gigahorse-toolchain icon indicating copy to clipboard operation
gigahorse-toolchain copied to clipboard

Published 20 hours ago verified publisher icon nevillegrech

Possible missing events from output

Open machete-michael opened this issue 1 year ago • 14 comments

I tried using gigahorse to decompile contract 0x85865A86502ffB25a1cb3BBAc809d814FEB614e9 and only got a single event in the output. According to etherscan, there should be 4 events.

I also tried using different -M and -cd settings but the result didn’t change.

Any pointers on how to use the tool to get all 4 events?

Thank you.

machete-michael avatar Aug 18 '22 00:08 machete-michael

Hi, how are you inspecting the decompilation output? With the default settings I'm seeing 4 different signatures and 10 event emissions (LOGx instructions) in our decompilation output.

I ran this command:

./gigahorse.py ../decompiler-experiments/0x85865A86502ffB25a1cb3BBAc809d814FEB614e9.hex -C clients/visualizeout.py,clients/analytics_client.dl --restart -i

Inspected .temp/0x85865A86502ffB25a1cb3BBAc809d814FEB614e9/out/contract.tac (output of visualizeout.py). Also inspected the event signatures like so:

$ cat .temp/0x85865A86502ffB25a1cb3BBAc809d814FEB614e9/out/Analytics_EventSignature.csv 
0x17307eab39ab6107e8899845ad3d59bd9653f200f220920489ca2b5937696c31
0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef
0x8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925
0x8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0

Hope that helps, Sifis.

sifislag avatar Aug 20 '22 10:08 sifislag

I ran without the -C option:./gigahorse.py Looked at the file EventSignatureInContract.csv and only saw a single event.I reran it using your example and it was the same as before with just 1 event. That 1 event matches the last one in your output.Would you mind sharing your setup? I built mine by cloning the repo on an Ubuntu instance.Thank you,MichaelOn Aug 20, 2022, at 06:00, Sifis Lagouvardos @.***> wrote: Hi, how are you inspecting the decompilation output? With the default settings I'm seeing 4 different signatures and 10 event emissions (LOGx instructions) in our decompilation output. I ran this command: ./gigahorse.py ../decompiler-experiments/0x85865A86502ffB25a1cb3BBAc809d814FEB614e9.hex -C clients/visualizeout.py,clients/analytics_client.dl --restart -i

Inspected .temp/0x85865A86502ffB25a1cb3BBAc809d814FEB614e9/out/contract.tac (output of visualizeout.py). Also inspected the event signatures like so: $ cat .temp/0x85865A86502ffB25a1cb3BBAc809d814FEB614e9/out/Analytics_EventSignature.csv 0x17307eab39ab6107e8899845ad3d59bd9653f200f220920489ca2b5937696c31 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef 0x8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925 0x8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0

Hope that helps, Sifis.

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: @.***>

machete-michael avatar Aug 20 '22 13:08 machete-michael

I use ubuntu 20.04 and souffle 2.0.2. My best guess would be a corrupted input file. In my case I got the bytecode from contract-library(If you also look at the decompilation output you can see the 4 signatures there).

Do you get the same output from these commands?

$ du -sh decompiler-experiments/0x85865A86502ffB25a1cb3BBAc809d814FEB614e9.hex 
16K	decompiler-experiments/0x85865A86502ffB25a1cb3BBAc809d814FEB614e9.hex
$ md5sum decompiler-experiments/0x85865A86502ffB25a1cb3BBAc809d814FEB614e9.hex 
40f90455863f3b64debd3f95306acb54  decompiler-experiments/0x85865A86502ffB25a1cb3BBAc809d814FEB614e9.hex

sifislag avatar Aug 21 '22 09:08 sifislag

I'm using ubuntu 22.4 and souffle 2.3.

You are right. The problem is with the bytecode. Gigahorse is working as expected when I used the bytecode from contract-library. I wonder why the bytecode from contract-library and etherscan are different.

Both Analytics_EventSignature.csv and EventSignatureInContract.csv do not show if a parameter is indexed or not. Do you know how to get information on indexed event parameters?

Thank you again for all your help!

Message ID: @.***

com>

machete-michael avatar Aug 21 '22 14:08 machete-michael

I think you got the creation bytecode (vs the runtime bytecode which is what we normally analyze). I did the same and only got one event signature out (corresponding to the OwnershipTransferred() event) which makes sense for contract construction.

Right now you can only get the event parameters (both indexed and not) using the results of the MemoryStatement_ActualArg relation: https://github.com/nevillegrech/gigahorse-toolchain/blob/880b82d2e0fcfd2a3a27ca249b7847756c865a2e/clientlib/memory_modeling/memory_modeling_api.dl#L68

You should note that this relation includes results for all kinds of statements that use memory so you need to post-process it to only get the results for LOGx statements.

I can add a relation for indexed event args if that'd be helpful.

sifislag avatar Aug 21 '22 14:08 sifislag

Will do. Will update you here.

sifislag avatar Aug 21 '22 15:08 sifislag

How does the decompiler generate EventSignatureInContract.csv?

I ran into an issue with another contract where there are more entries in Analytics_EventSignature.csv than EventSignatureInContract.csv? Are there any documentations on how to decipher all the output files?

Thank you.

machete-michael avatar Aug 22 '22 03:08 machete-michael

EventSignatureInContract works during the initial decompilation stage by finding all the event topic hexadecimal values and matching as many as possible to the known signatures in EventSignature.facts. On the other hand Analytics_EventSignature will contain all hexadecimal topic values irregardless of whether they matched a know signature or not.

Not everything is documented. You should mostly look at files under clientlib. API-level relations usually have some comment above their declarations.

sifislag avatar Aug 22 '22 14:08 sifislag

Added the LOGIndexedArg relation: https://github.com/nevillegrech/gigahorse-toolchain/blob/2db01eb04d040c2a2e83e051509ddc34b57dc20a/clientlib/tac_instructions.dl#L316

Just a reminder that in order to output its results you need to add

.output LOGIndexedArg

to the client you run.

sifislag avatar Aug 22 '22 15:08 sifislag

Awesome! Thank you very much for putting this in.

Any pointers on how to map parameter types to event hashes for events that are not in EventSignature.facts?

machete-michael avatar Aug 22 '22 15:08 machete-michael

Learning Soufflé to figure out how to add .ouput.

machete-michael avatar Aug 22 '22 21:08 machete-michael

@sifislag Any pointers on where to add .output and if there’s a way to get the parameter types for signatures not in the facts files?

Thank you.

machete-michael avatar Aug 29 '22 23:08 machete-michael

You can add the line with

.output LOGIndexedArg

in the clients/analytics_client.dl for example. Just append it at the end of the file or on any empty line that is not part of a rule.

We currently do not have a way to infer the parameter types when there is no known signature.

sifislag avatar Sep 01 '22 10:09 sifislag

I did try adding .output to that file but I didn’t notice any changes to the analytics output.

I’ll try again and keep you posted.

Thank you!

machete-michael avatar Sep 01 '22 11:09 machete-michael