[X8] - Counter Risk Scanner (CRS) 🏅

A static/dynamic smart contract analysis API tool when provided a contract address will generate an assessment for users to understand access control related risks for a tokenized asset on EVM compatible blockchains. Protect user funds!

0
1

Challenges

#BUIDLathon 2023 Impact + Public Goods Track

Pool 15,000 MATIC

Raising user awareness about malicious contracts they may custody provides real social value to the web3 ecosystem.

Risk Management

Ranked 20,000 ETH

This project provides an automated risk identification and processing procedure.

Project details

Live demoLink to work

Counter Risk Scanner (CRS) assesses Solidity smart contracts on different EVM chains for unique counter-party risk. The scanner is hosted as a backend Flask API written in python and uses a combination of both static/on-chain analysis techniques to appropriately render counter-party risks to a client. The scanner currently only supports a single endpoint (/assess) that performs a risk assessment provided a correct address/network pair.

Request Fields

There is currently only two supported request query parameters (network, address).

  • network - The network used for the risk assessment; currently only ethereum and binance smart chain are supported

  • address - The token contract address used for the risk assessment

Response Fields

The response object is of form:

{
"counterparty": "0x0002",

"impacted_functions": ["steal_funds"],

"trust": "1:1"
}

There are currently only three supported response object fields:

  • counterparty - Permissioned counter-party address. In the processing event of no counterparty, Ethereum standard black hole (0x0..0) address is set for the counterparty field.

  • impacted_functions - All functions that use access control based modifiers (i.e, onlyOwner, onlyMinter, etc.) within a caller/callee function graph per some tokenized contract. Furthermore,

  • trust - How much of a counter-party that a client has to trust to ensure safe custody. Trust is measured inclusively between (1:1 to 1:N) to provide a client a pseudo-finite value that can be used to measure risk.


Dependency Usage

The scanner uses multiple third-party dependencies for generating counter-party risk assessments:

  • Etherscan - Used to fetch contract source code, metadata, and ABIs. Also used to determine and process proxy contracts to ensure asset representation encompasses all relevant contracts.

  • Node RPC - Used to query current contract state through read methods. Currently, nodes are only used to query for Gnosis multisig state (i.e, m, n) and ownership addresses.

  • Solidity Compiler - Used to generate abstract syntax trees (AST) trees and compile arbitrary Solidity code.

  • Surya - Used to generate function call graphs per some provided Solidity contract::function mapping.

Dependency DAG

Etherscan often will return with a source code response of form: {c0, c1, ..., cn} where c = "Contract Source"

To understand the polymorphic ordering of the contract dependencies, a local graph data structure is used with a topological sort to generate a single Solidity file that encompasses all relevant asset contracts.

Relevant Links

  • Risk Assessment Methodology: https://github.com/epociask/counter-risk-scanner/blob/main/FRAMEWORK.md

  • Project README: https://github.com/epociask/counter-risk-scanner/blob/main/README.md

  • Lucid Chart: https://lucid.app/lucidchart/e043cfbc-5728-4c00-bb6a-cf6f75ff3bff/edit?viewport_loc=-760%2C-89%2C3867%2C2193%2C0_0&invitationId=inv_471b4d81-3ebf-4b6c-a67b-560679ddf3a7