Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adds analysis for Manticore tool #2455

Closed
wants to merge 1 commit into from
Closed

Adds analysis for Manticore tool #2455

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
56 changes: 56 additions & 0 deletions tools/manticore-analysis/analysis.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
# Manticore
[Manticore](https://github.com/trailofbits/manticore) is a versatile symbolic execution tool that can analyze Ethereum Smart Contracts,
Linux binaries, and Windows binaries. It's widely used for security auditing and testing of
applications where security is paramount. Its main features include:
- **Program Exploration**: executing a program with symbolic inputs and exploring all the possible states it can reach,
- **Input Generation**: producing concrete inputs that result in a given program state,
- **Error Discovery**: detecting crashes and other failure cases in binaries and Smart Contracts,
- **Instrumentation**: providing fine-grained control of state exploration via event callbacks and instruction hooks,
- **Programmatic Interface**: exposing programmatic access to its analysis engine via a Python API.

Manticore can analyze the following types of programs:

- Ethereum Smart Contracts (EVM bytecode)
- Linux ELF binaries (x86, x86_64, aarch64, and ARMv7)
- WASM Modules

## Installation and execution:
- Installing by PIP results in [protobuf incorrect version error](sample_execution/execution_errors.md#pip-instalation)
(described better here: https://github.com/trailofbits/manticore/issues/2600)
- Build attempt with docker image version 3.7+ result in [attribute error](sample_execution/execution_errors.md#docker-v37-and-latest-)
- Build attempt with docker image version 3.6 results in [tool custom exception](sample_execution/execution_errors.md#docker-v36)
- Manticore may be built on docker image version 3.5. Execution example may be found [here](sample_execution/sample_execution.md),
and output files generated by the Manticore may be found under: `./Manticore/sample_execution_outputs`
> **Support**:
> This project is no longer internally developed and maintained. The team responsible for creating this tool announced its
> readiness to review and accept small, well-written pull requests by the community (only bug fixes and minor
> enhancements shall be considered). But there have veen no changes in the tool`s codebase since December 2022. All error
> executions may be found in [this file](sample_execution/execution_errors.md)

### Custom detector investigation
Manticore has no documented ways to introduce new detectors. It requires adding a new detector class to [detectors.py](https://github.com/trailofbits/manticore/blob/master/manticore/ethereum/detectors.py) file and importing it in cli.py (for command line interface analysis).
## Recommendations and possible investments in the tool:
* Issues encountered in the latest versions of the application should be resolved.
----
# Guidelines for using Ethereum precompiles in Hedera:
1. Hedera supports ED25519 accounts, ecrecover works correctly only for ECSDA accounts. This must be noted during potential
contract migration (Slither detector placed in this repository can be used to check for ecrecover usage in the contract to
migrate).
2. There are precompiles which may be missing from Hedera EVM that are present in current EVM version.
For example Cancun-related updates are yet to be implemented as for end of April 2024.
3. By the [docs](https://docs.hedera.com/hedera/sdks-and-apis/sdks/token-service/associate-tokens-to-an-account).
When using the Hedera Token Service it is important to check if the token is associated with the receiving account.
4. List of pain points between Hedera EVM and vanilla Ethereum EVM:
- ECDSA aliases can be possibly changed in Hedera, which can lead to a new account address, this may influence whitelists
systems, transaction validation, and potential vulnerability in replay attacks and authorization issues,
- If a contract relies on specific addresses for functionality or permissions, redeploying or updating these contracts
may be necessary to align with new address formats.
More information [here](https://medium.com/@Arkhia/creating-an-ecdsa-based-account-with-an-alias-on-hedera-5d5d8b2cc1e9)
- OpenZeppelin - the most widely used library used in Solidity Smart Contracts. Contracts using ecrecover:
- ERC20Wrapper
- ERC2771Forwarder
- ERC721Wrapper
- ERC20Permit
- governance/utils/Votes
- Utils: EIP712Verifier, cryptography/ECDSA, SignatureChecker
5. A list of differences between Hedera EVM and vanilla Ethereum EMV should be created and maintained.
6 changes: 6 additions & 0 deletions tools/manticore-analysis/docker-compose.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
services:
manticore:
image: trailofbits/manticore:0.3.5
extra_hosts:
- "host.docker.internal:host-gateway"
entrypoint: ["sleep", "infinity"]