Merge branch 'master' into implementation_address

Author: montyly

.github/workflows/doc.yml

@@ -37,10 +37,10 @@ jobs:
       - run: pip install -e ".[doc]"
       - run: pdoc -o html/ crytic_compile
       - name: Upload artifact
-        uses: actions/upload-pages-artifact@v1
+        uses: actions/upload-pages-artifact@v2
         with:
           # Upload the doc
           path: './html/'
       - name: Deploy to GitHub Pages
         id: deployment
-        uses: actions/deploy-pages@v1
+        uses: actions/deploy-pages@v2

.github/workflows/publish.yml

@@ -45,10 +45,10 @@ jobs:
           path: dist/
 
       - name: publish
-        uses: pypa/[email protected].6
+        uses: pypa/[email protected].8
 
       - name: sign
-        uses: sigstore/gh-action-sigstore-python@v1.2.3
+        uses: sigstore/gh-action-sigstore-python@v2.0.0
         with:
           inputs: ./dist/*.tar.gz ./dist/*.whl
           release-signing-artifacts: true

CONTRIBUTING.md

@@ -7,7 +7,7 @@ If you're unsure where to start, we recommend our [`good first issue`](https://g
 Bug reports and feature suggestions can be submitted to our issue tracker. For bug reports, attaching the contract that caused the bug will help us in debugging and resolving the issue quickly. If you find a security vulnerability, do not open an issue; email [email protected] instead.
 
 ## Questions
-Questions can be submitted to the issue tracker, but you may get a faster response if you ask in our [chat room](https://empireslacking.herokuapp.com/) (in the #ethereum channel).
+Questions can be submitted to the issue tracker, but you may get a faster response if you ask in our [chat room](https://slack.empirehacking.nyc/) (in the #ethereum channel).
 
 ## Code
 crytic-compile uses the pull request contribution model. Please make an account on Github, fork this repo, and submit code contributions via pull request. For more documentation, look [here](https://guides.github.com/activities/forking/).

README.md

@@ -1,21 +1,27 @@
 # Crytic-compile
-[![Build Status](https://img.shields.io/github/workflow/status/crytic/crytic-compile/CI/master)](https://github.com/crytic/crytic-compile/actions?query=workflow%3ACI)
-[![Slack Status](https://empireslacking.herokuapp.com/badge.svg)](https://empireslacking.herokuapp.com)
+[![Build Status](https://img.shields.io/github/actions/workflow/status/crytic/crytic-compile/ci.yml?branch=master)](https://github.com/crytic/crytic-compile/actions?query=workflow%3ACI)
+[![Slack Status](https://slack.empirehacking.nyc/badge.svg)](https://slack.empirehacking.nyc)
 [![PyPI version](https://badge.fury.io/py/crytic-compile.svg)](https://badge.fury.io/py/crytic-compile)
 
 Library to help smart contract compilation. It includes support for:
 - Direct solc compilation
+- [Foundry](https://github.com/foundry-rs/foundry/)
+- [Hardhat](https://github.com/nomiclabs/hardhat)
 - [Brownie](https://github.com/iamdefinitelyahuman/brownie)
 - [Buidler](https://github.com/nomiclabs/buidler)
 - [Dapp](https://dapp.tools/dapp/)
 - [Embark](https://embark.status.im/)
 - [Etherlime](https://github.com/LimeChain/etherlime)
 - [Etherscan](https://etherscan.io/) (including several alt-chain explorers and testnets)
-- [Foundry](https://github.com/foundry-rs/foundry/)
-- [Hardhat](https://github.com/nomiclabs/hardhat)
 - [Truffle](https://truffleframework.com/)
 - [Waffle](https://github.com/EthWorks/Waffle)
 
+To force compilation with a specific framework, use the `--compile-force-framework` flag. For example, to force compilation with Hardhat:
+
+```shell
+crytic-compile . --compile-force-framework hardhat
+```
+
 See the [Configuration](https://github.com/crytic/crytic-compile/wiki/Configuration) documentation for advanced usages.
 
 The plugin is used in Trail of Bits tools, including:
@@ -27,21 +33,33 @@ The plugin is used in Trail of Bits tools, including:
 
 ## Installation
 
-```bash
+```shell
 pip3 install crytic-compile
 ```
 
 ## Usage
 
-### Standalone
-```bash
+In the root directory of your project e.g. same directory as `hardhat.config.js` or `foundry.toml`, run:
+
+```shell
 crytic-compile .
 ```
 
 Crytic-compile will generate `crytic-export/contracts.json` containing the AST/ABI and bytecodes of the contracts.
 
 Run `crytic-compile --help` for more options.
 
+## Library Linking
+
+If your project uses [libraries](https://docs.soliditylang.org/en/latest/contracts.html#libraries) with external functions, they can be linked to their deployed address with the `--compile-libraries` flag. For example, if you have a library `SafeMath` deployed at `0xff`, you can link it with:
+
+
+```shell
+crytic-compile . --compile-libraries "(SafeMath, 0xff)"
+```
+
+If you are fuzzing with Echidna or Medusa, follow this [tutorial on linking libraries](https://secure-contracts.com/program-analysis/echidna/advanced/working-with-libraries.html?highlight=library#linking-libraries).
+
 ### As a library
 
 See the [library documentation](https://github.com/crytic/crytic-compile/wiki/Library-Documentation).

crytic_compile/crytic_compile.py

@@ -36,14 +36,14 @@
 
 
 def get_platforms() -> List[Type[AbstractPlatform]]:
-    """Return the available platforms classes
+    """Return the available platforms classes in order of preference
 
     Returns:
         List[Type[AbstractPlatform]]: Available platforms
     """
     platforms = [getattr(all_platforms, name) for name in dir(all_platforms)]
     platforms = [d for d in platforms if inspect.isclass(d) and issubclass(d, AbstractPlatform)]
-    return sorted(platforms, key=lambda platform: platform.TYPE)
+    return sorted(platforms, key=lambda platform: (platform.TYPE.priority(), platform.TYPE))
 
 
 def is_supported(target: str) -> bool:
@@ -63,13 +63,14 @@ def _extract_libraries(libraries_str: Optional[str]) -> Optional[Dict[str, int]]
 
     if not libraries_str:
         return None
-
-    pattern = r"\((?P<name>\w+),\s*(?P<value1>0x[0-9a-fA-F]{2})\),?"
+    # Extract tuple like (libname1, 0x00)
+    pattern = r"\((?P<name>\w+),\s*(?P<value1>0x[0-9a-fA-F]{2,40})\),?"
     matches = re.findall(pattern, libraries_str)
 
     if not matches:
-        logging.info(f"Libraries {libraries_str} could not be parsed")
-        return None
+        raise ValueError(
+            f"Invalid library linking directive\nGot:\n{libraries_str}\nExpected format:\n(libname1, 0x00),(libname2, 0x02)"
+        )
 
     ret: Dict[str, int] = {}
     for key, value in matches:

crytic_compile/platform/etherscan.py

@@ -299,6 +299,10 @@ def compile(self, crytic_compile: "CryticCompile", **kwargs: str) -> None:
                 LOGGER.error("Incorrect etherscan request")
                 raise InvalidCompilation("Incorrect etherscan request " + etherscan_url)
 
+            if not info["message"].startswith("OK") and "Invalid API Key" in info["result"]:
+                LOGGER.error("Invalid etherscan API Key")
+                raise InvalidCompilation("Invalid etherscan API Key: " + etherscan_url)
+
             if not info["message"].startswith("OK"):
                 LOGGER.error("Contract has no public source code")
                 raise InvalidCompilation("Contract has no public source code: " + etherscan_url)

crytic_compile/platform/hardhat.py

@@ -212,12 +212,10 @@ def is_supported(target: str, **kwargs: str) -> bool:
         if hardhat_ignore:
             return False
 
-        # If there is both foundry and hardhat, foundry takes priority
-        if os.path.isfile(os.path.join(target, "foundry.toml")):
-            return False
-
-        return os.path.isfile(os.path.join(target, "hardhat.config.js")) | os.path.isfile(
-            os.path.join(target, "hardhat.config.ts")
+        return (
+            os.path.isfile(os.path.join(target, "hardhat.config.js"))
+            or os.path.isfile(os.path.join(target, "hardhat.config.ts"))
+            or os.path.isfile(os.path.join(target, "hardhat.config.cjs"))
         )
 
     def is_dependency(self, path: str) -> bool:

crytic_compile/platform/solc.py

@@ -34,10 +34,11 @@
 def _build_contract_data(compilation_unit: "CompilationUnit") -> Dict:
     contracts = {}
 
-    libraries = compilation_unit.crytic_compile.libraries
+    libraries_to_update = compilation_unit.crytic_compile.libraries
 
     for filename, source_unit in compilation_unit.source_units.items():
         for contract_name in source_unit.contracts_names:
+            libraries = source_unit.libraries_names_and_patterns(contract_name)
             abi = str(source_unit.abi(contract_name))
             abi = abi.replace("'", '"')
             abi = abi.replace("True", "true")
@@ -48,10 +49,11 @@ def _build_contract_data(compilation_unit: "CompilationUnit") -> Dict:
                 "srcmap": ";".join(source_unit.srcmap_init(contract_name)),
                 "srcmap-runtime": ";".join(source_unit.srcmap_runtime(contract_name)),
                 "abi": abi,
-                "bin": source_unit.bytecode_init(contract_name, libraries),
-                "bin-runtime": source_unit.bytecode_runtime(contract_name, libraries),
+                "bin": source_unit.bytecode_init(contract_name, libraries_to_update),
+                "bin-runtime": source_unit.bytecode_runtime(contract_name, libraries_to_update),
                 "userdoc": source_unit.natspec[contract_name].userdoc.export(),
                 "devdoc": source_unit.natspec[contract_name].devdoc.export(),
+                "libraries": dict(libraries) if libraries else {},
             }
     return contracts
 
@@ -519,16 +521,21 @@ def _run_solc(
 
     additional_kwargs: Dict = {"cwd": working_dir} if working_dir else {}
     if not compiler_version.version in [f"0.4.{x}" for x in range(0, 11)]:
-        # Add . as default allowed path
+        # Add --allow-paths argument, if it isn't already specified
+        # We allow the CWD as well as the directory that contains the file
         if "--allow-paths" not in cmd:
             file_dir_start = os.path.normpath(os.path.dirname(filename))
+            # Paths in the --allow-paths arg can't contain commas, since this is the delimeter
+            # Try using absolute path; if it contains a comma, try using relative path instead
             file_dir = os.path.abspath(file_dir_start)
             if "," in file_dir:
                 try:
                     file_dir = os.path.relpath(file_dir_start)
                 except ValueError:
+                    # relpath can fail if, for example, we're on Windows and the directory is on a different drive than CWD
                     pass
 
+            # Even the relative path might have a comma in it, so we want to make sure first
             if "," not in file_dir:
                 cmd += ["--allow-paths", ".," + file_dir]
             else:

crytic_compile/platform/truffle.py

@@ -305,12 +305,6 @@ def is_supported(target: str, **kwargs: str) -> bool:
         if truffle_ignore:
             return False
 
-        # Avoid conflicts with hardhat
-        if os.path.isfile(os.path.join(target, "hardhat.config.js")) | os.path.isfile(
-            os.path.join(target, "hardhat.config.ts")
-        ):
-            return False
-
         return os.path.isfile(os.path.join(target, "truffle.js")) or os.path.isfile(
             os.path.join(target, "truffle-config.js")
         )

crytic_compile/platform/types.py

@@ -66,3 +66,24 @@ def __str__(self) -> str:  # pylint: disable=too-many-branches
         if self == Type.FOUNDRY:
             return "Foundry"
         raise ValueError
+
+    def priority(self) -> int:
+        """Return the priority for a certain platform.
+
+        A lower priority means the platform is more preferable. This is used to
+        consistently select a platform when two or more are available.
+
+        Returns:
+            int: priority number
+        """
+
+        if self == Type.FOUNDRY:
+            return 100
+
+        if self == Type.HARDHAT:
+            return 200
+
+        if self in [Type.TRUFFLE, Type.WAFFLE]:
+            return 300
+
+        return 1000