Skip to main content
Glama
RockYuan

MCP Smart Contract Analyst

by RockYuan
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Remote

analyze-unverified-contract

Analyze unverified smart contracts on Monad testnet to understand functionality and security through decompilation.

Instructions

Analyze a unverified contract from an address on the Monad testnet.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
addressYesMonad testnet address to analyze unverified contract for

Implementation Reference

  • src/index.ts:109-166 (handler)
    Handler function that retrieves bytecode from Monad testnet, decompiles it using an external service, extracts Solidity-like source code from HTML, and formats it for analysis including functionality, logic, and security.
    async ({ address }) => {
  try {
    const bytecode = await publicClient.getCode({
      address: address as `0x${string}`,
    })

    console.debug("contract bytecode:", bytecode);

    const decompileUrl = process.env.DECOMPILE_URL;
    if (!decompileUrl) {
      throw new Error("DECOMPILE_URL not set.");
    }

    const formData = new FormData();
    formData.append('bytecode', `${bytecode}`);

    const response = await fetch(decompileUrl, {
      method: 'POST',
      body: formData,
    });

    if (!response.ok) {
      throw new Error(`API request failed with status ${response.status}`);
    }

    const html = await response.text();

    const regex = /<div class="code javascript" style="border: 1px solid gray; padding: 0.5em; white-space: pre; font-family: monospace; line-height: 1.2">([\s\S]*?)<\/div>/;
    const match = html.match(regex);

    if (match) {
      const sourceCodeWithHtml = match[1];
      const sourceCode = sourceCodeWithHtml.replace(/<[^>]*>/g, '');

      return {
        content: [
          {
            type: "text",
            text: `Analyze the decompiled source code of contract ${address}, including its core functionalities, main logic flow, and security aspects:\n\`\`\`\n${sourceCode}\n\`\`\` `,
          },
        ],
      };
    } else {
      throw new Error(`Failed to retrieve source code: ${html}`);
    }
  } catch (error) {
    console.error("Error getting contract bytecode:", error);
    return {
      content: [
        {
          type: "text",
          text: `Failed to retrieve contract bytecode for address: ${address}. Error: ${error instanceof Error ? error.message : String(error)
            }`,
        },
      ],
    };
  }
}
  • src/index.ts:106-108 (schema)
    Zod schema defining the input parameter 'address' as a string for the contract address on Monad testnet.
    {
  address: z.string().describe("Monad testnet address to analyze unverified contract for"),
},
  • src/index.ts:103-167 (registration)
    MCP server tool registration call, specifying name, description, input schema, and inline handler function.
    server.tool(
  "analyze-unverified-contract",
  "Analyze a unverified contract from an address on the Monad testnet.",
  {
    address: z.string().describe("Monad testnet address to analyze unverified contract for"),
  },
  async ({ address }) => {
    try {
      const bytecode = await publicClient.getCode({
        address: address as `0x${string}`,
      })

      console.debug("contract bytecode:", bytecode);

      const decompileUrl = process.env.DECOMPILE_URL;
      if (!decompileUrl) {
        throw new Error("DECOMPILE_URL not set.");
      }

      const formData = new FormData();
      formData.append('bytecode', `${bytecode}`);

      const response = await fetch(decompileUrl, {
        method: 'POST',
        body: formData,
      });

      if (!response.ok) {
        throw new Error(`API request failed with status ${response.status}`);
      }

      const html = await response.text();

      const regex = /<div class="code javascript" style="border: 1px solid gray; padding: 0.5em; white-space: pre; font-family: monospace; line-height: 1.2">([\s\S]*?)<\/div>/;
      const match = html.match(regex);

      if (match) {
        const sourceCodeWithHtml = match[1];
        const sourceCode = sourceCodeWithHtml.replace(/<[^>]*>/g, '');

        return {
          content: [
            {
              type: "text",
              text: `Analyze the decompiled source code of contract ${address}, including its core functionalities, main logic flow, and security aspects:\n\`\`\`\n${sourceCode}\n\`\`\` `,
            },
          ],
        };
      } else {
        throw new Error(`Failed to retrieve source code: ${html}`);
      }
    } catch (error) {
      console.error("Error getting contract bytecode:", error);
      return {
        content: [
          {
            type: "text",
            text: `Failed to retrieve contract bytecode for address: ${address}. Error: ${error instanceof Error ? error.message : String(error)
              }`,
          },
        ],
      };
    }
  }
);
  • src/index.ts:28-28 (registration)
    Server initialization declares 'analyze-unverified-contract' as one of the supported capabilities.
    capabilities: ["analyze-verified-contract", "analyze-unverified-contract"]
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/RockYuan/mcp-contract-analyst'

If you have feedback or need assistance with the MCP directory API, please join our Discord server