Trust But Verify: First Ethereum Decompiler Launched With JP Morgan Project
The new decompiler lets the developers revert difficult to understand EVM bytecode back to its original state and can be scanned to check for susceptibility to new attacks or to ensure adherence to changing best practices.
Comae Technologies recently announced at the DEF CON hacker conference in Las Vegas held on July 27 the launching of Porosity, the first ever decompiler for Ethereum Virtual Machine (EVM) integrated with JP Morgan's Quorum.
Helping reinforce and verify smart contacts
According to the Porosity developer and Comae founder Matt Suiche, the initial problem that he was trying to solve by writing a decompiler is to be able to have the actual source code, without having access to the actual source code by reverse engineering.
Now, the new decompiler lets the developers revert difficult to understand EVM bytecode back to its original state. The reversed code can be scanned to check for susceptibility to new attacks or to ensure adherence to changing best practices.
Furthermore, Porosity helps further the “trust but verify” Blockchain thinking.
Commae reveals that Porosity and Quorum are being packaged and tested together as a way to integrate Blockchain technology into traditional enterprise security workflows.
The package includes scanning of private contracts sent to user’s node from other network participants, incorporating into security & patching processes for private networks with formalized governance model, and automate scanning and analyze risk across semi-public Quorum networks.
Decompiler: peace of mind for investors
ITBS LLC CEO Alex Rass said that decompiler can bring peace of mind to Blockchain investors because vulnerabilities are frequently discovered long after a smart contract is implemented. He also said that decompilers are common among most "major" programming languages, in part because they help provide investors assurance that what they invested in is what is being used.