5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary...
Transcript of 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary...
![Page 1: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/1.jpg)
5 - 7 March 2019
EthCC 2019
Let’s dig inside
Ethereum Smart
Contracts compiled
to WebAssembly
© QuoScient | ETHCC 2019
![Page 2: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/2.jpg)
Whoami
Patrick Ventuzelo
@Pat_Ventuzelo
QuoScient GmbH
► (Blockchain) Security Researcher/Engineer
Quolab
► Threat Intel & Response Platform
► Collaborative, Decentralized
What’s my relation with blockchains?
► Blockchain Transaction Tracking
► Research about Smart contracts, WebAssembly, …
► Vulnerability Analysis/Research
► Smart contract Audit (ETH, EOS, …)
► Security tool Development (Octopus, Quolab, …)
© QuoScient | ETHCC 2019 2
![Page 3: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/3.jpg)
Octopus
Security analysis framework
► WebAssembly module
► Blockchain Smart Contracts (BTC/ETH/NEO/EOS)
https://github.com/quoscient/octopus
© QuoScient | ETHCC 2019 3
![Page 4: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/4.jpg)
© QuoScient | ETHCC 2019 4
1. Introduction
2. WebAssembly basics
► Binary & text format
3. Program analysis
► CFG, Call graph, decompilation
4. Parity Helloworld
► Loader + runtime code analysis
5. WASM module Vulnerabilities
► Integer overflow, …
6. Conclusion
Agenda
![Page 5: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/5.jpg)
Introduction
01
© QuoScient | ETHCC 2019
![Page 6: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/6.jpg)
What is WebAssembly?
“Binary instruction format for a stack-based virtual machine”
► Low-level bytecode
► Compilation target for C/C++/Rust/Go/…
Generic evolution of NaCl & Asm.js
W3C standard
► MVP 1.0 (March 2017)
Natively supported in all major browsers
WebAssembly goals:
► Be fast, efficient, and portable (near-native speed)
► Easily readable and debuggable (wat/wast)
► Keep secure (safe, sandboxed execution environment)
► Don't break the web (not a JS killer)
© QuoScient | ETHCC 2019 6
![Page 7: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/7.jpg)
Wasm for Blockchain smart contracts…
2 of the Top Cryptocurrencies by MarketCap
Ethereum #2
► Decentralized platform that runs smart contracts
► (e)Wasm instead of EVM
EOS #5
► Open source smart contract platform
► Compiled from C++ to WebAssembly
© QuoScient | ETHCC 2019 7
![Page 8: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/8.jpg)
WebAssembly
basics
02
© QuoScient | ETHCC 2019
![Page 9: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/9.jpg)
Source code to WebAssembly
C/C++
© QuoScient | ETHCC 2019 9
binary format (.wasm)
Rust
![Page 10: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/10.jpg)
Binary Format - overview
Binary format
Magic number: \x00asm
Module structure
► Header
► 11 Sections + custom sections
© QuoScient | ETHCC 2019 10
https://wasdk.github.io/wasmcodeexplorer/
![Page 11: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/11.jpg)
Source code to WebAssembly
C/C++
© QuoScient | ETHCC 2019 11
binary format (.wasm) text format (.wat)
Rust
![Page 12: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/12.jpg)
WebAssembly Text Format
Standardized text format
► .wat/.wast file extensions
► S-expressions (like LISP)
► For modules and definitions
► Functions body
► Linear representation of low-level instructions or S-expressions
wasm2wat
► translate from the binary format back to the text format
wat2wasm
► translate from text format to the WebAssembly binary format
© QuoScient | ETHCC 2019 12
![Page 13: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/13.jpg)
WebAssembly Instructions set
Small Turing-complete instruction set
► 172 instructions
► Data types: i32, i64, f32, f64
► Control-Flow operators
► Label: block loop if else end
► Branch: br br_if br_table
► Function call: call call_indirect return
► Memory operators (load, store, etc.)
► Variables operators (locals/globals)
► Arithmetic operators (int & float)
► + - * / % && || ^ << >> etc.
► sqrt ceil floor etc.
► Constant operators (const)
► Conversion operators
► wrap trunc convert reinterpret etc.
© QuoScient | ETHCC 2019 13
![Page 14: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/14.jpg)
WebAssembly Instructions set
© QuoScient | ETHCC 2019 14
![Page 15: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/15.jpg)
Program
analysis
03
© QuoScient | ETHCC 2019
![Page 16: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/16.jpg)
Control flow graph (CFG)
© QuoScient | ETHCC 2019 16
![Page 17: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/17.jpg)
Control flow graph (CFG)
© QuoScient | ETHCC 2019 17
![Page 18: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/18.jpg)
Call Flow graph
© QuoScient | ETHCC 2019 18
![Page 19: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/19.jpg)
WABT: WebAssembly Binary Toolkit
WABT: WebAssembly Binary Toolkit
► Suite of tools for WebAssembly
► Translation & Decompilation
© QuoScient | ETHCC 2019 19
wat2wasm
wasm2wat
wasm2c
![Page 20: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/20.jpg)
Parity wasm
Helloworld
04
© QuoScient | ETHCC 2019
![Page 21: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/21.jpg)
Parity “Helloworld” WASM
© QuoScient | ETHCC 2019 21
![Page 22: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/22.jpg)
Parity “Helloworld” analysis
Input data of the transaction that create the smart contract
► Contain loader bytecode + embedded runtime code
► runtime code stored on the blockchain during loader execution
► Exactly the same way to create smart contract than with EVM
© QuoScient | ETHCC 2019 22
Loader module
(executed once)
Runtime module
(stored on the
blockchain)
![Page 23: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/23.jpg)
Parity “Helloworld” analysis
Input data of the transaction that create the smart contract
► Contain loader bytecode + embedded runtime code
► runtime code stored on the blockchain during loader execution
► Exactly the same way to create smart contract than with EVM
© QuoScient | ETHCC 2019 23
Loader module
(executed once)
Runtime module
(stored on the
blockchain)
![Page 24: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/24.jpg)
Loader module analysis
3 functions in the loader:
► call(): exported
► ret(i32 i32): imported
► $func1(): local
© QuoScient | ETHCC 2019 24
![Page 25: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/25.jpg)
Loader module analysis
3 functions in the loader:
► call(): exported
► ret(i32 i32): imported
► $func1(): local
call() pseudo-code:
© QuoScient | ETHCC 2019 25
![Page 26: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/26.jpg)
Loader module analysis
3 functions in the loader:
► call(): exported
► ret(i32 i32): imported
► $func1(): local
call() pseudo-code:
© QuoScient | ETHCC 2019 26
Not optimized…
Call to an empty function
![Page 27: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/27.jpg)
Loader module analysis - Data
Linear memory initialize with:
© QuoScient | ETHCC 2019 27
Hello world \x00asm…1024 1036 1268
Runtime
module
![Page 28: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/28.jpg)
Loader module analysis - Data
Linear memory initialize with:
call() pseudo-code:
call() return the runtime code & its size
© QuoScient | ETHCC 2019 28
Hello world \x00asm…1024 1036 1268
Runtime
module
![Page 29: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/29.jpg)
Loader module analysis - Data
Linear memory initialize with:
call() pseudo-code:
call() return the runtime code & its size
© QuoScient | ETHCC 2019 29
Hello world \x00asm…1024 1036 1268
Not optimized…
Constant not used
![Page 30: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/30.jpg)
Parity “Helloworld” analysis
Input data of the transaction that create the smart contract
► Contain loader bytecode + embedded runtime code
► runtime code stored on the blockchain during loader execution
► Exactly the same way to create smart contract than with EVM
© QuoScient | ETHCC 2019 30
Loader module
(executed once)
Runtime module
(stored on the
blockchain)
Runtime
code
![Page 31: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/31.jpg)
Runtime module analysis
In short:
► Same imported/exported functions names
► Data section contain “Hello world” string - offset 1024
Pseudo code:
© QuoScient | ETHCC 2019 31
![Page 32: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/32.jpg)
Runtime module analysis
In short:
► Same imported/exported functions names
► Data section contain “Hello world” string - offset 1024
Pseudo code:
© QuoScient | ETHCC 2019 32
Not optimized…
func2() should be call() instead
![Page 33: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/33.jpg)
Runtime module analysis
In short:
► Same imported/exported functions names
► Data section contain “Hello world” string - offset 1024
Pseudo code:
2 customs section: “linking” & “name”
► “name” section contains debug strings
© QuoScient | ETHCC 2019 33
![Page 34: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/34.jpg)
Parity “Helloworld” analysis - conclusion
2 stages WebAssembly modules (loader + payload)
WebAssembly makes analysis of Ethereum smart contract easier
This version is not optimized:
► execution of useless instructions/functions
► unused data in the loader code
► storing debug data (Name section) in the runtime code
All this non optimization can COST MONEY at execution
Official tutorial if you want to try: Writing smart contracts in Wasm for Kovan
© QuoScient | ETHCC 2019 34
Loader module
(executed once)
Runtime module
(stored on the
blockchain)
![Page 35: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/35.jpg)
Parity is working on optimization
I don’t know if Parity team have modified/optimized the generation of this wasm module (loader/runtime code) since last year
But in the interview of Jack Fransham, Parity Core Developer (link)
© QuoScient | ETHCC 2019 35
![Page 36: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/36.jpg)
WASM module Vulnerabilities
05
© QuoScient | ETHCC 2019
![Page 37: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/37.jpg)
WebAssembly doesn’t mean secured
Old vulnerabilities classes can be inside
► Buffer overflow
► Integer overflow/underflows
► Function pointer overwrite
► Format string
Advanced vulnerabilities classes as well
► Use-After-Free (UaF)
► Time Of Check to Time Of Use (TOCTOU)
► …
Some links:
► Security Chasms of WASM
► Hijacking the control flow of a WebAssembly program
© QuoScient | ETHCC 2019 37
![Page 38: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/38.jpg)
Simple Integer Overflow example
Simple HelloWorld modified to have a runtime integer overflow
► Written in Rust and compile to wasm (with wasm_bindgen)
► Try by yourself on WebAssembly Studio
© QuoScient | ETHCC 2019 38
![Page 39: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/39.jpg)
Conclusion
06
© QuoScient | ETHCC 2019
![Page 40: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/40.jpg)
Conclusion - Future
Future of Ethereum WebAssembly module is promising
► Ethereum WebAssembly VM (wasmi, hera)
► ERC-20 wasm contract - link
► Pre-compiled (e)Wasm module – link
► Community !!!
WebAssembly WILL:
► Make analysis and debugging easier
► Help non-blockchain people to enter in the game
WebAssembly WILL NOT:
► Secure poor code
► Make
© QuoScient | Toorcon XX 40
![Page 41: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/41.jpg)
Thanks & Questions
Patrick Ventuzelo / @Pat_Ventuzelo / [email protected]
Octopus - https://github.com/quoscient/octopus
© QuoScient | ETHCC 2019 41
![Page 42: 5 - 7 March 2019 Let’s dig inside Ethereum Smart Contracts ... · What is WebAssembly? “Binary instruction format for a stack-based virtual machine” Low-level bytecode Compilation](https://reader035.fdocuments.us/reader035/viewer/2022071113/5fea0ba056ab1c33734bd0b1/html5/thumbnails/42.jpg)
Radilostrasse 43
60489 Frankfurt
Germany
+49 69 33 99 79 38
www.quoscient.io
QuoScient
CONTACT