Vultron: the Ultimate Smart Contract Fuzzing Framework

Running Vultron (ContraMaster)

Dependencies

Node.js: 12.12.0
Truffle: 5.0.42
Go-Ethereum: 1.8+ (a customized version is required to enable the fuzzing feedback)

Getting Started

npm install;                # Install dependencies
./utils/startTruffle.sh;    # Deploy contracts to your private blockchain (this assumes a running private Ethereum blockchain)

node server.js              # Note: if encountering password error, go to connection/fuzzer.js and replace '123456' with your account password in the function 'unlockAccount')

Usage Steps

Deploy target and attack contracts to the test network.
Load contract source (.sol) and compiled (.json) code via the user interface.
Run seed tests (without feedback) and observe the results.

Vultron (ContraMaster) can also be run under the batch mode, with appropriate commandline options.

Benchmark

The benchmark used in the ContraMaster experiments is available under ./benchmark. Both the contract source code and the migration (deployment) scripts are provided. The discovered exploits can be found in the file exploit_<N>.txt.

Name		Name	Last commit message	Last commit date
Latest commit History 122 Commits
benchmark		benchmark
connection		connection
contracts		contracts
migrations		migrations
tests		tests
utils		utils
views		views
.gitignore		.gitignore
LICENSE.txt		LICENSE.txt
README.md		README.md
package-lock.json		package-lock.json
package.json		package.json
server.js		server.js
truffle.js		truffle.js

License

ntu-SRSLab/vultron

Folders and files

Latest commit

History

Repository files navigation

Vultron: the Ultimate Smart Contract Fuzzing Framework

Running Vultron (ContraMaster)

Dependencies

Getting Started

Usage Steps

Benchmark

About

Resources

License

Stars

Watchers

Forks

Languages