Table of Contents
An Attacker Contract Identification Tool Implemented in Rust based on BlockWatchdog.
-
rust toolchain
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
-
gigahorse-toolchain
Lydia requires Gigahorse (commit da473f3) to be set up for analyzing EVM bytecode. To set up Gigahorse, refer to its repository.
- Rust build locally.
cargo build --release- Or you can build or pull the docker image.
docker build -t lydia:local .
docker pull ghcr.io/shuo-young/lydia:latestRUST_LOG=info cargo run -- -b ETH -l 0x10C509AA9ab291C76c45414e7CdBd375e1D5AcE8
# or use build bin
./target/release/lydia -b ETH -l 0x10C509AA9ab291C76c45414e7CdBd375e1D5AcE8For the docker image, run with the following command.
docker run ghcr.io/shuo-young/lydia:latest -b ETH -l 0x10C509AA9ab291C76c45414e7CdBd375e1D5AcE8more faster for identifying attackers and contracts with malicious intentions
- Recover all possible call chains in attacker contract (each public function).
- Report critical attack semantic, e.g., call in hook functions, selfdestruct, use randomnumer, creation (sole and multi) etc.
- Locating call sites that could perform reentrancy and possible reentrancy targets.
Copyright © 2024 Shuo Yang.
This project is Apache licensed.