Manticore: A User-Friendly Symbolic Execution Framework for Binaries and Smart Contracts

An effective way to maximize code coverage in software tests is through dynamic symbolic execution-a technique that uses constraint solving to systematically explore a program's state space. We introduce an open-source dynamic symbolic execution framework called Manticore for analyzing binaries...

Celý popis

Uloženo v:

Podrobná bibliografie
Vydáno v:	IEEE/ACM International Conference on Automated Software Engineering : [proceedings] s. 1186 - 1189
Hlavní autoři:	Mossberg, Mark, Manzano, Felipe, Hennenfent, Eric, Groce, Alex, Grieco, Gustavo, Feist, Josselin, Brunson, Trent, Dinaburg, Artem
Médium:	Konferenční příspěvek
Jazyk:	angličtina
Vydáno:	IEEE 01.11.2019
Témata:	Benchmark testing Computer architecture Engines ethereum manticore mcore smart contract Smart contracts symbolic execution Weapons
ISSN:	2643-1572
On-line přístup:	Získat plný text
Tagy:	Přidat tag Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!

Abstract	An effective way to maximize code coverage in software tests is through dynamic symbolic execution-a technique that uses constraint solving to systematically explore a program's state space. We introduce an open-source dynamic symbolic execution framework called Manticore for analyzing binaries and Ethereum smart contracts. Manticore's flexible architecture allows it to support both traditional and exotic execution environments, and its API allows users to customize their analysis. Here, we discuss Manticore's architecture and demonstrate the capabilities we have used to find bugs and verify the correctness of code for our commercial clients.
AbstractList	An effective way to maximize code coverage in software tests is through dynamic symbolic execution-a technique that uses constraint solving to systematically explore a program's state space. We introduce an open-source dynamic symbolic execution framework called Manticore for analyzing binaries and Ethereum smart contracts. Manticore's flexible architecture allows it to support both traditional and exotic execution environments, and its API allows users to customize their analysis. Here, we discuss Manticore's architecture and demonstrate the capabilities we have used to find bugs and verify the correctness of code for our commercial clients.
Author	Grieco, Gustavo Feist, Josselin Dinaburg, Artem Manzano, Felipe Groce, Alex Brunson, Trent Hennenfent, Eric Mossberg, Mark
Author_xml	– sequence: 1 givenname: Mark surname: Mossberg fullname: Mossberg, Mark organization: Trail of Bits – sequence: 2 givenname: Felipe surname: Manzano fullname: Manzano, Felipe organization: Trail of Bits – sequence: 3 givenname: Eric surname: Hennenfent fullname: Hennenfent, Eric organization: Trail of Bits – sequence: 4 givenname: Alex surname: Groce fullname: Groce, Alex organization: Trail of Bits – sequence: 5 givenname: Gustavo surname: Grieco fullname: Grieco, Gustavo organization: Trail of Bits – sequence: 6 givenname: Josselin surname: Feist fullname: Feist, Josselin organization: Trail of Bits – sequence: 7 givenname: Trent surname: Brunson fullname: Brunson, Trent organization: Trail of Bits – sequence: 8 givenname: Artem surname: Dinaburg fullname: Dinaburg, Artem organization: Trail of Bits
BookMark	eNotjsFKAzEURaMo2Fa3btzkB2ZM8iaZibtaWhUqLmrBXUmTF4jOJJIZsfP3VpS7uBy4HO6UnMUUkZBrzkrOmb6db5alYFyXjHGAEzLltWi4kKzhp2QiVAUFl7W4INO-f2dMHqGekLdnE4dgU8Y7OqfbHnOxygGja0e6Gbt9aoOlywParyGkSFfZdPid8gf1KdP7EM1x3FMTHd10Jg90keKQjR36S3LuTdvj1X_PyHa1fF08FuuXh6fFfF0YAD0UCMyBlXulrLTqN-ArjcicQl2hd9xXTaOt5VxYqWVtQQFUyknbKOYNzMjNnzcg4u4zh-ONcddoKQSr4AeN21J-
ContentType	Conference Proceeding
DBID	6IE 6IL CBEJK RIE RIL
DOI	10.1109/ASE.2019.00133
DatabaseName	IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present
DatabaseTitleList
Database_xml	– sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher
DeliveryMethod	fulltext_linktorsrc
Discipline	Computer Science
EISBN	1728125081 9781728125084
EISSN	2643-1572
EndPage	1189
ExternalDocumentID	8952204
Genre	orig-research
GroupedDBID	29I 6IE 6IF 6IH 6IK 6IL 6IM 6IN 6J9 AAJGR AAWTH ABLEC ACREN ADYOE ADZIZ AFYQB ALMA_UNASSIGNED_HOLDINGS AMTXH APO BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IPLJI M43 OCL RIE RIL
ID	FETCH-LOGICAL-a339t-e30d3c5b66c5c6c6c63f49ee0d6e94efd1f4889cc112c5957c363346d5c860fa3
IEDL.DBID	RIE
ISICitedReferencesCount	253
ISICitedReferencesURI	http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000533303400126&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
IngestDate	Wed Aug 27 02:39:58 EDT 2025
IsPeerReviewed	false
IsScholarly	true
Language	English
LinkModel	DirectLink
MergedId	FETCHMERGED-LOGICAL-a339t-e30d3c5b66c5c6c6c63f49ee0d6e94efd1f4889cc112c5957c363346d5c860fa3
PageCount	4
ParticipantIDs	ieee_primary_8952204
PublicationCentury	2000
PublicationDate	2019-11-01
PublicationDateYYYYMMDD	2019-11-01
PublicationDate_xml	– month: 11 year: 2019 text: 2019-11-01 day: 01
PublicationDecade	2010
PublicationTitle	IEEE/ACM International Conference on Automated Software Engineering : [proceedings]
PublicationTitleAbbrev	ASE
PublicationYear	2019
Publisher	IEEE
Publisher_xml	– name: IEEE
SSID	ssj0051577 ssib040743839
Score	2.5987635
Snippet	An effective way to maximize code coverage in software tests is through dynamic symbolic execution-a technique that uses constraint solving to systematically...
SourceID	ieee
SourceType	Publisher
StartPage	1186
SubjectTerms	Benchmark testing Computer architecture Engines ethereum manticore mcore smart contract Smart contracts symbolic execution Weapons
Title	Manticore: A User-Friendly Symbolic Execution Framework for Binaries and Smart Contracts
URI	https://ieeexplore.ieee.org/document/8952204
WOSCitedRecordID	wos000533303400126&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
link	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV07T8MwELZKxcBUoEW85YGR0CR2_GArqBELVaVSqVsVv6RKNEV9IPrv8TlpYWBBWSJP0d05ny-57_sQutM6cVq4NKKG-gbFKRopKmDKgmjBbUozHQezCT4YiMlEDhvofs-FsdaG4TP7ALfhX75Z6A18KusK6U8LIP55wDmruFq72qEAhQIULqu3sIdpzmuRxiSW3d6oD3NcQZwSTHJ_WakEJMlb_3uGY9T5oeTh4R5sTlDDlqeotfNkwPUWbaPJqw_VDLQpH3EPj32BRTlIGZv3LR5t5wpkgHH_y-pQcDjfzWZhf3jFT0DO9a0zLkqDR3NfVRjUq4BIteqgcd5_e36JaveEqCBEriNLYkN0phjTmWZwEUeltbFhVlLrTOL85pU-WUmqM5lxTRghlJlMCxa7gpyhZrko7TnCfskZ63GMq4RqoWSaKi4L6nsRx5hyF6gNgZp-VAIZ0zpGl38vX6EjyERF6LtGzfVyY2_Qof5cz1bL25DVb9xEo4E
linkProvider	IEEE
linkToHtml	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1NT8JAEN0QNNETKhi_3YNHK213u931hoYGIxASIOFGul8JiRTDh5F_705b1IMX00uzp2Zmtm-nnfceQndKBVZxG3pUU9egWEk9STlMWRDFYxPSSPm52UTc7_PJRAwq6P6bC2OMyYfPzAPc5v_y9UJt4FNZkwt3WgDxz72I0tAv2Fq76qEAhhw0Lov3sAPqOC5lGgNfNFvDNkxy5fKUYJP7y0wlx5Kk9r-nOEKNH1IeHnzDzTGqmOwE1XauDLjcpHU06blgzUCd8hG38NiVmJeAmLF-2-Lhdi5BCBi3P43KSw4nu-ks7I6v-Anoua55xmmm8XDu6gqDfhVQqVYNNE7ao-eOV_oneCkhYu0Z4muiIsmYihSDi1gqjPE1M4IaqwPrtq9w6QpCFYkoVoQRQpmOFGe-TckpqmaLzJwh7JasNg7JYhlQxaUIQxmLlLpuxDIm7TmqQ6Cm74VExrSM0cXfy7fooDPqdafdl_7rJTqErBT0vitUXS835hrtq4_1bLW8yTP8BYvFpsg
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=proceeding&rft.title=IEEE%2FACM+International+Conference+on+Automated+Software+Engineering+%3A+%5Bproceedings%5D&rft.atitle=Manticore%3A+A+User-Friendly+Symbolic+Execution+Framework+for+Binaries+and+Smart+Contracts&rft.au=Mossberg%2C+Mark&rft.au=Manzano%2C+Felipe&rft.au=Hennenfent%2C+Eric&rft.au=Groce%2C+Alex&rft.date=2019-11-01&rft.pub=IEEE&rft.eissn=2643-1572&rft.spage=1186&rft.epage=1189&rft_id=info:doi/10.1109%2FASE.2019.00133&rft.externalDocID=8952204