A tool for quickly collecting function selectors and decoding signatures from on-chain EVM bytecode.

Related tags

Cryptography rust cli research bytecode analysis recon evm reconnaissance evm-bytecode
Overview

sigmund-logo

CI MPL-2.0

Overview

Sigmund provides a CLI that allows users to collect function selectors from any EVM network and for any smart-contract, verified or not. It does so by searching for specific bytecode patterns which allows for efficient and EVM native interactions without the need for any APIs or ABI. Additionally, it provides the possibility to decode those function selectors and get the function signatures if they are known.

It's purpose is to be used as a tool for recon, analysis, general research and experimentation.

Disclaimer

This library is in early development stages and subject to potential breaking changes. Backward compatibility is not guaranteed and the package is intentionally not published on crates.io until and if there's an alpha release in the future.

Contributions are welcome. Users are encouraged to submit pull requests, fork, or alter the code in accordance with the terms outlined in the LICENSE.

It's suggested that the signatures argument is used deliberately to not overload the external function signature API.

Tests

To run the implemented tests, execute the following command at the root of the repository:

cargo test

Installation

You can currently build from source by running the following command in the root of the repository:

cargo build --release

Usage

A tool for quickly collecting function selectors and decoding signatures from on-chain EVM bytecode

Usage: sigmund [OPTIONS] <--address <ADDRESS>|--file <FILE>>

Options:
  -o, --output <OUTPUT>    Path to export the signatures as a JSON file
      --signatures         Collect all known function signatures from the contract's selectors
      --address <ADDRESS>  The address of the EVM contract
  -f, --file <FILE>        Path to a local file containing the contract's bytecode
      --deep               Collect all four-byte pushes (fn, err, ...), including non-selectors
      --all-matches        Return all available signature matches for each selector
      --rpc-url <RPC_URL>  To use your own Node or collect bytecode from a different network, provide the relevant RPC URL [default: https://ethereum-rpc.publicnode.com]
  -h, --help               Print help
  -V, --version            Print version

Examples

# Get function selectors for an unverified contract on Mainnet
sigmund --address 0x0000130d512ca69ca38add5b9ab2f9deff95c882
# {"8da5cb5b", "3aeebedb", "c6723cc9", ...}

# Get function selectors from a local file containing the bytecode
sigmund --file bytecode.txt
# {"7b6e0f15", "3aeebedb", "b603cd80", ...}

# Get function signatures for an unverified contract on Mainnet
# Similarly, for a local file just point to that file's path
sigmund --signatures --address 0x0000130d512ca69ca38add5b9ab2f9deff95c882
# [8da5cb5b]: owner()
# [c86283c8]: withdrawTo(uint256,address)

# To generate a `json` output, you can use any combination 
# as long as the input <--file | --address> is provided
sigmund --file bytecode.txt --output example.json
# { "selectors": Vec<String> , "signatures": <Vec<Signatures>) }

# You can use `Sigmund` in any EVM network
# by setting the --rpc-url to the relevant provider
sigmund --rpc-url <rpc-provider> <--signatures?> <--file <path>| --address <address>>

Aknowledgements

The underlying function signature API is Etherface.

License

This library is released under the terms of the Mozilla Public License version 2.0. See LICENSE.

Comments
  • benchmarks results (evmole)

    benchmarks results (evmole)

    Hey there! I stumbled upon your project on Twitter and added it to the EVMole benchmarks. It's now in a dedicated branch as WIP: https://github.com/cdump/evmole/tree/sigmund

    $ cd benchmarks/
$ PROVIDERS_SELECTORS=sigmund make benchmark-selectors
$ python3 compare.py --providers etherscan sigmund

      mode = selectors
  providers = ['etherscan', 'sigmund']
  datasets = ['largest1k', 'random50k', 'vyper']
  web_listen =
  markdown = False
  show_errors = False

dataset largest1k (1000 contracts, 24427 signatures), sigmund:
  time: 0.5s
  False Positive: 701 signatures, 57 contracts
  False Negative: 120 signatures, 109 contracts

dataset random50k (50000 contracts, 1171102 signatures), sigmund:
  time: 6.8s
  False Positive: 11344 signatures, 1247 contracts
  False Negative: 7550 signatures, 7254 contracts

dataset vyper (780 contracts, 21244 signatures), sigmund:
  time: 0.4s
  False Positive: 57 signatures, 57 contracts
  False Negative: 21244 signatures, 780 contracts

    you can compare accurancy and speed (better rerun everything on your hardware) with other selectors extraction tools: https://github.com/cdump/evmole/tree/sigmund?tab=readme-ov-file#function-selectors

    opened by cdump 3
  • feat ideas

    feat ideas

    • input bytecode directly instead of fetching from rpc url
    • output in machine-readable format, maybe even generate a probable abi for the contract
    • option to only show the most probable signature
    opened by banteg 1
  • build(deps): bump openssl from 0.10.64 to 0.10.66 in the cargo group across 1 directory

    build(deps): bump openssl from 0.10.64 to 0.10.66 in the cargo group across 1 directory

    Bumps the cargo group with 1 update in the / directory: openssl.

    Updates openssl from 0.10.64 to 0.10.66

    Release notes

    Sourced from openssl's releases.

    openssl-v0.10.66

    What's Changed

    Full Changelog: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.65...openssl-v0.10.66

    openssl-v0.10.65

    What's Changed

    New Contributors

    Full Changelog: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.64...openssl-v0.10.65

    Commits
    • ad70a0b Merge pull request #2267 from alex/bump-for-release
    • 5ce473b Release openssl v0.10.66
    • aef36e0 Merge pull request #2266 from alex/mem-bio-invariant
    • 142deef Fixed invariant violation in MemBio::get_buf with empty results
    • 32f150b Merge pull request #2265 from alex/bump-for-release
    • 98addd2 Release openssl v0.10.65 and openssl-sys v0.9.103
    • 7c7958d Merge pull request #2262 from alex/pkey-api
    • d7b12cc Switch Pkey::from_ to use set1 functions
    • 22ffa9a Merge pull request #2258 from sfackler/init-md
    • 9de3794 Initialize OpenSSL in MD constructors
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
    • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
    • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
    • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
    • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
    • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the Security Alerts page.
    dependencies 
    opened by dependabot[bot] 0
  • Wavefnx/v0.2.1

    Wavefnx/v0.2.1

    Sigmund v0.2.1

    Description

    Improved opcode pattern matching, more intuitive interface and defaults and a new --deep flag option.

    User Features

    • new --deep flag to allow the collection of all four-byte pushes, mostly for analysis.
    • improved UX with most common matches showing by default, the --all-matches flag is optional and shows all signatures matches for a selector.

    File changes

    • /tests/bytecode.rs: tests to reflect the new opcode pattern matching
    • /src/bytecode.rs: updated opcode pattern matching, use of the --deep flag
    • src/client.rs: default to return most common signatures, updated comments
    • src/config.rs: new --deep flag, replaced --most-common with --all-matches as default.
    • src/lib.rs: use the --deep flag in the Sigmund 🗿 struct
    • README.md: Update Readme to follow the new interface with examples
    release 
    opened by wavefnx 0
  • enhance(config): use the crate's version as the cli's version

    enhance(config): use the crate's version as the cli's version

    Use the crate's version in the CLI

    Overview

    Utilize the CARGO_PKG_VERSION env variable provided by cargo to set the CLI's version since for now, it's all one package

    Dev features

    • The version will now have to be set once in Cargo.toml which will simplify potential future CI builds

    Files changed

    • src/lib.rs: Global internal VERSION const
    • src/config.rs: The CLI will now use the crates version
    opened by wavefnx 0
  • fix(readme): update the usage section to reflect the latest version

    fix(readme): update the usage section to reflect the latest version

    Updated readme docs

    Description

    Usage of the latest Sigmund interface in the docs and removal of flags belonging to the previous version.

    File Changes:

    • README.md: Use the latest --most-common flag instead of --most-probable that didnt made it in the release. Additionally update the section that was still referring to the decode flag which belongs to v0.1.0.
    documentation 
    opened by wavefnx 0
  • wavefnx/feat/v0.2.0

    wavefnx/feat/v0.2.0

    Sigmund v0.2.0

    Description

    Since sigmund got some traction, it's worth updating the CLI interface to be more intuitive but also more scalable when it comes to the addition of new ones. Since it's still very early, It's good to keep flexibility but still add some structure.

    User Features

    • Use local a bytecode file as input with the --file <path> flag
    • Store json output --output <path>
    • Filter the most common signature matches

    The above, solve #1

    Dev Features

    • Clean main and structure
    • More concise client methods and custom errors with no unwraps even if there was an existence guarantee
    • Lib specific Signature struct, allowing for more flexibility
    • New, clean Config struct instead of the build_cli method that can enable loading config from file in the future
    • Since we need json for serialization, removed the json feature of reqwest and now using serde_json instead

    File changes

    • /src/address.rs: clean error enums
    • /src/bytecode.rs: allow creation of bytecode from file
    • src/client.rs: custom errors, no unwraps, filtered errors
    • src/config.rs: removed src/cli.rs in order to have a more solid config to use as input
    • src/lib.rs: Sigmund 🗿
    • src/main.rs: Sigmund 🗿
    • README.md: Update Readme to follow the new interface with examples
    • (new) src/signature.rs: lib specific and more clean representation of what a Signature is.
    release 
    opened by wavefnx 0
Owner
wavefnx
ascendance through technological innovation
wavefnx
GitHub
A tool to optimize your Solidity function signatures.

sigop A CLI tool to optimize your Solidity function signatures. I wanted to create this after seeing transmissions11's comment about this optimization

Quartz Technology 11 Nov 24, 2022
EVM compatible chain with NPoS/PoC consensus

Reef Chain Reef chain is written in Rust. A basic familiarity with Rust tooling is required. To learn more about Reef chain, please refer to Documenta

Reef Finance 148 Dec 31, 2022
Minimalistic EVM-compatible chain indexer.

EVM Indexer Minimalistic EVM-compatible blockchain indexer written in rust. This repository contains a program to index helpful information from any E

Kike B 14 Dec 24, 2022
Minimalistic EVM-compatible chain indexer.

EVM Indexer Minimalistic EVM-compatible blockchain indexer written in rust. This repository contains a program to index helpful information from any E

LlamaFolio 11 Dec 15, 2022
A pairing-based threshold cryptosystem for collaborative decryption and signatures used in HoneybadgerBFT implementation

threshold_crypto A pairing-based threshold cryptosystem for collaborative decryption and signatures. The threshold_crypto crate provides cryptographic

null 166 Dec 29, 2022
Schnorr VRFs and signatures on the Ristretto group

schnorrkel Schnorrkel implements Schnorr signature on Ristretto compressed Ed25519 points, as well as related protocols like HDKD, MuSig, and a verifi

Web3 Foundation 252 Dec 21, 2022
Fiddi is a command line tool that does the boring and complex process of checking and processing/watching transactions on EVM compatible Blockchain.

Fiddi is a command line tool that does the boring and complex process of checking and processing/watching transactions on EVM compatible Blockchain.

Ahmad Abdullahi Adamu 7 Jan 9, 2023
Multi Party Key Management System (KMS) for Secp256k1 Elliptic curve based digital signatures.

Key Management System (KMS) for curve Secp256k1 Multi Party Key Management System (KMS) for Secp256k1 Elliptic curve based digital signatures. Introdu

[ZenGo X] 61 Dec 28, 2022
Rust implementation of multi-party Schnorr signatures over elliptic curves.

Multi Party Schnorr Signatures This library contains several Rust implementations of multi-signature Schnorr schemes. Generally speaking, these scheme

[ZenGo X] 148 Dec 15, 2022
NIST P-256 signatures for Cortex-M4 microcontrollers

nisty NIST P256 signatures for Cortex-M4 microcontrollers What is this? Sometimes NIST P256 signatures need to be used. This is an attempt to create a

null 13 Mar 14, 2021
BLS Signatures in Rust

BLS Signatures Implementation of BLS signatures in pure Rust. Development BLST Portability To enable the portable feature when building blst dependenc

Filecoin 50 Dec 25, 2022
Generates Solidity code to verify EIP-712 style signatures

eip712 Generates Solidity code to verify EIP-712 style signatures. Usage First, create an abstract contract implementing the functionality you want: /

Sam Wilson 11 Dec 22, 2022
L2 validity rollup combined with blind signatures over elliptic curves inside zkSNARK, to provide offchain anonymous voting with onchain binding execution on Ethereum

blind-ovote Blind-OVOTE is a L2 voting solution which combines the validity rollup ideas with blind signatures over elliptic curves inside zkSNARK, to

Aragon ZK Research 3 Nov 18, 2022
A typed Chia programming language targeting CLVM bytecode.

Rue Lang Rue is a typed programming language which gets compiled to CLVM bytecode. It's designed to be an alternative to Chialisp for writing on-chain

Rigidity 18 Jul 8, 2024
Selendra is a multichains interoperable nominated Proof-of-Stake network for developing and running Substrate-based and EVM compatible blockchain applications.

Selendra An interoperable nominated Proof-of-Stake network for developing and running Substrate-based and EVM compatible blockchain applications. Read

Selendra 16 Nov 29, 2022
An extensible and practical demonstration of constructing evm-based sandwich attacks built with ethers-rs and Huff language.

subway-rs • Construct evm-based sandwich attacks using Rust and Huff. Getting Started subway-rs is a port of libevm's original subway, implemented wit

refcell.eth 230 Apr 25, 2023
Substreams development kit for Ethereum chains, contains Firehose Block model and helpers as well as utilities for Ethereum ABI encoding/decoding.

Substreams Ethereum Substreams development kit for Ethereum chains, contains Rust Firehose Block model and helpers as well as utilities for Ethereum A

StreamingFast 15 Oct 25, 2022
An automated CLI tool that optimizes gas usage in Solidity smart contracts, focusing on storage and function call efficiency.

Solidity-Gas-Optimizoor An high performance automated CLI tool that optimizes gas usage in Solidity smart contracts, focusing on storage and function

Chia Yong Kang 10 Mar 11, 2024
Parser and test runner for testing compatable common Ethereum full node tests against Polygon Zero's EVM.

EVM Test Parses and runs compatible common Ethereum tests from ethereum/tests against Polygon Zero's EVM. Note: This repo is currently very early in d

Mir Protocol 3 Nov 4, 2022