Exercises

Intro

In this section, we will present several exercises that will fortify your Instructions query skills. Each exercise provided comes along with a solution if you get stuck.

Exercise #1 - Find external calls

Now, let’s update this query to find instructions that make external calls to other contracts. To achieve this, we can reference the Instructions() section of the Glider API documentation to identify the function that queries for external calls.

Challenge: Update the following query such that it queries for external call instructions:

from glider import *

def query():
    # CHALLENGE: Update this query such that it looks for external call instructions.
    return Instructions().exec(10)

💡 Click here for the solution

Stuck or want to confirm your answer? Visit the link below where you can view and run the solution inside of Glider IDE:

https://glide.r.xyz/query/4aKXz8r5

Exercise #2 - Find the Instructions that Follow External Calls

Now that we’ve identified external call instructions, let’s take it a step further and find the instructions executed immediately after those external calls.

To achieve this, we need to iterate over each instruction and check how many next instructions exist. If 1 or more instructions do exist, then we have a positive hit.

Refer to this Glider method to learn how to retrieve an instruction’s next instructions.

Challenge: Update the query below to only return external call instructions that are followed by other instructions.

Extra Challenge: Use the filter() function to exclude instructions that don’t have any next instructions.

from glider import *

def query():
    return (
        Instructions()
        .external_calls()
        .exec(10)
        # CHALLENGE: Add your solution here.
    )

💡 Click here for the solution

Stuck or want to confirm your answer? Visit the link below where you can view and run the solution inside of Glider IDE:

https://glide.r.xyz/query/BXFNHQyC

Exercise #3 - Return instructions that Write to Storage

Now that we’ve identified cases where additional instructions are executed after an external call, let’s take it further by examining these instructions to see if any of them write to the contract’s storage (i.e., update a state variable).

To check if an instruction is writing to contract storage, Glider provides a dedicated method named is_storage_write() we can use. This function allows us to determine whether a given instruction performs a write operation on the contract’s state.

Challenge: Use the is_storage_write() method to filter instructions and return only external call instructions that are followed by instructions that update the contract’s storage.

Python provides a built-in function called any(). It takes a list, set, or array and returns True if at least one value in the data structure evaluates to True.

With Glider, you can call a method on a list of items, and that method will automatically be applied to each item in the list. This makes it easy to perform operations on multiple items at once. For example, the following code will return an array of function names:

func_names = Functions().exec(4).name
print(func_names)

💡 Click here for the solution

Stuck or want to confirm your answer? Visit the link below where you can view and run the solution inside of Glider IDE:

https://glide.r.xyz/query/NUSps4CL

Exercise #4 - External Calls invoking abi.encode

So far, our query identifies external calls and checks if any of the following instructions write to storage.

In this final exercise, we want to take it a step further by identifying external call instructions that also invoke abi.encode. To achieve this, you’ll need to add an additional filter to your query that checks for cases where the external call instruction includes a call to abi.encode.

To retrieve all the calls made within an instruction, use the callee_names() function.

💡 Click here for the solution

Stuck or want to confirm your answer? Visit the link below where you can view and run the solution inside of Glider IDE:

https://glide.r.xyz/query/Y65j8PWM

Bonus Challenge

Although we have not discussed what an instruction is yet, think of it as a line of code in a function.

We have a query that finds Solidity instructions:

from glider import *

def query():
    return (
        Instructions()
        .exec(10)
    )

We want to update this query to find delegatecall instructions.

Challenge: Identify the Glider function that, when called on Instructions(), will return only delegatecall instructions.

💡 Click here for the solution

Stuck or want to confirm your answer? Visit the link below where you can view and run the solution inside of Glider IDE:

https://glide.r.xyz/query/o3Q0dKq4

PreviousLearning Instructions NextFunctions

Last updated 2 months ago