英文:
Get/guess unverified contract's external methods
问题
有没有办法获取或猜测智能合约的外部(或公共)函数,如果它没有经过验证?
我已经使用交易历史来获取至少已调用过一次的函数,但这非常慢。也许可以从字节码或其他方式来猜测?
英文:
Is there any way to get or guess smart contract's external (or public) functions if it's not verified?
I've used transaction history to get functions that has been called at least at once, but that's very slow. Maybe there is way to guess from bytecode or something else?
答案1
得分: 2
你要找的是字节码反编译器,以便你可以检索合同的ABI。
由于字节码只包含函数签名哈希的信息 - 特别是函数签名哈希的最后4个字节 - 检索字节码的ABI是一个尝试和猜测的过程。
幸运的是,有一些工具结合了不同的技术(交易历史记录、反编译、已知函数签名数据库等)来从字节码和地址中“猜测”合同的ABI。例如,可以查看 porosity、JEB Decompiler、mythril、Ethervm.io 和 whatsabi。
函数签名数据库:https://www.4byte.directory/signatures/
英文:
What you are looking for is a bytecode decompiler so that you can retrieve the contract's ABI.
Since the bytecode only contains function signature hashes - in particular, only the last 4 bytes of a function signature hash - retrieving the ABI for bytecode is a try-and-guess-game.
Luckily, there are tools out there that combine different techniques (tx history, decompiling, known function signature databases, etc.) to "guess" a contract's ABI from bytecode and address. For example, have a look at porosity, JEB Decompiler, mythril, Ethervm.io, and whatsabi.
function signature databases: https://www.4byte.directory/signatures/
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论