WaDec: Decompiling WebAssembly Using Large Language Model

TL;DR

This paper addresses the challenge of turning Wasm binaries into readable high-level code. It introduces WaDec, a fine-tuned code LLM that decompiles Wasm by converting to wat, slicing by loop blocks, and renaming variables through a unified scheme, all trained on a large wat–C snippet dataset. Empirical results show WaDec outperforms baselines on structural and readability metrics, achieving a low code inflation ($3.34\%$), high AST-edit similarity ($AED{-}S=0.7293$), and strong reusability with recompilability ($52.11\%$) and re-execution ($43.55\%$), plus robust stability across runs. These findings suggest WaDec enables more reliable Wasm analysis, code auditing, and potential improvements in security and optimization workflows.

Abstract

WebAssembly (abbreviated Wasm) has emerged as a cornerstone of web development, offering a compact binary format that allows high-performance applications to run at near-native speeds in web browsers. Despite its advantages, Wasm's binary nature presents significant challenges for developers and researchers, particularly regarding readability when debugging or analyzing web applications. Therefore, effective decompilation becomes crucial. Unfortunately, traditional decompilers often struggle with producing readable outputs. While some large language model (LLM)-based decompilers have shown good compatibility with general binary files, they still face specific challenges when dealing with Wasm. In this paper, we introduce a novel approach, WaDec, which is the first use of a fine-tuned LLM to interpret and decompile Wasm binary code into a higher-level, more comprehensible source code representation. The LLM was meticulously fine-tuned using a specialized dataset of wat-c code snippets, employing self-supervised learning techniques. This enables WaDec to effectively decompile not only complete wat functions but also finer-grained wat code snippets. Our experiments demonstrate that WaDec markedly outperforms current state-of-the-art tools, offering substantial improvements across several metrics. It achieves a code inflation rate of only 3.34%, a dramatic 97% reduction compared to the state-of-the-art's 116.94%. Unlike baselines' output that cannot be directly compiled or executed, WaDec maintains a recompilability rate of 52.11%, a re-execution rate of 43.55%, and an output consistency of 27.15%. Additionally, it significantly exceeds state-of-the-art performance in AST edit distance similarity by 185%, cyclomatic complexity by 8%, and cosine similarity by 41%, achieving an average code similarity above 50%.

Figures (6)

• Figure 1: An example of the limitations of Wasm2c, Wasm-decompile, and Ghidra: (a) Original C code. (b) The compiled Wasm code in text format (i.e., wat). (c) The decompiled C-like syntax from Wasm by Wasm-decompile. (d) The decompiled result by Wasm2c. (e) The decompiled result by Ghidra.
• Figure 2: The workflow of WaDec.
• Figure 3: An example of WaDec's decompilation results: (a) Source code. (b) The compiled Wasm in text format. (c) Sliced wat snippets according to loop. (d) Results of the reverse engineering task of WaDec. (e) Restructuring C snippets according to markers. (f) Decompiled result after string recovery. (g) The decompiled C-like syntax from Wasm by Wasm-decompile.
• Figure 4: The mapping from the C variable to the abstract variable corresponding to the offset in wat.
• Figure 5: A concrete example of WaDec's performance and the related source code snippet (with renamed variables), which is from the bigcode/the-stack-dedup dataset.