Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Output transaction sequence for reaching vulnerable state

See original GitHub issue

Description

Add an option that outputs the transactions for reaching each vulnerable state.

Background

We already have all the data we need from the solver. It should be trivial to reformat this output for various purposes:

As a Truffle test;
As an executable exploit;
As a script that deploys the contract to Ganache and attempts to exploit the issue.

Scope

Compose the call data for each message call in the transaction sequence. For example, running an assert test on the following example should produce three transactions:

contract Token{

    mapping(address => uint) public balances;
    function airdrop() public{
        balances[msg.sender] = 1000;
    }

    function consume() public{ 
        require(balances[msg.sender]>0);
        balances[msg.sender] -= 1;
    }

    function backdoor() public{
        balances[msg.sender] += 1;
    }
 
   function test_invariants() {
      assert(balances[msg.sender] <= 1000);
  }
}

Issue Analytics

State:
Created 5 years ago
Comments:10 (3 by maintainers)

Top GitHub Comments

1reaction

nbanmpcommented, Oct 19, 2018

I’m here @gitcoinbot

0reactions

gitcoinbotcommented, Nov 6, 2018

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

The funding of 2.2 ETH (463.0 USD @ $210.45/ETH) attached to this issue has been approved & issued to @nbanmp.

Learn more on the Gitcoin Issue Details page
Questions? Checkout Gitcoin Help or the Gitcoin Slack
$59,251.82 more funded OSS Work available on the Gitcoin Issue Explorer

Top Results From Across the Web

SmarTest: Effectively Hunting Vulnerable Transaction ...

Abstract. We present SMARTEST, a novel symbolic execution tech- nique for effectively hunting vulnerable transaction sequences.

5. Transactions - Mastering Bitcoin [Book] - O'Reilly

A transaction's lifecycle starts with the transaction's creation, also known as origination. The transaction is then signed with one or more signatures ...

KB4072698: Windows Server and Azure Stack HCI guidance ...

This article provides guidance for a new class of silicon-based microarchitectural and speculative execution side-channel vulnerabilities that affect many ...

Known Exploited Vulnerabilities Catalog | CISA

The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker...

What Is Proof of Work (PoW) in Blockchain? - Investopedia

Proof of work describes the process that allows the bitcoin network to remain robust by making the process of mining, or recording transactions,...