AgentSkillsCN

sui-decompile

适用于获取链上SUI Move合约源码进行分析、从现有协议中学习,或对已部署合约进行逆向工程的场景。可在反编译、合约源码、链上代码,或协议分析任务时触发。

SKILL.md
--- frontmatter
name: sui-decompile
description: Use when fetching on-chain SUI Move contract source code for analysis, learning from existing protocols, or reverse-engineering deployed contracts. Triggers on decompile, contract source, on-chain code, or protocol analysis tasks.

SUI Decompile

Fetch and analyze on-chain SUI Move contract source code from block explorers.

Overview

This skill fills the "study existing contracts" gap in the development workflow. Before writing your own contracts, study how production protocols work:

code
sui-decompile → sui-architect → sui-developer → sui-tester → sui-deployer
    Study          Plan           Write          Test         Deploy

Methods (Priority Order)

Method 1: sui client CLI (Fastest, No Browser)

For packages with verified source or when you only need the normalized bytecode representation:

bash
# Get package object with module bytecodes
sui client object <package_id> --json

# Get specific module's normalized struct/function definitions
sui client call --package 0x2 --module display --function new --type-args '0x2::coin::Coin<0x2::sui::SUI>' --dry-run

For verified source packages, use the Revela decompiler (if available locally):

bash
# If revela is installed
revela decompile -p <package_id> --network mainnet

Method 2: Suivision Explorer (Preferred Browser Method)

Suivision often has official verified source code (via MovebitAudit).

URL pattern:

code
https://suivision.xyz/package/{package_id}?tab=Code

Playwright MCP workflow:

code
1. Navigate to https://suivision.xyz/package/{package_id}?tab=Code
2. Wait for code table to load (look for `table tr` elements)
3. If multiple modules: use browser_snapshot to find sidebar module names, then click each one
4. Extract code per module with browser_evaluate:
javascript
// Extract source code from Suivision code table
() => {
  const rows = document.querySelectorAll('table tr');
  const lines = [];
  rows.forEach(r => {
    const cells = r.querySelectorAll('td');
    if (cells.length >= 2) lines.push(cells[1].textContent);
  });
  return lines.join('\n');
}
javascript
// List all module names from sidebar (Suivision uses plain text elements, not role="tab")
() => {
  // Suivision renders module names as text items in a sidebar list near the code table
  const codeSection = document.querySelector('table')?.closest('div')?.parentElement;
  if (!codeSection) return [];
  // Find all text-only elements that look like module names (short, no spaces, lowercase)
  const candidates = codeSection.querySelectorAll('div, span, li, a');
  return Array.from(candidates)
    .map(el => el.textContent.trim())
    .filter(t => t && /^[a-z_][a-z0-9_]*$/.test(t) && t.length < 30);
}

Method 3: Suiscan Explorer (Alternative)

URL pattern:

code
https://suiscan.xyz/{network}/object/{package_id}/contracts

Where {network} is mainnet, testnet, or devnet.

Playwright MCP workflow:

code
1. Navigate to https://suiscan.xyz/mainnet/object/{package_id}/contracts
2. Click "Source" tab (default may show Bytecode)
3. Click module tabs if multiple modules exist
4. Extract code with browser_evaluate:
javascript
// Extract source code from Suiscan
() => {
  const rows = document.querySelectorAll('table tr');
  const lines = [];
  rows.forEach(r => {
    const cells = r.querySelectorAll('td');
    if (cells.length >= 2) lines.push(cells[1].textContent);
  });
  return lines.join('\n') || 'Source not found - try clicking Source tab';
}

Multi-Module Packages

Many real packages (e.g., DeepBook 0xdee9) contain multiple modules:

  1. List modules — Check sidebar/tabs after page loads
  2. Click each module — Extract code per module
  3. Save separately — Write each to decompiled/{module_name}.move
bash
# Suggested output structure
decompiled/
├── clob_v2.move
├── custodian_v2.move
├── math.move
└── order_query.move

Common Packages for Study

ProtocolPackage IDNetworkModules
Sui Framework0x2allcoin, transfer, object, etc.
Sui System0x3allstaking, validator, etc.
DeepBook v20xdee9mainnetclob_v2, custodian_v2
Cetus CLMM0x1eabed72c53feb73c00...mainnetpool, position, tick
Turbos Finance0x91bfbc386a41afcfd9b...mainnetpool, swap

Usage Examples

Study a DeFi AMM

code
1. Decompile Cetus CLMM pool module
2. Analyze: concentrated liquidity math, fee calculation, tick management
3. Use learned patterns in sui-architect to design your own AMM

Audit a Dependency

code
1. Decompile the package your contract depends on
2. Check for access control, reentrancy, integer overflow
3. Document findings before integrating

Learn Move Patterns

code
1. Decompile Sui Framework (0x2) — coin, transfer, display modules
2. Study official coding patterns: witness, capability, hot potato
3. Apply patterns via sui-developer

Important Notes

  • Decompiled code may not compile directly (variable names may differ)
  • Suivision shows verified source when available (higher quality)
  • Suiscan shows Revela decompiled output (always available but less readable)
  • Close browser tabs after extraction to avoid resource leaks
  • Respect rate limits — don't scrape explorers aggressively
  • For testnet/devnet packages, adjust the network in URLs

Integration with Other Skills

  • sui-architect — Study existing protocols before designing your own architecture
  • sui-developer — Apply learned patterns in your Move code
  • sui-tester — Write tests based on decompiled contract behavior
  • sui-security-guard — Audit decompiled dependencies for vulnerabilities
  • sui-red-team — Analyze attack surface of decompiled contracts