# Smart Contract Vulnerability Detection

## Phase 1. Lab Preparation
### 1.1. Check OS Version

### 1.2. Updating the repository

### 1.3. Add NodeSource yum repository
The current LTS version of Node.js is version 10.x. If you want to install version 8 just change **setup_10.x** with **setup_8.** in the command below. Run the following curl command to add the NodeSource yum repository to your system:

### 1.4. Install Node.js and npm
Once the NodeSource repository is enabled, install **Node.js** and **npm** by typing:

### 1.5. Verify the Node.js and npm Installation
To check that the installation was successful, run the following commands which will print the Node.js and npm versions.

### 1.6. Install Python 3
Now that the environment is up to date, all we need do to install **Python 3** is run the following command.

### 1.7. Verify Installation
In order to ensure that Python 3 is in fact installed and usable, we can drop into a Python 3 shell by running the following command.

### 1.8. Install Pip for Python 3
To install Pip for Python 3 open the terminal window, enter the following:

### 1.9. Install Truffle
Now, we need one command to install Truffle:

### 1.10. Verify Truffle Installation
To verify that Truffle is installed properly, type truffle version on a terminal.

## Phase 2. Test Lab

### 2.1. Data Set
The first step of our experiment is to collect enough data. We use three data sets including **Smartbugs** , **SolidiFi-benchmark**, and **Smartbugs-wilds**.

### 2.2. [Slither](https://github.com/crytic/slither), the Solidity source analyzer
Slither is a **Solidity static analysis framework** written in **Python 3**. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses.

## Phase 3. Collecting Data Set

## 3.1. [Smartbugs](https://github.com/smartbugs/smartbugs)
* Smartbugs is a dataset consisting of **labeled smart contracts** according to their vulnerabilities. 
* Smart contracts in Smartbugs have the **most basic vulnerability**. So they are made to create **basic malicious smart contract** data sets.
* The number of **.sol** files in each related folder is shown below.

In [3]:
import numpy as np
import glob

vul_cat=np.array(['access_control','arithmetic','bad_randomness',
                  'denial_of_service','front_running',
                  'reentrancy','short_addresses','unchecked_low_level_calls'])

print('Vulnerability category | The number of smart contracts')
print('...............................')
for i in range (0, 8):
    myPath = '../smartbugs/dataset/'+vul_cat[i]
    solCounter = len(glob.glob1(myPath,"*.sol"))
    print(vul_cat[i] , ' | ' ,  solCounter)
    print('...............................')
    

Vulnerability category | The number of smart contracts
...............................
access_control  |  18
...............................
arithmetic  |  15
...............................
bad_randomness  |  8
...............................
denial_of_service  |  6
...............................
front_running  |  4
...............................
reentrancy  |  31
...............................
short_addresses  |  1
...............................
unchecked_low_level_calls  |  52
...............................


## 3.2. [SolidiFi Benchmark](https://github.com/DependableSystemsLab/SolidiFI-benchmark)
* SolidiFI-benchmark repository contains a dataset of buggy contracts injected by **9369 bugs** from **7 different bug types**, namely,
    * reentrancy
    * timestamp dependency
    * uhnadeled exceptions
    * unchecked send
    * TOD
    * integer overflow/underflow
    * use of tx.origin   
* The bugs have been injected in the contracts using [SolidiFI](https://github.com/DependableSystemsLab/SolidiFI).
* In addition to the dataset of the vulnerable contracts, the repository contains the injection logs that can be used to refrence the injection locations, **where** the bugs have been injected in the code, and the **type** of each bug.

* This dataset has been used to evaluate six smart contract static analysis tools namely, 
    * Oyente, 
    * Securify, 
    * Mythril, 
    * Smartcheck, 
    * Manticore, 
    * Slither.

In [106]:
import glob

vul_cat=np.array(['Overflow-Underflow','Re-entrancy','Timestamp-Dependency',
                  'TOD','tx-origin',
                  'Unchecked-Send','Unhandled-Exceptions'])

print('Vulnerability category | The number of Vulnerability')
print('...............................')
for i in range (0, 7):
    #Sample file path = '../Documents/SolidiFI/bugs/Overflow-Underflow/tf/1.txt    
    myPath = '../Documents/SolidiFI/bugs/'+vul_cat[i]+'/tf/'
    txtCounter = len(glob.glob1(myPath,"*.txt"))
    print(vul_cat[i] , ' | ' ,  txtCounter)
    print('...............................')

Vulnerability category | The number of Vulnerability
...............................
Overflow-Underflow  |  40
...............................
Re-entrancy  |  42
...............................
Timestamp-Dependency  |  40
...............................
TOD  |  40
...............................
tx-origin  |  40
...............................
Unchecked-Send  |  32
...............................
Unhandled-Exceptions  |  48
...............................
