获取/猜测未经验证的合同的外部方法。

huangapple go评论73阅读模式
英文:

Get/guess unverified contract's external methods

问题

有没有办法获取或猜测智能合约的外部(或公共)函数,如果它没有经过验证?

我已经使用交易历史来获取至少已调用过一次的函数,但这非常慢。也许可以从字节码或其他方式来猜测?

英文:

Is there any way to get or guess smart contract's external (or public) functions if it's not verified?

I've used transaction history to get functions that has been called at least at once, but that's very slow. Maybe there is way to guess from bytecode or something else?

答案1

得分: 2

你要找的是字节码反编译器,以便你可以检索合同的ABI。

由于字节码只包含函数签名哈希的信息 - 特别是函数签名哈希的最后4个字节 - 检索字节码的ABI是一个尝试和猜测的过程。

幸运的是,有一些工具结合了不同的技术(交易历史记录、反编译、已知函数签名数据库等)来从字节码和地址中“猜测”合同的ABI。例如,可以查看 porosityJEB DecompilermythrilEthervm.iowhatsabi

函数签名数据库:https://www.4byte.directory/signatures/

英文:

What you are looking for is a bytecode decompiler so that you can retrieve the contract's ABI.

Since the bytecode only contains function signature hashes - in particular, only the last 4 bytes of a function signature hash - retrieving the ABI for bytecode is a try-and-guess-game.

Luckily, there are tools out there that combine different techniques (tx history, decompiling, known function signature databases, etc.) to "guess" a contract's ABI from bytecode and address. For example, have a look at porosity, JEB Decompiler, mythril, Ethervm.io, and whatsabi.

function signature databases: https://www.4byte.directory/signatures/

huangapple
  • 本文由 发表于 2023年5月24日 22:32:03
  • 转载请务必保留本文链接:https://go.coder-hub.com/76324666.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定