From 8b5e484f873958e7aaf94c275ecff5f782d3a283 Mon Sep 17 00:00:00 2001 From: Bernhard Mueller Date: Wed, 4 Mar 2020 08:40:27 +0100 Subject: [PATCH] Simplify ether thief module --- .../analysis/module/modules/ether_thief.py | 33 ++----------------- 1 file changed, 2 insertions(+), 31 deletions(-) diff --git a/mythril/analysis/module/modules/ether_thief.py b/mythril/analysis/module/modules/ether_thief.py index 9d801304..be3939df 100644 --- a/mythril/analysis/module/modules/ether_thief.py +++ b/mythril/analysis/module/modules/ether_thief.py @@ -40,7 +40,7 @@ class EtherThief(DetectionModule): swc_id = UNPROTECTED_ETHER_WITHDRAWAL description = DESCRIPTION entry_point = EntryPoint.CALLBACK - pre_hooks = ["CALL"] + pre_hooks = ["STOP"] def reset_module(self): """ @@ -71,44 +71,15 @@ class EtherThief(DetectionModule): state = copy(state) instruction = state.get_current_instruction() - value = state.mstate.stack[-3] - target = state.mstate.stack[-2] - constraints = copy(state.world_state.constraints) - """ - Require that the current transaction is sent by the attacker and - that the Ether sent to the attacker's address is greater than the - amount of Ether the attacker sent. - """ - for tx in state.world_state.transaction_sequence: - """ - Constraint: All transactions must originate from regular users (not the creator/owner). - This prevents false positives where the owner willingly transfers ownership to another address. - """ - if not isinstance(tx, ContractCreationTransaction): - constraints.append( - And(tx.caller == ACTORS.attacker, tx.caller == tx.origin) - ) - attacker_address_bitvec = ACTORS.attacker - constraints += [ - UGE( - state.world_state.balances[state.environment.active_account.address], - value, - ) - ] - state.world_state.balances[attacker_address_bitvec] += value - state.world_state.balances[state.environment.active_account.address] -= value - constraints += [ UGT( state.world_state.balances[attacker_address_bitvec], state.world_state.starting_balances[attacker_address_bitvec], - ), - target == ACTORS.attacker, - state.current_transaction.caller == ACTORS.attacker, + ) ] potential_issue = PotentialIssue(