Skip to content
/ girlfriend Public

Girl Friend <- Generate Foundry Fork Test from Attack Transaction

License

MIT license
118 stars 10 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fuzzland/girlfriend

1 Branch0 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

author
Jacob Chia
update db
Aug 19, 2024
f8ac76a · Aug 19, 2024

History

5 Commits
assets
assets
Mar 13, 2024
config
config
Mar 13, 2024
db
db
Aug 19, 2024
src
src
Mar 13, 2024
.gitignore
.gitignore
Aug 19, 2024
.gitmodules
.gitmodules
Mar 13, 2024
Cargo.toml
Cargo.toml
Mar 13, 2024
LICENSE
LICENSE
Mar 13, 2024
README.md
README.md
Mar 14, 2024
foundry.toml
foundry.toml
Mar 13, 2024
rustfmt.toml
rustfmt.toml
Mar 13, 2024

Repository files navigation

girlfriend

Girl Friend <- G F <- Generate Foundry Fork Test from Attack Transaction

She is truly a great friend.

Prerequisites

# Install abi-guesser
git clone git@github.com:fuzzland/abi-guesser-cli.git
cd abi-guesser-cli
npm i -g

# Init submodules
git submodule update --recursive --init

Getting Started

Config

Before running the commands, you need to rename config/config.example.toml to config.toml. And modify it as follows:

  • The RPC URLs should support the debug API (e.g. debug_traceTransaction).
  • Add your scan keys. You can get them as follows (take ETH as an example, other chains are similar):
    1. Register an account on Etherscan.
    2. Create API keys.

Generate A Foundry Test PoC

gf is used to generate a Foundry test PoC using a given txhash.

Usage: gf [OPTIONS] --txhash <TXHASH>

Options:
  -c, --config <CONFIG>  the config file path [default: config/config.toml]
  -t, --txhash <TXHASH>  the txhash
  -h, --help             Print help
  -V, --version          Print version
  • Example
# The output_dir is configured in the config file [default: ./test]
cargo run --bin gf -- -t 0xeaef2831d4d6bca04e4e9035613be637ae3b0034977673c1c2f10903926f29c0

# If the output_dir is `./test`, you can run it directly
forge test -vvvvv

Backtest

bt is used to perform a backtest with a given txhashes file.

Usage: bt [OPTIONS]

Options:
  -c, --config <CONFIG>                the config file path [default: config/config.toml]
  -t, --txhashes-path <TXHASHES_PATH>  the back test txhashes file path [default: assets/eth_tx.txt]
  -r, --result-dir <RESULT_DIR>        the result dir [default: eth_back_test]
  -h, --help                           Print help
  -V, --version                        Print version
  • Example
# ETH backtest
cargo run --bin bt
# BSC backtest
cargo run --bin bt -- -t assets/bsc_tx.txt -r bsc_back_test

Progress

We collected 74 historical attacks on ETH and 117 on BSC for backtesting. The commands executed are as mentioned above. The results are as follows:

Chain Total Success Success Rate
ETH 74 24 32.43%
BSC 117 46 39.32%

Optimization item

  • The return value of a static call is now not handled efficiently. This may be used in the subsequent process.
  • The parsing of calldata/returndata should use recursion to decode.
  • Preparation for attack, gf now simply copy attacker txs in 3h. In fact, it can be handled more finely.
  • For handling loops, a more efficient approach should be adopted.

About

Girl Friend <- Generate Foundry Fork Test from Attack Transaction

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

118 stars

Watchers

5 watching

Forks

10 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages