Minimum viable MythX client. Compiles a Solidity smart contract and sends it to MythX API for security analysis. Analysis steps performed:
- Static code analysis and linting (Maru)
- Multi-tx input fuzzing (Harvey)
- Multi-tx symbolic analysis (Mythril)
$ git clone https://github.com/b-mueller/sabre/ $ cd sabre $ npm install && npm link
Getting API Credentials
- Use Metamask to sign up for a free account on the MythX website and set your API password. Set up your environment using the Ethereum address you signed up with as the username (for increased convenience add those two lines into your
export MYTHX_ETH_ADDRESS=0x(...) export MYTHX_PASSWORD=password
Running an Analysis:
$ sabre sample/token.sol
Note that Sabre doesn't deal with Soldity files that define multiple contracts. If
solc-js returns more than one contract it will simply submit the first one in the list.
Writing your own MythX Tools
MythX tool builders will earn revenue share in Dai when we go live with paid subscription plans. Details will be released soon. Ping us on Discord if you'd like to get involved.