Notes on Reverse Engineering EVM Bytecode.
lib
├─ ds-test
├─ solmate
src
├─ tests
│ └─ Greeter.t — "Greeter Tests"
└─ Greeter — "A Minimal Greeter Contract"Don't have rust installed? Run
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | shThen, install foundry with:
cargo install --git https://github.com/gakonst/foundry --bin forge --lockedyarn setupyarn testRequirement: Install r2:
git clone https://github.com/radareorg/radare2
cd radare2 ; sys/install.sh(UbInstall libjansson-dev:
sudo apt install libjansson-devInstall evm using r2pm:
r2pm -gi evmInstall the iaito graphical interface:
r2pm -ci iaitoCompile Greeter.sol to binary code using solc:
solc ./src/Greeter.sol --bin-runtime -o ./out/ --overwrite
ls ./out/We need to use --bin-runtime instead of --bin to exclude the prepended code for blockchain placement.
Now convert the hexadecimal format from solc into pure binary format using rax2:
rax2 -s < ./out/Greeter.bin-runtime > ./out/Greeter.bin-runtime.binAnalyze with r2:
r2 -a evm ./out/Greeter.bin-runtime.binThen, enter aa for the first prompt:
[0x00000000]> aa
[Warning: set your favourite calling convention in `e anal.cc=?`
[x] Analyze all flags starting with sym. and entry0 (aa)Next, disassemble 30 instructions with pd 30:
[0x00000000]> pd 30
┌ 1077: fcn.00000000 ();
│ 0x00000000 60
│ 0x00000001 80
...- Radare2 Book (select
ayucolor trust me :) - Practical Eth Decompilation
- ICO Security Tips radare2
- foundry
- solmate
- Georgios Konstantopoulos for forge-template resource.
These smart contracts are being provided as is. No guarantee, representation or warranty is being made, express or implied, as to the safety or correctness of the user interface or the smart contracts. They have not been audited and as such there can be no assurance they will work as intended, and users may experience delays, failures, errors, omissions, loss of transmitted information or loss of funds. We are not liable for any of the foregoing. Users should proceed with caution and use at their own risk.