Closed aquiladev closed 5 years ago
I can confirm. Need to include a relative path to the libraries for this command to work. It would be great if we didn't have to :)
Hmm, usually if the project is already built, Truffle Security shouldn't recompile it at all. Can you try to run truffle compile
before truffle run verify
? Or is that already implied by truffle build
?
In my case, what happens is:
@b-mueller things have changed slightly in the latest version. Because we don't use truffle's compile artifact JSON anymore, but instead roll our own, a truffle compile
doesn't directly help truffle verify
. truffle verify
needs to do its own compile (adjusting to capture imported-file information which the standard truffle compile doesn't do), and then store that in its own location. But truffle-security does this using the underlying truffle libraries as much as it can.
The good news though is that if someone can come up with a small sample truffle project, I think we will be able to handle this with or without relative paths
I got same kind of problem.
import "openzeppelin-solidity/contracts/my/VulnerableParent.sol";
contract VulnerableChild is VulnerableParent {}
import "./VulnerableParent.sol";
contract VulnerableChild is VulnerableParent {}
In the Error case, I got the below message.
"These smart contracts were not found: VulnerableChild"
I guess it cannot consider about relative path from npm directory (node_modules) for like zeppeline yet.
The good news though is that if someone can come up with a small sample truffle project, I think we will be able to handle this with or without relative paths
Problem exists in this repo: https://github.com/Roger-Wu/DividendPayingToken
truffle compile
Compiling your contracts...
===========================
> Everything is up to date, there is nothing to compile.
$ truffle run verify
Compiling ./contracts/DividendPayingToken.sol...
Compiling ./contracts/DividendPayingTokenInterface.sol...
Compiling ./contracts/DividendPayingTokenOptionalInterface.sol...
Compiling ./contracts/math/SafeMathInt.sol...
Compiling ./contracts/math/SafeMathUint.sol...
Error: /home/jo/projects/DividendPayingToken/contracts/DividendPayingToken.sol:3:1: ParserError: Source "openzeppelin-solidity/contracts/token/ERC20/ERC20Mintable.sol" not found: ENOENT: no such file or directory, stat 'openzeppelin-solidity/contracts/token/ERC20/ERC20Mintable.sol'
import "openzeppelin-solidity/contracts/token/ERC20/ERC20Mintable.sol";
^---------------------------------------------------------------------^
at CompileError.ExtendableError (/home/jo/.nvm/versions/node/v10.11.0/lib/node_modules/truffle-security/node_modules/truffle-error/index.js:10:17)
at new CompileError (/home/jo/.nvm/versions/node/v10.11.0/lib/node_modules/truffle-security/compat/truffle-compile/compileerror.js:12:23)
at supplier.load.then.solc (/home/jo/.nvm/versions/node/v10.11.0/lib/node_modules/truffle-security/compat/truffle-compile/index.js:234:11)
Truffle v5.0.7 (core: 5.0.7)
Node v10.11.0
Same error with ENS project:
$ truffle run verify
Compiling ./contracts/BaseRegistrar.sol...
Compiling ./contracts/BaseRegistrarImplementation.sol...
Compiling ./contracts/DummyOracle.sol...
Compiling ./contracts/ETHRegistrarController.sol...
Compiling ./contracts/PriceOracle.sol...
Compiling ./contracts/SafeMath.sol...
Compiling ./contracts/SimplePriceOracle.sol...
Compiling ./contracts/StablePriceOracle.sol...
Compiling ./contracts/StringUtils.sol...
Compiling ./contracts/_TestDeps.sol...
Error: /Users/bernhardmueller/Projects/ethregistrar/contracts/BaseRegistrar.sol:3:1: ParserError: Source "@ensdomains/ens/contracts/ENS.sol" not found: ENOENT: no such file or directory, stat '@ensdomains/ens/contracts/ENS.sol'
import "@ensdomains/ens/contracts/ENS.sol";
^-----------------------------------------^
,/Users/bernhardmueller/Projects/ethregistrar/contracts/BaseRegistrar.sol:4:1: ParserError: Source "@ensdomains/ens/contracts/HashRegistrar.sol" not found: ENOENT: no such file or directory, stat '@ensdomains/ens/contracts/HashRegistrar.sol'
import "@ensdomains/ens/contracts/HashRegistrar.sol";
^---------------------------------------------------^
,/Users/bernhardmueller/Projects/ethregistrar/contracts/BaseRegistrar.sol:5:1: ParserError: Source "openzeppelin-solidity/contracts/token/ERC721/ERC721.sol" not found: ENOENT: no such file or directory, stat 'openzeppelin-solidity/contracts/token/ERC721/ERC721.sol'
import "openzeppelin-solidity/contracts/token/ERC721/ERC721.sol";
^---------------------------------------------------------------^
,/Users/bernhardmueller/Projects/ethregistrar/contracts/BaseRegistrar.sol:6:1: ParserError: Source "openzeppelin-solidity/contracts/ownership/Ownable.sol" not found: ENOENT: no such file or directory, stat 'openzeppelin-solidity/contracts/ownership/Ownable.sol'
import "openzeppelin-solidity/contracts/ownership/Ownable.sol";
^-------------------------------------------------------------^
at CompileError.ExtendableError (/usr/local/lib/node_modules/truffle-security/node_modules/truffle-error/index.js:10:17)
at new CompileError (/usr/local/lib/node_modules/truffle-security/compat/truffle-compile/compileerror.js:12:23)
at supplier.load.then.solc (/usr/local/lib/node_modules/truffle-security/compat/truffle-compile/index.js:234:11)
Truffle v5.0.5 (
import "./../node_modules/openzeppelin-solidity/contracts/math/SafeMath.sol";
fixes the issue, but I expect it should work without ./../node_modules/
As it should be apparent from the above we are currnetly working on this.
Hey guys, Rocky is on it. Will be fixed hopefully in the next few days, fingers crossed 🤞
In your log, it looks like this previously compiled. What step am I missing to get this to truffle compile?
npm install
Will be fixed hopefully in the next few days, fingers crossed
Current plan is to do another release over the weekend of whatever we have by then.
There will be other small changes/improvements in that release. And as always, more to do in the pipeline.
Awesome, thanks for the updates guys 👍
For those of you who are up to it, please try out the master branch which has a proposed fix. Unless people find problems, I will be releasing this over the upcoming weekend.
Thanks for all of your help.
FYI, try this:
$ npm install -g git+https://git@github.com/ConsenSys/truffle-security.git
@aquiladev release 1.3.1 is now out. (If you "watch" the project, you can get release notes sent to you).
If this fixes the problem, close this issue. Otherwise let us know what is wrong.
Also note that in future releases we'll be addressing things like
and these are marked as separate issues now.
works for me, close #119
When I compile my project via
truffle build
everything works, but when I executetruffle run verify
I have amount of errors on compilation:truffle config is pretty standard