In [1]:
import numpy as np
import pandas as pd
import requests as req
import time
import re
import glob
import os
import subprocess
from bs4 import BeautifulSoup

In [2]:
### Download Smart Contract Meta Data
if False:
    MAX_PAGE = 1000
    AT_PAGE = 0
    contracts = {"address": [], "block_number": [], "ether": [], "has_source": [] }
    base_url = "https://contract-library.com/api/contracts?"
    for idx in range(MAX_PAGE - AT_PAGE):
        ### Start Downloading
        page_number = idx + 1 + AT_PAGE
        end_point = "{0}n=Ethereum&q=&t=address&s=block_number&o=desc&p={1}&c=100&w=".format(base_url, page_number)
        r = req.get(end_point)
        assert(r.status_code == 200)
        print("=> page_number: {}".format(page_number))
        json = r.json()
        for contract in json["contracts"]:
            contracts["address"].append(contract["address"])
            contracts["block_number"].append(contract["block_number"])
            contracts["ether"].append(contract["ether"])
            contracts["has_source"].append(contract["has_source"])
        ## Write Fragment
        if page_number % 100 == 0:
            csv_file = "assets/addr_{}.csv".format(int(page_number / 100))
            df = pd.DataFrame(contracts)
            df.to_csv(csv_file, header=None, index=False)
            print("=> write to {}".format(csv_file))
            print("=> sleep 2 seconds")
            time.sleep(2)
            ### Clear Contract Data
            contracts["address"] = []
            contracts["block_number"] = []
            contracts["ether"] = []
            contracts["has_source"] = []

In [3]:
## Supported compiler versions
if True:
    versions = []
    for i in range(25 - 18 + 1):
        versions.append("0.4.{}".format(i + 18))
    for i in range(16 - 0 + 1):
        versions.append("0.5.{}".format(i))
    for i in range(3 + 1):
        versions.append("0.6.{}".format(i))

In [4]:
print("=> supported version: {}".format(len(versions)))

=> supported version: 29


In [5]:
### Filter contract source code by version
if False:
    df = pd.read_csv(
        "assets/addr.csv",
        header=None,
        names=["address", "block_number", "ether", "has_source"],
    )
    df_with_source = df[(df.has_source == True)]
    print(df_with_source.describe())
    for address in df_with_source["address"]:
        end_point = "https://etherscan.io/address/{}#code".format(address)
        r = req.get(end_point, headers={"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.113 Safari/537.36"})
        assert(r.status_code == 200)
        print("=> address: {}".format(address))
        soup = BeautifulSoup(r.text, 'html.parser')
        editor = soup.find(id="editor")
        match = re.findall(r"pragma(\s+)solidity(\s+)[^\d]*((\d+\.?)+)", editor.text)
        print(match)
        if len(match) > 0 and len(match[0]) > 2:
            version = match[0][2]
            if version in versions:
                with open("contracts/{}_{}".format(address, version), "w") as f:
                    f.write(editor.text)

In [6]:
### Report 1
if True:
    num_addr = !cat assets/addr.csv | wc -l
    num_addr = int(num_addr[0])
    files = !find contracts/ -not -name "*.csv" -not -name "*.json"
    print("=> contracts {}".format(num_addr))
    print("=> sup_contracts {}".format(len(files)))
    print("=> % {}".format(len(files) / num_addr * 100))

=> contracts 100000
=> sup_contracts 1982
=> % 1.982


In [7]:
### Filter smart contract if it can not be compiled 
if False:
    files = !find contracts/ -not -name "*.csv" -not -name "*.json"
    error_files = []
    for idx, file in enumerate(files):
        version = file.split('_')[1]
        os.environ["SYM_SOLC_VERSION"] = version
        os.environ["SYM_FILE"] = file
        !solc use "$SYM_SOLC_VERSION" > /dev/null 2>&1
        output = !solc $SYM_FILE
        if "Error" in ",".join(output):
            print("=> FAIL {}".format(file))
            error_files.append(file)
        else:
            print("=> OK {}".format(file))
    df = pd.DataFrame(error_files)
    csv_file = "contracts/errors.csv"
    df.to_csv(csv_file, header=None, index=False)

In [8]:
### Report 2
if True:
    files = !find contracts/ -not -name "*.csv" -not -name "*.json"
    num_errors = !cat contracts/errors.csv | wc -l
    num_errors = int(num_errors[0])
    print("=> sup_contracts: {}".format(len(files)))
    print("=> error: {}".format(num_errors))
    print("=> comp : {}".format(len(files) - num_errors))
    print("=> % {}".format((len(files) - num_errors)/len(files) * 100))

=> sup_contracts: 1982
=> error: 231
=> comp : 1751
=> % 88.34510595358223


In [9]:
if False:
    files = !find contracts/* -not -name "*.csv" -not -name "*.json"
    df = pd.read_csv("contracts/errors.csv", header=None, names=["contract_path"])
    for contract_path in df["contract_path"]:
        files.remove(contract_path)
    print("=> comp: {}".format(len(files)))
    compiled_files = []
    for idx, file in enumerate(files):
        version = file.split('_')[1]
        os.environ["SYM_SOLC_VERSION"] = version
        os.environ["SYM_FILE"] = file
        os.environ["SYM_FILE_OUTPUT"] = "{}.json".format(file)
        print("=> {} / {} {}".format(idx + 1, len(files), file))
        !solc use $SYM_SOLC_VERSION > /dev/null 2>&1
        !solc --combined-json bin-runtime,srcmap-runtime,ast $SYM_FILE > $SYM_FILE_OUTPUT
        compiled_files.append(file)
    df = pd.DataFrame(compiled_files)
    csv_file = "contracts/compiled.csv"
    df.to_csv(csv_file, header=None, index=False)

In [10]:
### Report 3
if True:
    files = !find contracts/*.json
    num_files = !cat contracts/compiled.csv | wc -l
    print("=> json {}".format(len(files)))
    print("=> num_files {}".format(int(num_files[0])))

=> json 1750
=> num_files 1750


In [11]:
loop_bound = 20

env_content = """
dataload=02
expectCoverage=0.1
maxVisitedBlock={}
maxVisitedBlockBound=50
maxVisitedBlockStep=2
allocatedRange="a0"
""".strip().format(loop_bound)

In [12]:
### Run symEvm for coverage
if False:
    result = {
        "address": [], 
        "contract_name": [],
        "endpoints": [], 
        "covered_jumpis": [], 
        "total_jumpis": [],
        "duration": [],
        "bytelen": [],
        "loop_bound": [],
    }
    df = pd.read_csv("contracts/compiled.csv", header=None, names=["contract_path"])
    coverage_path = "results/coverage.csv"
    with open(".env", "w") as f:
        f.write(env_content)
    if os.path.exists(coverage_path):
         os.remove(coverage_path)
    with open(coverage_path, "w") as f:
        pass
    contract_paths = df["contract_path"]
    for idx, contract_path in enumerate(contract_paths):
        os.environ["SYM_CONTRACT_FILE"] = contract_path
        os.environ["SYM_JSON_FILE"] = "{}.json".format(contract_path)
        os.environ["SYM_STEP"] = "1"
        print("{} / {}".format(idx + 1, len(contract_paths)))
        ## if json file is empty
        with open(contract_path + ".json", "r") as f:
            if len(f.read()) == 0:
                continue
        ## execute SymEvm
        addr = contract_path.split("/")[1].split("_")[0]
        start_time = time.time()
        output = !node index.js
        duration = time.time() - start_time
        output = '\n'.join(output)
        print("addr: {}".format(addr))
        print(output)
        ## contract
        if "error" not in output:
            match = re.findall(r"Start Analyzing Contract:\s+([^\n]+)", output)
            assert(len(match) > 0)
            contract_name = match[0]
            ## endpoints
            match = re.findall(r"endpoints\s+:\s+(\d+)", output)
            assert(len(match) > 0)
            endpoints = int(match[0])
            ## cjumpis
            match = re.findall(r"cjumpis\s+:\s+(\d+)", output)
            assert(len(match) > 0)
            cjumpis = int(match[0])
            ## njumpis
            match = re.findall(r"njumpis\s+:\s+(\d+)", output)
            assert(len(match) > 0)
            njumpis = int(match[0])
            ## byte len
            match = re.findall(r"bytelen\s+:\s+(\d+)", output)
            assert(len(match) > 0)
            bytelen = int(match[0])
            ##
            result["address"].append(addr)
            result["endpoints"].append(endpoints)
            result["covered_jumpis"].append(cjumpis)
            result["total_jumpis"].append(njumpis)
            result["contract_name"].append(contract_name)
            result["duration"].append(round(duration * 1000))
            result["bytelen"].append(bytelen)
            result["loop_bound"].append(loop_bound)
        
    df = pd.DataFrame(result)
    df.to_csv(coverage_path, index=None)
    !rm report.*

In [13]:
loop_bound = 20

env_content = """
dataload=02
expectCoverage=0.1
maxVisitedBlock={}
maxVisitedBlockBound=50
maxVisitedBlockStep=2
allocatedRange="a0"
""".strip().format(loop_bound)

In [14]:
### Run symEvm for tainting
if False:
    result = {
        "address": [], 
        "success_sloads": [],
        "success_mloads": [],
        "success_mstores": [],
        "success_sstores": [],
        "failed_sloads": [],
        "failed_mloads": [],
        "failed_mstores": [],
        "failed_sstores": [],
    }
    df = pd.read_csv("contracts/compiled.csv", header=None, names=["contract_path"])
    tainting_path = "results/tainting.csv"
    with open(".env", "w") as f:
        f.write(env_content)
    if os.path.exists(tainting_path):
         os.remove(tainting_path)
    with open(tainting_path, "w") as f:
        pass
    contract_paths = df["contract_path"]
    for idx, contract_path in enumerate(contract_paths):
        os.environ["SYM_CONTRACT_FILE"] = contract_path
        os.environ["SYM_JSON_FILE"] = "{}.json".format(contract_path)
        os.environ["SYM_STEP"] = "2"
        print("{} / {}".format(idx + 1, len(contract_paths)))
        ## if json file is empty
        with open(contract_path + ".json", "r") as f:
            if len(f.read()) == 0:
                continue
        ## execute SymEvm
        addr = contract_path.split("/")[1].split("_")[0]
        output = !node index.js
        output = '\n'.join(output)
        print("addr: {}".format(addr))
        print(output)
        if "error" not in output:
            ## success
            match = re.findall(r"success\s+:\s+\[([^\]]+)", output)
            assert(len(match) > 0)
            success = list(map(lambda x: int(x), match[0].split(',')))
            ## failed
            match = re.findall(r"failed\s+:\s+\[([^\]]+)", output)
            assert(len(match) > 0)
            failed = list(map(lambda x: int(x), match[0].split(',')))
            ##
            result["address"].append(addr)
            result["success_sloads"].append(success[0])
            result["success_mloads"].append(success[1])
            result["success_mstores"].append(success[2])
            result["success_sstores"].append(success[3])
            result["failed_sloads"].append(failed[0])
            result["failed_mloads"].append(failed[1])
            result["failed_mstores"].append(failed[2])
            result["failed_sstores"].append(failed[3])
        
    df = pd.DataFrame(result)
    df.to_csv(tainting_path, index=None)
    !rm report.*

In [17]:
loop_bound = 20

env_content = """
dataload=02
expectCoverage=0.95
maxVisitedBlock={}
maxVisitedBlockBound=50
maxVisitedBlockStep=10
allocatedRange="a0"
""".strip().format(loop_bound)

In [20]:
### Run symEvm for tainting
if True:
    result = {
        "address": [],
        "integer": [],
        "disorder": [],
        "frez": [],
        "reentrancy": [],
    }
    df = pd.read_csv("contracts/compiled.csv", header=None, names=["contract_path"])
    bugs_path = "results/bugs.csv"
    with open(".env", "w") as f:
        f.write(env_content)
    if os.path.exists(bugs_path):
         os.remove(bugs_path)
    with open(bugs_path, "w") as f:
        pass
    contract_paths = df["contract_path"][8:9]
    for idx, contract_path in enumerate(contract_paths):
        os.environ["SYM_CONTRACT_FILE"] = contract_path
        os.environ["SYM_JSON_FILE"] = "{}.json".format(contract_path)
        os.environ["SYM_STEP"] = "3"
        print(contract_path)
        print("{} / {}".format(idx + 1, len(contract_paths)))
        ## if json file is empty
        with open(contract_path + ".json", "r") as f:
            if len(f.read()) == 0:
                continue
        ## execute SymEvm
        addr = contract_path.split("/")[1].split("_")[0]
        !node index.js
#         output = '\n'.join(output)
#         print(output)
#         if "error" not in output:
#             ## integer
#             match = re.findall(r"integer\s+:\s+(false|true)", output)
#             assert(len(match) > 0)
#             result["integer"].append(0 if match[0] == 'false' else 1)
#             ## disorder
#             match = re.findall(r"disorder\s+:\s+(false|true)", output)
#             assert(len(match) > 0)
#             result["disorder"].append(0 if match[0] == 'false' else 1)
#             ## frez
#             match = re.findall(r"frez\s+:\s+(false|true)", output)
#             assert(len(match) > 0)
#             result["frez"].append(0 if match[0] == 'false' else 1)
#             ## reentrancy
#             match = re.findall(r"reentrancy\s+:\s+(false|true)", output)
#             assert(len(match) > 0)
#             result["reentrancy"].append(0 if match[0] == 'false' else 1)
#             result["address"].append(addr)

    df = pd.DataFrame(result)
    df.to_csv(bugs_path, index=None)

contracts/0x0162c142bf923d00ec510c3c7e7a4072194d291a_0.5.7
1 / 1
^C

