MATH is static analyzer for Teal code. It parses the Teal program, and builds its CFG. This project has been built on top of the great work by Crytic on Tealer.
This tool is a part of the unpublished paper MATH - Finding and Fixing Exploits on Algorand, and runs two detectors by default.
Features
Detectors
| Num | Check | What it Detects | Type |
|---|---|---|---|
| 1 | bSubtract | Detect instances of the byte subtraction vulnerability | Stateful |
| 2 | mathploit | Detect instances of the math exploit | Stateful |
All the detectors are run by default
Printers
- Print CFG (
--print-cfg)
Printers output dot files.
Use xdot to open the files (sudo apt install xdot).
How to install
Run
python3 setup.py installWe recommend to install the tool in a virtualenv.
How to run
tealer code.tealExample
The following shows the CFG from algorand/smart-contracts.
git clone https://github.com/algorand/smart-contracts.git
cd smart-contracts
tealer ./devrel/permission-less-voting/vote_opt_out.teal --print-cfg