How to get a list of integer conditions which are checked for in the code?

Consensys / mythril

Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Rootstock, Tron and other EVM-compatible blockchains.

https://mythx.io/

MIT License

3.88k stars 741 forks source link

How to get a list of integer conditions which are checked for in the code? #1753

Closed abhinandanudupa closed 1 year ago

abhinandanudupa commented 1 year ago

Description

Hello, I am working on adding an analysis module to Mythril and I need help in finding out if any integer condition for example a == 5.023 in a if...else statement (or in a require?) exists. If there is such a condition, then:

how do I get a reference to that variable for eg. the variable a here which I can check in later on and,
check if any subsequent actions/transactions result in a situation where the aforementioned conditions do not hold ie. a != 5.023 has subsequently become true during the execution as it takes a value a = 4.023.

norhh commented 1 year ago

Sorry for the delay in response, I had access issues for a while.

You can assume the topmost constraint in the constraint stack to contain such equalities. However, it might not contain that variable, since it's a constraint. One way is to annotate the storage locations used in all constraints (i.e. if you encounter a JUMPI, store all the variables used in the condition for JUMPI and annotate that structure onto the global state). If you can elaborate the goal of the module, I can help with a better solution. You can message me in Discord if you don't want to make it public. Join MythX discord server and hit me up.

abhinandanudupa commented 1 year ago

Thank you for the response. I will like to text you on Discord.