MoveHelper: Reverse Engineering for Move Smart Contract Bytecode

MoveHelper: Reverse Engineering for Move Smart Contract Bytecode

연구 분야: Analysis

학회: 2024 Sixth International Conference on Next Generation Data-driven Networks (NGDN)

Smart contracts carry complex business logic and have a significant impact on digital assets. Therefore, conducting security audits on smart contracts is crucial to ensure both the correctness of their operation and the security of the assets involved. However, for contracts lacking source code, analysis often requires collaboration with relevant bytecode disassembly tools. While the Move compiler provides disassembly functionality from Move binary bytecode to Move opcodes, the stack-based opcodes are not conducive to manual analysis. Hence, we propose MoveHelper, a disassembly tool specifically designed for Move smart contract bytecode. It transforms Move bytecode into a register-based expression more suitable for manual reading. MoveHelper supports the generation of the module's functions’ signature, control flow graphs within functions, function call graphs, and other information to better assist auditors in understanding the contract. We demonstrate how MoveHelper can be used to analyse the bytecode of a non-open-source Move contract using a simple example, showcasing MoveHelper's valuable assistance in auditing Move contract bytecode.