Diving into Decompilation: EVMDecompiler.com vs Dedaub, Panoramix, and Heimdall-rs

Dedaub (Gigahorse Core)

Dedaub's foundation is the Gigahorse toolchain (ICSE '19). Gigahorse lifts EVM bytecode into a structured three-address intermediate representation (IR) using declarative rules written in Datalog. This allows high precision in reconstructing control flow and data dependencies.

Key features:

• Coverage: decompiles virtually all deployed contracts (>99.9%).
• Precision: reconstructs private and public functions with accurate call/return patterns.
• Analysis support: integrates with client analyses like gas vulnerability detection (e.g., MadMax).

Gigahorse's declarative architecture makes it especially effective at recovering structured program semantics from low-level EVM bytecode.

Panoramix (Eveem)

Panoramix approaches decompilation through pattern-matching logic implemented in Python. It replaces low-level jumps and stack operations with higher-level Solidity-like constructs when recognizable patterns are matched.

Key features:

• Readable pseudocode: produces Solidity-like output, easy for auditors to skim.
• Pattern-based control flow recovery: recognizes common EVM idioms to lift them into structured code.

Its reliance on recognizable bytecode patterns means coverage is limited, but where it succeeds, the output is intuitive.

Heimdall-rs

Heimdall-rs, written in Rust, is a symbolic-execution–based decompiler. It implements a custom EVM that symbolically interprets bytecode, forks execution at conditional jumps, and accumulates expression trees representing program behavior.

Key features:

• Symbolic execution engine: executes bytecode with symbolic values, forking on JUMPI to build a complete control flow graph (CFG).
• Trace-to-code lifting: solidifies symbolic traces into Yul/Solidity-like statements.
• Function signature resolution: integrates signature databases to annotate selectors.

This approach allows Heimdall to recover high-level logic directly from symbolic execution traces, producing readable pseudocode and accurate ABI information.

EVMDecompiler.com

EVMDecompiler.com is a next-generation decompiler that is LLM-driven. It uses large language models trained on EVM bytecode–Solidity pairs to produce code that is not just analyzable, but genuinely readable as if it were written by a developer.

Key features:

• Readable Solidity output: structured control flow, variable names, and high-level abstractions.
• Function signature inference: combines ABI heuristics with LLM inference for strong recovery.

The focus here is clarity—turning opaque bytecode into Solidity code that auditors, developers, and researchers can immediately understand.

Side-by-Side Overview

Conclusion

Each decompiler brings something unique:

• Dedaub excels at completeness and structured static analysis.
• Panoramix provides accessible Solidity-like pseudocode through pattern matching.
• Heimdall-rs leverages symbolic execution to build CFGs and reconstruct expressions into pseudocode.
• EVMDecompiler.com focuses on human readability, powered by LLMs, while adding signature recovery and vulnerability detection.

Decompilers are no longer just about "lifting bytecode." They're about bridging the gap between machine-level precision and human comprehension—and the future lies in making complex contracts as clear as their source.