EVMLiSA: an abstract interpretation-based static analyzer for EVM bytecode

EVMLiSA is a static analyzer based on abstract interpretation for EVM bytecode of smart contracts deployed on Ethereum blockchain and built upon LiSA. Given a EVM bytecode smart contract, EVMLiSA builds a sound and precise control-flow graph of the smart contract.

🛠 Building EVMLiSA

Compiling EVMLiSA requires:

JDK >= 11
Gradle >= 6.6
Etherscan API key

Development is done in Eclipse. You need to:

Clone the repository:

git clone https://github.com/lisa-analyzer/evm-lisa.git
cd evm-lisa

Install the Gradle IDE Pack plugin through the Eclipse Marketplace; from the eclipse menu bar:
- Help
- Eclipse Marketplace...
- Search for Gradle IDE Pack 3.8
- Install Gradle IDE Pack 3.8
Import the project into the eclipse workspace as a Gradle project.

⚙️ Running EVMLiSA

Before running EVMLiSA, ensure you have set up an Environment Variable with your Etherscan API Key. Follow the steps below to set up the environment variable:

Begin by creating a file named .env in the EVMLiSA project.
Inside the .env file, add the following line:

ETHERSCAN_API_KEY=<your_etherscan_api_key>

Replace <your_etherscan_api_key> with your Etherscan API key.

Here you can find how to generate an Etherscan API key.

Once you have set up the environment variable, follow these steps to run EVMLiSA:

Build the Project:

./gradlew build

Create Distribution Zip:

./gradlew distZip

Unzip the Distribution:

unzip build/distributions/evm-lisa.zip -d execution

Run EVMLiSA:

./execution/evm-lisa/bin/evm-lisa -a <smart_contract_address> [options]

Replace <smart_contract_address> with the address of the Ethereum smart contract you want to analyze.

This command will initiate the analysis process for the specified smart contract, providing insights and results based on the Ethereum Virtual Machine (EVM) bytecode of the contract.

Options:
 -a,--address <arg>          address of an Ethereum smart contract
 -b,--benchmark <arg>        filepath of the benchmark
 -C,--cores <arg>            number of cores used
 -c,--dump-cfg               dump the CFG
 -d,--dump-analysis <arg>    dump the analysis (html, dot)
 -f,--filepath <arg>         filepath of the Etherem smart contract
 -o,--output <arg>           output directory path
 -q,--stack-size <arg>       dimension of stack
 -s,--dump-stats             dump statistics
 -w,--stack-set-size <arg>   dimension of stack-set

Name		Name	Last commit message	Last commit date
Latest commit History 480 Commits
.github/workflows		.github/workflows
benchmark		benchmark
evm-testcases		evm-testcases
gradle/wrapper		gradle/wrapper
logo		logo
script-bash		script-bash
script-python		script-python
src		src
.classpath		.classpath
.gitattributes		.gitattributes
.gitignore		.gitignore
.project		.project
LICENSE		LICENSE
README.md		README.md
build.gradle		build.gradle
checkstyle-config.xml		checkstyle-config.xml
gradlew		gradlew
gradlew.bat		gradlew.bat
settings.gradle		settings.gradle
spotless-formatting.xml		spotless-formatting.xml

License

lisa-analyzer/evm-lisa

Folders and files

Latest commit

History

Repository files navigation

EVMLiSA: an abstract interpretation-based static analyzer for EVM bytecode

🛠 Building EVMLiSA

⚙️ Running EVMLiSA

About

Topics

Resources

License

Stars

Watchers

Forks

Languages