Skip to content

An Ethereum Virtual Machine (EVM) security analysis tool.

Notifications You must be signed in to change notification settings

Technical-Difficulty/troy

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Troy - The EVM Footer Soldier

An Ethereum Virtual Machine (EVM) security analysis tool.

Usage

Scan an existing contract on a given network:

$ troy -a <CONTRACT_ADDRESS> -k <INFURA_ID> -n <NETWORK>

Example:

$ troy -a 0x6b175474e89094c44da98b954eedeac495271d0f -k <INFURA_ID> -n mainnet

Scan bytecode

$ troy -c <BYTE_CODE>

Example:

$ troy -c 60ff60ff

Notes

Ideas of some things we can scan for initially

  • Reentrency
    • detect CALL and DELEGATECALL before sstore
  • Highlight notable opcodes CALL DELEGATECALL CHAINID
  • Highlight notable function calls "approve", "mint", "transfer"
    • detect if they have a CALLER comparison with EQ and JUMPI

Preview

a screenshot of troy

About

An Ethereum Virtual Machine (EVM) security analysis tool.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages