0xKitsune/Ghost-Contract 0xKitsune/Ghost-Contract

  • Stars
    star
    138
  • Rank 264,508 (Top 6 %)
  • Language
    Solidity
  • Created over 2 years ago
  • Updated over 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
0xKitsune/Ghost-Contract
github

0xKitsune

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A minimalistic contract to execute a payload and make the code size of the msg.sender appear to be 0.

Ghost Contract

                                               ██████
                                           ████▒▒▒▒▒▒████
                                         ██▒▒▒▒▒▒▒▒▒▒▒▒▒▒██
                                       ██▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒██
                                     ██▒▒▒▒▒▒▒▒    ▒▒▒▒▒▒▒▒
                                     ██▒▒▒▒▒▒  ▒▒▓▓▒▒▒▒▒▒  ▓▓▓▓
                                     ██▒▒▒▒▒▒  ▒▒▓▓▒▒▒▒▒▒  ▒▒▓▓
                                   ██▒▒▒▒▒▒▒▒▒▒    ▒▒▒▒▒▒▒▒    ██
                                   ██▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒██
                                   ██▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒██
                                   ██▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒██
                                   ██▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒██
                                   ██▒▒██▒▒▒▒▒▒██▒▒▒▒▒▒▒▒██▒▒▒▒██
                                   ████  ██▒▒██  ██▒▒▒▒██  ██▒▒██
                                   ██      ██      ████      ████

The Ghost Contract implements a minimalistic way to execute a payload while making the codesize of the msg.sender appear to be zero in the context of the targeted contract.

I had originally come across this idea when searching for a way to trustlessly verify if the msg.sender was a smart contract or an EOA. One approach that has been previously attempted was to check the code size of the sender. If the code size is greater than 0, it is a contract, however if the code size is 0, this does not necessarily mean that the msg.sender is an EOA. Contracts that rely on this logic for security are vulnerable to exploits.

As demonstrated in this repo, a contract can use the CREATE opcode and execute an arbitrary payload, which can call another contract, transfer funds or anything else that a normal contract can do. When using this approach to call another contract, because the execution of this logic is within the constructor, the codesize of the msg.sender is 0.

Below is a quick look at the Ghost contract.

contract Ghost {
    /// @notice This function takes a bytecode payload that will execute during the use of the CREATE opcode
    /// @dev Since the payload executes during deployment, if the payload calls an external contract, the msg.sender is rendered as the zero address.
    function sendGhostTransaction(bytes calldata payload) public returns (bool) {

        assembly {
            /// @notice Copy the payload into memory so that it can be passed in as deployment bytecode
            calldatacopy(0x80, payload.offset, payload.length)

            /// @notice Deploy a new account executing the payload on deployment
            let deployedAddress := create(0, 0x80, payload.length)

            /// @notice If the deployment failed, return false
            if iszero(deployedAddress){
                mstore(0x00, false)
                return(0x00, 0x20)
            }

            /// @notice return a bool to indicate the ghost transaction was a success
            mstore(0x00, true)
            return(0x00, 0x20)
        }
    }
}

More Repositories

1

solstat

A Solidity static analyzer to identify contract vulnerabilities and gas efficiencies.
Rust
423
star
2

EVM-Book

A collection of EVM related information.
321
star
3

cfmms-rs

The predecessor to `amms-rs`. CFMM lib built in Rust enabling pair syncing and swap simulation with pools on Ethereum.
Rust
274
star
4

uniswap-v3-math

Rust
242
star
5

Foundry-Vyper

A Foundry template to compile and test Vyper contracts.
Solidity
173
star
6

Tour-of-ethers-rs

A comprehensive walkthrough of all the nooks and crannies ethers-rs has to offer.
96
star
7

EVM-Gas-Optimizations

A collection of gas optimizations for the EVM.
90
star
8

sstan

Solidity static analyzer
Rust
80
star
9

Foundry-Huff

A Foundry template to compile and test Huff contracts.
Solidity
52
star
10

bid_ask_service

Rust
45
star
11

evm-mnemonic

A barebones framework for hand tuned smart contracts in pure opcodes.
Rust
45
star
12

EVM-Puzzles-Walkthrough

39
star
13

openai-rs

A simple and efficient wrapper around the OpenAI API
Rust
28
star
14

gas-lab

A quick and easy way to test gas optimizations.
Solidity
27
star
15

burn_operation

Securely wipe your computer at the speed of light.
Rust
26
star
16

Optimized-Merkle-Proof

Solidity
17
star
17

solstat-reports

Smart contract audit / optimization reports generated by solstat.
Solidity
14
star
18

discord-openai

Discord x OpenAI bot
Rust
14
star
19

magglob-rs

Modular aggregated order book for CeFi exchanges
Rust
14
star
20

Optimized-Patricia-Tree

A modern, optimized Merkle Patricia Trie implementation.
Solidity
10
star
21

HFT-Research

8
star
22

ethers-throttle

A lightweight wrapper for ethers providers to throttle requests.
Rust
6
star
23

A-Journey-To-The-Center-Of-The-Node

A detailed walkthrough into the black box of node clients.
5
star
24

Reproducible-Go-Binaries

Makefile
5
star
25

casol

A hyper optimized chess engine.
Rust
5
star
26

geth-ipc-rpc-bench

Benchmarks comparing Geth's IPC and RPC endpoints.
Go
4
star
27

world-id-relay

State bridge relay for WorldID
Rust
2
star
28

tx-relay

Rust
2
star
29

RussianRoulette

Solidity
1
star
30

tx-monitor

Rust
1
star
31

Easy-Kali

Python
1
star