smart-contract-auditing
所属分类:区块链开发
开发工具:Solidity
文件大小:0KB
下载次数:0
上传日期:2023-10-04 22:27:37
上 传 者:
sh-1993
说明: 玩智能合约安全和审计工具,
(Playing with Smart contract security and auditing tools,)
文件列表:
foundry.toml (290, 2023-10-04)
lib/ (0, 2023-10-04)
lib/forge-std/ (0, 2023-10-04)
lib/slither/ (0, 2023-10-04)
src/ (0, 2023-10-04)
src/CaughtWithFuzz.sol (1128, 2023-10-04)
src/CaughtWithManualReview.sol (345, 2023-10-04)
src/CaughtWithSlither.sol (603, 2023-10-04)
src/CaughtWithStatefulFuzz.sol (498, 2023-10-04)
src/CaughtWithSymbolic.sol (396, 2023-10-04)
src/CaughtWithTest.sol (242, 2023-10-04)
test/ (0, 2023-10-04)
test/CaughtWithFuzz.t.sol (461, 2023-10-04)
test/CaughtWithStatefulFuzz.t.sol (760, 2023-10-04)
test/CaughtWithTest.t.sol (463, 2023-10-04)
# About
Smart contract auditing and research
Learning how to use security tooling to find bugs!
- manul-review
- test-suite
- static-analysis
- prerequisites
- fuzzing
- stateful-fuzzing-invariants
- formal-verification-smt-checker
# Getting Started
## Requirements
Please install the following:
- [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git)
- You'll know you've done it right if you can run `git --version`
- [Foundry / Foundryup](https://github.com/gakonst/foundry)
- This will install `forge`, `cast`, and `anvil`
- You can test you've installed them right by running `forge --version` and get an output like: `forge 0.2.0 (f016135 2022-07-04T00:15:02.930499Z)`
- To get the latest of each, just run `foundryup`
## Quickstart
```sh
git clone https://github.com/iftikharuddin/smart-contract-auditing
cd smart-contract-auditing
forge install
```
Then, run our test suite, lots of stuff fails!!
```
forge test
```
# Let's use tools to find bugs!
## Manul Review
In `CaughtWithManualReview.sol` we see `doMath` should add 2 instead of one! We were only able to know this because we read the documentation associated with the function.
## Test Suite
`CaughtWithTest.sol`'s `setNumber` should set `number` to the input parameter, but it doesn't!
To catch this, we write a test for our expected output, and run:
```
forge test -m testSetNumber -vv
```
## Static Analysis
### Prerequisites
- [Python](https://www.python.org/downloads/)
- You'll know you've installed python right if you can run:
- `python --version` or `python3 --version` and get an output like: `Python x.x.x`
- [pipx](https://pypa.github.io/pipx/installation/)
- `pipx` is different from [pip](https://pypi.org/project/pip/)
- You may have to close and re-open your terminal
- You'll know you've installed it right if you can run:
- `pipx --version` and see something like `x.x.x.x`
We recommend installing slither with `pipx` instead of `pip`. Feel free to use the [slither documentation](https://github.com/crytic/slither#how-to-install) if you prefer.
```
pipx install slither-analyzer
```
To run slither, run:
```
slither . --exclude-dependencies
```
See what it outputs!
## Fuzzing
`CaughtWithFuzz.sol`'s `doMoreMath` should never return 0... but how can we make sure of this? We can pass random data to it!
To catch this, we write a test for our expected output, and run:
```
forge test -m testFuzz -vv
```
## Stateful fuzzing (invariants)
Our `CaughtWithStatefulFuzz` contract's `doMoreMathAgain` should never return 0... and looking at it, a regular fuzz test wouldn't work!
You can run:
```
forge test -m testFuzzPasses
```
And no matter what, it'll always pass! We need to call `setValue` first, and then we can get it to revert! Invariant/Stateful Fuzzing tests do random data input combined with random function calls.
Run:
```
forge test -m invariant_testMathDoesntReturnZero -vv
```
And you'll see the 2 calls made to fail!
## Formal Verification (SMT Checker)
In `foundry.toml` uncomment the `profile.default.model_checker` section.
Then, just run: `forge build`
Our solidity modeled our `functionOneSymbolic` to be a math equation, and then, solved for the math!
近期下载者:
相关文件:
收藏者: