CODEWITHSUNDEEP
ethereumsolidityweb3js
Andranik Hovesyan
Andranik Hovesyan

Reputation: 447

Get/guess unverified contract's external methods

Is there any way to get or guess smart contract's external (or public) functions if it's not verified?

I've used transaction history to get functions that has been called at least at once, but that's very slow. Maybe there is way to guess from bytecode or something else?

Upvotes: 2

Views: 838

Answers (2)

Doris Benda
Doris Benda

Reputation: 1

If a contract is unverified, you can reverse engineer the function selectors and input parameter types from the Ethereum Virtual Machine (EVM) bytecode with some probability. If the function selector is known (e.g. via lookups in a database), you might even find human-readable names of the functions.

I built an open-source tool ContractCompanion that provides you an ABI from reverse engineering it from the raw bytecode. Hope it helps you to interact with unverified contracts.

https://github.com/DOBEN/ContractCompanion

Upvotes: 0

norym
norym

Reputation: 707

What you are looking for is a bytecode decompiler so that you can retrieve the contract's ABI.

Since the bytecode only contains function signature hashes - in particular, only the last 4 bytes of a function signature hash - retrieving the ABI for bytecode is a try-and-guess-game.

Luckily, there are tools out there that combine different techniques (tx history, decompiling, known function signature databases, etc.) to "guess" a contract's ABI from bytecode and address. For example, have a look at porosity, JEB Decompiler, mythril, Ethervm.io, and whatsabi.

function signature databases: https://www.4byte.directory/signatures/

Upvotes: 2

Related Questions