tr
Bitcoin
Bitcoin (BTC)
$64,286.00 1.54552
Bitcoin price
Ethereum
Ethereum (ETH)
$3,097.40 1.14071
Ethereum price
BNB
BNB (BNB)
$560.61 2.02826
BNB price
Solana
Solana (SOL)
$144.92 3.6411
Solana price
XRP
XRP (XRP)
$0.5066120 0.84212
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000228 0.83118
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000052 1.37896
Pepe price
Bonk
Bonk (BONK)
$0.0000151 2.49798
Bonk price
Bitcoin
Bitcoin (BTC)
$64,286.00 1.54552
Bitcoin price
Ethereum
Ethereum (ETH)
$3,097.40 1.14071
Ethereum price
BNB
BNB (BNB)
$560.61 2.02826
BNB price
Solana
Solana (SOL)
$144.92 3.6411
Solana price
XRP
XRP (XRP)
$0.5066120 0.84212
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000228 0.83118
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000052 1.37896
Pepe price
Bonk
Bonk (BONK)
$0.0000151 2.49798
Bonk price
Bitcoin
Bitcoin (BTC)
$64,286.00 1.54552
Bitcoin price
Ethereum
Ethereum (ETH)
$3,097.40 1.14071
Ethereum price
BNB
BNB (BNB)
$560.61 2.02826
BNB price
Solana
Solana (SOL)
$144.92 3.6411
Solana price
XRP
XRP (XRP)
$0.5066120 0.84212
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000228 0.83118
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000052 1.37896
Pepe price
Bonk
Bonk (BONK)
$0.0000151 2.49798
Bonk price
Bitcoin
Bitcoin (BTC)
$64,286.00 1.54552
Bitcoin price
Ethereum
Ethereum (ETH)
$3,097.40 1.14071
Ethereum price
BNB
BNB (BNB)
$560.61 2.02826
BNB price
Solana
Solana (SOL)
$144.92 3.6411
Solana price
XRP
XRP (XRP)
$0.5066120 0.84212
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000228 0.83118
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000052 1.37896
Pepe price
Bonk
Bonk (BONK)
$0.0000151 2.49798
Bonk price
SirWin
SirWin
SirWin

What is MAIAN: smart contract analysis tool

maian-smart-contract-analysis-tool
By
What is MAIAN: smart contract analysis tool

MAIAN is an open-source analysis tool that helps developers find bugs in Ethereum smart contracts. Learn more about how it works in this guide.

What is MAIAN

MAIAN is an open-source blockchain analysis tool designed to help developers detect vulnerabilities in Ethereum smart contracts. 

Smart contracts are handy tools in financial programming, but in many cases, they can be hacked. Even one such an attack can cost hundreds if not millions of dollars.

Read more: Reddit users unveil specific hazards to unauthorized smart contracts

One of the most infamous examples was the DAO hack, where Ethereum had to execute a hard fork to reverse the flow of funds from the hacker’s wallet.

To protect against the vulnerabilities, engineers had to develop new ways to ensure the smart contract was free of any potential flows before deployment. 

As a result, MAIAN was born. The tool was released publicly in March 2018.

MAIAN was released under the MIT license by Ivica Nikolic, Aashish Kolluri, Ilya Sergey, Prateek Saxena, and Aquinas Hobor free for all to use and contribute to. The initial case study was released via Cornell’s database. Developers analyzed and ran through MAIAN around one million contracts of the Ethereum blockchain. They found some vulnerabilities in about eight percent of the contracts.

MAIAN classified and siphoned each smart contract error type into three main distinctions of vulnerability: “Prodigal,” “Greedy,” and “Suicidal.”

Three main vulnerability types

MAIAN can analyze each contract for three main errors. The first is suicidal contracts: an unnoticed or wrongly-coded contract can potentially “kill” the whole contract. The kill function can destroy the entire contract and return the funds to the owner of the contract. If an attacker owned the contract, a suicidal contract allows hijackers to keep the funds.

The second type is prodigal contracts. An attacker can send funds to anyone on the blockchain. Instead of having to kill the entire contract, a prodigal contract possesses a flaw that enables any person to hijack ownership and then send funds from within the contract to a random user many times over. Moreover, these operations can go relatively unnoticed.

Greedy contracts are the third error type. The developers described them as when “nobody can get out Ether”. These contracts are more widely known among the retail cryptocurrency community, as many were exposed to this error.

MAIAN: under the hood

MAIAN is coded in Python and is functional with the dependencies mentioned on its GitHub page. The main MAIAN tool works with any Solidity-coded smart contract. The tool can analyze smart contracts in any of the following three forms:

  1. Bytecode source (Bytecode before being deployed on the blockchain).
  2. Solidity (.sol files).
  3. Bytecode compiled (Bytecode after it’s been deployed on the blockchain).

The program is designed to be easily customizable and editable. In its stock version, MAIAN analyzes one contract and one error type at a time without further upgrades.

The technique analyzes the code of a contract using a custom Ethereum Virtual Machine (EVM). It searches for vulnerabilities based on specified categories and search depth. It runs the code symbolically, exploring different paths until it finds traces that meet certain criteria. The analysis uses symbolic variables as input. When a potential vulnerability is identified, the component provides specific values for these variables.

Using MAIAN and its future

If you want to improve your development skills and start running smart contracts through an extra layer of security with MAIAN, you can install the dependencies by navigating to the project’s GitHub.

MAIAN also allows configuring it with a GUI, and it provides instructions on how to do it. This can help users who aren’t entirely comfortable solely working on a command line and those who prefer visual aid as opposed to strictly code.

The tool has been known to be somewhat buggy when installed on certain operating systems, and some users have reported previous dependencies are needed to keep it running. Many times the problem you’re encountering with MAIAN has already been met by another user. Check the issues tab on the project’s GitHub. Often you’ll be able to find a solution there. In any case, it’s important to keep records and watch the upkeep of your contract.

Keep in mind that blockchain infrastructures are constantly changing. What works with MAIAN and Ethereum smart contracts today may not work tomorrow.

Related News

Hedgey Finance hacked for $44.7m on Arbitrum, Ethereum
News
Read more - Hedgey Finance hacked for $44.7m on Arbitrum, Ethereum

Hedgey Finance hacked for $44.7m on Arbitrum, Ethereum

Avraham Eisenberg convicted in $110m Mango Markets exploit
News
Read more - Avraham Eisenberg convicted in $110m Mango Markets exploit

Avraham Eisenberg convicted in $110m Mango Markets exploit

Token2049: Crypto experts highlight Ethereum blockchain problems
News
Read more - Token2049: Crypto experts highlight Ethereum blockchain problems

Token2049: Crypto experts highlight Ethereum blockchain problems

Token2024: Ava Labs CEO says Avalanche was ‘never ever’ marketed as ETH killer
News
Read more - Token2024: Ava Labs CEO says Avalanche was ‘never ever’ marketed as ETH killer

Token2024: Ava Labs CEO says Avalanche was ‘never ever’ marketed as ETH killer

Spider-Man star Tom Holland’s X account hacked to push crypto scam
News
Read more - Spider-Man star Tom Holland’s X account hacked to push crypto scam

Spider-Man star Tom Holland’s X account hacked to push crypto scam

Blockchain sleuth uncovers identity of PrismaFi’s hacker, who stole $11m
News
Read more - Blockchain sleuth uncovers identity of PrismaFi’s hacker, who stole $11m

Blockchain sleuth uncovers identity of PrismaFi’s hacker, who stole $11m

EY launches Ethereum-based blockchain solution to streamline business contracts
News
Read more - EY launches Ethereum-based blockchain solution to streamline business contracts

EY launches Ethereum-based blockchain solution to streamline business contracts

ETH positive sentiment rallies, average network fees reach 11-week low
News
Read more - ETH positive sentiment rallies, average network fees reach 11-week low

ETH positive sentiment rallies, average network fees reach 11-week low

Glassnode: Restaking brings new yield opportunities for Ethereum community
News
Read more - Glassnode: Restaking brings new yield opportunities for Ethereum community

Glassnode: Restaking brings new yield opportunities for Ethereum community

View more
Advertise