The Incredible Shrinking Context... in a decompiler near you

Sifis Lagouvardos, Yannis Bollanos, Neville Grech, Yannis Smaragdakis
{"title":"The Incredible Shrinking Context... in a decompiler near you","authors":"Sifis Lagouvardos, Yannis Bollanos, Neville Grech, Yannis Smaragdakis","doi":"arxiv-2409.11157","DOIUrl":null,"url":null,"abstract":"Decompilation of binary code has arisen as a highly-important application in\nthe space of Ethereum VM (EVM) smart contracts. Major new decompilers appear\nnearly every year and attain popularity, for a multitude of reverse-engineering\nor tool-building purposes. Technically, the problem is fundamental: it consists\nof recovering high-level control flow from a highly-optimized\ncontinuation-passing-style (CPS) representation. Architecturally, decompilers\ncan be built using either static analysis or symbolic execution techniques. We present Shrknr, a static-analysis-based decompiler succeeding the\nstate-of-the-art Elipmoc decompiler. Shrknr manages to achieve drastic\nimprovements relative to the state of the art, in all significant dimensions:\nscalability, completeness, precision. Chief among the techniques employed is a\nnew variant of static analysis context: shrinking context sensitivity.\nShrinking context sensitivity performs deep cuts in the static analysis\ncontext, eagerly \"forgetting\" control-flow history, in order to leave room for\nfurther precise reasoning. We compare Shrnkr to state-of-the-art decompilers, both static-analysis- and\nsymbolic-execution-based. In a standard benchmark set, Shrnkr scales to over\n99.5% of contracts (compared to ~95%), covers (i.e., reaches and manages to\ndecompile) 67% more code, and reduces key imprecision metrics by over 65%.","PeriodicalId":501197,"journal":{"name":"arXiv - CS - Programming Languages","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Programming Languages","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.11157","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Decompilation of binary code has arisen as a highly-important application in the space of Ethereum VM (EVM) smart contracts. Major new decompilers appear nearly every year and attain popularity, for a multitude of reverse-engineering or tool-building purposes. Technically, the problem is fundamental: it consists of recovering high-level control flow from a highly-optimized continuation-passing-style (CPS) representation. Architecturally, decompilers can be built using either static analysis or symbolic execution techniques. We present Shrknr, a static-analysis-based decompiler succeeding the state-of-the-art Elipmoc decompiler. Shrknr manages to achieve drastic improvements relative to the state of the art, in all significant dimensions: scalability, completeness, precision. Chief among the techniques employed is a new variant of static analysis context: shrinking context sensitivity. Shrinking context sensitivity performs deep cuts in the static analysis context, eagerly "forgetting" control-flow history, in order to leave room for further precise reasoning. We compare Shrnkr to state-of-the-art decompilers, both static-analysis- and symbolic-execution-based. In a standard benchmark set, Shrnkr scales to over 99.5% of contracts (compared to ~95%), covers (i.e., reaches and manages to decompile) 67% more code, and reduces key imprecision metrics by over 65%.
不可思议的缩小语境......就在您身边的解码器中
在以太坊虚拟机(EVM)智能合约领域,二进制代码的反编译已成为一项非常重要的应用。几乎每年都会出现新的大型反编译器,并广受欢迎,用于多种逆向工程或工具构建目的。从技术上讲,问题是根本性的:它包括从高度优化的连续传递式(CPS)表示中恢复高级控制流。从架构上讲,反编译器可以使用静态分析或符号执行技术来构建。我们介绍的 Shrknr 是一种基于静态分析的反编译器,它继承了最先进的 Elipmoc 反编译器。Shrknr 在可扩展性、完整性和精确性等所有重要方面都比目前的技术水平有了大幅提高。收缩上下文敏感性对静态分析上下文进行深度切割,急切地 "遗忘 "控制流历史,以便为进一步精确推理留出空间。我们将 Shrnkr 与最先进的基于静态分析和基于符号执行的反编译器进行了比较。在标准基准集中,Shrnkr可扩展到99.5%以上的合约(相比之下约为95%),覆盖(即达到并管理编译)的代码多了67%,关键的不精确度指标降低了65%以上。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信