Skip to main content
Glama
lordbasilaiassistant-sudo

base-security-scanner-mcp

by lordbasilaiassistant-sudo
OverviewSchemaRelated ServersScoreDiscussions
JavaScript

analyze_bytecode

Disassemble contract bytecode on Base mainnet to identify patterns like proxy, diamond, AMM, lending, and token standards for security analysis.

Instructions

Disassemble contract bytecode on Base mainnet and identify known patterns (proxy, diamond, AMM, lending, ERC-20, ERC-721, etc).

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
addressYesContract address on Base mainnet

Implementation Reference

  • src/index.ts:726-774 (handler)
    The `analyze_bytecode` tool handler, which fetches contract bytecode and performs opcode analysis, selector extraction, and contract type identification.
    // Tool 4: analyze_bytecode
server.tool(
  "analyze_bytecode",
  "Disassemble contract bytecode on Base mainnet and identify known patterns (proxy, diamond, AMM, lending, ERC-20, ERC-721, etc).",
  {
    address: z.string().describe("Contract address on Base mainnet"),
  },
  async ({ address }) => {
    try {
      const code = await getContractBytecode(address);
      if (code === "0x" || code.length <= 2) {
        return ok({ address, isContract: false, message: "Not a contract" });
      }

      const selectors = extractSelectors(code);
      const opcodes = analyzeOpcodes(code);
      const contractTypes = identifyContractType(selectors);

      // Map known selectors
      const knownFunctions: Array<{ selector: string; name: string; category: string }> = [];
      for (const sel of selectors) {
        if (KNOWN_SELECTORS[sel]) {
          knownFunctions.push({ selector: sel, name: KNOWN_SELECTORS[sel].name, category: KNOWN_SELECTORS[sel].risk });
        } else if (PATTERN_SELECTORS[sel]) {
          knownFunctions.push({ selector: sel, name: PATTERN_SELECTORS[sel], category: "pattern" });
        }
      }

      // Unknown selectors
      const unknownSelectors = selectors.filter(
        s => !KNOWN_SELECTORS[s] && !PATTERN_SELECTORS[s]
      );

      return ok({
        address,
        bytecodeSize: (code.length - 2) / 2,
        contractTypes,
        opcodeAnalysis: opcodes,
        knownFunctions,
        unknownSelectors: unknownSelectors.slice(0, 50), // cap output
        totalSelectors: selectors.length,
        knownCount: knownFunctions.length,
        unknownCount: unknownSelectors.length,
      });
    } catch (err) {
      return fail(`analyze_bytecode failed: ${err instanceof Error ? err.message : String(err)}`);
    }
  }
);
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/lordbasilaiassistant-sudo/base-security-scanner-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server