Bytecode Truth, Not Source is a deep technical exploration of why smart-contract source code cannot be trusted as the ground truth for security. This repository shows how compiler optimizations, hidden assembly, proxies, and unreachable logic make verified Solidity misleading, and why only EVM bytecode reveals actual on-chain behavior.
static-analysis decompiler ethereum reverse-engineering solidity dynamic-analysis malware-analysis evm compiler-optimizations blockchain-security bytecode-analysis smart-contract-security honeypot-detection web3-security smart-contract-auditing evm-assembly proxy-contracts rugpull-analysis opcode-analysis onchain-forensics
-
Updated
Nov 24, 2025