MATH is static analyzer for Teal code. It parses the Teal program, and builds its CFG. This project has been built on top of the great work by Crytic on Tealer.
This tool is a part of the unpublished paper MATH - Finding and Fixing Exploits on Algorand, and runs two detectors by default.
| Num | Check | What it Detects | Type |
|---|---|---|---|
| 1 | bSubtract | Detect instances of the byte subtraction vulnerability | Stateful |
| 2 | mathploit | Detect instances of the math exploit | Stateful |
All the detectors are run by default
- Print CFG (
--print-cfg)
Printers output dot files.
Use xdot to open the files (sudo apt install xdot).
Run
python3 setup.py installWe recommend to install the tool in a virtualenv.
tealer code.tealThe following shows the CFG from algorand/smart-contracts.
git clone https://github.com/algorand/smart-contracts.git
cd smart-contracts
tealer ./devrel/permission-less-voting/vote_opt_out.teal --print-cfg