A tool for evaluating smart contract patches by running test suites and analyzing results.
- Python 3.8 or higher
- pip (Python package installer)
- Clone the repository:
git clone <repository-url>
cd evaluator- Create and activate a virtual environment (recommended):
python -m venv .venv
source .venv/bin/activate- Install the package in development mode:
pip install -e ".[dev]"The tool uses several configuration settings that can be modified in src/config.py:
BASE_DIR: Base directory for hardhat projectLOG_LEVEL: Logging verbosity (default: "ERROR")DEFAULT_BACKUP_SUFFIX: Suffix for backup files (default: ".bak")
The evaluator can be run from the command line with the following arguments:
python src/main.py \
--format <solidity|bytecode> \
--patch <path-to-patch-file> \
--contract-file <path-to-contract> \
--main-contract <contract-name>--format: The format of the patch file (choices: 'solidity' or 'bytecode')--patch: Path to the patch file that will be evaluated--contract-file: Path to the original smart contract file--main-contract: Name of the main contract to be patched
python src/main.py \
--format solidity \
--patch ./patches/fix.sol \
--contract-file ./contracts/vulnerable.sol \
--main-contract VulnerableContractThe tool will output evaluation results including:
- Contract and patch file information
- Total number of tests run
- Number of passed tests
- Sanity check results
- Details of any test failures
Example output:
Evaluation Results:
Contract File: ./contracts/vulnerable.sol
Patch File: ./patches/fix.sol
Total Tests: 10
Passed Tests: 8
Sanity Success: True
Sanity Failures: 0
Exploit Test Failures:
- Test case #3: Invalid state after transfer
- Test case #7: Reentrancy vulnerability still present
To run tests:
pytestTo run tests with coverage:
pytest --cov=src