Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Partial Concrete Storage precision #12

Open
degrigis opened this issue Jan 4, 2024 · 0 comments
Open

Partial Concrete Storage precision #12

degrigis opened this issue Jan 4, 2024 · 0 comments
Assignees
@degrigis @ruaronicola
Labels
bug Something isn't working enhancement New feature or request

Comments

@degrigis
Copy link
Collaborator

degrigis commented Jan 4, 2024

Whenever we use the partial concrete storage, an SSTORE to a symbolic slot ID (e.g., X) can potentially overwrite a value previously loaded from the blockchain at a concrete slot id (e.g., id=0x5). This happens when X=5 is satisfiable.

In these cases, we should either:

1- Invalidate the content of Storage[0x5] if X can be concretized to 5 (this is done immediately after we observe the symbolic storage write but might be expensive)
2- Encode extra constraints (ITE?) that handle the case at solving time.

e.g.,

  • SLOAD from ID=5 --> w3.get_storage_at(0x5) = 0xdeadbeef --> Storage[5] = 0xdeadbeef
  • SSTORE at ID=X --> If X == 5 is_sat() then Storage[5] =

Currently, this is not handled properly and can cause a loss of soudness on the analysis when using this option.
@degrigis degrigis added bug Something isn't working enhancement New feature or request labels Jan 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@degrigis degrigis

@ruaronicola ruaronicola

Labels
bug Something isn't working enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@degrigis @ruaronicola