search

Jon-Becker / heimdall-rs

Heimdall is an advanced EVM smart contract toolkit specializing in bytecode analysis and extracting information from unverified contracts.
http://heimdall.rs
MIT License
1.2k stars 125 forks source link

Benchmarking the decompile module of heimdall #285

Closed sifislag closed 5 months ago

sifislag commented 10 months ago

Component

Other (please specify)

Question

Hi, I'm working on the Gigahorse decompiler and I'm interested in evaluating it against heimdall. In the past for black-box comparisons we've opted for high-level metrics, mainly:

Wanted to create an issue to verify that I'm using heimdall correctly.

I'm invoking it using: heimdall decompile filename -vvv -d --include-sol --skip-resolving. Any other flags I should be aware of?

Code to identify external call sigs (recognize lines that are like *call*(abi.encode(selector_hex, ...):

    selectors = set()
    for call in [line  for line in text if "call" in line]:
        if "abi.encode" not in call:
            continue
        selectors.add(call.split("abi.encode(")[1][:10])

    selectors_filtered = set([sel for sel in selectors if sel.startswith("0x")])

Code to identify event sigs (recognize lines that are like emit Event_event_sig(...):

    event_sigs = set()
    for event in [line  for line in text if "emit Event_" in line]:
        event_sigs.add(event.split("emit Event_")[1][:8])

Do the above seem about right or can external calls and events appear in the decompiler output in a different way? I'd also like to have some more low-level metrics (for example bytecode block reachable from contract's public function) but these would probably be harder to get.

Thanks, Sifis

Jon-Becker commented 10 months ago

Hey! Sorry for the late reply, been pretty busy lately.

That seems to be accurate so far, but it might be easier to parse the yul output: --include-yul over solidity.

as an aside, im drastically improving the decompilation output now :D