An Analysis Tool for Smart Contracts
This repository is currently maintained by Thomas Fenninger (@zariliv). If you encounter any bugs or usage issues, please feel free to create an issue on our issue tracker.
Oyente+ is a modernized version of the original Oyente symbolic execution tool for Ethereum smart contracts. Oyente and Oyente+ are designed to detect smart-contract weaknesses like reentrancy, integer overflow, and timestamp dependence.
- Detection of smart contract weaknesses: reentrancy issues, integer over-/underflow, timestamp dependence, transaction order dependence, assertion failures
- Symbolic Execution: Deep analysis using the Z3 constraint solver
- Multi-format Support: Analyze Solidity source code, EVM bytecode, or remote on-chain contracts
As one of the earliest tools in the field, Oyente has served as a foundation for extensions and as a reference point for evaluating new approaches. Over time, however, it has become increasingly difficult to use: it cannot analyze newer contracts that rely on EVM instructions introduced after its initial release (for example, the shift opcodes or PUSH0), and it depends on Python 2 and outdated libraries, which complicates installation.
Oyente+ preserves Oyente's analysis capabilities while providing full support for the complete EVM instruction set. The codebase has been ported to Python 3 and updated to follow contemporary software-engineering practices. In particular, Oyente+ offers:
- Latest EVM Support: Compatible with recent opcodes (e.g., PUSH0, TLOAD, TSTORE)
- Modern Python: Implemented in Python 3.8+ with comprehensive type hints
- Comprehensive Testing: 513 test functions with a 100% pass rate, including property-based tests
- High Code Quality: Enforced through Black, Ruff, mypy, and pytest
- Strong Type Safety: Zero mypy errors across 15 of 17 modules
- Python 3.8+ (excluding 3.12.0) - Modern type hints and features
- Poetry - PEP 621 compliant dependency management
- Solidity compiler (solc) - Contract compilation
- Docker (optional) - For containerized deployment
Note: Python 3.12.0 is excluded due to upstream library incompatibilities in that specific initial release; patch releases (3.12.1+) resolve these issues and are allowed.
# Clone the repository
git clone https://github.com/smartbugs/oyente_plus.git
cd oyente_plus# Setup development environment with virtual environment and all dependencies
./scripts/setup-venv.sh
# Activate the environment
source venv/bin/activate# If you already have Poetry installed
make setup
# Virtual environment detection is automatic# Install all dependencies (development, testing, linting)
poetry install --with dev
# Production installation only
poetry install --only mainFor users who prefer containerized deployment, ensure you have Docker installed.
docker pull smartbugs/oyente_plus
docker run -it smartbugs/oyente_plus# Use solc-select for version management (recommended)
solc-select install latest
solc-select use latest
# Ubuntu/Debian
sudo add-apt-repository ppa:ethereum/ethereum
sudo apt-get update
sudo apt-get install solc# Analyze Solidity contract
python oyente/oyente.py -s contract.sol
# Analyze with assertion checking
python oyente/oyente.py -a -s contract.sol
# Analyze EVM bytecode
python oyente/oyente.py -s bytecode_file -b
# Analyze remote contract
python oyente/oyente.py -ru https://example.com/contract.sol
# Get help
python oyente/oyente.py --helpThe samples/ directory contains test contracts including:
SimpleDAO.sol- Reentrancy vulnerabilityEtherLotto.sol- Randomness issuesGovernment.sol- Access control patterns
- Original Paper: Oyente: Making Smart Contracts Safer
We welcome contributions! Please:
- Open an Issue: Report bugs or suggest features on our issue tracker
- Submit PRs: Feel free to send us a PR for changes you want to see!
- Follow Standards: Ensure all quality checks pass with
make all
See the development guide for more information on the architecture of Oyente+ and the development environment.