On-Chain Review

Reviewing deployed contracts? Tough! Even tougher in a multi-chain world. Based on our Operational Security experience at MakerDAO, we bring you On-Chain Review: a code viewer that visualizes deployed contracts across chains with trusted attestations from colleagues and auditors.

GitHub Live Demo

Screenshots

Problem Statement

We use multiple blockexporer APIs to fetch relevant contract data from multiple OP-Stack (and Ethereum) blockchains.Then we parse the source code for hardcoded addresses, used libraries and external calls which are then fetched from the blockchain state.We overlay the code with links to other contracts to simplify navigation between connected parts of e.g. a protocol.With on-chain attestestation you can see whether trusted users already reviweed the particular contract. You can connect your wallet and leave a review attestion for other users.

Solution

On-chain review attestations: We use Ethereum Attestation Service to store list of reviewed contracts for each user and to make this information public For added security, we don't only attest the “address” of a contract but a combination of the “address” and the “hash” of the source code.abstract syntax tree – we use AST to parse source code and find addresses mentioned directly in the code

Hackathon

Superhack

2024

Prizes

🏆
🚀 Optimism — 🥇 Best Superchain Dev Tools & Infra
🏆
🟡 Base — 🥇 Best Consumer Product
🏆
🏊 Mode — Prize Pool
🏆
🥇 EAS — Best Use
🏆
🏆 Superhack 2023 Finalist

Contributors

DaeunYoon
15 contributions
KirillDogadin-std
6 contributions
valiafetisov
5 contributions