Bitcoin
Bitcoin (BTC)
$97,400.00 4.94804
Bitcoin price
Ethereum
Ethereum (ETH)
$3,133.43 0.6734
Ethereum price
BNB
BNB (BNB)
$612.79 -0.15515
BNB price
Solana
Solana (SOL)
$241.45 2.42741
Solana price
XRP
XRP (XRP)
$1.11 1.84029
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000241 -1.37452
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000194 -4.97689
Pepe price
Bonk
Bonk (BONK)
$0.0000528 -4.73048
Bonk price
dogwifhat
dogwifhat (WIF)
$3.19 -4.74167
dogwifhat price
Popcat
Popcat (POPCAT)
$1.56 -10.62315
Popcat price
Bitcoin
Bitcoin (BTC)
$97,400.00 4.94804
Bitcoin price
Ethereum
Ethereum (ETH)
$3,133.43 0.6734
Ethereum price
BNB
BNB (BNB)
$612.79 -0.15515
BNB price
Solana
Solana (SOL)
$241.45 2.42741
Solana price
XRP
XRP (XRP)
$1.11 1.84029
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000241 -1.37452
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000194 -4.97689
Pepe price
Bonk
Bonk (BONK)
$0.0000528 -4.73048
Bonk price
dogwifhat
dogwifhat (WIF)
$3.19 -4.74167
dogwifhat price
Popcat
Popcat (POPCAT)
$1.56 -10.62315
Popcat price
Bitcoin
Bitcoin (BTC)
$97,400.00 4.94804
Bitcoin price
Ethereum
Ethereum (ETH)
$3,133.43 0.6734
Ethereum price
BNB
BNB (BNB)
$612.79 -0.15515
BNB price
Solana
Solana (SOL)
$241.45 2.42741
Solana price
XRP
XRP (XRP)
$1.11 1.84029
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000241 -1.37452
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000194 -4.97689
Pepe price
Bonk
Bonk (BONK)
$0.0000528 -4.73048
Bonk price
dogwifhat
dogwifhat (WIF)
$3.19 -4.74167
dogwifhat price
Popcat
Popcat (POPCAT)
$1.56 -10.62315
Popcat price
Bitcoin
Bitcoin (BTC)
$97,400.00 4.94804
Bitcoin price
Ethereum
Ethereum (ETH)
$3,133.43 0.6734
Ethereum price
BNB
BNB (BNB)
$612.79 -0.15515
BNB price
Solana
Solana (SOL)
$241.45 2.42741
Solana price
XRP
XRP (XRP)
$1.11 1.84029
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000241 -1.37452
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000194 -4.97689
Pepe price
Bonk
Bonk (BONK)
$0.0000528 -4.73048
Bonk price
dogwifhat
dogwifhat (WIF)
$3.19 -4.74167
dogwifhat price
Popcat
Popcat (POPCAT)
$1.56 -10.62315
Popcat price

What is MAIAN: smart contract analysis tool

maian-smart-contract-analysis-tool
Edited by
This article is more than 4 years old
Learn
What is MAIAN: smart contract analysis tool

MAIAN is an open-source analysis tool that helps developers find bugs in Ethereum smart contracts. Learn more about how it works in this guide.

What is MAIAN

MAIAN is an open-source blockchain analysis tool designed to help developers detect vulnerabilities in Ethereum smart contracts. 

Smart contracts are handy tools in financial programming, but in many cases, they can be hacked. Even one such an attack can cost hundreds if not millions of dollars.

One of the most infamous examples was the DAO hack, where Ethereum had to execute a hard fork to reverse the flow of funds from the hacker’s wallet.

To protect against the vulnerabilities, engineers had to develop new ways to ensure the smart contract was free of any potential flows before deployment. 

As a result, MAIAN was born. The tool was released publicly in March 2018.

MAIAN was released under the MIT license by Ivica Nikolic, Aashish Kolluri, Ilya Sergey, Prateek Saxena, and Aquinas Hobor free for all to use and contribute to. The initial case study was released via Cornell’s database. Developers analyzed and ran through MAIAN around one million contracts of the Ethereum blockchain. They found some vulnerabilities in about eight percent of the contracts.

MAIAN classified and siphoned each smart contract error type into three main distinctions of vulnerability: “Prodigal,” “Greedy,” and “Suicidal.”

Three main vulnerability types

MAIAN can analyze each contract for three main errors. The first is suicidal contracts: an unnoticed or wrongly-coded contract can potentially “kill” the whole contract. The kill function can destroy the entire contract and return the funds to the owner of the contract. If an attacker owned the contract, a suicidal contract allows hijackers to keep the funds.

The second type is prodigal contracts. An attacker can send funds to anyone on the blockchain. Instead of having to kill the entire contract, a prodigal contract possesses a flaw that enables any person to hijack ownership and then send funds from within the contract to a random user many times over. Moreover, these operations can go relatively unnoticed.

Greedy contracts are the third error type. The developers described them as when “nobody can get out Ether”. These contracts are more widely known among the retail cryptocurrency community, as many were exposed to this error.

MAIAN: under the hood

MAIAN is coded in Python and is functional with the dependencies mentioned on its GitHub page. The main MAIAN tool works with any Solidity-coded smart contract. The tool can analyze smart contracts in any of the following three forms:

  1. Bytecode source (Bytecode before being deployed on the blockchain).
  2. Solidity (.sol files).
  3. Bytecode compiled (Bytecode after it’s been deployed on the blockchain).

The program is designed to be easily customizable and editable. In its stock version, MAIAN analyzes one contract and one error type at a time without further upgrades.

The technique analyzes the code of a contract using a custom Ethereum Virtual Machine (EVM). It searches for vulnerabilities based on specified categories and search depth. It runs the code symbolically, exploring different paths until it finds traces that meet certain criteria. The analysis uses symbolic variables as input. When a potential vulnerability is identified, the component provides specific values for these variables.

Using MAIAN and its future

If you want to improve your development skills and start running smart contracts through an extra layer of security with MAIAN, you can install the dependencies by navigating to the project’s GitHub.

MAIAN also allows configuring it with a GUI, and it provides instructions on how to do it. This can help users who aren’t entirely comfortable solely working on a command line and those who prefer visual aid as opposed to strictly code.

The tool has been known to be somewhat buggy when installed on certain operating systems, and some users have reported previous dependencies are needed to keep it running. Many times the problem you’re encountering with MAIAN has already been met by another user. Check the issues tab on the project’s GitHub. Often you’ll be able to find a solution there. In any case, it’s important to keep records and watch the upkeep of your contract.

Keep in mind that blockchain infrastructures are constantly changing. What works with MAIAN and Ethereum smart contracts today may not work tomorrow.