Heimdall is an advanced EVM smart contract toolkit specializing in bytecode analysis and extracting information from unverified contracts. Heimdall is written in Rust and is designed to be fast, modular, and more accurate than other existing tools.
Currently, Heimdall supports the following operations:
- EVM Bytecode Disassembly
- EVM Smart-Contract Control Flow Graph Generation
- EVM Smart-Contract Decompilation
- Smart-Contract Storage Dumping
- Raw Transaction Calldata Decoding
- Raw Transaction Trace Decoding
Ensure that Rust & Cargo are installed:
curl https://sh.rustup.rs -sSf | sh
Heimdall's update and installation manager, bifrost
, can be installed using the following command:
curl -L http://get.heimdall.rs | bash
If you want to manually install bifrost, you can download the latest release from here.
Once you have installed bifrost
, you can use it to install Heimdall using the following command from a new terminal:
bifrost
After compilation, the heimdall
command will be available to use from a new terminal. For advanced options, see the bifrost documentation.
Having trouble? Check out the Troubleshooting section in the wiki.
Documentation for all of heimdall-rs is available in the wiki.
If you'd like to contribute to Heimdall or add a module, please open a pull-request with your changes, as well as detailed information on what is changed, added, or improved.
For more detailed information, see the contributing guide.
If you've found an issue or have a question, please open an issue here. All issues must follow their respective templates.
Heimdall is a research-based toolkit created and maintained by Jonathan Becker. A full list of our 20+ contributors can be found in the sidebar.
If interested in the research behind Heimdall, check out some of my publications.
Heimdall has been cited in the following academic papers & theses:
- Lagouvardos, S., Bollanos, Y., Grech, N., & Smaragdakis, Y. (2024). The Incredible Shrinking Context... in a decompiler near you. Research Article. arXiv
- Ye, M., Lin, X., Nan, Y., Wu, J., & Zheng, Z. (2024). Midas: Mining Profitable Exploits in On-Chain Smart Contracts via Feedback-Driven Fuzzing and Differential Analysis. Research Article, ISSTA. DOI
- Darwish, M. (2024). From Bytecode to Safety - Decompiling Smart Contracts for Vulnerability Analysis. Bachelors Thesis, Linnaeus University. Full Text
- Aimar, D. (2023). Extraction, Indexing, and Analysis of Ethereum Smart Contracts Data. Masters Thesis, Politecnico di Torino. Full Text
If you have used or plan to use Heimdall in your research, please reach out to me via email or Twitter! I'd love to hear about what you're using heimdall for :)