On-Chain Review
Reviewing deployed contracts? Tough! Even tougher in a multi-chain world. Based on our Operational Security experience at MakerDAO, we bring you On-Chain Review: a code viewer that visualizes deployed contracts across chains with trusted attestations from colleagues and auditors.
On-Chain Review
Created At
Winner of
๐ Optimism โ ๐ฅ Best Superchain Dev Tools & Infra
๐ก Base โ ๐ฅ Best Consumer Product
๐ Mode โ Prize Pool
๐ฅ EAS โ Best Use
.jpg)
๐ Superhack 2023 Finalist
Project Description
We use multiple blockexporer APIs to fetch relevant contract data from multiple OP-Stack (and Ethereum) blockchains.
Then we parse the source code for hardcoded addresses, used libraries and external calls which are then fetched from the blockchain state.
We overlay the code with links to other contracts to simplify navigation between connected parts of e.g. a protocol.
With on-chain attestestation you can see whether trusted users already reviweed the particular contract. You can connect your wallet and leave a review attestion for other users.
How it's Made
-
On-chain review attestations: We use Ethereum Attestation Service to store list of reviewed contracts for each user and to make this information public For added security, we don't only attest the โaddressโ of a contract but a combination of the โaddressโ and the โhashโ of the source code.
-
abstract syntax tree โ we use AST to parse source code and find addresses mentioned directly in the code
