From 36ef04add442fce7dc639ba54f5fb690194c276e Mon Sep 17 00:00:00 2001
From: shuo-young <2857043555@qq.com>
Date: Tue, 19 Mar 2024 14:36:52 +0800
Subject: [PATCH] refine output and log info
---
README.md | 38 +++++--------------------------
src/graph/call_graph.rs | 7 +++---
src/main.rs | 3 ++-
src/outputter/result_structure.rs | 12 +++++-----
4 files changed, 18 insertions(+), 42 deletions(-)
diff --git a/README.md b/README.md
index 98e762e..b0de217 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
-
+
@@ -10,13 +10,6 @@
-
-
-
@@ -27,16 +20,6 @@
Lydia
-
-
-
-
-
- Report Bug
- ·
- Request Feature
-
@@ -63,7 +46,6 @@
Features
- Contact
License
@@ -103,7 +85,7 @@ cargo build --release
2. Or you can build or pull the docker image.
```sh
-docker build -t lydia:v0.1 .
+docker build -t lydia:local .
docker pull ghcr.io/shuo-young/lydia:latest
```
@@ -112,9 +94,9 @@ docker pull ghcr.io/shuo-young/lydia:latest
### Local
```sh
-RUST_LOG=info cargo run -- ETH 0x10C509AA9ab291C76c45414e7CdBd375e1D5AcE8
+RUST_LOG=info cargo run -- -b ETH -l 0x10C509AA9ab291C76c45414e7CdBd375e1D5AcE8
# or use build bin
-./target/release/lydia -- ETH 0x10C509AA9ab291C76c45414e7CdBd375e1D5AcE8
+./target/release/lydia -b ETH -l 0x10C509AA9ab291C76c45414e7CdBd375e1D5AcE8
```
### Docker
@@ -122,7 +104,7 @@ RUST_LOG=info cargo run -- ETH 0x10C509AA9ab291C76c45414e7CdBd375e1D5AcE8
For the docker image, run with the following command.
```sh
-docker run ghcr.io/shuo-young/lydia:latest ETH 0x10C509AA9ab291C76c45414e7CdBd375e1D5AcE8
+docker run ghcr.io/shuo-young/lydia:latest -b ETH -l 0x10C509AA9ab291C76c45414e7CdBd375e1D5AcE8
```
## Features
@@ -133,15 +115,7 @@ docker run ghcr.io/shuo-young/lydia:latest ETH 0x10C509AA9ab291C76c45414e7CdBd37
- Report critical attack semantic, e.g., call in hook functions, selfdestruct, use randomnumer, creation (sole and multi) etc.
- Locating call sites that could perform reentrancy and possible reentrancy targets.
-## Contact
-
-👤 **Shuo Yang**
-
-- Website: [shuo-young.github.io](https://shuo-young.github.io/)
-- Twitter: [@shall_yangshuo](https://twitter.com/shall_yangshuo)
-- Github: [@shuo-young](https://github.com/shuo-young)
-
## License
Copyright © 2024 [Shuo Yang](https://github.com/shuo-young).
-This project is [Apache](https://github.com/NFTDefects/nftdefects/blob/master/LICENSE) licensed.
+This project is [Apache](https://github.com/shuo-young/lydia/blob/master/LICENSE) licensed.
diff --git a/src/graph/call_graph.rs b/src/graph/call_graph.rs
index 205aa57..7cbba7c 100644
--- a/src/graph/call_graph.rs
+++ b/src/graph/call_graph.rs
@@ -33,16 +33,17 @@ impl<'a> CallGraph<'a> {
&self.visited_funcs
}
+ #[allow(unused_variables)]
pub async fn construct_cross_contract_call_graph(
&mut self,
source: Source,
) -> Result<(), Box> {
let mut pending = vec![source];
- println!("{:?}", pending);
+ // println!("{:?}", pending);
while let Some(temp) = pending.pop() {
let index = pending.len();
- println!("pending length: {}", index);
- println!("current temp contract: {}", temp.logic_addr);
+ // println!("pending length: {}", index);
+ // println!("current temp contract: {}", temp.logic_addr);
if temp.level > self.max_level {
self.max_level = temp.level;
}
diff --git a/src/main.rs b/src/main.rs
index 99bdbcd..57cdb40 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -156,7 +156,7 @@ async fn main() {
} else {
for func_sign in external_call_in_func_signature.clone().into_iter() {
// let mut contracts_mut = contracts.borrow_mut();
- println!("{}", func_sign);
+ println!("call flow originated from function {}", func_sign);
let source = Source {
platform: platform.to_string(),
logic_addr: logic_address.to_string(),
@@ -316,6 +316,7 @@ async fn main() {
duration.subsec_nanos()
)
.into();
+ println!("{:?}", result);
let mut res: HashMap = HashMap::new();
res.insert(logic_address.to_string(), result);
diff --git a/src/outputter/result_structure.rs b/src/outputter/result_structure.rs
index 20bf308..cc2f7ce 100644
--- a/src/outputter/result_structure.rs
+++ b/src/outputter/result_structure.rs
@@ -4,7 +4,7 @@ use serde::{Deserialize, Serialize};
use crate::flow::flow_analysis::{ReachableSiteInfo, ReenterInfo};
-#[derive(Serialize, Deserialize)]
+#[derive(Serialize, Deserialize, Debug)]
pub struct Result {
pub is_attack: bool,
pub warning: String,
@@ -28,31 +28,31 @@ pub struct Result {
pub reentrancy_path_info: HashMap,
}
-#[derive(Serialize, Deserialize)]
+#[derive(Serialize, Deserialize, Debug)]
pub struct SemanticFeatures {
pub op_creation: OpCreation,
pub op_selfdestruct: bool,
pub op_env: bool,
}
-#[derive(Serialize, Deserialize)]
+#[derive(Serialize, Deserialize, Debug)]
pub struct OpCreation {
pub op_multicreate: bool,
pub op_solecreate: bool,
}
-#[derive(Serialize, Deserialize)]
+#[derive(Serialize, Deserialize, Debug)]
pub struct ExternalCall {
pub externalcall_inhook: bool,
pub externalcall_infallback: bool,
// pub hooks_focused: Vec,
}
-#[derive(Serialize, Deserialize)]
+#[derive(Serialize, Deserialize, Debug)]
pub struct Overlap {
pub has_overlap: bool,
pub overlap_external_call: Vec,
}
-#[derive(Serialize, Deserialize)]
+#[derive(Serialize, Deserialize, Debug)]
pub struct PathInfo {
pub victim_call: Vec,
pub attacker_reenter: Vec,