Bytecode analysis
Quote from Zleo A. on September 19, 2019, 9:30 amI noticed this feature in the git platform and i have seen it's details in section "Source Code Auditing". It sounds like "Our bytecode auditing and analysis tool detects potential vulnerabilities and a range of possible security flaws which can be exploited." how does this feature works?..and how do I enable it
I noticed this feature in the git platform and i have seen it's details in section "Source Code Auditing". It sounds like "Our bytecode auditing and analysis tool detects potential vulnerabilities and a range of possible security flaws which can be exploited." how does this feature works?..and how do I enable it
Quote from ModexTech-Admin on September 19, 2019, 2:00 pmYes, our bytecode auditing and analysis tool detects potential vulnerabilities and a range of possible security flaws which can be exploited.
Imagine a malicious person that wants to exploit a SC (smart contract). First step he/she will do is to analyse the SC bytecode.
The same pattern we use too, but we go more in detail and split the bytecode in steps for the user to analyse and take action. Also we analyse possible common known exploits in bytecode and the system is raising warning to be solved.To enable bytecode auditing and analysis for your contract a user must add a file, next to the contract file, named: modex.ini
The file should contain:
ANALYZE = true
IS_TRUFFLE_PROJECT = false
Yes, our bytecode auditing and analysis tool detects potential vulnerabilities and a range of possible security flaws which can be exploited.
Imagine a malicious person that wants to exploit a SC (smart contract). First step he/she will do is to analyse the SC bytecode.
The same pattern we use too, but we go more in detail and split the bytecode in steps for the user to analyse and take action. Also we analyse possible common known exploits in bytecode and the system is raising warning to be solved.
To enable bytecode auditing and analysis for your contract a user must add a file, next to the contract file, named: modex.ini
The file should contain:
ANALYZE = true
IS_TRUFFLE_PROJECT = false