##Preprocess dataset


In [None]:
import os
import requests

api_url = "https://api.github.com/repos/{owner}/{repo}/contents/{path}"
owner = "smartbugs"
repo = "smartbugs-curated"

In [None]:
def download_content(node):
  content_url = node["download_url"]
  content_response = requests.get(content_url)
  file_path = f"downloaded_files/{node['path']}"

  # Check if the directory exists, and create it if it doesn't
  directory = os.path.dirname(file_path)
  if not os.path.exists(directory):
    os.makedirs(directory)
  
  if content_response.status_code == 200:
      with open(f"downloaded_files/{node['path']}", "wb") as f:
          f.write(content_response.content)
  else:
      print(f"Error downloading {node['path']}: {content_response.status_code}")

In [None]:
def traverse_tree(node):

  if node['type'] == 'dir':
    call_response(node['path'])
  else:
    if node["name"].endswith(".sol"):
      download_content(node)

  

In [None]:
def call_response(folder_path):

  url = api_url.format(owner=owner, repo=repo, path=folder_path)
  response = requests.get(url)

  if response.status_code == 200:
    os.makedirs("downloaded_files", exist_ok=True)
    for node in response.json():
      traverse_tree(node)
  else:
    print(f"Error listing files in folder: {response.status_code}")

  return


In [None]:
call_response("dataset")

In [None]:
folder_path = 'downloaded_files/dataset'
number_of_contracts = 0
contract_mapping = {}
contract_paths = []

for control in os.listdir(folder_path):
  control_folder_path = os.path.join(folder_path, control)
  
  for vulnerable_contract in os.listdir(control_folder_path):
    contract_path = os.path.join(control_folder_path, vulnerable_contract)
    contract_paths.append(contract_path)
    number_of_contracts += 1
    contract_mapping[vulnerable_contract] = control

print('Number of contracts: ' + str(number_of_contracts))

Number of contracts: 143


## Slither
Run and test out slither on 143 contracts

In [None]:
#set up slither
!pip install slither-analyzer
!pip install solc-select
!solc-select install 0.4.24
import os
import subprocess
os.environ['SOLC_VERSION'] = '0.4.24'

Looking in indexes: https://pypi.org/simple, https://us-python.pkg.dev/colab-wheels/public/simple/
Collecting slither-analyzer
  Downloading slither_analyzer-0.9.3-py3-none-any.whl (655 kB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m655.6/655.6 kB[0m [31m20.2 MB/s[0m eta [36m0:00:00[0m
[?25hCollecting web3>=6.0.0
  Downloading web3-6.2.0-py3-none-any.whl (571 kB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m572.0/572.0 kB[0m [31m35.3 MB/s[0m eta [36m0:00:00[0m
[?25hCollecting crytic-compile<0.4.0,>=0.3.1
  Downloading crytic_compile-0.3.1-py3-none-any.whl (92 kB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m92.5/92.5 kB[0m [31m9.4 MB/s[0m eta [36m0:00:00[0m
Collecting pycryptodome>=3.4.6
  Downloading pycryptodome-3.17-cp35-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (2.1 MB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m2.1/2.1 MB[0m [31m56.3 MB/s[0m eta [36m0:00:00[0m
[?25hCollecti

In [None]:
# #analyse all the contracts using slither
print("\n=================Running Slither==========================\n")
slither_result = {}
for contract_path in contract_paths:
  try:
    p = "/content/" + contract_path
    result = subprocess.run(['slither', p], capture_output=True, text=True)
    slither_result[contract_path] = result.stderr
  except:
    print('unable to run slither for ' + contract_path)





In [None]:
# Open the file for writing
with open('slither_analysis_result.json', 'w') as f:
    # Convert the dictionary to JSON and write it to the file
    json.dump(slither_result, f)

## Mythril
Run and test out Mythrill on all the 143 contracts

In [None]:
!pip install mythril

Looking in indexes: https://pypi.org/simple, https://us-python.pkg.dev/colab-wheels/public/simple/
Collecting mythril
  Downloading mythril-0.23.22.tar.gz (4.5 MB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m4.5/4.5 MB[0m [31m43.5 MB/s[0m eta [36m0:00:00[0m
[?25h  Preparing metadata (setup.py) ... [?25l[?25hdone
Collecting blake2b-py
  Downloading blake2b_py-0.1.4-cp39-cp39-manylinux2010_x86_64.whl (151 kB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m151.7/151.7 kB[0m [31m9.9 MB/s[0m eta [36m0:00:00[0m
[?25hCollecting coloredlogs>=10.0
  Downloading coloredlogs-15.0.1-py2.py3-none-any.whl (46 kB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m46.0/46.0 kB[0m [31m4.6 MB/s[0m eta [36m0:00:00[0m
[?25hCollecting coincurve>=13.0.0
  Downloading coincurve-18.0.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (1.4 MB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m1.4/1.4 MB[0m [31m50.5 MB

In [None]:
p = contract_paths[0]
result = subprocess.run(['myth','analyze', p], capture_output=True, text=True)
print(result)

CompletedProcess(args=['myth', 'analyze', 'downloaded_files/dataset/front_running/odds_and_evens.sol'], returncode=1, stdout="==== Unchecked return value from external call. ====\nSWC ID: 104\nSeverity: Medium\nContract: OddsAndEvens\nFunction name: getProfit()\nPC address: 428\nEstimated Gas Usage: 2505 - 37116\nThe return value of a message call is not checked.\nExternal calls return a boolean value. If the callee halts with an exception, 'false' is returned and execution continues in the caller. The caller should check whether an exception happened and react accordingly to avoid unexpected behavior. For example it is often desirable to wrap external calls in require() so the transaction is reverted if the call fails.\n--------------------\nIn file: downloaded_files/dataset/front_running/odds_and_evens.sol:50\n\nmsg.sender.send(this.balance)\n\n--------------------\nInitial State:\n\nAccount: [CREATOR], balance: 0xf00b80000040002, nonce:0, storage:{}\nAccount: [ATTACKER], balance: 0x

In [None]:
# #analyse all the contracts using mythrill
print("\n\n\n\=================Running Mythrill==========================")
mythrill_result = {}
cnt = 0
for contract_path in contract_paths:
  cnt +=1
  print(cnt)

  try:
    p = contract_path
    result = subprocess.run(['myth','analyze', p], capture_output=True, text=True)
    mythrill_result[contract_path] = result.stdout
  except Exception as e:
    print(e)
    print('unable to run mythrill for ' + contract_path)




1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18


In [None]:
print(len(mythrill_result))

In [None]:
# # Open the file for writing
# with open('mythrill_analysis_run_10_result.json', 'w') as f:
#     # Convert the dictionary to JSON and write it to the file
#     json.dump(mythrill_result, f)