Fault Localisation with Tarantula

Sometimes unit-tests fail, and you don’t know why. That’s when you want to use fault localisation; to find the fault that’s causing the tests to fail. Tarantula is such an algorithm and finds which lines are most suspect of breaking the tests. I implemented this algorithm and used solidity-coverage results to localise bugs in Ethereum smart contracts. Let’s start at the beginning; the motivation for fault localisation. Imagine you’re just developing a new feature and you run your test suite.

4 effective strategies to come up with Scribble annotations

Coming up with properties can be a difficult task! In this previous post we talked about starting to write Scribble properties. Here I’m going to explore four strategies to accelerate annotating your smart contracts! As you might already know, Scribble enables you to write properties that you can then test automatically using methods such as fuzzing and symbolic execution. Sounds awesome, doesn’t it? But how do you come up with those properties?

Writing Properties - A new approach to testing

Writing smart contract properties - A new approach to testing Scribble allows you to write smart contract properties that can be automatically tested using fuzzing and symbolic execution techniques. Writing properties requires a bit of a mindset shift. This article will talk about that shift, to go from unit testing to property-based testing with Scribble. If you’re a developer then I’m sure you’re familiar with unit testing, an approach where you write small (unit) test cases to see if a component behaves as expected.

Introducing Scribble

Making sure that smart contracts are secure and bug-free has never been more critical. Unfortunately, it remains a difficult task. While there are helpful tools for automatic testing and formal verification, ensuring the correctness of smart contracts continues to be a time-intensive and challenging task. To make things worse, each tool often has a steep learning curve, and it is often uncertain whether it’s even right for the job.

Token Interaction Checklist

A checklist for developers and security engineers to make use of when working with contracts that interact with many different tokens, especially if they want to support user-inputted tokens.

Detecting Ownership Takeovers Using Mythril

Mythril is an analysis tool which uses symbolic execution to find vulnerabilities in smart contracts. Mythril even generates exploits for the vulnerabilities that it finds 🚀. In a previous article, I wrote about Mythril internals and symbolic execution. In this article, I’ll show how I use Mythril to detect Ownership takeover vulnerabilities. I’ll also use Mythril’s new plugin system install and release plugins with ease! Introduction Out of the box, Mythril comes with several zero-setup detection modules.

LibP2P: Multiaddr - Enode - ENR ?!

Ethereum Node addressing can be confusing. We’re looking into three ways to convey an Ethereum node’s address and provide a convenient web-tool to extract a node’s address from an ENR.

Legions a Tool for Seekers

Legions is a handy toolkit for (security) researchers poking around EVM (Ethereum Virtual Machine) nodes and smart contracts, now with a slick command-line interface, with auto complete commands and history.

tBTC: Navigating the cross-chain conundrum

We recently conducted a security assessment of Thesis’ tBTC. In this post, we explore a fundamental limitation of Bitcoin transaction verification within Ethereum smart contracts.

New Offering: 1-Day Security Reviews

Over the past few months, we have been conducting short “security reviews”, typically one or two days in duration. In some ways, these are similar to audits, but in other ways they’re quite different. In this post, I’ll share what these engagements are like and why you might want to hire us for one.

Questions DeFi users should be asking DeFi Developers

The DeFi space has had a tumultuous couple months, with a number of attacks as well as unexploited vulnerabilities being reported. Bugs are unavoidable, but there are many things that can be done to reduce their frequency, and mitigate their negative effects. As auditors, we want to help, but in order to really get developers to truly prioritize security, users need to start asking tough questions, and putting their money into the protocols that can answer them thoughtfully.

Interview with samczsun

Interview with samczsun

If you keep up with Ethereum security-related postings, you’ve no doubt heard of samczsun: security researcher and white hat extraordinaire. In this interview, we discuss his process as well as a few of his well-known findings.

Welcome Back! Security for the EIP Process

The security risk profile for blockchain protocols and application is quite demanding. With high incentives to play foul and potentially severe consequences for all participants. No wonder we were surprised to find out that security was not yet explicitly part of Ethereum’s core change management process. Good thing, this finally changed.

Destroying the Indestructible

This morning, I saw a link to Dharma’s IndestructibleRegistry. The idea behind this registry is that it keeps track of contracts that cannot be destroyed. It does this by verifying the contract’s bytecode on chain. In this post, I’ll show you how I managed to trick that verification and destroy an “indestructible” contract.

Solidity, the Young Adult

Solidity is getting bigger! We are doing a series to present you with the language’s future plans and hopefully spark a conversation on merits and use cases.

Eliminating Smart Contract Special Cases

Special cases lead to code complexity, which leads to bugs. In this post, I’ll share some examples of eliminating special cases to reduce code complexity and improve maintainability.

Stop Using Solidity's transfer() Now

Solidity’s transfer() method uses a hardcoded gas amount, but gas costs can change. It’s time to stop using this method.

Provably Fair Ransom

Ransom has a trust problem. Suppose I’ve birdnapped your beloved pet parakeet and am demanding a $1,000 ransom to return the bird to you…

Uniswap audit

We are proud to announce that we have completed an audit of the Uniswap decentralized exchange. To our knowledge this is also the first…

Ethereum Name Service Audit

ConsenSys Diligence is happy to publish the Ethereum Name Service new registrar audit report. ENS new registrar is going live on May 4th.

All Ethereum Security Tools

ConsenSys Diligence is a security-focused group of 30+ Ethereum engineers, auditors and researchers distributed all over the world. We…

Poison Block Explorer Byte Code

You will understand how to trick a block explorer into displaying different byte code of your choosing, other than the one deployed on the…

Upgradeability Is a Bug

Smart contracts are useful because they’re trustless. Immutability is a critical feature to achieve trustlessness…