visualizing security - ethfansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… ·...
TRANSCRIPT
![Page 1: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/1.jpg)
Visualizing Security
Raine Rupert Reveregithub raineorshinetwitter @metaraine
![Page 2: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/2.jpg)
How do you spot smart contract security vulnerabilities?You know, to prevent people
from stealing millions of dollars.
![Page 3: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/3.jpg)
Common Attacks
➔ Array Griefingfor(uint i=0; i<arr.length;
i++) { ... }
➔ Reentrancyaddress.value(balance)();
➔ Underflowbalance -= amount;
![Page 4: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/4.jpg)
What do each of these attacks have in common?
![Page 5: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/5.jpg)
They all have specific code smells.
![Page 6: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/6.jpg)
If we can detect these code smells, we can help prevent these errors.
![Page 7: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/7.jpg)
Static AnalysisStatic analysis is a method of testing and evaluating a program without executing its code.
![Page 8: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/8.jpg)
solidity-parser
➔ In: Contract Source Code
➔ Out: Abstract Syntax Tree (AST)
github.com/consensys/solidity-parser
![Page 9: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/9.jpg)
solidity-parser
➔ In: Contract Source Code
➔ Out: Abstract Syntax Tree (AST)
github.com/consensys/solidity-parser
An Abstract Syntax Tree is like a “map” of your code that can be traversed and explored programmatically.
![Page 10: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/10.jpg)
solgraph
➔ In: Abstract Syntax Tree (AST)
➔ Out: DOT graph
github.com/raineorshine/solgraph
![Page 11: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/11.jpg)
contract MyContract {
uint balance;
function MyContract() { Mint(1000000); }
function Mint(uint amount) internal
{ balance = amount; }
function Withdraw() { msg.sender.send(balance); }
function GetBalance() constant returns(uint)
{ return balance; }
}
![Page 12: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/12.jpg)
solgraphgithub.com/raineorshine/solgraph
![Page 13: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/13.jpg)
Anyone can run solgraph tosee potential security risks in a smart contract.
![Page 14: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/14.jpg)
Dynamic AnalysisDynamic analysis is a method of testing and evaluating a program by executing its code.
![Page 15: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/15.jpg)
We need standardizedunit testing patterns
● Access Control
● NoEther
● ...
![Page 16: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/16.jpg)
And now something non-technical.
But important.
![Page 17: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/17.jpg)
The Three Developer Cultures
![Page 18: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/18.jpg)
The Three Developer Cultures
Web DeveloperJS, Java, PHP, Ruby, Python
Values simplicity, usability, practicality.
Doesn't intuit systems level pitfalls.
“It works for me!”
![Page 19: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/19.jpg)
The Three Developer Cultures
Systems EngineerC++, EVM Assembly
Understands system pitfalls
Undervalues abstraction
“I know every system quirk that could cause be a security concern!”
Web DeveloperJS, Java, PHP, Ruby, Python
Values simplicity, usability, practicality.
Doesn't intuit systems level pitfalls.
“It works for me!”
![Page 20: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/20.jpg)
The Three Developer Cultures
Systems EngineerC++, EVM Assembly
Understands system pitfalls
Undervalues abstraction
“I know every system quirk that could cause be a security concern!”
Web DeveloperJS, Java, PHP, Ruby, Python
Values simplicity, usability, practicality.
Doesn't intuit systems level pitfalls.
“It works for me!”
AcademicF*, Why3
Rigorous solutions
Impractical (sometimes)
“We must be able to prove that it is secure!”
![Page 21: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/21.jpg)
The Three 4 Developer Cultures
Non-DeveloperWord, Mailchimp, Slack
No ability to distinguish the difficult from the trivial.
Source of speculation.
“How bad is it?”
![Page 23: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/23.jpg)
Summary
➔ Use static analysis to detect code smellse.g. solgraph
➔ Use dynamic analysisUnit testing patterns needed
➔ The 3 (+1) Developer CulturesEvolve in the right direction
![Page 24: Visualizing Security - EthFansupyun-assets.ethfans.org/uploads/doc/file/820f0265988c4b8b88b09… · The Three Developer Cultures Systems Engineer C++, EVM Assembly Understands system](https://reader036.vdocuments.net/reader036/viewer/2022063020/5fe2f4570d0400104f3eab94/html5/thumbnails/24.jpg)
Thank you
Raine Rupert Reveregithub raineorshinetwitter @metaraine