When a smart contract is deployed, is its source code publicly viewable?

by jsquaredlau   Last Updated October 31, 2018 21:28 PM

When a smart contract is deployed to the blockchain, is the source code then publicly viewable to all participants? For example, what you see here in Etherchain. I am aware that there are some contracts in there with source code provided as no, but I just want to confirm.

Thanks in advance!

Answers 2

No, the source code isn't automatically publicly viewable. If you have a publicly usable smart contract then you normally need to publish it so that people will know what they're interacting with, but it doesn't happen automatically.

The compiled bytecode is on the blockchain, though. It's hard to read but it's not safe to assume somebody won't work out what it does or write a nice decompiler.

Edmund Edgar
Edmund Edgar
October 01, 2016 02:14 AM

In general as other users commented it is not possible to get back the original source code in practice. Also, Etherscan.io only lists <1% of contracts with source code. People can use decompilers to reverse-engineer and try to better understand deployed smart contracts however. There are various decompilers available, for instance Porosity, Mythril, EthIR and Vandal. A good decompiler that's currently available (in terms of fidelity and reliability) is http://contract-library.com. It's not a stand alone tool, but can decompile most of the contracts that are currently on the Ethereum mainnet.

And this is the contract you linked to in decompiled mode: http://contract-library.com/#/contracts/0xbf35faa9c265baf50c9cff8c389c363b05753275

As you can see, some of the function names and data structures are inferred automatically, sometimes based on the knowledge it acquired when trying to understand past contracts. Overall, decompilers for Ethereum are currently not exactly designed to have their output optimized for typical human consumption, however they are optimized for consumption by other machines (algorithms) that can find security vulnerabilities.

Neville Grech
Neville Grech
October 31, 2018 21:27 PM

Related Questions

Just Smart contract driven app is a DAPP?

Updated August 15, 2017 16:28 PM

Getting ABI interface using solc offline

Updated December 01, 2017 23:28 PM

Best way to perform an airdrop?

Updated February 06, 2018 02:28 AM