Skip to content

fsle/Yuluminate

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
Yuluminate.py
Yuluminate.py
 
 

Repository files navigation

Yulumination

What

Analyze Solidity AST for tainted inputs and dangerous Yul functions.

Usage

python3 Yuluminate.py --help
usage: Yuluminate.py [-h] -ct CONTRACT_NAME -fn FUNCTION_NAME -bi BUILD_INFO [-d] [-dn DENY_LIST]

Analyze Solidity AST for tainted inputs and dangerous Yul functions.

options:
  -h, --help            show this help message and exit
  -ct, --contract-name CONTRACT_NAME
                        Name of the contract to analyze.
  -fn, --function-name FUNCTION_NAME
                        Name of the function to analyze.
  -bi, --build-info BUILD_INFO
                        Path to the build info JSON file.
  -d, --debug           Enable debug mode for detailed output.
  -dn, --deny-list DENY_LIST
                        Comma-separated list of words to exclude from the tainted list.

Example output

python3 Yuluminate.py -ct Settlement -fn _settleOrder -bi ./fusion-protocol/out/build-info/b065b9d6be7fce1a.json
🟢Solidity🟢
🟢Assembly🟢
🟣Overflow🟣
        🔴Danger🔴 -> add(data.offset, calldataload(data.offset))
🟠Tainting🟠 -> order
🟢Back to Solidity🟢
🟠Tainting🟠 -> takingFeeData
🟠Tainting🟠 -> totalFee
🟠Tainting🟠 -> rateBump
🟠Tainting🟠 -> suffixLength
🟢Assembly🟢
🟠Tainting🟠 -> interactionLengthOffset
🟠Tainting🟠 -> interactionOffset
🟣Overflow🟣
        🔴Danger🔴 -> add(data.offset, interactionLengthOffset)
🟠Tainting🟠 -> interactionLength
🟣Overflow🟣
        🔴Danger🔴 -> add(data.offset, interactionOffset)
🟠Tainting🟠 -> target
        🔴Danger🔴 -> add(ptr, interactionLengthOffset)
🟣Arbitrary write🟣
        🔴Danger🔴 -> mstore(add(add(ptr, interactionLengthOffset), 4), add(interactionLength, suffixLength))
        🔴Danger🔴 -> add(ptr, interactionOffset)
🟣Overflow🟣
        🔴Danger🔴 -> add(add(ptr, interactionOffset), interactionLength)
🟠Tainting🟠 -> offset
🟣Arbitrary write🟣
        🔴Danger🔴 -> mstore(add(offset, 0x04), totalFee)
🟣Arbitrary write🟣
        🔴Danger🔴 -> mstore(add(offset, 0x24), resolver)
🟣Arbitrary write🟣
        🔴Danger🔴 -> mstore(add(offset, 0x44), calldataload(add(order, 0x40)))
🟣Arbitrary write🟣
        🔴Danger🔴 -> mstore(add(offset, 0x64), rateBump)
🟣Arbitrary write🟣
        🔴Danger🔴 -> mstore(add(offset, 0x84), takingFeeData)
        🔴Danger🔴 -> mload(tokensAndAmounts)
🟠Tainting🟠 -> tokensAndAmountsLength
🟣Overflow🟣
        🔴Danger🔴 -> add(offset, add(0xa4, tokensAndAmountsLength))
🟣Arbitrary write🟣
        🔴Danger🔴 -> mstore(add(offset, add(0xa4, tokensAndAmountsLength)), tokensAndAmountsLength)
🟣Overflow🟣
        🔴Danger🔴 -> add(add(4, suffixLength), data.length)
🟢Back to Solidity🟢

About

Analyze Solidity AST for tainted inputs and dangerous Yul functions.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages