Add first public version of SmartBugs.

Author: jff

.gitignore

@@ -0,0 +1,20 @@
+# ignore results
+results/oyente/*
+results/mythril/*
+results/securify/*
+results/smartcheck/*
+results/logs/*
+
+# keep folders
+!results/securify/.keep
+!results/oyente/.keep
+!results/mythril/.keep
+!results/smartcheck/.keep
+!results/logs/.keep
+
+#Ignore DS_Store
+.DS_Store
+
+#Ignore pycache
+*.pyc
+__pycache__

README.md

@@ -0,0 +1,100 @@
+# SmartBugs: A Dataset of Vulnerable Solidity Smart Contracts
+SmartBugs is a dataset for research in automated reasoning and testing of smart contracts written in Solidity, the primary language used in Ethereum. The key new idea that SmartBugs proposes is that a reproducible dataset for automated analysis of smart contracts should also provide the possibility to integrate tools easily, so that they can be automatically compared (and their results reproduced). To the best of our knowledge, SmartBugs is the first dataset to provide this facility.
+
+SmartBugs is publicly available as a [GitHub repository](https://github.com/smartbugs/smartbugs).
+
+## Features
+
+ - Organized collection of vulnerable Solidity smart contracts (organized according to the [DASP taxonomy](https://dasp.co))
+ - Users can create _named sets_, which are intended to represent subsets of contracts that share a common property. For example, a named dataset already provided by SmartBugs is `reentrancy`: it corresponds to contracts that are vulnerable to reentrancy attacks
+ - Users can easily integrate new analysis tools and use SmartBugs' interface to run them. Tools available include [oyente](https://github.com/melonproject/oyente), [mythril](https://github.com/ConsenSys/mythril), [securify](https://github.com/eth-sri/securify), and [smartcheck](https://github.com/smartdec/smartcheck)
+ - SmartBugs provides an interface that allows users to query the dataset and run different analysis tools on sets of contracts. 
+
+
+## Requirements
+The first step is to clone [SmartBugs's repository](https://github.com/smartbugs/smartbugs):
+
+```
+git clone https://github.com/smartbugs/smartbugs.git
+```
+
+SmartBugs requires [Python3](https://www.python.org). To install all the requirements, you can execute:
+
+```
+pip3 install -r requirements.txt
+```
+
+
+## Usage
+SmartBugs provides a command-line interface that can be used as follows:
+```
+smartBugs.py [-h, --help]
+             (--file FILES | --type TYPE) 
+              --tool TOOLS 
+              --info TOOLS 
+              --list tools types
+````
+
+For example, we can analyse all contracts labelled with type `reentrancy` with the tool oyente by executing:
+
+```
+python3 smartBugs.py --tool oyente --type reentrancy
+```
+
+By default, results will be placed in the directory `results`. 
+
+
+### Adding your tool or any third-party tool to SmartBugs
+
+You will need to add a configuration file in `config/tools` and define the docker image to use and command to run. The config file should follow a structure similar to the following:
+  ```
+  docker_image:
+    default: primary docker image [REQUIRED]
+    solc<5: [OPTIONAL]
+  cmd: command to run analysis [REQUIRED]
+  info: info about the tool [OPTIONAL]
+
+  output_in_files:
+    folder: if the tool does not log results in console, you should provide the path file inside the docker image to get the results [OPTIONAL]
+  ```
+Please check the provided config files for more concrete examples.
+
+
+### Adding new named sets 
+
+To add a new named set, edit the configuration file `dataset.yml` (in the folder `config/dataset`) and add the named path you want (can be files or dirs):
+
+The config file should follow a structure similar to:
+  ```
+  type_1: PATH
+  type_2:
+        - PATH
+        - PATH
+  ```
+Please check the provided config files for more concrete examples.
+
+## Known limitations
+
+When running a tool the user must be aware of the solc compatibility. Due to the major changes introduced in solidity v0.5.0, we provide the option to pass another docker image to run contracts with solidity version below v0.5.0. However, please note that there may still be problems with the solidity compiler when compiling older versions of solidity code. 
+
+## Vulnerabilities
+
+SmartBugs provides a collection of vulnerable Solidity smart contracts organized according to the [DASP taxonomy](https://dasp.co):
+
+| Vulnerability | Description | Level |
+| --- | --- | -- |
+| [Reentrancy](https://github.com/smartbugs/smartbugs/blob/master/dataset/reentrancy) | Reentrant function calls make a contract to behave in an unexpected way | Solidity |
+| [Access Control](https://github.com/smartbugs/smartbugs/blob/master/dataset/access_control) | Failure to use function modifiers or use of tx.origin | Solidity |
+| [Arithmetic](https://github.com/smartbugs/smartbugs/blob/master/dataset/arithmetic) | Integer over/underflows | Solidity |
+| [Unchecked Low Level Calls](https://github.com/smartbugs/smartbugs/blob/master/dataset/unchecked_low_level_calls) | call(), callcode(), delegatecall() or send() fails and it is not checked | Solidity |
+| [Denial Of Service](https://github.com/smartbugs/smartbugs/blob/master/dataset/denial_of_service) | The contract is overwhelmed with time-consuming computations | Solidity |
+| [Bad Randomness](https://github.com/smartbugs/smartbugs/blob/master/dataset/bad_randomness) | Malicious miner biases the outcome | Blockchain |
+| [Front Running](https://github.com/smartbugs/smartbugs/blob/master/dataset/front_running) | Two dependent transactions that invoke the same contract are included in one block | Blockchain |
+| [Time Manipulation](https://github.com/smartbugs/smartbugs/blob/master/dataset/time_manipulation) | The timestamp of the block is manipulated by the miner | Blockchain |
+| [Short Addresses](https://github.com/smartbugs/smartbugs/blob/master/dataset/short_addresses) | EVM itself accepts incorrectly padded arguments | EVM |
+
+
+## Contributing to SmartBugs
+Everyone is welcome to contribute to the development of SmartBugs. 
+
+The easiest way is to create a pull request. Please write your commit messages in the present tense. We suggest you follow this guide: [Commit Message Guidelines](https://gist.github.com/robertpainsi/b632364184e70900af4ab688decf6f53).

config/dataset/dataset.yaml

@@ -0,0 +1,9 @@
+datasetaccess_control: dataset/access_control
+arithmetic: dataset/arithmetic
+bad_randomness: dataset/bad_randomness
+denial_of_service: dataset/denial_of_service
+front_running: dataset/front_running
+reentrancy: dataset/reentrancy
+short_addresses: dataset/short_addresses
+time_manipulation: dataset/time_manipulation
+unchecked_ll_calls: dataset/unchecked_low_level_calls

config/tools/mythril.yaml

@@ -0,0 +1,5 @@
+docker_image:
+  default: qspprotocol/mythril-usolc
+  solc<5: qspprotocol/mythril-0.4.25
+cmd: -x
+info: Mythril analyses EVM bytecode using symbolic analysis, taint analysis and control flow checking to detect a variety of security vulnerabilities.

config/tools/oyente.yaml

@@ -0,0 +1,4 @@
+docker_image:
+  default: qspprotocol/oyente-0.4.25
+cmd: -s
+info: Oyente runs on symbolic execution, determines which inputs cause which program branches to execute, to find potential security vulnerabilities. Oyente works directly with EVM bytecode without access high level representation and does not provide soundness nor completeness.

config/tools/securify.yaml

@@ -0,0 +1,7 @@
+docker_image:
+  default: qspprotocol/securify-usolc
+  solc<5: qspprotocol/securify-0.4.25
+cmd: --livestatusfile /results/output.json -fs
+output_in_files:
+  folder: /results/output.json
+info: Securify uses formal verification, also relying on static analysis checks. Securify’s analysis consists of two steps. First, it symbolically analyzes the contract’s dependency graph to extract precise semantic information from the code. Then, it checks compliance and violation patterns that capture suffi- cient conditions for proving if a property holds or not.

config/tools/smartcheck.yaml

@@ -0,0 +1,4 @@
+docker_image:
+  default: smartbugs/smartcheck
+cmd: -p
+info: Securify automatically checks for vulnerabilities and bad coding practices. It runs lexical and syntactical analysis on Solidity source code.

dataset/README.md

@@ -0,0 +1,27 @@
+# SmartBugs: A Dataset of Vulnerable Solidity Smart Contracts
+SmartBugs is a dataset for research in automated reasoning and testing of smart contracts written in Solidity, the primary language used in Ethereum. The key new idea that SmartBugs proposes is that a reproducible dataset for automated analysis of smart contracts should also provide the possibility to integrate tools easily, so that they can be automatically compared (and their results reproduced). To the best of our knowledge, SmartBugs is the first dataset to provide this facility.
+
+## Description
+
+This is the directory where all the contracts are located. The directory is organized according to the [DASP taxonomy](https://dasp.co). Each class of vulnerability may include:
+
+* Brief description of the vulnerability
+* Attack scenarios to exploit the vulnerability
+* Methods of mitigation
+* Examples of real world exploitation
+
+## Vulnerabilities
+
+SmartBugs provides a collection of vulnerable Solidity smart contracts organized according to the [DASP taxonomy](https://dasp.co):
+
+| Vulnerability | Description | Level |
+| --- | --- | -- |
+| [Reentrancy](https://github.com/smartbugs/smartbugs/blob/master/dataset/reentrancy) | Reentrant function calls make a contract to behave in an unexpected way | Solidity |
+| [Access Control](https://github.com/smartbugs/smartbugs/blob/master/dataset/access_control) | Failure to use function modifiers or use of tx.origin | Solidity |
+| [Arithmetic](https://github.com/smartbugs/smartbugs/blob/master/dataset/arithmetic) | Integer over/underflows | Solidity |
+| [Unchecked Low Level Calls](https://github.com/smartbugs/smartbugs/blob/master/dataset/unchecked_low_level_calls) | call(), callcode(), delegatecall() or send() fails and it is not checked | Solidity |
+| [Denial Of Service](https://github.com/smartbugs/smartbugs/blob/master/dataset/denial_of_service) | The contract is overwhelmed with time-consuming computations | Solidity |
+| [Bad Randomness](https://github.com/smartbugs/smartbugs/blob/master/dataset/bad_randomness) | Malicious miner biases the outcome | Blockchain |
+| [Front Running](https://github.com/smartbugs/smartbugs/blob/master/dataset/front_running) | Two dependent transactions that invoke the same contract are included in one block | Blockchain |
+| [Time Manipulation](https://github.com/smartbugs/smartbugs/blob/master/dataset/time_manipulation) | The timestamp of the block is manipulated by the miner | Blockchain |
+| [Short Addresses](https://github.com/smartbugs/smartbugs/blob/master/dataset/short_addresses) | EVM itself accepts incorrectly padded arguments | EVM |

dataset/access_control/README.md

@@ -0,0 +1,20 @@
+# Access Control
+Access Control issues are common in all programs, not just smart contracts. In fact, it's number 5 on the OWASP top 10. One usually accesses a contract's functionality through its public or external functions. While insecure visibility settings give attackers straightforward ways to access a contract's private values or logic, access control bypasses are sometimes more subtle. These vulnerabilities can occur when contracts use the deprecated tx.origin to validate callers, handle large authorization logic with lengthy require and make reckless use of delegatecall in proxy libraries or proxy contracts.
+
+Loss: estimated at 150,000 ETH (~30M USD at the time)
+
+## Attack Scenario
+A smart contract designates the address which initializes it as the contract's owner. This is a common pattern for granting special privileges such as the ability to withdraw the contract's funds.
+Unfortunately, the initialization function can be called by anyone — even after it has already been called. Allowing anyone to become the owner of the contract and take its funds.
+
+## Examples
+In the following example, the contract's initialization function sets the caller of the function as its owner. However, the logic is detached from the contract's constructor, and it does not keep track of the fact that it has already been called.
+```
+function initContract() public {
+	owner = msg.sender;
+}
+```
+In the Parity multi-sig wallet, this initialization function was detached from the wallets themselves and defined in a "library" contract. Users were expected to initialize their own wallet by calling the library's function via a delegateCall. Unfortunately, as in our example, the function did not check if the wallet had already been initialized. Worse, since the library was a smart contract, anyone could initialize the library itself and call for its destruction.
+
+## References
+Taken from [DASP TOP10](https://dasp.co/)

dataset/access_control/below_solc_v4/simple_suicide.sol

@@ -0,0 +1,12 @@
+/*
+ * @source: https://github.com/SmartContractSecurity/SWC-registry/blob/master/test_cases/unprotected_critical_functions/simple_suicide.sol
+ * @author: -
+ */
+
+contract SimpleSuicide {
+
+  function sudicideAnyone() {
+    selfdestruct(msg.sender);
+  }
+
+}

dataset/access_control/incorrect_constructor.sol

@@ -0,0 +1,30 @@
+/*
+ * @source: https://github.com/trailofbits/not-so-smart-contracts/blob/master/wrong_constructor_name/incorrect_constructor.sol
+ * @author: -
+ */
+
+ pragma solidity ^0.4.15;
+
+ contract Missing{
+     address private owner;
+
+     modifier onlyowner {
+         require(msg.sender==owner);
+         _;
+     }
+
+     // The name of the constructor should be Missing
+     // Anyone can call the IamMissing once the contract is deployed
+     function IamMissing()
+         public
+     {
+         owner = msg.sender;
+     }
+
+     function withdraw()
+         public
+         onlyowner
+     {
+        owner.transfer(this.balance);
+     }
+ }

dataset/access_control/multiowned_vulnerable.sol

@@ -0,0 +1,61 @@
+/*
+ * @source: https://github.com/SmartContractSecurity/SWC-registry/blob/master/test_cases/unprotected_critical_functions/multiowned_vulnerable.sol
+ * @author: -
+ */
+
+pragma solidity ^0.4.23;
+
+/**
+ * @title MultiOwnable
+ */
+contract MultiOwnable {
+  address public root;
+  mapping (address => address) public owners; // owner => parent of owner
+
+  /**
+  * @dev The Ownable constructor sets the original `owner` of the contract to the sender
+  * account.
+  */
+  constructor() public {
+    root = msg.sender;
+    owners[root] = root;
+  }
+
+  /**
+  * @dev Throws if called by any account other than the owner.
+  */
+  modifier onlyOwner() {
+    require(owners[msg.sender] != 0);
+    _;
+  }
+
+  /**
+  * @dev Adding new owners
+  * Note that the "onlyOwner" modifier is missing here.
+  */
+  function newOwner(address _owner) external returns (bool) {
+    require(_owner != 0);
+    owners[_owner] = msg.sender;
+    return true;
+  }
+
+  /**
+    * @dev Deleting owners
+    */
+  function deleteOwner(address _owner) onlyOwner external returns (bool) {
+    require(owners[_owner] == msg.sender || (owners[_owner] != 0 && msg.sender == root));
+    owners[_owner] = 0;
+    return true;
+  }
+}
+
+contract TestContract is MultiOwnable {
+
+  function withdrawAll() onlyOwner {
+    msg.sender.transfer(this.balance);
+  }
+
+  function() payable {
+  }
+
+}

dataset/access_control/mycontract.sol

@@ -0,0 +1,22 @@
+/*
+ * @source: https://consensys.github.io/smart-contract-best-practices/recommendations/#avoid-using-txorigin
+ * @author: Consensys Diligence
+ * Modified by Gerhard Wagner
+ */
+
+pragma solidity 0.4.24;
+
+contract MyContract {
+
+    address owner;
+
+    function MyContract() public {
+        owner = msg.sender;
+    }
+
+    function sendTo(address receiver, uint amount) public {
+        require(tx.origin == owner);
+        receiver.transfer(amount);
+    }
+
+}