Closed lukasdenk closed 3 years ago
Hi Lukas, Securify v2 analyzes Solidity source code, not EVM bytecode. Of course, one can build a tool that analyzes EVM bytecode (in fact, Securify v1 analyzes bytecode: https://github.com/eth-sri/securify). You to either decompile the bytecode to Solidity and then try Securify v2, or use Securify v1.
Petar
OK, thank you. Does this mean that Securify v2 also does not analyse byte-code internally? Is the core logic much different to Securify v1? And if so, is there a documentation or paper which explains how Securify v2 works?
Does this mean that Securify v2 also does not analyse byte-code internally?
Yes.
Is the core logic much different to Securify v1?
Yes.
And if so, is there a documentation or paper which explains how Securify v2 works?
For the intermediate representation of Securify v2, you can check out this thesis: https://www.research-collection.ethz.ch/bitstream/handle/20.500.11850/343039/1/Vogel_Frederic.pdf
The documentation for the static analysis is currently not available.
OK, thank you!
Hello,
how can I test a byte-code contract file with Securify? It should be possible since Securify can directly analyse a contract from the blockchain. However, unfortunatelly the README only shows how to analyse a .sol file.
Thanks!
Lukas