Merge branch 'master' into secure-contact

Author: montyly

.github/workflows/deploy.yml

@@ -22,6 +22,7 @@ jobs:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
+          submodules: true
       - name: Install mdbook
         run: |
           cargo install --git https://github.com/montyly/mdBook.git mdbook || true

.github/workflows/lint_format.yml

@@ -13,6 +13,8 @@ jobs:
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
+        with:
+          submodules: true
 
       - name: Set up Node.js
         uses: actions/setup-node@v3
@@ -23,6 +25,13 @@ jobs:
         run: |
           npm ci
 
+      - name: Remove Medusa uncessary files
+        run: |
+          rm -rf program-analysis/medusa/chain
+          rm -rf program-analysis/medusa/compilation
+          rm -rf program-analysis/medusa/fuzzing
+          rm program-analysis/medusa/docs/theme/highlight.js
+
       - name: Run lint
         run: |
           npm run lint:format

.github/workflows/lint_links.yml

@@ -20,7 +20,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
+        with:
+          submodules: recursive
       - uses: gaurav-nelson/github-action-markdown-link-check@v1
         with:
           use-quiet-mode: "yes"
           check-modified-files-only: ${{ (github.event_name == 'pull_request' && 'yes') || 'no' }}
+          submodules: true

.github/workflows/medusa.yml

@@ -0,0 +1,184 @@
+name: Run Medusa tests
+
+on:
+  push:
+    paths:
+      - ".github/workflows/medusa.yml"
+      - "program-analysis/echidna/**/*.sol"
+      - "program-analysis/echidna/**/*.yml"
+    branches:
+      - master
+  pull_request:
+    paths:
+      - ".github/workflows/medusa.yml"
+      - "program-analysis/echidna/**/*.sol"
+      - "program-analysis/echidna/**/*.yml"
+  schedule:
+    # run CI every day even if no PRs/merges occur
+    - cron: "0 12 * * *"
+
+jobs:
+  tests:
+    name: ${{ matrix.name }}
+    continue-on-error: ${{ matrix.flaky == true }}
+    runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - name: Exercise 1
+            workdir: program-analysis/echidna/exercises/exercise1/
+            files: solution.sol
+            contract: TestToken
+            outcome: failure
+            expected: 'echidna_test_balance()\" failed after the following call sequence'
+          - name: Exercise 2
+            workdir: program-analysis/echidna/exercises/exercise2/
+            files: solution.sol
+            contract: TestToken
+            outcome: failure
+            expected: 'echidna_no_transfer()\" failed after the following call sequence'
+          - name: Exercise 3
+            workdir: program-analysis/echidna/exercises/exercise3/
+            files: solution.sol
+            contract: TestToken
+            outcome: failure
+            expected: 'echidna_test_balance()\" failed after the following call sequence'
+          - name: Exercise 4
+            workdir: program-analysis/echidna/exercises/exercise4/
+            files: solution.sol
+            contract: TestToken
+            outcome: failure
+            expected: 'transfer(address,uint256)\" resulted in an assertion failure after the following call sequence:'
+          # - name: Exercise 5
+          #   workdir: dvdefi/
+          #   files: .
+          #   config: naivereceiver.yaml
+          #   crytic-args: --hardhat-ignore-compile
+          #   contract: NaiveReceiverEchidna
+          #   outcome: failure
+          #   expected: 'echidna_test_contract_balance:\s*failed'
+          # - name: Exercise 6
+          #   workdir: dvdefi/
+          #   files: .
+          #   config: unstoppable.yaml
+          #   crytic-args: --hardhat-ignore-compile
+          #   contract: UnstoppableEchidna
+          #   outcome: failure
+          #   expected: 'echidna_testFlashLoan:\s*failed'
+          # - name: Exercise 7
+          #   workdir: dvdefi/
+          #   files: .
+          #   config: sideentrance.yaml
+          #   crytic-args: --hardhat-ignore-compile
+          #   contract: SideEntranceEchidna
+          #   outcome: failure
+          #   expected: 'testPoolBalance():\s*failed'
+          - name: TestToken
+            workdir: program-analysis/echidna/example/
+            files: testtoken.sol
+            contract: TestToken
+            outcome: failure
+            expected: 'echidna_balance_under_1000()\" failed after the following call sequence'
+          - name: Multi
+            workdir: program-analysis/echidna/example/
+            files: multi.sol
+            contract: C
+            config: filter.yaml
+            outcome: failure
+            expected: 'echidna_state4()\" failed after the following call sequence'
+          - name: Assert
+            workdir: program-analysis/echidna/example/
+            files: assert.sol
+            config: assert.yaml
+            contract: Incrementor
+            outcome: failure
+            expected: 'inc(uint256)\" resulted in an assertion failure after the following call sequence'
+          - name: PopsicleBroken
+            workdir: program-analysis/echidna/example/
+            files: PopsicleBroken.sol
+            solc-version: 0.8.4
+            contract: PopsicleBroken
+            outcome: failure
+            expected: 'PopsicleBroken.totalBalanceAfterTransferIsPreserved(address,uint256)\" resulted in an assertion failure after the following call sequence'
+          - name: PopsicleFixed
+            workdir: program-analysis/echidna/example/
+            files: PopsicleFixed.sol
+            solc-version: 0.8.4
+            contract: PopsicleFixed
+            outcome: success
+            expected: '\[PASSED\] Assertion Test: PopsicleFixed.totalBalanceAfterTransferIsPreserved(address,uint256)'
+          - name: TestDepositWithPermit
+            workdir: program-analysis/echidna/example/
+            files: TestDepositWithPermit.sol
+            solc-version: 0.8.0
+            config: testdeposit.yaml
+            contract: TestDepositWithPermit
+            outcome: success
+            expected: '\[PASSED\] Assertion Test: TestDepositWithPermit.testERC20PermitDeposit(uint256)'
+          # - name: MultiABI
+          #   workdir: program-analysis/echidna/example/
+          #   files: allContracts.sol
+          #   solc-version: 0.8.0
+          #   config: allContracts.yaml
+          #   contract: EchidnaTest
+          #   outcome: failure
+          #   expected: 'test_flag_is_false():\s*failed'
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Checkout Damn Vulnerable DeFi solutions
+        uses: actions/checkout@v4
+        if: startsWith(matrix.workdir, 'dvdefi')
+        with:
+          repository: crytic/damn-vulnerable-defi-echidna
+          ref: solutions
+          path: ${{ matrix.workdir }}
+
+      - name: Set up Nodejs
+        uses: actions/setup-node@v3
+        if: startsWith(matrix.workdir, 'dvdefi')
+        with:
+          node-version: 16
+
+      - name: Install dependencies and compile
+        if: startsWith(matrix.workdir, 'dvdefi')
+        run: |
+          yarn install --frozen-lockfile
+          npx hardhat compile --force
+        working-directory: ${{ matrix.workdir }}
+
+      - name: Go setup
+        uses: actions/setup-go@v5
+        with:
+          go-version: "^1.18.1"
+
+      - name: Install medusa
+        run: |
+          git clone https://github.com/crytic/medusa.git
+          cd medusa
+          go build -o medusa -v .
+          go install -v .
+          sudo cp medusa /usr/bin
+          pip install crytic-compile solc-select
+
+      - name: Run Medusa
+        continue-on-error: true
+        working-directory: ${{ matrix.workdir }}
+        run: |
+          solc-select install ${{ matrix.solc-version || '0.8.0' }}
+          solc-select use ${{ matrix.solc-version || '0.8.0' }}
+          medusa fuzz --compilation-target ${{ matrix.files }} --target-contracts ${{ matrix.contract }} --no-color --test-limit 100000 --config medusa.json > ${{ matrix.files }}.out || true
+
+      - name: Verify that the output is correct
+        working-directory: ${{ matrix.workdir }}
+        run: |
+          if grep -q "${{ matrix.expected }}" "${{ matrix.files }}.out"; then
+            echo "Output matches"
+          else
+            echo "Output mismatch. Expected something matching '${{ matrix.expected }}'. Got the following:"
+            cat "${{ matrix.files }}.out"
+            exit 1
+          fi

.github/workflows/slither.yml

@@ -29,8 +29,6 @@ jobs:
       - name: Install dependencies
         run: |
           pip install solc-select
-          solc-select install 0.5.11
-          solc-select use 0.5.11
       - name: Run Tests
         run: |
           bash program-analysis/slither/scripts/gh_action_test.sh

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "program-analysis/medusa"]
+	path = program-analysis/medusa
+	url = https://github.com/crytic/medusa.git

README.md

@@ -1,6 +1,6 @@
 # Building Secure Smart Contracts
 
-![](https://github.com/crytic/building-secure-contracts/workflows/CI/badge.svg) ![](https://github.com/crytic/building-secure-contracts/workflows/Echidna/badge.svg)
+![](https://github.com/crytic/building-secure-contracts/actions/workflows/slither.yml/badge.svg) ![](https://github.com/crytic/building-secure-contracts/actions/workflows/echidna.yml/badge.svg) ![](https://github.com/crytic/building-secure-contracts/actions/workflows/medusa.yml/badge.svg)
 
 Brought to you by [Trail of Bits](https://www.trailofbits.com/), this repository offers guidelines and best practices for developing secure smart contracts. Contributions are welcome, you can contribute by following our [contributing guidelines](https://github.com/crytic/building-secure-contracts/blob/master/CONTRIBUTING.md).
 
@@ -29,6 +29,7 @@ Brought to you by [Trail of Bits](https://www.trailofbits.com/), this repository
   - [Solana](./not-so-smart-contracts/solana)
 - [Program Analysis](./program-analysis): Using automated tools to secure contracts
   - [Echidna](./program-analysis/echidna): A fuzzer that checks your contract's properties
+  - [Medusa](./program-analysis/medusa/docs/src): A next-gen fuzzer that checks your contract's properties
   - [Slither](./program-analysis/slither): A static analyzer with both CLI and scriptable interfaces
   - [Manticore](./program-analysis/manticore): A symbolic execution engine that proves the correctness of properties
   - For each tool, this training material provides:

SUMMARY.md

@@ -96,6 +96,7 @@
       - [Interacting with off-chain data via FFI cheatcode](./program-analysis/echidna/advanced/interacting-with-offchain-data-via-ffi.md)
     - [Fuzzing tips](./program-analysis/echidna/fuzzing_tips.md)
     - [Frequently Asked Questions](./program-analysis/echidna/frequently_asked_questions.md)
+    - [Configuration options](./program-analysis/echidna/configuration.md)
     - [Exercises](./program-analysis/echidna/exercises/README.md)
       - [Exercise 1](./program-analysis/echidna/exercises/Exercise-1.md)
       - [Exercise 2](./program-analysis/echidna/exercises/Exercise-2.md)
@@ -105,6 +106,54 @@
       - [Exercise 6](./program-analysis/echidna/exercises/Exercise-6.md)
       - [Exercise 7](./program-analysis/echidna/exercises/Exercise-7.md)
       - [Exercise 8](./program-analysis/echidna/exercises/Exercise-8.md)
+  - [Medusa](./program-analysis/medusa/docs/src/README.md)
+    - [Installation](./program-analysis/medusa/docs/src/getting_started/installation.md)
+    - [First Steps](./program-analysis/medusa/docs/src/getting_started/first_steps.md)
+    - [Configuration Overview](./program-analysis/medusa/docs/src/project_configuration/overview.md)
+      - [Fuzzing Configuration](./program-analysis/medusa/docs/src/project_configuration/fuzzing_config.md)
+      - [Testing Configuration](./program-analysis/medusa/docs/src/project_configuration/testing_config.md)
+      - [Chain Configuration](./program-analysis/medusa/docs/src/project_configuration/chain_config.md)
+      - [Compilation Configuration](./program-analysis/medusa/docs/src/project_configuration/compilation_config.md)
+      - [Logging Configuration](./program-analysis/medusa/docs/src/project_configuration/logging_config.md)
+    - [CLI Overview](./program-analysis/medusa/docs/src/cli/overview.md)
+      - [init](./program-analysis/medusa/docs/src/cli/init.md)
+      - [fuzz](./program-analysis/medusa/docs/src/cli/fuzz.md)
+      - [completion](./program-analysis/medusa/docs/src/cli/completion.md)
+    - [Testing Overview](./program-analysis/medusa/docs/src/testing/overview.md)
+      - [The Fuzzing Lifecycle](./program-analysis/medusa/docs/src/testing/fuzzing_lifecycle.md)
+      - [Types of Invariants](./program-analysis/medusa/docs/src/testing/invariants.md)
+      - [Writing Function-Level Invariants](./program-analysis/medusa/docs/src/testing/writing-function-level-invariants.md)
+      - [Writing System-Level Invariants (WIP)](./program-analysis/medusa/docs/src/testing/writing-system-level-invariants.md)
+      - [Coverage Reports (WIP)](./program-analysis/medusa/docs/src/testing/coverage_reports.md)
+    - [API Overview (WIP)](./program-analysis/medusa/docs/src/api/api_overview.md)
+    - [Cheatcodes](./program-analysis/medusa/docs/src/cheatcodes/cheatcodes_overview.md)
+      - [warp](./program-analysis/medusa/docs/src/cheatcodes/warp.md)
+      - [roll](./program-analysis/medusa/docs/src/cheatcodes/roll.md)
+      - [fee](./program-analysis/medusa/docs/src/cheatcodes/fee.md)
+      - [difficulty](./program-analysis/medusa/docs/src/cheatcodes/difficulty.md)
+      - [chainId](./program-analysis/medusa/docs/src/cheatcodes/chain_id.md)
+      - [store](./program-analysis/medusa/docs/src/cheatcodes/store.md)
+      - [load](./program-analysis/medusa/docs/src/cheatcodes/load.md)
+      - [etch](./program-analysis/medusa/docs/src/cheatcodes/etch.md)
+      - [deal](./program-analysis/medusa/docs/src/cheatcodes/deal.md)
+      - [snapshot](./program-analysis/medusa/docs/src/cheatcodes/snapshot.md)
+      - [getNonce](./program-analysis/medusa/docs/src/cheatcodes/get_nonce.md)
+      - [setNonce](./program-analysis/medusa/docs/src/cheatcodes/set_nonce.md)
+      - [coinbase](./program-analysis/medusa/docs/src/cheatcodes/coinbase.md)
+      - [prank](./program-analysis/medusa/docs/src/cheatcodes/prank.md)
+      - [prankHere](./program-analysis/medusa/docs/src/cheatcodes/prank_here.md)
+      - [ffi](./program-analysis/medusa/docs/src/cheatcodes/ffi.md)
+      - [addr](./program-analysis/medusa/docs/src/cheatcodes/addr.md)
+      - [sign](./program-analysis/medusa/docs/src/cheatcodes/sign.md)
+      - [toString](./program-analysis/medusa/docs/src/cheatcodes/to_string.md)
+      - [parseBytes](./program-analysis/medusa/docs/src/cheatcodes/parse_bytes.md)
+      - [parseBytes32](./program-analysis/medusa/docs/src/cheatcodes/parse_bytes32.md)
+      - [parseInt](./program-analysis/medusa/docs/src/cheatcodes/parse_int.md)
+      - [parseUint](./program-analysis/medusa/docs/src/cheatcodes/parse_uint.md)
+      - [parseBool](./program-analysis/medusa/docs/src/cheatcodes/parse_bool.md)
+      - [parseAddress](./program-analysis/medusa/docs/src/cheatcodes/parse_address.md)
+    - [Console Logging](./program-analysis/medusa/docs/src/console_logging.md)
+    - [FAQ](./program-analysis/medusa/docs/src/faq.md)
   - [Manticore](./program-analysis/manticore/README.md)
     - [Introduction to symbolic execution](./program-analysis/manticore/symbolic-execution-introduction.md):
     - [Running under Manticore](./program-analysis/manticore/running-under-manticore.md)
@@ -119,6 +168,7 @@
     - [API](./program-analysis/slither/api.md)
     - [Exercise 1](./program-analysis/slither/exercise1.md)
     - [Exercise 2](./program-analysis/slither/exercise2.md)
+    - [Exercise 3](./program-analysis/slither/exercise3.md)
 - [Resources](./resources/tob_blogposts.md)
   - [Security contact](./resources/contact.md)
   - [Blog posts](./resources/tob_blogposts.md)

book.toml

@@ -20,3 +20,8 @@ mathjax-support = true
 [output.html.fold]
 enable = true
 level = 1
+
+[output.html.redirect]
+"medusa/index.html" = "../program-analysis/medusa/docs/src"
+"slither/index.html" = "../program-analysis/slither"
+"echidna/index.html" = "../program-analysis/echidna"

development-guidelines/incident_response.md

@@ -1,6 +1,6 @@
 # Incident Response Recommendations
 
-How you respond during an incident is a direct reflection of your efforts to prepare for such an event. Each team or project's needs will vary so we provide the guidelines below as a starting point. Adherance to our guidelines can help you shift from a reactive approach to a **proactive** approach by planning with the assumption that incidents are inevitable. To fully leverage the following guidelines, consider them throughout the application development process.
+How you respond during an incident is a direct reflection of your efforts to prepare for such an event. Each team or project's needs will vary so we provide the guidelines below as a starting point. Adherence to our guidelines can help you shift from a reactive approach to a **proactive** approach by planning with the assumption that incidents are inevitable. To fully leverage the following guidelines, consider them throughout the application development process.
 
 ## Application Design