The first Clarity static analyser that finds bugs in your smart contracts
Main Launch: https://www.gecko.security/ (Mid July)
Gecko is an open-source Clarity static analysis tool written in Rust. It currently detects two vulnerabilities: unsafe inputs and authentication via tx-sender. When it finds these vulnerabilities, Gecko provides visual information about the bug. It also features a web UI for easy contract testing. Developers can upload and test their own contracts or input deployed contracts for Gecko to scan. This makes it useful for both pre and post-deployment testing. Gecko helps developers find vulnerabilities and improve their code comprehension. Additionally, it reassures users that the deployed contracts they interact with are safe.
Currently Gecko only supports checking for unsafe inputs and for vulnearbilities that occur when tx-sender is used for authentication. These were chosen as they were the most common vulnearbilities that can be found in clarity contracts see this report. The full list of vulnerabilities that will be added can be found here.
- We parse the Clarity code into a structure that Gecko can understand, this is called an Abstract Syntax Tree (AST). It represents the hierarchical structure of the code. We use the Clarity Contract Analysis Crate, which converts Clarity code into an AST and other metadata. This is the main entrypoint for Gecko.
- We then define a struct called Gecko, which implements the
ast_visitorcrate used to traverse each node and understand the behaviour of the code. - Taint analysis is used to track the flow of potentially unsafe data through the program and locate bugs and vulnearbilities. This involves defining the vulnearbility detectors as invariants and tracking the data to ensure it is properly checked or sanitized.
- As Gecko traverses the tree it propagates this taint to other nodes that depend on these.
- Once the traversal is complete messages are displayed about issues found including the location of the bug in source.
Gecko Technical Architecture
Example of a traversal of AST
The following is a table of vulnearbility detectors supported by Gecko and future detectors that will be added when as the AST is impoved and dynamic analysis such as fuzzing is added.
The aim is to create a set of real-life vulnearbilities and examples that will not only serve as a robust development template but also help identify good and bad parctices in Clarity contract development. Contibution of adding new vulnearbilities or examples is welcome.
TODO:
| ✔️ | Vulnerability | Example/Description |
|---|---|---|
| (slightly broken) | authentication via tx-sender |
Report , Example: Arkadiko |
| ✔️ | tx-sender in assert |
|
| ✔️ | untrusted actions on Stacks wallets (stx-burn?, stx-transfer?) |
|
| ✔️ | untrusted actions on fungible tokens (ft-burn?, ft-mint?, ft-transfer?) |
|
| ✔️ | untrusted actions on non-fungible tokens (nft-burn?, nft-mint?, nft-transfer?) |
|
| ✔️ | untrusted actions on persisted data (map-delete?, map-insert?, map-set?, var-set?) |
|
| ✔️ | call inside as-contract |
|
| ✔️ | use of block-height as time |
|
| ✔️ | bad use of unwrap-panic |
|
| ✔️ | precision loss | |
| ✔️ | TODO comments | |
| ✔️ | functions not used | |
| calls to private functions | ||
| return values | ||
| dynamic contract calls (through traits) | ||
| block time assumption broken on nakamoto release | Farming and stacking core contracts assume block time for the calculation of epoch lengths. However, this assumption is expected to be modified in the next Stacks upgrade (Nakamoto Release), which will reduce block time. | |
| rounding errors | ||
| panicking on possible error | Using unwrap-panic results in the transaction being finished because of a runtime error when the provided value is an error or a none. The runtime error does not allow the caller to handle that error and act in response. Example: Zest Protocol |
|
as-contract call to unverified principal |
Enclosing a contract call in an as-contract expression makes this internal call to be made on behalf of the caller contract. In the example the tx-sender value is changed to this caller contract. Example: Zest Protocol |
|
| signature replay in oracle | Example shows oracle prices are updated with a multi-signature scheme. However, besides validating the signature's content and verifying the signer, the function does not check whether the signatures were already used. Example: Arkadiko | |
| race condition | Example shows the interaction between the burning of USDA tokens and the subsequent adjustment of the fragments-per-token variable in the liquidity contract results in lost rewards for the users. Example: Arkadiko | |
| free front-running | Example shows fees are charged when minting USDA through open-vault() or update-vault(), if the user adds collateral to the vault. The minting fee is set in the function set-mint-fee(). Example: Arkadiko |
|
| 'admin' access | ALEX |
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent