- and overflow protection, which are enabled per default and require extra work to be disabled. As such, we have the following "sub-heuristic":
147
+    \begin{enumerate}
148
+      \item if the version of the contract is higher than 0.8.0, we examine whether unchecked arithmetic\footnote{\url{https://docs.soliditylang.org/en/v0.8.0/control-structures.html#checked-or-unchecked-arithmetic}} has been used for modifying the arrays. If this is not the case, which it is not most of the time, we can then determine that the contract is non-vulnerable. Applying this heuristic, we found a contract that could have been vulnerable had it been compiled with a lower solidity version.
149
+    \end{enumerate}
150
+\end{enumerate}
151
+The presence of dynamic arrays can be determined using \textbf{slither --print variable-order}. A sample output looks as follows:
143 152
 
144 153
 \begin{verbatim}
145
-$slither cans.sol --print variable-order	
146
-	
154
+$slither cans.sol --print variable-order
155
+
147 156
 Cans:
148 157
 +----------------------------+----------------------------------------------+------+--------+
149 158
 | Name                       |                                         Type | Slot | Offset |
@@ -162,7 +171,7 @@ Cans:
162 171
 | Cans.SODA_CONTRACT         |                                      address |  321 |      0 |
163 172
 | Cans.baseURI               |                                       string |  322 |      0 |
164 173
 +----------------------------+----------------------------------------------+------+--------+
165
-	
174
+
166 175
 \end{verbatim}
167 176
 
168 177
 In this example the \textbf{ERC1155.tokens} array is the only potential weakess present. We would then look for the presence of what-where writes to this array in order to confirm the potential presence of SWC-124. What-where writes are of the form
@@ -173,13 +182,16 @@ In this example the \textbf{ERC1155.tokens} array is the only potential weakess
173 182
 
174 183
 \noindent and are a necessary code snippet for SWC-124. If such an instruction is present, we then attempt to reverse engineer a sequence of inputs to trigger the exploit, or formulate a reason why we believe this not to be possible.
175 184
 
185
+
176 186
 \section{Results}
177 187
 
178
-\subsection{vulnerable contracts}
188
+Applying the heuristics, mentioned in the previous section, we gathered the following data about the contracts.
189
+
190
+\subsection{Vulnerable contracts}
179 191
 
180
-None.
192
+Using the heuristics above, we were not able to find a contract that is vulnerable to SWC-124.
181 193
 
182
-\subsection{non-exploitable contracts}
194
+\subsection{Non-exploitable contracts}
183 195
 
184 196
 \noindent Solidity files that contained no contracts:
185 197
 
@@ -187,10 +199,10 @@ None.
187 199
 	\item AuctionLib.sol
188 200
 	\item LibRegion.sol
189 201
 	\item LToken.sol
190
-	
202
+
191 203
 \end{itemize}
192 204
 
193
-\noindent Contracts that were discarded due to the non-presence of dynamic arrays or assembly using SSTORE:
205
+\noindent Contracts that were discarded due to the heuristics holding:
194 206
 
195 207
 \begin{itemize}
196 208
 	\item DCU.sol
@@ -201,24 +213,19 @@ None.
201 213
 	\item GovernmentAlpha.sol
202 214
 	\item HedgeSwap.sol
203 215
 	\item HermesImplementation.sol
204
-	\item IMETACoin223Token\_13.sol
216
+	\item IMETACoin223Token\_13.sol - had this contract been compiled with solidity under 0.8.0, it could have been vulnerable.
205 217
 	\item UniswapV3PoolAdapter.sol
206 218
 	\item UserDeposit.sol
207 219
 	\item WPCMainnetBridge.sol
208 220
 \end{itemize}
209 221
 
210
-\subsection{undecidable contracts}
211
-
212
-\subsection{optionally fixes}
213
-
214 222
 \section{Discussion}
215 223
 
216
-\subsection{conclusions}
217
-
218
-\subsection{lessons learned: what works, what doesn't}
224
+\subsection{Conclusions}
219 225
 
220
-\subsection{open challenges}
226
+\subsection{Lessons learned: what works, what doesn't}
221 227
 
228
+\subsection{Open challenges}
222 229
 
223 230
 \bibliography{exercise.bib}
224 231
 

Ładowanie…
Anuluj
Zapisz