MatthewJiang-Rustle - 2023RustChinaCon.pdf

1、第三届中国Rust开发者大会Rustle:the first static analyzer for smart contracts in RustMatthew JiangDirector of Security Team BlockSecMotivationBackgroundDesign123Capability UsabilityConclusion456OutlineMotivationWhy do we develop Rustle?Emerging chains with Rust as smart contracts language MotivationLimitations

2、 of manual auditTime-consumingExpensiveSkilled auditorsError-proneMotivationMotivationCurrent tools:Dont support contracts in RustBackgroundLLVM IRDesignC;C+RustGoFront-endClangRustcGollvmLLVM IRBack-endx86ARMBPFWASMLLVM Pass:rich APIs to analysis the LLVM IR BackgroundNearBlockchains with smart con

3、tracts in RustRustWebAssemblySolanaRustBPFThough they are compiled into bytecode in different formats,we can analyze the logic on the LLVM IRRich experience in auditing smart contracts in RustBackgroundDesignWorkflowDesignCompileSmart ContractsLLVMIRLLVM PassExtractedPatternsPattern MatchAnalysisRes

4、ultsDesign#private pub fn callback_withdraw(&mut self,amount:U128)match env:promise_result(0)PromiseResult:NotReady=unreachable!(),PromiseResult:Successful(_)=self.balance-=amount.0;PromiseResult:Failed=;pub fn withdraw(&mut self,amount:U128)-Promise assert!(self.balance=amount.into(),insufficient b

5、alance);ext_ft_core:ext(self.token_id.clone().with_attached_deposit(1).with_static_gas(GAS_FOR_FT_TRANSFER_CALL).ft_transfer_call(self.depositor.clone(),amount,None,.to_string().then(ext_self:ext(env:current_account_id().with_static_gas(GAS_FOR_FT_RESOLVE_TRANSFER).with_attached_deposit(0).callback_

6、withdraw(amount),)ExampleReentrancy point,hand over control flow to external contractself.balance hasnt been modified upon second entranceft_transfer_call()Reentrancy AttackState changeDesignpub fn callback_withdraw(&mut self,amount:U128)match env:promise_result(0)PromiseResult:NotReady=unreachable!