Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/crytic/rattle

evm binary static analysis
https://github.com/crytic/rattle

ethereum evm reverse-engineering

Last synced: about 1 month ago
JSON representation

evm binary static analysis

Host: GitHub
URL: https://github.com/crytic/rattle
Owner: crytic
Created: 2018-03-06T20:48:37.000Z (almost 7 years ago)
Default Branch: master
Last Pushed: 2023-09-04T23:49:37.000Z (over 1 year ago)
Last Synced: 2024-05-18T20:41:35.322Z (7 months ago)
Topics: ethereum, evm, reverse-engineering
Language: Python
Homepage: https://www.trailofbits.com/presentations/rattle/
Size: 4 MB
Stars: 346
Watchers: 24
Forks: 40
Open Issues: 9
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-rainmana - crytic/rattle - evm binary static analysis (Python)
awesome-web3-tools-and-dapps - Rattle - Rattle is a tool that analyzes smart contracts on the Ethereum Virtual Machine (EVM) even after they have been deployed. (dApps directory / Static Analysis Tools)

README

        
# rattle

![Rattle](logo_s.png)

Rattle is an EVM binary static analysis framework designed to work on deployed smart contracts. Rattle takes EVM byte strings, uses a flow-sensitive analysis to recover the original control flow graph, lifts the control flow graph into an SSA/infinite register form, and optimizes the SSA – removing DUPs, SWAPs, PUSHs, and POPs. The conversion from a stack machine to SSA form removes 60%+ of all EVM instructions and presents a much friendlier interface to those who wish to read the smart contracts they’re interacting with.

## Example

```bash

python3 rattle-cli.py --input inputs/kingofether/KingOfTheEtherThrone.bin -O

```

Would produce a register machine output like this:

![King of Ether numberOfMonarchs](example.png)

Functions are recovered and split off. Additionally function arguments, memory locations, and storage locations are recovered.

## Usage

Rattle runs on the runtime contract hex string.

If you're running rattle on a contract you can compile with solidity, use the `--bin-runtime` option and strip off the header:

```console

$ solc --bin-runtime KingOfTheEtherThrone.sol 2>/dev/null | tail -n1 > contract.bin

```

## Dependencies

* python3

* graphviz

* cbor2

* pyevmasm

To install the python dependencies, run these commands:

```bash

python3 -m venv venv

source venv/bin/activate

pip install -r requirements.txt

```

To install graphviz, run the following command:

Linux:

```bash

sudo apt-get graphvis

```

macOS:

```bash

brew install graphviz

```

## Troubleshooting

If you get a syntax error like this:

```python

  File "rattle-cli.py", line 16

    def main() -> None:

               ^

SyntaxError: invalid syntax

```

You likely ran rattle with python2 instead of python3.

# Presentation

For more details on the Rattle design and features, see my reCON Montreal presentation, which is annotated [here](https://www.trailofbits.com/presentations/rattle/).

# License

Rattle is licensed and distributed under the AGPLv3 license. [Contact us](mailto:[email protected]) if you're looking for an exception to the terms.