## Analysis

Steps to reproduce
1. Load a new run-time
2. Load all the test_files (solidity smart contracts) in the run-time enivronment

## Static-Analysis
Static code analysis is a method of debugging by examining source code before a program is run. It's done by analyzing a set of code against a set (or multiple sets) of coding rules. Static analysis identifies defects before we run a program

In [6]:
#set up slither
!pip install slither-analyzer
!pip install solc-select
!solc-select install 0.8.9
import os
os.environ['SOLC_VERSION'] = '0.8.9'

Looking in indexes: https://pypi.org/simple, https://us-python.pkg.dev/colab-wheels/public/simple/
Collecting eth-utils>=2.1.0
  Using cached eth_utils-2.1.0-py3-none-any.whl (24 kB)
Collecting eth-account>=0.8.0
  Using cached eth_account-0.8.0-py3-none-any.whl (102 kB)
Collecting eth-typing>=3.0.0
  Using cached eth_typing-3.3.0-py3-none-any.whl (6.3 kB)
Collecting eth-abi>=4.0.0
  Using cached eth_abi-4.0.0-py3-none-any.whl (28 kB)
Collecting eth-hash[pycryptodome]>=0.5.1
  Using cached eth_hash-0.5.1-py3-none-any.whl (9.0 kB)
Collecting parsimonious<0.10.0,>=0.9.0
  Using cached parsimonious-0.9.0-py3-none-any.whl
Collecting eth-keys<0.5,>=0.4.0
  Using cached eth_keys-0.4.0-py3-none-any.whl (21 kB)
Collecting eth-rlp<1,>=0.3.0
  Using cached eth_rlp-0.3.0-py3-none-any.whl (5.0 kB)
Collecting eth-keyfile<0.7.0,>=0.6.0
  Using cached eth_keyfile-0.6.1-py3-none-any.whl (6.5 kB)
Collecting rlp<4,>=1.0.0
  Using cached rlp-3.0.0-py2.py3-none-any.whl (20 kB)
Installing collected package

In [10]:
!slither /content/test_type1.sol

 --> test_type1.sol:9:5:
  |
9 |     constructor() public {
  |     ^ (Relevant source part starts here and spans across multiple lines).

  --> test_type1.sol:33:5:
   |
33 |     constructor(VulnerableContract _vulnerableContract) public {
   |     ^ (Relevant source part starts here and spans across multiple lines).


INFO:Detectors:[92m
Pragma version0.8.9 (test_type1.sol#2) allows old versions
solc-0.8.9 is not recommended for deployment
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-versions-of-solidity[0m
INFO:Detectors:[92m
Parameter VulnerableContract.updateVariable(uint256)._newVariable (test_type1.sol#13) is not in mixedCase
Parameter VulnerableContract.setUnusedVariable(uint256)._unusedVariable (test_type1.sol#21) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions[0m
INFO:Detectors:[92m
AttackerContract.vulnerableContract (test_type1.sol#31) should be

In [11]:
!slither /content/safeMath.sol

--> safeMath.sol


INFO:Detectors:[92m
Pragma version0.8.9 (safeMath.sol#1) allows old versions
solc-0.8.9 is not recommended for deployment
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-versions-of-solidity[0m
INFO:Slither:/content/safeMath.sol analyzed (1 contracts with 85 detectors), 2 result(s) found


## Symbolic Execution
Symbolic execution is a method of executing a program abstractly so that it covers multiple execution paths through the code. The execution makes use of “symbols” as inputs to the program and the results are expressed in terms of the symbolic inputs

In [None]:
#set up manticore
!pip install manticore==0.3.0
!pip install protobuf==3.20.0
!pip install solidity_parser
!pip install solc
!pip install py-solc-x
!pip install manticore-eth
!pip install manticore[native]
import os
os.environ['PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION'] = 'python'
from manticore.ethereum import ManticoreEVM
from manticore.ethereum import ManticoreEVM
from manticore.ethereum.abi import ABI
from solcx import compile_source
import json


In [None]:
!solc /content/test_type1.sol --bin --abi --optimize -o build

[0m [1m[34m-->[0m test_type1.sol:9:5:
  [1m[34m|[0m
[1m[34m9 |[0m     [33mconstructor() public {
[0m  [1m[34m|[0m     [1m[33m^ (Relevant source part starts here and spans across multiple lines).[0m

[0m  [1m[34m-->[0m test_type1.sol:33:5:
   [1m[34m|[0m
[1m[34m33 |[0m     [33mconstructor(VulnerableContract _vulnerableContract) public {
[0m   [1m[34m|[0m     [1m[33m^ (Relevant source part starts here and spans across multiple lines).[0m



In [None]:
# set the path to the directory containing the uploaded files
path = "/content/build"
filenames = os.listdir(path)
contract_specs = {}
for f in filenames:
  name, ext = f.split('.')
  if ext == 'bin':
    contract_specs[f] = name + ".abi"

print(contract_specs)

{'VulnerableContract.bin': 'VulnerableContract.abi', 'AttackerContract.bin': 'AttackerContract.abi'}


In [None]:
!solc --version && z3 --version

solc, the solidity compiler commandline interface
Version: 0.8.9+commit.e5eed63a.Linux.g++
Z3 version 4.12.1 - 64 bit


In [None]:
!manticore safeMath.sol

In [None]:
!zip -r /content/mcore_sm49_f_4.zip /content/mcore_sm49_f_4

In [None]:
!manticore test_type1.sol

2023-04-24 15:55:22,239: [20954] m.main:[34mINFO:[0m Registered plugins: DetectUninitializedMemory, DetectDelegatecall, DetectExternalCallAndLeak, DetectInvalid, DetectIntegerOverflow, DetectUnusedRetVal, DetectReentrancySimple, DetectReentrancyAdvanced, DetectEnvInstruction, DetectSuicidal, DetectUninitializedStorage
2023-04-24 15:55:22,240: [20954] m.main:[34mINFO:[0m Beginning analysis
2023-04-24 15:55:22,248: [20954] m.e.manticore:[34mINFO:[0m Starting symbolic create contract
2023-04-24 15:55:22,815: [21001] m.c.manticore:[34mINFO:[0m Generated testcase No. 0 - NO STATE RESULT (?)(0 txs)
2023-04-24 15:55:23,004: [20954] m.c.manticore:[34mINFO:[0m Results in /content/mcore_665mhgyb


## Mythril
Mythril is an open-source security analysis tool used to detect security vulnerabilities in smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock and other EVM-compatible blockchains

In [3]:
!pip install mythril

Looking in indexes: https://pypi.org/simple, https://us-python.pkg.dev/colab-wheels/public/simple/
Collecting mythril
  Downloading mythril-0.23.22.tar.gz (4.5 MB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m4.5/4.5 MB[0m [31m31.2 MB/s[0m eta [36m0:00:00[0m
[?25h  Preparing metadata (setup.py) ... [?25l[?25hdone
Collecting blake2b-py
  Downloading blake2b_py-0.1.4-cp39-cp39-manylinux2010_x86_64.whl (151 kB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m151.7/151.7 kB[0m [31m17.3 MB/s[0m eta [36m0:00:00[0m
[?25hCollecting coloredlogs>=10.0
  Downloading coloredlogs-15.0.1-py2.py3-none-any.whl (46 kB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m46.0/46.0 kB[0m [31m5.6 MB/s[0m eta [36m0:00:00[0m
[?25hCollecting coincurve>=13.0.0
  Downloading coincurve-18.0.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (1.4 MB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m1.4/1.4 MB[0m [31m66.2 MB

In [12]:
!myth analyze safeMath.sol

Traceback (most recent call last):
  File "/usr/local/bin/myth", line 5, in <module>
    from mythril.interfaces.cli import main
  File "/usr/local/lib/python3.9/dist-packages/mythril/__init__.py", line 8, in <module>
    from mythril.plugin.loader import MythrilPluginLoader
  File "/usr/local/lib/python3.9/dist-packages/mythril/plugin/__init__.py", line 1, in <module>
    from mythril.plugin.interface import MythrilPlugin, MythrilCLIPlugin
  File "/usr/local/lib/python3.9/dist-packages/mythril/plugin/interface.py", line 2, in <module>
    from mythril.laser.plugin.builder import PluginBuilder as LaserPluginBuilder
  File "/usr/local/lib/python3.9/dist-packages/mythril/laser/plugin/builder.py", line 1, in <module>
    from mythril.laser.plugin.interface import LaserPlugin
  File "/usr/local/lib/python3.9/dist-packages/mythril/laser/plugin/interface.py", line 1, in <module>
    from mythril.laser.ethereum.svm import LaserEVM
  File "/usr/local/lib/python3.9/dist-packages/mythril/laser/e

In [9]:
!myth analyze test_type1.sol

Traceback (most recent call last):
  File "/usr/local/bin/myth", line 5, in <module>
    from mythril.interfaces.cli import main
  File "/usr/local/lib/python3.9/dist-packages/mythril/__init__.py", line 8, in <module>
    from mythril.plugin.loader import MythrilPluginLoader
  File "/usr/local/lib/python3.9/dist-packages/mythril/plugin/__init__.py", line 1, in <module>
    from mythril.plugin.interface import MythrilPlugin, MythrilCLIPlugin
  File "/usr/local/lib/python3.9/dist-packages/mythril/plugin/interface.py", line 2, in <module>
    from mythril.laser.plugin.builder import PluginBuilder as LaserPluginBuilder
  File "/usr/local/lib/python3.9/dist-packages/mythril/laser/plugin/builder.py", line 1, in <module>
    from mythril.laser.plugin.interface import LaserPlugin
  File "/usr/local/lib/python3.9/dist-packages/mythril/laser/plugin/interface.py", line 1, in <module>
    from mythril.laser.ethereum.svm import LaserEVM
  File "/usr/local/lib/python3.9/dist-packages/mythril/laser/e

## Securify Analysis
It is a tool that performs static analysis on Ethereum smart contracts to detect vulnerabilities such as reentrancy, uninitialized storage pointers, and more.

In [None]:
# !apt-get install -y openjdk-8-jdk-headless
# !git clone https://github.com/eth-sri/securify.git
# %cd /content/securify
# !pip install -U -r /content/securify/requirements.txt

Reading package lists... Done
Building dependency tree       
Reading state information... Done
openjdk-8-jdk-headless is already the newest version (8u362-ga-0ubuntu1~20.04.1).
0 upgraded, 0 newly installed, 0 to remove and 35 not upgraded.
fatal: destination path 'securify' already exists and is not an empty directory.
/content/securify
Looking in indexes: https://pypi.org/simple, https://us-python.pkg.dev/colab-wheels/public/simple/


In [None]:
# !./build_souffle.sh
# !./gradlew tasks

[m

[1m> Task :tasks[m[0K

[1m------------------------------------------------------------[m
[1mAll tasks runnable from root project[m
[1m------------------------------------------------------------[m

[1mBuild tasks[m
[1m-----------[m
[32massemble[39m[33m - Assembles the outputs of this project.[39m
[32mbuild[39m[33m - Assembles and tests this project.[39m
[32mbuildDependents[39m[33m - Assembles and tests this project and all projects that depend on it.[39m
[32mbuildNeeded[39m[33m - Assembles and tests this project and all projects it depends on.[39m
[32mclasses[39m[33m - Assembles main classes.[39m
[32mclean[39m[33m - Deletes the build directory.[39m
[32mjar[39m[33m - Assembles a jar archive containing the main classes.[39m
[32mtestClasses[39m[33m - Assembles test classes.[39m

[1mBuild Setup tasks[m
[1m-----------------[m
[32minit[39m[33m - Initializes a new Gradle build.[39m
[32mwrapper[39m[33m - Generates Gradle wrapper file