diff --git a/manticore/ethereum/__init__.py b/manticore/ethereum/__init__.py index 250dc8b8d..25a059846 100644 --- a/manticore/ethereum/__init__.py +++ b/manticore/ethereum/__init__.py @@ -17,7 +17,7 @@ DetectUninitializedStorage, DetectRaceCondition, DetectManipulableBalance, - DetectTransactionReordering, + DetectTransactionDisplacement, ) from .account import EVMAccount, EVMContract from .solidity import SolidityMetadata diff --git a/manticore/ethereum/cli.py b/manticore/ethereum/cli.py index e4257c265..7d4b0b80a 100644 --- a/manticore/ethereum/cli.py +++ b/manticore/ethereum/cli.py @@ -13,7 +13,7 @@ DetectRaceCondition, DetectorClassification, DetectManipulableBalance, - DetectTransactionReordering, + DetectTransactionDisplacement, ) from ..core.plugin import Profiler from .manticore import ManticoreEVM @@ -56,7 +56,7 @@ def get_detectors_classes(): DetectExternalCallAndLeak, DetectEnvInstruction, DetectManipulableBalance, - DetectTransactionReordering, + DetectTransactionDisplacement, # The RaceCondition detector has been disabled for now as it seems to collide with IntegerOverflow detector # DetectRaceCondition ] diff --git a/manticore/ethereum/detectors.py b/manticore/ethereum/detectors.py index 39b560071..1656c1433 100644 --- a/manticore/ethereum/detectors.py +++ b/manticore/ethereum/detectors.py @@ -884,15 +884,15 @@ def did_evm_execute_instruction_callback(self, state, instruction, arguments, re REPLAYING = "replaying" -class DetectTransactionReordering(Detector): +class DetectTransactionDisplacement(Detector): """ Detects cases where: * transaction Y returns successfully * for some transaction X from a different account, when X precedes Y, Y reverts """ - ARGUMENT = "transaction-reordering" - HELP = "Susceptible to transaction reordering attacks" + ARGUMENT = "transaction-displacement" + HELP = "Susceptible to transaction displacement attacks" IMPACT = DetectorClassification.MEDIUM CONFIDENCE = DetectorClassification.HIGH @@ -920,7 +920,7 @@ def will_run_callback(self, states: Iterable[State]): consts = config.get_group("evm") if consts.sha3 is consts.sha3.symbolicate: logger.warn( - "Unsound symbolication can cause the transaction reordering attack" + "Unsound symbolication can cause the transaction displacement attack" + " detector to produce false positives" ) context[WARNED] = True @@ -928,8 +928,7 @@ def will_run_callback(self, states: Iterable[State]): if not context.get(TROUBLEMAKER): # sam.moelius: Use same initial balance as in ManticoreEVM.multi_tx_analysis. troublemaker = self.manticore.create_account( - balance=10000000000000000000, - name="troublemaker", + balance=10000000000000000000, name="troublemaker", ) context[TROUBLEMAKER] = troublemaker.address self.debug("troublemaker = %s", hex(troublemaker.address)) @@ -987,7 +986,7 @@ def did_close_transaction_callback(self, state: State, tx: Transaction): state, tx.address, 0, - f"{tx.result} following transaction reordering", + f"{tx.result} caused by transaction displacement", False, ) diff --git a/tests/ethereum/test_general.py b/tests/ethereum/test_general.py index ee2e01ce7..255c99490 100644 --- a/tests/ethereum/test_general.py +++ b/tests/ethereum/test_general.py @@ -21,7 +21,7 @@ State, DetectExternalCallAndLeak, DetectIntegerOverflow, - DetectTransactionReordering, + DetectTransactionDisplacement, Detector, NoAliveStates, ABI, @@ -63,39 +63,39 @@ def test_int_ovf(self): self.assertIn("Unsigned integer overflow at MUL instruction", all_findings) -class EthDetectorsTransactionReordering(unittest.TestCase): - def test_transaction_reordering_basic(self): +class EthDetectorsTransactionDisplacement(unittest.TestCase): + def test_transaction_displacement_basic(self): # log.set_verbosity(5) consts = config.get_group("evm") consts.sha3 = consts.sha3.concretize mevm = ManticoreEVM() - mevm.register_detector(DetectTransactionReordering()) + mevm.register_detector(DetectTransactionDisplacement()) filename = os.path.join(THIS_DIR, "contracts/basic.sol") mevm.multi_tx_analysis(filename, tx_limit=1) mevm.finalize() self.assertEqual(len(mevm.global_findings), 1) all_findings = "".join([x[2] for x in mevm.global_findings]) - self.assertIn("REVERT following transaction reordering", all_findings) + self.assertIn("REVERT caused by transaction displacement", all_findings) - def test_transaction_reordering_sqrt(self): + def test_transaction_displacement_sqrt(self): # log.set_verbosity(5) consts = config.get_group("evm") consts.sha3 = consts.sha3.concretize mevm = ManticoreEVM() - mevm.register_detector(DetectTransactionReordering()) + mevm.register_detector(DetectTransactionDisplacement()) filename = os.path.join(THIS_DIR, "contracts/sqrt.sol") mevm.multi_tx_analysis(filename, tx_limit=1) mevm.finalize() self.assertEqual(len(mevm.global_findings), 1) all_findings = "".join([x[2] for x in mevm.global_findings]) - self.assertIn("REVERT following transaction reordering", all_findings) + self.assertIn("REVERT caused by transaction displacement", all_findings) - def test_transaction_reordering_sqrt_better(self): + def test_transaction_displacement_sqrt_better(self): # log.set_verbosity(5) consts = config.get_group("evm") consts.sha3 = consts.sha3.concretize mevm = ManticoreEVM() - mevm.register_detector(DetectTransactionReordering()) + mevm.register_detector(DetectTransactionDisplacement()) filename = os.path.join(THIS_DIR, "contracts/sqrt_better.sol") mevm.multi_tx_analysis(filename, tx_limit=2) mevm.finalize()