{"id":29704398,"url":"https://github.com/eth-sri/ilf","last_synced_at":"2025-07-23T14:10:49.117Z","repository":{"id":43736909,"uuid":"223585368","full_name":"eth-sri/ilf","owner":"eth-sri","description":"AI based fuzzer based on imitation learning","archived":false,"fork":false,"pushed_at":"2023-07-26T22:22:55.000Z","size":4956,"stargazers_count":144,"open_issues_count":2,"forks_count":32,"subscribers_count":11,"default_branch":"master","last_synced_at":"2024-05-08T00:15:48.435Z","etag":null,"topics":["blockchain","fuzzing","imitation-learning","machine-learning","smart-contracts","symbolic-execution","testing"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/eth-sri.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-11-23T12:31:16.000Z","updated_at":"2024-04-29T15:09:19.000Z","dependencies_parsed_at":"2022-08-25T14:12:13.651Z","dependency_job_id":null,"html_url":"https://github.com/eth-sri/ilf","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/eth-sri/ilf","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eth-sri%2Filf","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eth-sri%2Filf/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eth-sri%2Filf/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eth-sri%2Filf/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eth-sri","download_url":"https://codeload.github.com/eth-sri/ilf/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eth-sri%2Filf/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266691588,"owners_count":23969184,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-23T02:00:09.312Z","response_time":66,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blockchain","fuzzing","imitation-learning","machine-learning","smart-contracts","symbolic-execution","testing"],"created_at":"2025-07-23T14:10:30.608Z","updated_at":"2025-07-23T14:10:49.094Z","avatar_url":"https://github.com/eth-sri.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"ILF: AI-based Fuzzer for Ethereum Smart Contracts \u003ca href=\"https://www.sri.inf.ethz.ch/\"\u003e\u003cimg width=\"100\" alt=\"portfolio_view\" align=\"right\" src=\"http://safeai.ethz.ch/img/sri-logo.svg\"\u003e\u003c/a\u003e\n=============================================================================================================\n\u003cp align=\"center\"\u003e\n    \u003cimg width=\"500\" alt=\"portfolio_view\" src=\"https://www.sri.inf.ethz.ch/assets/images/ilf-logo-1.png\"\u003e\n\u003c/p\u003e\n\nILF is an \u003cins\u003e**I**\u003c/ins\u003emitation \u003cins\u003e**L**\u003c/ins\u003eearning based \u003cins\u003e**F**\u003c/ins\u003euzzer for smart contracts. The fuzzing policy, which is used to generate transactions, is represented by an ensemble of neural networks and is learned from thousands of high-quality sequences of transactions generated using symbolic execution. ILF can be used to fuzz any Ethereum smart contract and outputs the coverage and a vulnerability report.\n\nILF is developed at [SRI Lab, Department of Computer Science, ETH Zurich](https://www.sri.inf.ethz.ch/) as part of the [Machine Learning for Programming](https://www.sri.inf.ethz.ch/research/plml) and [Blockchain Security](https://www.sri.inf.ethz.ch/research/blockchain-security) projects. For mode details, please refer to [ILF CCS'19 paper](https://files.sri.inf.ethz.ch/website/papers/ccs19-ilf.pdf) and [slides](https://files.sri.inf.ethz.ch/website/slides/ccs19-ilf-slides.pdf).\n\n## Setup\n\nWe provide a docker file, which we recommend to start with. To build and run:\n```\n$ docker build -t ilf .\n$ docker run -it ilf\n```\n\nYou can also follow the instructions in the Dockerfile to install ILF locally. If you experience build errors on Apple M chips, please refer to [#21](https://github.com/eth-sri/ilf/issues/21).\n\n## Usage\n\n### Fuzzing\n\nTo fuzz the example provided in the repo with ILF (the `imitation` fuzzing policy) using our pre-trained model in the `model` directory:\n```\n$ python3 -m ilf --proj ./example/crowdsale/ --contract Crowdsale --fuzzer imitation --model ./model/ --limit 2000\n```\nThe `--fuzzer` argument can be replaced by:\n* `random`: a uniformly random fuzzing policy.\n* `symbolic`: a symbolic execution fuzzing policy based on depth first search of block states. This is used for generating training sequences.\n* `sym_plus`: an augmentation of `symbolic` which can revisit encountered block states.\n* `mix`: a fuzzing policy that randomly chooses `imitation` or `symbolic` for generating each transaction.\n\nFor fuzzing new contracts, one needs to provide a Truffle project (formatted as the example in `example/crowdsale`). Then the script `script/extract.py` should be called to extract deployment transactions of the contracts. For the example contract, the script runs as follows:\n```\n$ rm example/crowdsale/transactions.json\n$ python3 script/extract.py --proj example/crowdsale/ --port 8545\n```\nNote that you need to kill existing `ganache-cli` processes listening the same port before calling this script.\n\n### Training\n\nFor training, one needs to run `symbolic` on a set of training contracts to produce a dataset in a training directory. Usually tens of thousands of contracts are used for training. For demonstration purposes, we show how to produce a small training dataset from our example contract to the `train_data` directory:\n```\n$ mkdir train_data\n$ python3 -m ilf --proj ./example/crowdsale/ --contract Crowdsale --limit 2000 --fuzzer symbolic --dataset_dump_path ./train_data/crowdsale.data\n```\n\nRun the scripts to select seed integer values and amount values from the training dataset, and put them into `ilf/fuzzers/imitation/int_values.py` and `ilf/fuzzers/imitation/amounts.py`, respectively:\n```\n$ python3 script/get_int_values.py --train_dir ./train_data\n$ python3 script/get_amounts.py --train_dir ./train_data\n```\n\nThen the following command performs neural network training and outputs the trained networks in the `new_model` directory:\n```\n$ mkdir new_model\n$ python3 -m ilf --fuzzer imitation --train_dir ./train_data --model ./new_model\n```\n\n### Automatically Constructing Truffle Projects\n\nFor evaluation and training purposes, one might want to automatically construct Truffle projects from a large set of contracts. To achieve this, one can write a script to automatically produce files required by Truffle projects, following the format in `example/crowdsale`. The compressed file `truffle_scripts.tar.gz` contains the scripts we used. Those scripts might not run directly but can give you a high level idea how things work.\n\n## Citing ILF\n```\n@inproceedings{He:2019:LFS:3319535.3363230,\n author = {He, Jingxuan and Balunovi\\'{c}, Mislav and Ambroladze, Nodar and Tsankov, Petar and Vechev, Martin},\n title = {Learning to Fuzz from Symbolic Execution with Application to Smart Contracts},\n booktitle = {Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security},\n series = {CCS '19},\n year = {2019},\n isbn = {978-1-4503-6747-9},\n location = {London, United Kingdom},\n pages = {531--548},\n numpages = {18},\n url = {http://doi.acm.org/10.1145/3319535.3363230},\n doi = {10.1145/3319535.3363230},\n acmid = {3363230},\n publisher = {ACM},\n address = {New York, NY, USA},\n keywords = {fuzzing, imitation learning, smart contracts, symbolic execution},\n} \n```\n\n## Contributors\n* [Jingxuan He](https://www.sri.inf.ethz.ch/people/jingxuan)\n* [Mislav Balunović](https://www.sri.inf.ethz.ch/people/mislav)\n* Nodar Ambroladze\n* [Petar Tsankov](https://www.sri.inf.ethz.ch/people/petar)\n* [Martin Vechev](https://www.sri.inf.ethz.ch/people/martin)\n* Anton Permenev\n\n## License and Copyright\n* Copyright (c) 2019 [Secure, Reliable, and Intelligent Systems Lab (SRI), ETH Zurich](https://www.sri.inf.ethz.ch/)\n* Licensed under the [Apache 2.0 License](https://www.apache.org/licenses/LICENSE-2.0)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feth-sri%2Filf","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feth-sri%2Filf","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feth-sri%2Filf/lists"}