Convert Figma logo to code with AI

Consensys logomythril

Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Rootstock, Tron and other EVM-compatible blockchains.

3,828
732
3,828
108
View on GitHub

Top Related Projects

crytic's avatar

slither

5,235

Static Analyzer for Solidity and Vyper

crytic's avatar

echidna

2,698

Ethereum smart contract fuzzer

OpenZeppelin's avatar

openzeppelin-contracts

24,717

OpenZeppelin Contracts is a library for secure smart contract development.

ethereum's avatar

solidity

22,999

Solidity, the Smart Contract Programming Language

Quick Overview

Mythril is an open-source security analysis tool for Ethereum smart contracts. It uses symbolic execution and taint analysis to detect a variety of security vulnerabilities, including reentrancy bugs, integer overflows, and more. Mythril can be used as a command-line tool or integrated into development workflows.

Pros

  • Comprehensive Vulnerability Detection: Mythril can detect a wide range of security vulnerabilities in Ethereum smart contracts, including reentrancy bugs, integer overflows, and more.
  • Automated Analysis: Mythril can automatically analyze smart contracts, reducing the manual effort required to identify potential security issues.
  • Integrates with Development Workflows: Mythril can be integrated into CI/CD pipelines and other development tools, making it easier to incorporate security checks into the development process.
  • Open-Source and Community-Driven: Mythril is an open-source project, allowing the community to contribute to its development and improvement.

Cons

  • Complexity: Mythril is a powerful tool, but its complexity can make it challenging for some users to set up and configure, especially for those new to the Ethereum ecosystem.
  • Performance Limitations: Symbolic execution, the core technique used by Mythril, can be computationally intensive, which can lead to performance issues when analyzing large or complex smart contracts.
  • Limited Support for Newer Solidity Features: Mythril may not always keep up with the latest developments in the Solidity language, which could impact its ability to analyze the most recent smart contract code.
  • Potential for False Positives: Like any automated security analysis tool, Mythril may sometimes report issues that are not actually vulnerabilities, which can require manual review and validation.

Code Examples

Mythril is a command-line tool, so there are no code examples to provide. However, here's an example of how you can use Mythril to analyze a Solidity smart contract:

# Install Mythril
pip3 install mythril

# Analyze a Solidity contract
myth analyze /path/to/contract.sol

This will run Mythril's security analysis on the specified Solidity contract and display any detected vulnerabilities.

Getting Started

To get started with Mythril, follow these steps:

  1. Install Mythril using pip:

    pip3 install mythril

  2. Verify the installation by running the following command:

    myth --version

  3. Analyze a Solidity contract by running the myth analyze command:

    myth analyze /path/to/contract.sol

    This will perform a security analysis on the specified contract and display the results.

  4. Customize the analysis by using various command-line options, such as:

    myth analyze /path/to/contract.sol --max-depth 5 --solver-timeout 60

    This will set the maximum analysis depth to 5 and the solver timeout to 60 seconds.

  5. Integrate Mythril into your development workflow by using it in your CI/CD pipeline or as part of your smart contract testing process.

For more detailed information on using Mythril, please refer to the project's documentation.

Competitor Comparisons

crytic logo

slither

5,235

Static Analyzer for Solidity and Vyper

Pros of Slither

  • Faster analysis due to static analysis approach
  • Easier integration into CI/CD pipelines
  • More extensive detection of vulnerabilities and code smells

Cons of Slither

  • May produce more false positives than Mythril
  • Less effective at finding complex, multi-transaction vulnerabilities
  • Requires more manual configuration for custom checks

Code Comparison

Mythril (symbolic execution):

def analyze(self, contract):
    world_state = WorldState()
    for function in contract.functions:
        symbolic_tx = SymbolicTransaction(world_state, function)
        symbolic_vm = SymbolicEVM(symbolic_tx)
        symbolic_vm.run()

Slither (static analysis):

def analyze(self, contract):
    slither = Slither(contract)
    for detector in self.detectors:
        results = detector.detect()
        self.results.extend(results)

Mythril uses symbolic execution to simulate contract execution, while Slither performs static analysis on the contract's abstract syntax tree. This fundamental difference in approach leads to their respective strengths and weaknesses in vulnerability detection and analysis speed.

crytic logo

echidna

2,698

Ethereum smart contract fuzzer

Pros of Echidna

  • Utilizes property-based testing, allowing for more comprehensive coverage
  • Supports Vyper contracts in addition to Solidity
  • Offers customizable test generation strategies

Cons of Echidna

  • Steeper learning curve due to property-based testing approach
  • May require more setup and configuration for complex contracts
  • Limited built-in analysis capabilities compared to Mythril

Code Comparison

Mythril (symbolic execution):

function transfer(address to, uint256 amount) public returns (bool) {
    require(balanceOf[msg.sender] >= amount);
    balanceOf[msg.sender] -= amount;
    balanceOf[to] += amount;
    return true;
}

Echidna (property-based testing):

function echidna_balance_under_1000() public view returns (bool) {
    return balanceOf[msg.sender] <= 1000;
}

Mythril focuses on analyzing the contract code itself, while Echidna requires defining properties to test against. Mythril can automatically detect issues like integer overflow, while Echidna relies on user-defined properties to catch such vulnerabilities.

Both tools complement each other in a comprehensive smart contract security analysis workflow, with Mythril providing automated vulnerability detection and Echidna offering in-depth, customizable testing capabilities.

OpenZeppelin logo

openzeppelin-contracts

24,717

OpenZeppelin Contracts is a library for secure smart contract development.

Pros of openzeppelin-contracts

  • Provides a comprehensive library of reusable smart contracts
  • Extensively audited and battle-tested in production environments
  • Regular updates and maintenance by a dedicated team

Cons of openzeppelin-contracts

  • Focused on contract implementation rather than security analysis
  • May introduce complexity for simple projects that don't need all features

Code Comparison

openzeppelin-contracts (ERC20 token implementation):

contract ERC20 is Context, IERC20, IERC20Metadata {
    mapping(address => uint256) private _balances;
    mapping(address => mapping(address => uint256)) private _allowances;
    uint256 private _totalSupply;
    string private _name;
    string private _symbol;
    // ... (additional functions and logic)
}

Mythril (example security analysis output):

==== External Call To User-Supplied Address ====
SWC ID: 107
Severity: Low
Contract: Crowdsale
Function name: buyTokens(address)
PC address: 649
Estimated Gas Usage: 7620 - 62951
A call to a user-supplied address is executed.
An external message call to an address specified by the caller is executed. Note that the callee account might contain arbitrary code and could re-enter any function within this contract. Reentrancy vulnerabilities should be examined.
--------------------
In file: contracts/Crowdsale.sol:119

This comparison highlights the different focuses of the two projects: openzeppelin-contracts provides secure, reusable smart contract implementations, while Mythril offers security analysis tools for Ethereum smart contracts.

ethereum logo

solidity

22,999

Solidity, the Smart Contract Programming Language

Pros of Solidity

  • Official Ethereum smart contract language, ensuring wide adoption and community support
  • Comprehensive documentation and extensive learning resources available
  • Regular updates and improvements to the language specification

Cons of Solidity

  • Focused solely on smart contract development, limiting its versatility
  • Steeper learning curve for developers new to blockchain technology
  • Potential security vulnerabilities if not used carefully

Code Comparison

Solidity (smart contract example):

pragma solidity ^0.8.0;

contract SimpleStorage {
    uint256 private storedData;

    function set(uint256 x) public {
        storedData = x;
    }

    function get() public view returns (uint256) {
        return storedData;
    }
}

Mythril (security analysis example):

from mythril.mythril import MythrilDisassembler
from mythril.ethereum import util

contract = util.get_code_from_file("SimpleStorage.sol")
disassembler = MythrilDisassembler()
address = util.get_indexed_address(0)
disassembler.load_from_bytecode(contract, address)

Key Differences

  • Solidity is a programming language for writing smart contracts, while Mythril is a security analysis tool for Ethereum smart contracts
  • Solidity focuses on contract development, whereas Mythril aims to identify vulnerabilities in existing contracts
  • Developers use Solidity to create contracts, then can use Mythril to analyze and improve their security

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

Mythril

Discord PyPI Read the Docs CircleCI Sonarcloud - Maintainability Pypi Installs DockerHub Pulls

Mythril is a security analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum, Hedera, Quorum, Vechain, Rootstock, Tron and other EVM-compatible blockchains. It uses symbolic execution, SMT solving and taint analysis to detect a variety of security vulnerabilities.

Whether you want to contribute, need support, or want to learn what we have cooking for the future, you can checkout diligence-mythx channel in ConsenSys Discord server.

Installation and setup

Get it with Docker:

$ docker pull mythril/myth

Install from Pypi (Python 3.7-3.10):

$ pip3 install mythril

Use it via pre-commit hook (replace $GIT_TAG with real tag):

- repo: https://github.com/Consensys/mythril
  rev: $GIT_TAG
  hooks:
    - id: mythril

Additionally, set args: [disassemble] or args: [read-storage] to use a different command than analyze.

See the docs for more detailed instructions.

Usage

Run:

$ myth analyze <solidity-file>

Or:

$ myth analyze -a <contract-address>

Specify the maximum number of transactions to explore with -t <number>. You can also set a timeout with --execution-timeout <seconds>.

Here is an example of running Mythril on the file killbilly.sol which is in the solidity_examples directory for 3 transactions:

> myth a killbilly.sol -t 3
==== Unprotected Selfdestruct ====
SWC ID: 106
Severity: High
Contract: KillBilly
Function name: commencekilling()
PC address: 354
Estimated Gas Usage: 974 - 1399
Any sender can cause the contract to self-destruct.
Any sender can trigger execution of the SELFDESTRUCT instruction to destroy this contract account and withdraw its balance to an arbitrary address. Review the transaction trace generated for this issue and make sure that appropriate security controls are in place to prevent unrestricted access.
--------------------
In file: killbilly.sol:22

selfdestruct(msg.sender)

--------------------
Initial State:

Account: [CREATOR], balance: 0x2, nonce:0, storage:{}
Account: [ATTACKER], balance: 0x1001, nonce:0, storage:{}

Transaction Sequence:

Caller: [CREATOR], calldata: , decoded_data: , value: 0x0
Caller: [ATTACKER], function: killerize(address), txdata: 0x9fa299cc000000000000000000000000deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, decoded_data: ('0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef',), value: 0x0
Caller: [ATTACKER], function: activatekillability(), txdata: 0x84057065, value: 0x0
Caller: [ATTACKER], function: commencekilling(), txdata: 0x7c11da20, value: 0x0

Instructions for using Mythril are found on the docs.

For support or general discussions please checkout diligence-mythx channel in ConsenSys Discord server..

Building the Documentation

Mythril's documentation is contained in the docs folder and is published to Read the Docs. It is based on Sphinx and can be built using the Makefile contained in the subdirectory:

cd docs
make html

This will create a build output directory containing the HTML output. Alternatively, PDF documentation can be built with make latexpdf. The available output format options can be seen with make help.

Vulnerability Remediation

Visit the Smart Contract Vulnerability Classification Registry to find detailed information and remediation guidance for the vulnerabilities reported.