Sierra-Analyzer is a security toolkit for analyzing Sierra files.
- Project structure
- Decompile a Sierra file
- Analyze a remote contract
- Print the contract's Control-Flow Graph
- Print the contract's Callgraph
- Run the detectors
- Use it as a library
- Improve the decompiler output using LLMs
.
├── doc # Documentation files
├── examples # Sierra & Contrat class samples files
├── lib # sierra-analyzer library
├── sierra-decompiler # Sierra decompiler tool (based on sierra-analyzer library)
└── README.md
cargo run -- -f <sierra file>
For a colourless output :
cargo run -- -f <sierra file> --no-color
It it also possible to get a verbose output with more informations :
cargo run -- -f <sierra file> --verbose
Contracts can be fetched directly from Starknet (Mainnet & Sepolia) by specifying the contract class to analyze :
# Fetch & decompile a contract from starknet mainnet
cargo run -- --remote 0x07c43d18d37d66d7855dab8f21ebf9d554dd213c6307aacecaf2d595a53b3bbb
# Fetch & decompile a contract from Sepolia network
cargo run -- --network sepolia --remote 0x068377a89d64c0b16dc97c66933777bf4e9b050652c4fde2c59c8c4d755a163b
cargo run -- -f ./examples/sierra/fib_array.sierra --cfg
# Output the Control-Flow Graph to a custom folder (default is ./output_cfg)
cargo run -- -f ./examples/sierra/fib_array.sierra --cfg --cfg-output ./test
cargo run -- -f ./examples/sierra/fib_array.sierra --callgraph
# Output the Callgraph to a custom folder (default is ./output_callgraph)
cargo run -- -f ./examples/sierra/fib_array.sierra --callgraph --callgraph-output ./test
# Get the Callgraph of a specific function
cargo run -- -f ./examples/sierra/fib_unary.sierra --callgraph --function 'examples::fib_unary::fib'
cargo run -- -f ./examples/sierra/fib_array.sierra -d
It is also possible to use the sierra-analyzer-lib
library to decompile serialised or unserialised Sierra files.
Examples can be found here.
Here is a tutorial on how to improve the decompiler output using LLMs.
- Decompiler
- Control-Flow Graph
- Call Graph
- Informational & Security detectors
- Fetching contracts from Starknet
- Symbolic execution