TITAN-Softwork-Solutions/Vesuki

GitHub: TITAN-Softwork-Solutions/Vesuki

Stars: 6 | Forks: 0

# Vesuki Vesuki is a Rust **x86_64** control-flow hardening and obfuscation toolkit built for **authorized anti-tamper and defensive software protection**. It provides a proc-macro attribute that rewrites annotated functions into a dispatcher-style execution form and injects **per-build randomized “noise blocks”** (entropy mixing, opaque branching, disassembly decoys) to raise the cost of static analysis and signature-based reversing. ## What's Included This repository is a small workspace with three pieces: * **Vesuki runtime (`vesuki`)** * Core runtime functions, entropy sources, state evolution, and generated per-build block wrappers. * `vesuki_call!()` macro for injecting per-site noise. * **Vesuki proc-macro (`vesuki-macros`)** * `#[VESUKI]` attribute for functions and methods. * Rewrites bodies into an obfuscated dispatcher shape and inserts Vesuki noise calls. * **Example/test harness (`tests`)** * Minimal example program demonstrating the attribute macro on functions + methods. ## High-Level Capabilities ![IDA](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/b2755ba8c0022154.png) ![BN2](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/8ce591d212022155.png) * Attribute-based function transformation via `#[VESUKI]` * Per-callsite noise injection via `vesuki_call!()` * Per-build randomized code generation (build script emits a generated module into `OUT_DIR`) * Multiple “intensity” drivers: * `vesuki_light()`, `vesuki_medium()`, `vesuki_heavy()` * Entropy seeding using CPU facilities (RDSEED when available, serialized TSC fallback) * Control-flow noise primitives: * opaque predicates and gated execution * state-driven block selection * inline asm nops and disassembly decoys * randomized thunk banks for indirect execution variance * Custom section placement for generated wrappers to reduce layout predictability ## How It Works ### Compile-Time (Proc Macro) `#[VESUKI]` performs a structural rewrite of the target function: * Computes a stable hash from the **signature + body tokens** * Hoists `let` bindings into a stable “setup” region * Executes remaining statements through a **dispatcher loop** seeded from per-build constants * Captures return values (when present) into an internal `Option` slot This transformation is designed to preserve behavior for typical “leaf” functions and tight routines, while making the resulting control flow less directly readable. ### Build-Time (Generated Runtime) `build.rs` generates a per-build Rust module that contains: * build-specific constants and seeds * randomized execution orders for light/medium/heavy paths * wrapper functions around “block” primitives with randomized skins/sections * thunk banks used to introduce additional indirection and variance The generated module is included at compile time via: include!(concat!(env!("OUT_DIR"), "/vesuki_gen.rs")); ### Runtime (Noise Injection) The runtime provides: * `vesuki_call!()` for per-site injection (salted by `file:line:col`) * `vesuki_inline::()` and intensity drivers for chaining blocks * state advancement routines that mix entropy and evolve control-flow selection ## Requirements * **Architecture:** `x86_64` only (the runtime uses inline assembly and x86_64 arch intrinsics) * **Rust toolchain:** stable Rust (proc-macro + build script + inline asm) ## Quick Start ### 1) Build the workspace cargo build --workspace ### 2) Run the example cargo run -p vesuki-tests --release ## Usage ### Annotate a function use vesuki_macros::VESUKI; #[VESUKI] fn fib(mut n: u64) -> u64 { let (mut a, mut b) = (0_u64, 1_u64); while n > 0 { let t = a.wrapping_add(b); a = b; b = t; n -= 1; } a } ### Inject noise at a callsite use vesuki::vesuki_call; #[cfg(target_arch="x86_64")] { vesuki_call!(); vesuki::vesuki_light(); } ## Practical Guidance Vesuki is most effective when applied to: * small, high-value routines (checks, gates, token validation, licensing, policy decisions) * leaf functions or methods where the body is relatively compact * code paths where additional instructions and branching noise are acceptable To avoid surprising behavior: * Prefer wrapping tightly-ordered sequences into a single block/loop statement when possible. * Treat Vesuki as **anti-analysis friction**, not as a semantic optimizer or a security boundary. ## Threat Model Fit Vesuki helps with: * raising static reversing cost (especially for signature-based or pattern-driven analysis) * increasing per-build variance to reduce “one bypass fits all builds” * adding execution noise around sensitive control points

标签：通知系统