oyente
oyente copied to clipboard
enzymefinance
An Analysis Tool for Smart Contracts
The file and some files have quite a few global variables: https://github.com/melonproject/oyente/blob/3fc108ca550aa5270ea5368fdb685b94f0e17450/oyente/symExec.py Global variables introduce unnecessary complexity and signal poor design/security. This can be solved by proper OOP encapsulation and...
@luongnt95 I want to generate test data like in https://github.com/melonproject/oyente/tree/master/oyente/test_evm/test_data with input being Solidity files. I'm quite curious how to generate those JSON files.
Using Pytest & Tox for automated testing will make CI/CD much easier and code safer. Happy to help with this one, but I need some help to familiarize with Oyente...
Oyente is limited to analysing OP codes but they are not human friendly. I would suggest to add a DB of vulnerable Solidity contracts. If you are OK, I will...
CALLCODE is now deprecated and unsafe due to bug in implementation. People are advised to use CALL or DELEGATECALL instead. https://solidity.readthedocs.io/en/v0.4.21/contracts.html > # Libraries > Libraries are similar to contracts,...
Check the line 206: ``` if(balances[_from] < _feeSmt + _value) revert(); ``` Use https://pastebin.com/fQmRBmQj or https://etherscan.io/address/0x55f93985431fc9304077687a35a1ba103dc1e081#code I ran Oyente and it fails to detect this simple case.
I went through some pain installing & running on macOS. Will add PR with guide.
There are no operations of opcodes: "EXTCODECOPY" "CREATE" "DELEGATECALL".
The code for BEC BeautyChain BatchOverflow - https://pastebin.com/REGRKaYQ The line 257 has a risk of integer overflow and was exploited by attackers: ``` uint256 amount = uint256(cnt) * _value; ```...
I recently ran the latest Oyente against the contracts in the Augur project, and for the most part the output looks good, but the detection of Re-Entrancy vulnerabilities seems it...
