Skip to main content

Security analysis tool for Ethereum smart contracts

Project description

SmartExecutor

SmartExecutor is a guided symbolic execution tool for security analysis on EVM bytecode. It is designed to reduce the sequence explosion of symbolic execution to provide a scalable solution to symbolic execution while trying to maximize code coverage. It has a dual-phase process. In Phase 1, it symbolically executes all possible function sequences within the given depth limit.

Phase 2 then targets the not-fully-covered functions based on instruction coverage. This is the phase where the guidance takes place. SmartExecutor can direct the execution flow by prioritizing the states more significant to the target functions and selecting the functions at states to be executed that are more likely to cover the targets. The state significance value calculation and the function selection are based on static data dependency analysis and runtime execution data like function coverage and target functions.

This is the link to our conference paper: SmartExecutor: Coverage-Driven Symbolic Execution Guided by a Function Dependency Graph. The documentation is available.

Run SmartExecutor through Docker:

1, Pull the Docker image of SmartExecutor:

$ sudo docker pull 23278942/smartexecutor

2, Run SmartExecutor with a single Docker command. Replace a_host_directory with the path to your host directory containing the Solidity file, for example, Crowdsale.sol.

$ sudo docker run -it --rm -v a_host_directory:/home/smartExecutor/ --entrypoint semyth 3278942/smartexecutor:latest analyze ./Crowdsale.sol:Crowdsale

This command mounts the host directory to a directory inside the container and analyzes the contract Crowdsale defined in the Solidity file Crowdsale.sol.

To analyze the sample Solidity file provided with the Docker image, you can use the following command:

$ sudo docker run -it --rm --entrypoint semyth 3278942/smartexecutor:latest analyze /opt/smartExecutor/tests/testdata/solidity_files/Crowdsale.sol:Crowdsale 

3, Additional Options

To see more intermediate data, add the -v option followed by a value (3 or larger):

$ sudo docker run -it --rm --entrypoint semyth 3278942/smartexecutor:latest -v 3 analyze /opt/smartExecutor/tests/testdata/solidity_files/Crowdsale.sol:Crowdsale 

Click here to see the terminal output.

Click here to see the verbose intermediate results printed out in the terminal.

Install solc-select and all versions of solc

pip install solc-select  # solc-select is a package to switch among different versions of solc (Solidity compiler)
solc-select install all  # install all possible versions of solc 
solc-select use 0.4.25   # example of using solc-select: set the version of solc to 0.4.25

Run SmartExecutor in Pycharm IDE:

1, Create a project through Pycharm IDE by cloning https://github.com/contractAnalysis/smartExecutor.git.

2, Create a virtual environment and install dependencies.

3, Find semyth.py in the root directory and add the parameters. Take the example of Crowdsale.sol:

analyze
./tests/testdata/solidity_files/Crowdsale.sol:Crowdsale

4, Run semyth.py by right clicking it and select "Run semyth".

Using SmartExecutor as a Command-Line Tool

Install SmartExecutor through pip:

pip install smartExecutorx

Run SmartExecutor:

$ semyth analyze <solidity-file>:<contract-name>

Replace with the path to your Solidity file and with the name of the contract you want to analyze.

If you find this tool helpful, we would appreciate it if you could cite it. Here is the BibTex:

@INPROCEEDINGS{10316942,
  author={Wei, Qiping and Sikder, Fadul and Feng, Huadong and Lei, Yu and Kacker, Raghu and Kuhn, Richard},
  booktitle={2023 5th Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS)}, 
  title={SmartExecutor: Coverage-Driven Symbolic Execution Guided by a Function Dependency Graph}, 
  year={2023},
  volume={},
  number={},
  pages={1-8},
  keywords={Codes;Limiting;Smart contracts;Explosions;Ethereum smart contract;symbolic execution;vulnerability detection;sequence explosion;function dependency},
  doi={10.1109/BRAINS59668.2023.10316942}}

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

smartExecutorx-4.1.tar.gz (4.6 MB view details)

Uploaded Source

File details

Details for the file smartExecutorx-4.1.tar.gz.

File metadata

  • Download URL: smartExecutorx-4.1.tar.gz
  • Upload date:
  • Size: 4.6 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.9.7

File hashes

Hashes for smartExecutorx-4.1.tar.gz
Algorithm Hash digest
SHA256 61be1090a6c4adbb2184fad6a8dc1841626d55d685f0fd5c894c2c93580106aa
MD5 b9e295ac5412dde8a627351acfb41f44
BLAKE2b-256 e723c9721e272d2b51c43e57371e13cc88020f47d3e5bec9e99e5a852c8aa8f9

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page