How to find a function's body in the bytecode of a contract?

Hi all, I’m trying to figure out how to dynamically look-up a function’s body in the bytecode of a compiled contract.

The basis of my project is a helpful tool for users and the community to use where they input a token contract address from Ethereum Mainnet that they want to interact with, and the web-app tells them if the token is safe or not.
The idea is to help mitigate falling for scam tokens for less technical users - as during this bull market there’s many abound and I dislike seeing community users getting hurt.

The tool will pull the bytecode of the inputted address and attempt to validate specific functions of the token

Ex. Look up transfer(to, amount) and validate it doesn’t have a hidden fee on the user.

I read through the entirety of the extremely helpful series from OpenZeppelin here: and it answered most of my outstanding questions. Unfortunately, when putting it into practice I got a bit lost on the last step of the process.

I’m able to locate the function selector switch statement, in this case the first 8 bytes of transfer(address,uint256) hashed. Then I find the JUMP to instruction number to get to the function wrapper. I seem to find it well - but now I have trouble finding where to JUMP to get to the function body.

The example in the articles shared above are simple enough to follow, but in practice it seems like the function wrapper changes across different [valid] ERC20 contracts, while I thought it would remain constant as the parameters of the function and modifier (ie. non-payable) remain the same. Naturally, I’d expect the function body to change, but not the function wrapper.

Overall, I may be over-complicating this and instead of trying to dynamically read the contract to find the function body I could just check the entirety of the contract bytecode for a match against my validated transfer(...) function bytecode as a string? Then I think my issue is simply knowing how to transform a transfer(...) implementation into the equivalent bytecode/opcodes - which I currently don’t know how to do.

Please let me know your thoughts - I think this would be a cool user security tool!

1 Like

Hi @Dyno,

You could also have a look at: OpenZeppelin's online ERC20 verifier: behind the scenes