Minimum Viable MythX Client
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
sample Enable compiler optimization Feb 5, 2019
static Add ninja Feb 5, 2019
.gitignore Made sabre.js executable & add package-lock.json Feb 5, 2019
README.md
package-lock.json Update armlet version Feb 19, 2019
package.json Update armlet version Feb 19, 2019
sabre.js Upgrade dependenices, increase timeout Feb 14, 2019

README.md

Sabre

Discord

Minimum viable MythX client. Compiles a Solidity smart contract and sends it to MythX API for security analysis. Analysis steps performed:

  • Static code analysis and linting (Maru)
  • Multi-tx input fuzzing (Harvey)
  • Multi-tx symbolic analysis (Mythril)

Usage

Installation

$ git clone https://github.com/b-mueller/sabre/
$ cd sabre
$ npm install && npm link

Getting API Credentials

  1. Use Metamask to sign up for a free account on the MythX website and set your API password. Set up your environment using the Ethereum address you signed up with as the username (for increased convenience add those two lines into your .bashrc or .bash_profile).
export MYTHX_ETH_ADDRESS=0x(...)
export MYTHX_PASSWORD=password

Running an Analysis:

$ sabre sample/token.sol

Note that Sabre doesn't deal with Soldity files that define multiple contracts. If solc-js returns more than one contract it will simply submit the first one in the list.

Writing your own MythX Tools

MythX tool builders will earn revenue share in Dai when we go live with paid subscription plans. Details will be released soon. Ping us on Discord if you'd like to get involved.

Some links: