Skip to main content
Glama
lordbasilaiassistant-sudo

base-security-scanner-mcp

by lordbasilaiassistant-sudo
OverviewSchemaRelated ServersScoreDiscussions
JavaScript

compare_bytecode

Analyze two Base mainnet contract addresses to detect cloned code by comparing bytecode and calculating similarity scores.

Instructions

Compare bytecode of two contracts on Base mainnet for clone detection. Returns similarity score and whether they share the same code.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
address1YesFirst contract address
address2YesSecond contract address

Implementation Reference

  • src/index.ts:900-968 (handler)
    The handler for the compare_bytecode tool, which compares the bytecode of two given contract addresses and returns a similarity score based on exact matching and function selector intersections.
    server.tool(
  "compare_bytecode",
  "Compare bytecode of two contracts on Base mainnet for clone detection. Returns similarity score and whether they share the same code.",
  {
    address1: z.string().describe("First contract address"),
    address2: z.string().describe("Second contract address"),
  },
  async ({ address1, address2 }) => {
    try {
      const [code1, code2] = await Promise.all([
        getContractBytecode(address1),
        getContractBytecode(address2),
      ]);

      const isContract1 = code1 !== "0x" && code1.length > 2;
      const isContract2 = code2 !== "0x" && code2.length > 2;

      if (!isContract1 || !isContract2) {
        return ok({
          address1,
          address2,
          isContract1,
          isContract2,
          match: false,
          similarity: 0,
          message: "One or both addresses are not contracts",
        });
      }

      const exactMatch = code1 === code2;

      // Calculate similarity: compare bytecode chunks
      let similarity = 0;
      if (exactMatch) {
        similarity = 100;
      } else {
        // Compare selectors as a proxy for functional similarity
        const sel1 = new Set(extractSelectors(code1));
        const sel2 = new Set(extractSelectors(code2));
        const intersection = new Set([...sel1].filter(s => sel2.has(s)));
        const union = new Set([...sel1, ...sel2]);
        similarity = union.size > 0 ? Math.round((intersection.size / union.size) * 100) : 0;
      }

      const types1 = identifyContractType(extractSelectors(code1));
      const types2 = identifyContractType(extractSelectors(code2));

      return ok({
        address1,
        address2,
        bytecodeSize1: (code1.length - 2) / 2,
        bytecodeSize2: (code2.length - 2) / 2,
        exactMatch,
        selectorSimilarity: similarity,
        contractTypes1: types1,
        contractTypes2: types2,
        verdict: exactMatch
          ? "Exact clone — identical bytecode"
          : similarity > 80
          ? "Very similar — likely forked from same source"
          : similarity > 50
          ? "Moderately similar — may share common patterns"
          : "Different contracts",
      });
    } catch (err) {
      return fail(`compare_bytecode failed: ${err instanceof Error ? err.message : String(err)}`);
    }
  }
);
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/lordbasilaiassistant-sudo/base-security-scanner-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server