Skip to main content
Glama
RockYuan

MCP Smart Contract Analyst

by RockYuan
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Remote

analyze-unverified-contract

Analyze unverified smart contracts on Monad testnet to understand functionality and security through decompilation.

Instructions

Analyze a unverified contract from an address on the Monad testnet.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
addressYesMonad testnet address to analyze unverified contract for

Implementation Reference

  • src/index.ts:109-166 (handler)
    Handler function that retrieves bytecode from Monad testnet, decompiles it using an external service, extracts Solidity-like source code from HTML, and formats it for analysis including functionality, logic, and security.
    async ({ address }) => {
  try {
    const bytecode = await publicClient.getCode({
      address: address as `0x${string}`,
    })

    console.debug("contract bytecode:", bytecode);

    const decompileUrl = process.env.DECOMPILE_URL;
    if (!decompileUrl) {
      throw new Error("DECOMPILE_URL not set.");
    }

    const formData = new FormData();
    formData.append('bytecode', `${bytecode}`);

    const response = await fetch(decompileUrl, {
      method: 'POST',
      body: formData,
    });

    if (!response.ok) {
      throw new Error(`API request failed with status ${response.status}`);
    }

    const html = await response.text();

    const regex = /<div class="code javascript" style="border: 1px solid gray; padding: 0.5em; white-space: pre; font-family: monospace; line-height: 1.2">([\s\S]*?)<\/div>/;
    const match = html.match(regex);

    if (match) {
      const sourceCodeWithHtml = match[1];
      const sourceCode = sourceCodeWithHtml.replace(/<[^>]*>/g, '');

      return {
        content: [
          {
            type: "text",
            text: `Analyze the decompiled source code of contract ${address}, including its core functionalities, main logic flow, and security aspects:\n\`\`\`\n${sourceCode}\n\`\`\` `,
          },
        ],
      };
    } else {
      throw new Error(`Failed to retrieve source code: ${html}`);
    }
  } catch (error) {
    console.error("Error getting contract bytecode:", error);
    return {
      content: [
        {
          type: "text",
          text: `Failed to retrieve contract bytecode for address: ${address}. Error: ${error instanceof Error ? error.message : String(error)
            }`,
        },
      ],
    };
  }
}
  • src/index.ts:106-108 (schema)
    Zod schema defining the input parameter 'address' as a string for the contract address on Monad testnet.
    {
  address: z.string().describe("Monad testnet address to analyze unverified contract for"),
},
  • src/index.ts:103-167 (registration)
    MCP server tool registration call, specifying name, description, input schema, and inline handler function.
    server.tool(
  "analyze-unverified-contract",
  "Analyze a unverified contract from an address on the Monad testnet.",
  {
    address: z.string().describe("Monad testnet address to analyze unverified contract for"),
  },
  async ({ address }) => {
    try {
      const bytecode = await publicClient.getCode({
        address: address as `0x${string}`,
      })

      console.debug("contract bytecode:", bytecode);

      const decompileUrl = process.env.DECOMPILE_URL;
      if (!decompileUrl) {
        throw new Error("DECOMPILE_URL not set.");
      }

      const formData = new FormData();
      formData.append('bytecode', `${bytecode}`);

      const response = await fetch(decompileUrl, {
        method: 'POST',
        body: formData,
      });

      if (!response.ok) {
        throw new Error(`API request failed with status ${response.status}`);
      }

      const html = await response.text();

      const regex = /<div class="code javascript" style="border: 1px solid gray; padding: 0.5em; white-space: pre; font-family: monospace; line-height: 1.2">([\s\S]*?)<\/div>/;
      const match = html.match(regex);

      if (match) {
        const sourceCodeWithHtml = match[1];
        const sourceCode = sourceCodeWithHtml.replace(/<[^>]*>/g, '');

        return {
          content: [
            {
              type: "text",
              text: `Analyze the decompiled source code of contract ${address}, including its core functionalities, main logic flow, and security aspects:\n\`\`\`\n${sourceCode}\n\`\`\` `,
            },
          ],
        };
      } else {
        throw new Error(`Failed to retrieve source code: ${html}`);
      }
    } catch (error) {
      console.error("Error getting contract bytecode:", error);
      return {
        content: [
          {
            type: "text",
            text: `Failed to retrieve contract bytecode for address: ${address}. Error: ${error instanceof Error ? error.message : String(error)
              }`,
          },
        ],
      };
    }
  }
);
  • src/index.ts:28-28 (registration)
    Server initialization declares 'analyze-unverified-contract' as one of the supported capabilities.
    capabilities: ["analyze-verified-contract", "analyze-unverified-contract"]

Tool Definition Quality

Score is being calculated. Check back soon.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/RockYuan/mcp-contract-analyst'

If you have feedback or need assistance with the MCP directory API, please join our Discord server