Skip to main content

'First' Ethereum Decompiler Launches With JP Morgan Quorum Integration

The ethereum virtual machine (EVM) now has what appears to be its first ever decompiler designed to revert smart contracts into source code.
Announced onstage today by the founder of cybersecurity startup Comae Technologies at the DefCon hacker conference in Las Vegas, the open-source EVM decompiler was designed to make it easier to identify bugs in ethereum smart contracts.
Coming at a time when a string of ethereum hacks have exposed the difficulty of writing secure smart contract code, the decompiler, called Porosity, promises to let developers revert difficult to understand EVM bytecode back to its original state.
Porosity developer and Comae founder, Matt Suiche, told CoinDesk:
"The initial problem I was trying to solve by writing a decompiler is to be able to have the actual source code, without having access to the actual source code by reverse engineering."
Also announced today, Porosity is now integrated with JP Morgan's open-source Quorum blockchain created for enterprise-grade solutions, and it will now be available on the bank's Github page.
Tested with the help of some of JP Morgan's own engineers, Porosity and Quorum are expected to be packaged together to help run real-time smart contract security checks. The bundle, integrated directly into the Go-language ethereum implementation geth "out of the box," incorporates security and patching processes for private networks with formal governance models.
JP Morgan blockchain lead Amber Baldet described to CoinDesk what she believes is the significance of the technology, stating:
"Porosity is the first decompiler that generates human-readable Solidity syntax smart contracts from Ethereum Virtual Machine bytecode"

A time of need

While Suiche said he's new to blockchain, the serial entrepreneur who sold his previous startup to VMware was rather well prepared to build the decompiler.
As a reverse engineer, Suiche is familiar with starting with a product, and figuring out how to strip it down to its most basic parts.
Porosity
So in February, when he began researching ethereum smart contracts in depth, he almost accidentally built the decompiler as part of his own personal research.
As Porosity's launch comes in a month when ethereum smart contracts written for CoinDashParity and Veritaseum have all been hacked, Suiche thinks his chosen profession as a reverse engineer is about to see increased demand.
"The security community in ethereum is going to grow," he said "And we're going to see more and more reverse engineers."

The business of decompiling

Still, there's more to the business motivations driving decompiler use than just ensuring your funds remain secure.
Because vulnerabilities are frequently discovered long after a smart contract is implemented, an EVM decompiler can also bring peace of mind to investors, according to Alex Rass, CEO of customer software provider and cybersecurity consultant firm ITBS LLC.
According to Rass, decompilers are common among most "major" programming languages, in part because they help provide investors assurance that what they invested in is what is being used.
Rass said:
"With a decompiler someone with half a brain can go, pull the contract binary code for that contract and see that contract, and provide investors with what they purchased."
Link: https://www.coindesk.com/first-ethereum-decompiler-launches-jp-morgan-quorum-integration/

Comments

Popular posts from this blog

Police Bust Alleged $13 Million Crypto Pyramid Scheme

Police in China's northwestern city of Xi'An have arrested the founders of a claimed nationwide cryptocurrency pyramid scheme that allegedly amassed 86 million yuan ($13 million) from over 13,000 people. According to a report  from local media source Huashang News, Wednesday, the scheme launched in March 28 this year after months in preparation by a primary suspect who has has the surname Zheng, as well as three other accomplices. The report cited an investigation from the police who said the scheme used a cryptocurrency called Da Tang Coin (DTC) that is linked to DTC Holding  - a firm under the suspect's control and registered in Hong Kong - to allegedly hoax potential members of the pyramid scheme. In various promotional events in multiple cities in the country, the scheme claimed that new members can make 80,000 yuan (roughly $13,000) per day with an initial investment of $480,000 to purchase the DBTC at $0.50 per token, according to the report. These promises o...

Duncan Logan just tweeted that he's on board Electroneum

I have been a buyer and holder of bitcoin and Etherreum for a long time but this will be the first ICO I buy into--Duncan Logan. What is Electroneum? Electroneum (ETN) is a cryptocurrency that can be mined with a smartphone, requiring almost no technical knowledge or prior experience. This sets it apart from other cryptocurrencies (like Bitcoin) which require expensive hardware and technical know-how to mine. Electroneum’s unique mobile mining experience allows anyone with a smartphone to earn ETN coins by letting the miner app run in the background. It was designed specifically with mobile users in mind, thereby appealing to a potential market of 2.2 billion smartphone users around the world. Unlike other cryptocurrencies, Electroneum has a user-friendly, beginner-oriented interface that allows users to seamlessly transfer ETN coins between one another, check their balances, and mine coins. Being a  cryptocurrency , Electroneum is created, held, and spent electronical...

How to spend your Bitcoin and Ethereum in South Africa

As Bitcoin and Ethereum gain popularity among investors, an increasing number of users are creating cryptocurrency wallets. The wallets are either hosted through an online provider or stored on the user’s hardware. From these wallets, cryptocurrency owners can make transactions on a blockchain, interact with exchanges and other users, and in the case of the Ethereum blockchain, programme autonomous contracts. Sending cryptocurrency through the blockchain is quick and easy, but using cryptocurrency in lieu of fiat currency is still limited. South African stores and services are slower to adopt cryptocurrencies than more developed countries, but users can still buy products locally with Bitcoin or Ethereum. Stores There is a growing list of stores in South Africa which accept Bitcoin as a payment option – many of which offer the option by allowing users to pay with  PayFast . PayFast has partnered with South African Bitcoin exchange Luno to provide users with a way to ...