crytic / diffusc Goto Github PK
View Code? Open in Web Editor NEWExperimental tool to ease the review of smart contracts upgrades
License: GNU Affero General Public License v3.0
Experimental tool to ease the review of smart contracts upgrades
License: GNU Affero General Public License v3.0
Running diffusc
on 2 onchain implementation contracts on BSC
diffusc 0x8990Ca8fFCBa28541C8825aC74fb77F3ad5972f5 0xa778088a07669EBFE5d3c5BAb357E526D39142C5 -V 0.8.17 -r -R https://bsc-dataseed1.binance.org/ -n bsc
โฏ diffusc --version
0.1.0
Switched global version to 0.8.17
* Calling echidna from ./ using echidna DiffFuzzUpgrades.sol --config CryticConfig.yaml --contract DiffFuzzUpgrades --format json --workers 1
echidna: Couldn't compile given file
stdout:
stderr:
INFO:CryticCompile:'solc --version' running
INFO:CryticCompile:'solc DiffFuzzUpgrades.sol --combined-json abi,ast,bin,bin-runtime,srcmap,srcmap-runtime,userdoc,devdoc,hashes --allow-paths .,/home/rappie/Desktop/repos/diffusc' running
ERROR:CryticCompile:Invalid solc compilation Error: Identifier not found or not unique.
--> DiffFuzzUpgrades.sol:37:9:
|
37 | Fee fees;
| ^^^
Compilation error when trying to run the tool
diffusc 0x1091588cc431275f99dc5df311fd8e1ab81c89f3 0xea24e9bac006de9635ac7fa4d767ffb64fb5645c -v 0.8.7 -r -R https://eth.llamarpc.com
diff-fuzz-upgrades: error: argument -v/--version: expected one argument
๐
* Calling echidna from ./ using echidna DiffFuzzUpgrades.sol --config CryticConfig.yaml --contract DiffFuzzUpgrades --format json --workers 1
echidna: Couldn't compile given file
stdout:
stderr:
INFO:CryticCompile:'solc --version' running
INFO:CryticCompile:'solc DiffFuzzUpgrades.sol --combined-json abi,ast,bin,bin-runtime,srcmap,srcmap-runtime,userdoc,devdoc,hashes,compact-format --allow-paths .,/home/rappie/Desktop/repos/diffusc' running
ERROR:CryticCompile:Invalid solc compilation Error: Undeclared identifier. Did you mean "oETHVaultCoreV1"?
--> DiffFuzzUpgrades.sol:166:59:
|
166 | (bool successV1, bytes memory outputV1) = address(oETHVaultCore).call(
| ^^^^^^^^^^^^^
Error: Undeclared identifier. Did you mean "vaultCoreV2"?
--> DiffFuzzUpgrades.sol:174:59:
|
174 | (bool successV2, bytes memory outputV2) = address(vaultCore).call(
| ^^^^^^^^^
In some scenarios, we want to compare whether the upgraded contract has changed the same states (not limited to return values).
For example, the following code snippet deleted a sentence because of carelessness after upgrading.
uint256 value = balanceOf[msg.sender];
- balanceOf[msg.sender] = 0; // deleted carelessly
(bool success, ) = msg.sender.call{value: value}("");
As far as I know, it is possible to compare whether the state changes are consistent in fuzzing. One feasible idea is to use foundry's startStateDiffRecording and stopAndReturnStateDiff.
However, as I am new to this field, I wonder if there is a simple way to support this based on diffusc.
It looks like I'm getting a crash when trying to run diffusc
on two contracts on BSC.
Chances are at least 50/50 that I'm doing something wrong ๐
diffusc 0x5dDDD9E7Aa629Be635Bf1b4311cCD680eB765883 0xa778088a07669EBFE5d3c5BAb357E526D39142C5 -V 0.8.17 -r -R https://bsc-dataseed1.binance.org/ -n bsc
โฏ diffusc --version
0.1.0
* Inspecting V1 and V2 contracts:
* Using 'fork mode':
* Network specified via command line parameter: bsc
* RPC specified via command line parameter: https://bsc-dataseed1.binance.org/
* Warning: Block explorer API key not found. Either specify a key using the -K flag or set it with the ETHERSCAN_API_KEY environment variable.
* Getting information from address 0x5dDDD9E7Aa629Be635Bf1b4311cCD680eB765883
* Looking for contract 0x5dDDD9E7Aa629Be635Bf1b4311cCD680eB765883 in cache.
* Did not find contract 0x5dDDD9E7Aa629Be635Bf1b4311cCD680eB765883 in cache. Downloading...
Traceback (most recent call last):
File "/home/rappie/.pyenv/versions/diffusc/bin/diffusc", line 8, in <module>
sys.exit(main())
^^^^^^
File "/home/rappie/Desktop/repos/diffusc/diffusc/diffusc.py", line 255, in main
contract = analysis.write_test_contract()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/rappie/Desktop/repos/diffusc/diffusc/core/analysis_mode.py", line 94, in write_test_contract
self.analyze_contracts()
File "/home/rappie/Desktop/repos/diffusc/diffusc/core/fork_mode.py", line 191, in analyze_contracts
self._v1 = get_contract_data_from_address(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/rappie/Desktop/repos/diffusc/diffusc/utils/from_address.py", line 84, in get_contract_data_from_address
contract_data["slither"] = slither_provider.get_slither_from_address(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/rappie/Desktop/repos/diffusc/diffusc/utils/slither_provider.py", line 107, in get_slither_from_address
slither = Slither(f"{self._network_prefix}:{address}", **args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/rappie/.pyenv/versions/diffusc/lib/python3.11/site-packages/slither/slither.py", line 114, in __init__
parser.parse_top_level_from_loaded_json(ast, path)
File "/home/rappie/.pyenv/versions/diffusc/lib/python3.11/site-packages/slither/solc_parsing/slither_compilation_unit_solc.py", line 205, in parse_top_level_from_loaded_json
if data_loaded[self.get_key()] == "root":
~~~~~~~~~~~^^^^^^^^^^^^^^^^
KeyError: 'name'
echidna: VM failed for unhandled reason, BadCheatCode 0xef9c9aac. This shouldn't happen. Please file a ticket with this error message and steps to reproduce!
How do I get the version of Echidna containing the new cheatcodes? I've installed the latest master using this command:
$ nix-env -i -f https://github.com/crytic/echidna/tarball/master
Does diffusec still function properly even when the new version deviates from the original? For instance, if the old version is 0.6.*
and the new version is 0.7.*
, will diffusec continue to work? I am faced with two separate projects in this particular situation, and it seems like diffusc
have encountered difficulties finding a compatible version that works for both compilations.
contract v1 0.6.12
contract v2 0.7.12
1.0.0
No response
I often use the latest master
or specific branches. It would be nice to be able to run them simultaneously with diffusc
Suggestions
--echidna-binary
argument./bin/echidna
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.