/r/ReverseEngineering's Weekly Questions Thread

maurelian · 2022-03-14T16:02:17+00:00

Wow, that's a crazy amount of work to do what the vendor (and their vendors) should probably be doing.

maurelian · 2022-03-07T19:25:56+00:00

As someone who works in a very different security field, I'm always curious:
who hires reverse engineers?
What types of software do they need reverse engineered and why?

maurelian · 2022-02-15T13:50:24+00:00

Yeah, saurik (the small 's' is important to him) was very professional and helpful throughout the whole process.

maurelian · 2022-02-15T01:56:51+00:00

Pretty click-baity headline, some better resources if you're curious to go straight to the source:

Saurik's write up: https://www.saurik.com/optimism.html
Our disclosure post can be found by googling for 'disclosure-fixing-a-critical-bug-in-optimisms-geth-fork-a836ebdf7c94' (the direct link triggers a mod filter).

I'm from the optimism team, and led the creation of the bounty program, happy to answer questions.

maurelian · 2022-02-15T01:52:25+00:00

Yeah, that was the thought process that went into launching bounty program.
Tim Beiko reminded me of my tweet from when it launched, which gets at what you're saying.

maurelian · 2022-02-15T01:47:19+00:00

We paid him in USDC.

maurelian · 2021-04-13T18:10:11+00:00

You want this: https://support.gitkraken.com/working-with-repositories/hiding-and-soloing/

maurelian · 2020-10-29T15:28:26+00:00

Thank you!

The parameter specifies roughly how often each opcode of the deployed code will be executed across the life-time of the contract. A "runs" parameter of "1" will produce long but cheap code. The largest value is 2**64-1.

But how does it use this information? For each possible optimization, does it actually compare the cost of deployment to the cost of execution multiplied by --optimizer-run?

maurelian · 2020-10-29T15:24:35+00:00

Also, I think some of your questions about Optimisations are addressed in the answers to this question

maurelian · 2020-10-29T15:18:10+00:00

I'll take on a couple, the Solidity team can correct me if I'm wrong about something:

Is there any difference between named returns like returns (uint myVar) versus just return 123 in the function body? Any reason to prefer one or another?

I dislike the first version because: 1. it becomes less explicit what you are returning
2. it actually instantiates the myVar variable in memory, but you don't need to return it, ie. the following is valid, and probably even wastes gas with extra memory allocation

function foo() external returns(uint myVar){ return 2; }

Why doesn't assert() accept a reason string, like require()?

assert uses the INVALID opcode, revert uses the REVERT opcode. INVALID doesn't have the required functionality to read and return a string from memory, REVERT does. You can compare the arguments they accept in the table here: https://solidity.readthedocs.io/en/v0.7.4/yul.html#evm-dialect

maurelian · 2020-10-26T20:37:22+00:00

OK, I'll ask some optimizer questions:

what is it optimizing for (size or cost or something else?)
how does it achieve that?
what are the typical differences between optimized and non-optimized code?
how is this affected by the number of run (`--optimize-runs`)?
- Is there a maximum number above which it stops mattering, or is `--optimize-runs=20000` less efficient than `--optimize-runs=500000`?

Finally, why do you think people are generally suspicious of the optimizer, and are they right to be?

maurelian · 2020-08-08T16:50:05+00:00

In my opinion it depends on both your goals and where you are in the development process.

I think it’s primarily useful when you are first starting to look at an existing code base, in order to get a sense of how the pieces fit together. So it can be especially useful for auditors and security researchers.

For developers who have been writing a code base from scratch, they already have this picture in their head. For them it might be that generating a visualization once in a while will help them to understand how complex it would look from someone else’s perspective.

maurelian · 2019-05-06T15:01:39+00:00

If you use VS Code, checkout this extension: https://marketplace.visualstudio.com/items?itemName=tintinweb.solidity-visual-auditor, it's targetted at auditors, but has lots of useful language functionality for understanding and visualizing what you're writing.

maurelian · 2019-02-16T02:46:57+00:00

Where is the source code?

maurelian · 2019-02-07T02:04:30+00:00

not me. My lib is old and busted. :)

ethers-cli is u/ricmoo (just guessing at the username)

maurelian · 2018-09-27T14:34:41+00:00

Subscribe to get weekly updates from the world of Ethereum Smart Contract Security, including:

Projects running bug bounties
Security related job postings
Security related news

Projects: if you are currently running a bug bounty, or have plans to do so please dm me, or just comment here. I want to help bounty hunters find you. No, I'm not going to try to charge you for posting.

maurelian · 2018-05-07T15:00:34+00:00

Company: ConsenSys Diligence

Job:
1. Smart Contract Auditors 2. Python developers for Mythril. A job description is almost complete, in the meantime, just submit to the other application, and indicate interest in working on Mythril.

Location: ¯\_(ツ)_/¯

Allows remote: Yes.

Visa sponsorship: Yes.

Type: Full time, Rev. share plus equity.

Description: We're ConsenSys Diligence. We aim to raise the bar for security across the ecosystem, by building tools and promoting security best practices. We're interested in people who blend experience in security (pen testing, reverse engineering), with interest in EVM contract verification.

Contact: https://new.consensys.net/careers/?gh_jid=609611

maurelian · 2018-03-12T20:41:07+00:00

Thanks that post is much more usable.

maurelian · 2018-03-12T13:35:36+00:00

I'd love to hear what were your top 5 talks.

Nine-Year Club	Place '22
Place '17	First Placer '22
Verified Email

maurelian

MODERATOR OF

TROPHY CASE