SmartMuv
SmartMuv is a smart contract analysis and extraction tool written in Python 3. SmartMuv can extract complete state of the smart contract and can help users to analyze, migrate and upgrade their smart contracts. As, Solidity does not keep track of keys of mapping variables, SmartMuv uses static time source code analysis techniques to perform key approximation analysis for mapping variables. Our tool can handle regular variables as well as user-defined variables and can automatically extract their values.
System Requirements
- Linux Distribution
- Python 3.x
Clone the project
git clone https://github.com/WaizKhan7/SmartMuv.git
Installing Dependencies
Global dependencies
Smartmuv needs Python version 3 to run, and other Python packages that can be installed with the following commands.
sudo apt install -y python3-pip
pip3 install slither-analyzer==0.6.0
pip3 install solidity-parser
pip3 install web3
pip3 install hexbytes
SmartMuv uses solc
to generate smart contract ABI
, it can be installed with the following commands:
sudo add-apt-repository ppa:ethereum/ethereum
sudo apt-get update
sudo apt-get install solc
The current version of the solc
compiler should be same as smart contract source code Solidity version. solc
version can be managed by solc-select
tool. It can be installed with the following command:
pip3 install solc-select
Configuration
SmartMuv uses infura
archive node to access smart contract storage, and Etherscan API
to get smart contract transaction. API keys for infura and Etherscan needs to be added on config.ini
file for the tool to work.
Running Script
You can run the SmartMuv with the following command on the provided example smart contracts:
python3 -m src.smartmuv
Select the smart contract from the provided list, and SmartMuv will extract and return the complete state and current block number.
Sample Output
['owner', 'address', '0x00000000000000000000000020b767115d0e2a23ca52ae3d7b87af61d4af5943', 20]
['newOwner', 'address', '0x0000000000000000000000000000000000000000000000000000000000000000', 20]
['symbol', 'string', '1ai', 32]
['name', 'string', 'Indoaset', 32]
['decimals', 'uint8', 18, 1]
['_totalSupply', 'uint', 20000000000000000000000000000, 32]
['balances:key:0x0358C107D0064d72Aa9040f7B6DAb92250C164F4', 'uint', 19998000000000000000000000000, 32]
['balances:key:0x0358c107d0064d72aa9040f7b6dab92250c164f4', 'uint', 19998000000000000000000000000, 32]
['balances:key:0x07CFcbEC279F57DEC79D0846815E0CCE682F7747', 'uint', 2000000000000000000000000, 32]
Bugs Detection
python3 -m tests.test_ast_parsing
python3 -m tests.test_slot_analysis
python3 -m tests.test_key_approx_analysis
python3 -m tests.test_state_extraction
Features and Uses
- Smart Contract Storage Analysis
- Smart Contract Slot Calculation
- Smart Contract State Extraction
- Smart Contract State Packing
- Smart Contract Upgrade