Skip to content

pventuzelo/reversing_ewasm_contract_101

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
erc20
erc20
 
 
storage
storage
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Reversing Ewasm contract 101

Workshop given at EthCC 2020

Slides available here

Tool installation

Install octopus locally

# Security Analysis tool for WebAssembly module and Blockchain Smart Contracts
git clone https://github.com/pventuzelo/octopus

Follow the installation guide here

Install radare2 & Cutter

# Install Radare2
git clone https://github.com/radareorg/radare2
cd radare2
./sys/install.sh

Download Cutter here

Storage contract

Function's signature:

0x60fe47b1
=> set(uint256)

0x6d4ce63c
=> get()

ERC20 contract

Function's signature:

-579684317 : 0x23b872dd
==> transferFrom(address,address,uint256)

830644336 : 0x70a08231
==> balanceOf(address) 

1055744733 : 0xdd62ed3e
==> allowance(address,address) 

1368608825 : 0x39509351
==> increaseAllowance(address,uint256)

-1280877047 : 0x095ea7b3
==> approve(address,uint256)

TIPS

Ethereum signature reverse lookup

https://www.4byte.directory/

wasm binary (.wasm) to Hex bytecode

xxd -p contract.wasm | tr -d $'\n'

Hex bytecode to wasm binary (.wasm)

xxd -r -p contract.bytecode contract.wasm

convert .wasm to text representation (.wast)

wasm2wat contract.wasm -o contract.wast

convert text representation (.wast) to wasm binary (.wasm)

wat2wasm contract.wast -o contract.wasm

Trainings & Contact

Patrick Ventuzelo - @pat_ventuzelo

  • Independent Security Researcher / Trainer.
  • FREE online courses: here

About

Reversing Ewasm (Ethereum WebAssembly) contract 101 - Workshop

webassembly-security.com/

Topics

security analysis ethereum webassembly wasm reversing ewasm

Resources

Readme
Activity

Stars

18 stars

Watchers

2 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages