# Debugger

Phalcon Explorer supports transaction debugging, a powerful feature that can significantly improve the analysis efficiency of complex transactions. In the following, we will illustrate this feature using the transaction of the exploitation of [the Euler protocol.](https://twitter.com/BlockSecTeam/status/1635262150624305153)

Click [the link for this transaction](https://app.blocksec.com/explorer/tx/eth/0xc310a0affe2169d1f6feec1c63dbc7f7c62a887fa48795d327d4d2da2d6b111d).

{% hint style="info" %}
Tx Hash: [0xc310a0affe2169d1f6feec1c63dbc7f7c62a887fa48795d327d4d2da2d6b111d](https://app.blocksec.com/explorer/tx/eth/0xc310a0affe2169d1f6feec1c63dbc7f7c62a887fa48795d327d4d2da2d6b111d)
{% endhint %}

## Enter the Debug Mode

There are two different ways to enter the debug mode: from a specific line in the invocation flow view or by clicking the Debug button.

### Method-I: Though the execution trace 

The Invocation Flow in Phalcon provides a view that lets users take a complete picture of the hack transaction and identify possible exploitation locations. This is useful when hundreds of external calls and events may exist [in the transaction](https://app.blocksec.com/explorer/tx/eth/0xc310a0affe2169d1f6feec1c63dbc7f7c62a887fa48795d327d4d2da2d6b111d?line=90).

<figure><img src="https://2319654293-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FwxbNGlBc5Kji1KaYLlhe%2Fuploads%2FdzDY4G4h3UQmc0gfhOWt%2Fimage.png?alt=media&#x26;token=46a06adf-68cd-4e3c-a001-9a58324f286b" alt=""><figcaption></figcaption></figure>

In the case of the Euler protocol exploitation, the hack transaction consists of many steps, including `borrowing Flashloan from Aave`, `depositing Dai into the Euler protocol`, etc. But in one of the steps, the exploiter called `donateToReserves()` to "donate" a massive fund to the Euler protocol, which warrants our vigilance. In this case, we can directly debug the transaction from this step by clicking the debug icon<img src="https://2319654293-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FwxbNGlBc5Kji1KaYLlhe%2Fuploads%2Fm14eNM448Xkov6sEEYVg%2Fimage.png?alt=media&#x26;token=178b37a3-5d9c-43ec-b000-6e9a048ffe68" alt="" data-size="line">.

### Method II: Through the Debug button&#x20;

Another way to enter the debug mode is by clicking the Debug button in the upper right corner.

## Debugger View Layout&#x20;

After entering the Debug mode, we can see the following screen.

<figure><img src="https://2319654293-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FwxbNGlBc5Kji1KaYLlhe%2Fuploads%2FbilDl9kiBOAGm5tP96jm%2Fimage.png?alt=media&#x26;token=1d12cd0f-83ac-407a-a9f2-b333f49acb29" alt=""><figcaption></figcaption></figure>

This screen has five panels, which are as follows.

1. **Call Trace Panel**: Showing the trace of external calls and events.
2. **Source Code Panel:** Providing the contract's source code and the current line (highlighted) referring to the call site of a function.
3. **Debug Console**: a call-level single-step debug console.
4. **Debug Trace Panel**:  Showing the call stack of the current contract with a combination of internal and external calls.&#x20;
5. **Parameters & Return Values Panel:** Showing call parameters and return values.

Sometimes, you may notice that the source code panel does not show the code. This is because the panel shows the function's call site by default. The reason is that the hacking contract is not unverified (not open-sourced), so the source code cannot be shown.&#x20;

The `eDai` contract is verified so we can **Step In** to see the specific implementation of `donateToReserves()`. After clicking **Step In**, the current line becomes the call site inside the `eDai` contract. It’s a proxy contract, and the code is shown below.

<figure><img src="https://2319654293-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FwxbNGlBc5Kji1KaYLlhe%2Fuploads%2FbUka4pEBPfWZ1SpGLLOl%2Fimage.png?alt=media&#x26;token=48dc54d5-800b-480a-870d-8847a90e573a" alt=""><figcaption></figcaption></figure>

After **Step In** again, we can finally see the concrete implementation of `donateToReserves()`.

<figure><img src="https://2319654293-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FwxbNGlBc5Kji1KaYLlhe%2Fuploads%2F5uJlIYXfEmvdXqfENnr5%2Fimage.png?alt=media&#x26;token=9061a97a-1567-4aed-84eb-2990cfc5f076" alt=""><figcaption></figcaption></figure>

## Debug Console

The debug console helps understand the detailed call trace, including the internal function call (The **Jump** at the first of a line indicates that this is an internal call). Note that the Call Trace Panel does not have an internal call trace.&#x20;

<figure><img src="https://2319654293-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FwxbNGlBc5Kji1KaYLlhe%2Fuploads%2FO2xvxAW7kGJj3yn6uRji%2Fimage.png?alt=media&#x26;token=8d4e17c2-6b65-4f63-b60d-65bbb91fbfd7" alt=""><figcaption></figcaption></figure>

To traverse between the detailed execution, Phalcon provides four buttons on the **Debug Console**, and **Next** and **Previous** have slightly different logic under the two colors.

* Next (Red Button): Go to the next call site in the whole call trace.
* Next (Blue Button): Go to the next call site of the current function.
* Previous(Red Button): Go to the previous call site in the whole call trace.
* Previous(Blue Button): Go to the previous call site of the current function.
* Step In: Go to the callee function.
* Step Out: Return to the call site of the current function.

For instance, we can click the **Next** button to analyze the implementation of `donateToReserves()`. We can find that the hacker donated 100 million eDAI, making the eDAI less than the dDAI and eligible for liquidation. Therefore, the root cause is that `donateToReserves()` lacks of liquidity check for eligible liquidation, and the exploiter liquidated himself/herself and took out 38 million `eDAI`.

<figure><img src="https://2319654293-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FwxbNGlBc5Kji1KaYLlhe%2Fuploads%2F7OjYgAULe7Tto0dTikNT%2Fimage.png?alt=media&#x26;token=f7f5386c-9410-4200-a026-20e9307fb62d" alt=""><figcaption></figcaption></figure>

## Debugger View Sharing

A transaction's debug can be shared directly via [URL](https://app.blocksec.com/explorer/tx/eth/0xc310a0affe2169d1f6feec1c63dbc7f7c62a887fa48795d327d4d2da2d6b111d?line=471\&debugLine=471), which contains the trace’s row number. When others open the link, the same debug view will be shown. This is useful when you want to share the analysis result with others. Team members can use this to collaborate, analyze, and discuss together!

In summary, the typical workflow of using Phalcon Explorer Debugger to analyze a hack transaction follows.&#x20;

* Find the possible issue in Invocation Flow and start debugging from there.
* Debug the source code, check the parameters, and return values of internal calls.
* Share your analysis with team members (or public readers) for collaboration.

## Other Features

Phalcon Debug has many features to help you improve efficiency.

* The Call Trace View can show the full parameters by turning on the `parameters` switch on the left top panel.
* For external calls, click "Rawdata" can see the raw call parameters.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.blocksec.com/phalcon/phalcon-explorer/debugger.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.