An analysis tool for smart contracts
Project description
Oyente
======
An Analysis Tool for Smart Contracts
[![Gitter][gitter-badge]][gitter-url]
[![License: GPL v3][license-badge]][license-badge-url]
## Quick Start
A container with the dependencies set up can be found [here](https://hub.docker.com/r/luongnguyen/oyente/).
To open the container, install docker and run:
```
docker pull luongnguyen/oyente && docker run -i -t luongnguyen/oyente
```
To evaluate the greeter contract inside the container, run:
```
cd /oyente/oyente && python oyente.py -s greeter.sol
```
and you are done!
Note - If need the [version of Oyente](https://github.com/melonproject/oyente/tree/290f1ae1bbb295b8e61cbf0eed93dbde6f287e69) referred to in the paper, run the container from [here](https://hub.docker.com/r/hrishioa/oyente/)
## Installation
Install Oyente via pip:
```
$ pip2 install oyente
```
Dependencies:
[solc](https://github.com/melonproject/oyente#solc)
[evm](https://github.com/melonproject/oyente#evm-from-go-ethereum)
## Full installation
### Install the following dependencies
#### solc
```
$ sudo add-apt-repository ppa:ethereum/ethereum
$ sudo apt-get update
$ sudo apt-get install solc
```
#### evm from [go-ethereum](https://github.com/ethereum/go-ethereum)
1. https://geth.ethereum.org/downloads/ or
2. By from PPA if your using Ubuntu
```
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository -y ppa:ethereum/ethereum
$ sudo apt-get update
$ sudo apt-get install ethereum
```
#### [z3](https://github.com/Z3Prover/z3/releases) Theorem Prover version 4.5.0.
Download the [source code of version z3-4.5.0](https://github.com/Z3Prover/z3/releases/tag/z3-4.5.0)
Install z3 using Python bindings
```
$ python scripts/mk_make.py --python
$ cd build
$ make
$ sudo make install
```
#### [Requests](https://github.com/kennethreitz/requests/) library
```
pip install requests
```
#### [web3](https://github.com/pipermerriam/web3.py) library
```
pip install web3
```
### Evaluating Ethereum Contracts
```
#evaluate a local solidity contract
python oyente.py -s <contract filename>
#evaluate a local solidity with option -a to verify assertions in the contract
pyhon oyente.py -a -s <contract filename>
#evaluate a local evm contract
python oyente.py -s <contract filename> -b
#evaluate a remote contract
python oyente.py -ru https://gist.githubusercontent.com/loiluu/d0eb34d473e421df12b38c12a7423a61/raw/2415b3fb782f5d286777e0bcebc57812ce3786da/puzzle.sol
```
And that's it! Run ```python oyente.py --help``` for a list of options.
## Paper
The accompanying paper explaining the bugs detected by the tool can be found [here](http://www.comp.nus.edu.sg/~loiluu/papers/oyente.pdf).
## Miscellaneous Utilities
A collection of the utilities that were developed for the paper are in `misc_utils`. Use them at your own risk - they have mostly been disposable.
1. `generate-graphs.py` - Contains a number of functions to get statistics from contracts.
2. `get_source.py` - The *get_contract_code* function can be used to retrieve contract source from [EtherScan](https://etherscan.io)
3. `transaction_scrape.py` - Contains functions to retrieve up-to-date transaction information for a particular contract.
## Benchmarks
Note: This is an improved version of the tool used for the paper. Benchmarks are not for direct comparison.
To run the benchmarks, it is best to use the docker container as it includes the blockchain snapshot necessary.
In the container, run `batch_run.py` after activating the virtualenv. Results are in `results.json` once the benchmark completes.
The benchmarks take a long time and a *lot* of RAM in any but the largest of clusters, beware.
Some analytics regarding the number of contracts tested, number of contracts analysed etc. is collected when running this benchmark.
## Contributing
Checkout out our [contribution guide](https://github.com/melonproject/oyente/blob/master/CONTRIBUTING.md) and the code structure [here](https://github.com/melonproject/oyente/blob/master/code.md).
[gitter-badge]: https://img.shields.io/gitter/room/melonproject/oyente.js.svg?style=flat-square
[gitter-url]: https://gitter.im/melonproject/oyente?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge
[license-badge]: https://img.shields.io/badge/License-GPL%20v3-blue.svg?style=flat-square
[license-badge-url]: ./LICENSE
======
An Analysis Tool for Smart Contracts
[![Gitter][gitter-badge]][gitter-url]
[![License: GPL v3][license-badge]][license-badge-url]
## Quick Start
A container with the dependencies set up can be found [here](https://hub.docker.com/r/luongnguyen/oyente/).
To open the container, install docker and run:
```
docker pull luongnguyen/oyente && docker run -i -t luongnguyen/oyente
```
To evaluate the greeter contract inside the container, run:
```
cd /oyente/oyente && python oyente.py -s greeter.sol
```
and you are done!
Note - If need the [version of Oyente](https://github.com/melonproject/oyente/tree/290f1ae1bbb295b8e61cbf0eed93dbde6f287e69) referred to in the paper, run the container from [here](https://hub.docker.com/r/hrishioa/oyente/)
## Installation
Install Oyente via pip:
```
$ pip2 install oyente
```
Dependencies:
[solc](https://github.com/melonproject/oyente#solc)
[evm](https://github.com/melonproject/oyente#evm-from-go-ethereum)
## Full installation
### Install the following dependencies
#### solc
```
$ sudo add-apt-repository ppa:ethereum/ethereum
$ sudo apt-get update
$ sudo apt-get install solc
```
#### evm from [go-ethereum](https://github.com/ethereum/go-ethereum)
1. https://geth.ethereum.org/downloads/ or
2. By from PPA if your using Ubuntu
```
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository -y ppa:ethereum/ethereum
$ sudo apt-get update
$ sudo apt-get install ethereum
```
#### [z3](https://github.com/Z3Prover/z3/releases) Theorem Prover version 4.5.0.
Download the [source code of version z3-4.5.0](https://github.com/Z3Prover/z3/releases/tag/z3-4.5.0)
Install z3 using Python bindings
```
$ python scripts/mk_make.py --python
$ cd build
$ make
$ sudo make install
```
#### [Requests](https://github.com/kennethreitz/requests/) library
```
pip install requests
```
#### [web3](https://github.com/pipermerriam/web3.py) library
```
pip install web3
```
### Evaluating Ethereum Contracts
```
#evaluate a local solidity contract
python oyente.py -s <contract filename>
#evaluate a local solidity with option -a to verify assertions in the contract
pyhon oyente.py -a -s <contract filename>
#evaluate a local evm contract
python oyente.py -s <contract filename> -b
#evaluate a remote contract
python oyente.py -ru https://gist.githubusercontent.com/loiluu/d0eb34d473e421df12b38c12a7423a61/raw/2415b3fb782f5d286777e0bcebc57812ce3786da/puzzle.sol
```
And that's it! Run ```python oyente.py --help``` for a list of options.
## Paper
The accompanying paper explaining the bugs detected by the tool can be found [here](http://www.comp.nus.edu.sg/~loiluu/papers/oyente.pdf).
## Miscellaneous Utilities
A collection of the utilities that were developed for the paper are in `misc_utils`. Use them at your own risk - they have mostly been disposable.
1. `generate-graphs.py` - Contains a number of functions to get statistics from contracts.
2. `get_source.py` - The *get_contract_code* function can be used to retrieve contract source from [EtherScan](https://etherscan.io)
3. `transaction_scrape.py` - Contains functions to retrieve up-to-date transaction information for a particular contract.
## Benchmarks
Note: This is an improved version of the tool used for the paper. Benchmarks are not for direct comparison.
To run the benchmarks, it is best to use the docker container as it includes the blockchain snapshot necessary.
In the container, run `batch_run.py` after activating the virtualenv. Results are in `results.json` once the benchmark completes.
The benchmarks take a long time and a *lot* of RAM in any but the largest of clusters, beware.
Some analytics regarding the number of contracts tested, number of contracts analysed etc. is collected when running this benchmark.
## Contributing
Checkout out our [contribution guide](https://github.com/melonproject/oyente/blob/master/CONTRIBUTING.md) and the code structure [here](https://github.com/melonproject/oyente/blob/master/code.md).
[gitter-badge]: https://img.shields.io/gitter/room/melonproject/oyente.js.svg?style=flat-square
[gitter-url]: https://gitter.im/melonproject/oyente?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge
[license-badge]: https://img.shields.io/badge/License-GPL%20v3-blue.svg?style=flat-square
[license-badge-url]: ./LICENSE
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
oyente-0.2.7.tar.gz
(35.0 kB
view details)
Built Distribution
oyente-0.2.7-py2-none-any.whl
(44.0 kB
view details)
File details
Details for the file oyente-0.2.7.tar.gz.
File metadata
- Download URL: oyente-0.2.7.tar.gz
- Upload date:
- Size: 35.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 370b28a5762ee1aae2adc59be3d71318a95a0ad5a83dd2a4cdddb6d10f35e2f3 |
|
| MD5 | 98649fdea7e4a8236a5ef09392ff06c9 |
|
| BLAKE2b-256 | 4bde9ace109a3e07535782a8cc18607417cd5203be49f1f476938de0a5e74f57 |
File details
Details for the file oyente-0.2.7-py2-none-any.whl.
File metadata
- Download URL: oyente-0.2.7-py2-none-any.whl
- Upload date:
- Size: 44.0 kB
- Tags: Python 2
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 458ce56f8e0d7744bed225c1a934d1fd1083bf204c5cd52235c42997aa58f9c5 |
|
| MD5 | aa1755851daa907376ce8795073716cc |
|
| BLAKE2b-256 | 133c52b8dee604cbdf35c1d65a141b779d9c14c8d313251c697b40a93f58d3d5 |
