Signatures for stripped programs
Number of binaries analyzed: 5708Number of functions identified: 174626
Number of named signatures collected: 174626
What is this
We periodically scan all Solana programs on-chain and collect symbol names and generate function signatures.
The Binary Ninja plugin uses them to identify common library functions.
This file is intended for plugin users to use the latest signatures, but feel free to parse it yourself and use it however you want.
How to use it
Place the signatures.csv file in the folder where you will run binary ninja from.
The plugin will automatically scan it and apply names (and in some cases, types) to the functions it identifies.
You can expect to identify the vast majority of functions from common libraries, including solana-program, Anchor, and the Rust stdlib.
Vital for reverse engineering stripped programs.
However, this will not be very useful for less popular things like Pinocchio.
Why not WARP, the official Binary Ninja signatures?
Speed: generating WARP signatures is slow, it may take minutes for a single binary. Our approach is about 1,000 times faster.
Precision: WARP is designed to work on generic functions, and thus has great limitations.
For example, syscalls require relocations to be applied to be distinguished, otherwise leading to false positives.