Giter Site home page Giter Site logo

girlfriend's Introduction

girlfriend

Girl Friend <- G F <- Generate Foundry Fork Test from Attack Transaction

She is truly a great friend.

Prerequisites

# Install abi-guesser
git clone [email protected]:fuzzland/abi-guesser-cli.git
cd abi-guesser-cli
npm i -g

# Init submodules
git submodule update --recursive --init

Getting Started

Config

Before running the commands, you need to rename config/config.example.toml to config.toml. And modify it as follows:

  • The RPC URLs should support the debug API (e.g. debug_traceTransaction).
  • Add your scan keys. You can get them as follows (take ETH as an example, other chains are similar):
    1. Register an account on Etherscan.
    2. Create API keys.

Generate A Foundry Test PoC

gf is used to generate a Foundry test PoC using a given txhash.

Usage: gf [OPTIONS] --txhash <TXHASH>

Options:
  -c, --config <CONFIG>  the config file path [default: config/config.toml]
  -t, --txhash <TXHASH>  the txhash
  -h, --help             Print help
  -V, --version          Print version
  • Example
# The output_dir is configured in the config file [default: ./test]
cargo run --bin gf -- -t 0xeaef2831d4d6bca04e4e9035613be637ae3b0034977673c1c2f10903926f29c0

# If the output_dir is `./test`, you can run it directly
forge test -vvvvv

Backtest

bt is used to perform a backtest with a given txhashes file.

Usage: bt [OPTIONS]

Options:
  -c, --config <CONFIG>                the config file path [default: config/config.toml]
  -t, --txhashes-path <TXHASHES_PATH>  the back test txhashes file path [default: assets/eth_tx.txt]
  -r, --result-dir <RESULT_DIR>        the result dir [default: eth_back_test]
  -h, --help                           Print help
  -V, --version                        Print version
  • Example
# ETH backtest
cargo run --bin bt
# BSC backtest
cargo run --bin bt -- -t assets/bsc_tx.txt -r bsc_back_test

Progress

We collected 74 historical attacks on ETH and 117 on BSC for backtesting. The commands executed are as mentioned above. The results are as follows:

Chain Total Success Success Rate
ETH 74 24 32.43%
BSC 117 46 39.32%

Optimization item

  • The return value of a static call is now not handled efficiently. This may be used in the subsequent process.
  • The parsing of calldata/returndata should use recursion to decode.
  • Preparation for attack, gf now simply copy attacker txs in 3h. In fact, it can be handled more finely.
  • For handling loops, a more efficient approach should be adopted.

girlfriend's People

Contributors

0xawm avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.