Decompilation #173

d-xo · 2023-11-14T09:11:25Z

Adds a certified decompiler that can automatically derive act specifications from evm bytecode. The process operates in the following stages:

Symbolically execute the bytecode to produce an EVM.Expr
Transform that Expr into one that can be safely represented using Integers
Convert that Expr into an Act spec (trusts solc compiler output)
Compile the generated Act spec back to Expr and check equivalence (solc compiler output no longer trusted)

This currently supports only very simple contracts, basically value types, simple arithmethic, and storage writes. Mappings in storage are currently not supported, but doing so should be in principle possible.

Some simple tests are added, but still todo is to hook this up to the main CLI interface.

Starting from the existing solidity code produces the following spec (I'm currently unsure where the case True comes from):

contract C {
  uint x = 0;
  function f(uint v) public {
    x = v;
  }
}

constructor of C
interface C()

iff

  (CALLVALUE == 0)

creates

  uint256 x := 0


behaviour f of C
interface f(uint256 v)

iff

  (CALLVALUE == 0)

case

  true:

storage

  x => v

- adds unit tests - adds type declarations to creates blocks in pretty printer - adds custom equivalence checking logic that signals success / failure in it's return value - adds whole exp traversals (mapExpM and mapExp for now) - fixes a bunch of small bugs

msooseth · 2024-07-11T12:53:02Z

Hi!

Is this still being worked on? Should I review? Sounds cool :)

Mate

src/Act/HEVM.hs

src/Test/Decompile.hs

src/Act/Decompile.hs

d-xo

Thanks for fixing this up and getting it ready to merge.
Mostly curious if some of the soundness concerns still in the TODO comments are valid.

msooseth · 2024-07-30T14:05:59Z

Should I review? Is this active, do you want this merged? Looks like a lot of cool work!

Co-authored-by: dxo <[email protected]>

src/Act/Decompile.hs

d-xo · 2024-08-06T15:29:14Z

I'm not allowed to approve because I opened the PR originally, but all your changes look good to me @zoep and I'm fine to merge this whenever.

src/Test/Decompile.hs

zoep

LGTM

d-xo and others added 18 commits September 29, 2023 16:47

first draft decompiler

29e84f3

Print: add some more printers

4d59a0a

Decompile: debugging

bcea6b9

Decompile: cleanup

f59242c

Decompile: handle methods that return function pointers

a2820bf

Decompile: basic storage rewrites supported

5313d94

HEVM: pretty calldata decoding

2d9ce3f

Print: better printing for constructors

0fc66ba

Decompile: return types and require statements

8af406a

Decompile: handle overflow checks

4b7314e

nix: bump hevm

7d334eb

Merge branch 'main' into decompilation

c3fc344

update hlint rules

ec8c3c8

perf: strip useless mods from expressions when converting to Expr

6cf2382

Merge branch 'main' into decompilation

95ffc91

decompile: correct comment

cb65318

flake: correct src path

7b1c85e

d-xo requested review from zoep and msooseth November 14, 2023 09:20

d-xo and others added 10 commits November 14, 2023 10:21

flake: indentation

5fe17a4

Merge branch 'main' into decompilation

1f3e71d

tweaks

6fc3ca7

Print: don't print trivial cases

cda8a21

ci: show full build logs from nix

1de7ef2

nix: add solc to buildInputs for act

579c7a2

CLI: add decompiler endpoint

0017d6b

Tests: Decompile: fix compilation errors

27f9b9e

merge with main

d042937

fix errors

db9c2c9

zoep and others added 10 commits April 17, 2024 17:23

one more fix in error

9b67d5d

fixing the Validation traversals once again

b966092

Proper sequencing of results

8ee7d1c

Fix type errors in conflict

c8af789

Decompile: fix infinite loop in codemap generation

bee9632

Decompile: new rewriting rule from work with Lexi and sideconditions

62c1aa8

Decompile: rearrange mkRewrites

f2663a2

Decompile: add values for implicitly initalized storage vars

712b424

add postconditon to AMM

24ebf2e

syntax nit

7b5ee98