trailofbits/manticore

Lack of documentation on how to execute bytecode-only Ethereum contracts

Open

#841 opened on Mar 23, 2018

View on GitHub
 (40 comments) (0 reactions) (0 assignees)Python (3,469 stars) (481 forks)batch import
documentationethereumhelp wantedneeds_review

Description

There is no clear documentation or examples of how to symbolically execute a bytecode-only Ethereum contract. In this case, the ABI will be provided by the user, but there is no public interface to associate it with bytecode to run.

Further explanation:

We need clear documentation and examples for creating and interacting with bytecode-only contracts. There are two sets of scenarios to consider: ones where a constructor generates the running bytecode and one where we just paste in an already-known and running bytecode.

The documentation and examples should contemplate the association of a previously known ABI description and the usage of symbolic parameters on both create and normal transactions.

Here are some writeups we would love to see!

  • Create and analyze a contract account from the constructor bytecode
  • Create and analyze a contract account from the constructor bytecode that uses concrete arguments.
  • Create and analyze a contract account from the constructor bytecode that uses symbolic arguments.
  • Create and analyze a contract account from the runtime bytecode
  • Send transactions with concrete arguments to bytecode-only contracts using the ABI module
  • Send transaction with symbolic arguments to bytecode-only contracts using the ABI module
  • Associate a known ABI with a bytecode-only contract and then use EVMAccount to send transactions with concrete parameters to it
  • Associate a known ABI with bytecode-only contract and then use EVMAccount to send transactions with symbolic parameters to it
  • Iterate over final states and print out interesting knowledge about the accounts. E.g., balance, storage values, or other invariants.

You may want to reference the minimal_bytecode.py example to get started!

Contributor guide

Tech stack
python
Domain
documentation
Issue type
documentation
DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.
3
Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.
3-5 days
Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.
stale
ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.
clear
Prerequisites
Python basicsEthereum conceptsSymbolic execution fundamentals
Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.
60
Research direction
The issue outlines nine specific writeups for documenting bytecode only contract execution. Start by reviewing the existing minimal bytecode.py example in examples/evm. Then create documentation covering each scenario, ensuring to demonstrate ABI association with bytecode using EVMAccount. Include code snippets and explanations. Finally, submit a PR with the new documentation files.