Easy Multi-Contract Security Analysis Using Mythril

How to use the open source symbolic executor to analyze a setup of multiple smart contracts.

The MythX platform leverages several internal components to provide the best possible analysis results. One of these components is available open source: the symbolic executor Mythril. In this article, I’ll demonstrate how you can use Mythril to analyze a setup of multiple smart contracts.

By default, Mythril will analyze a contract in isolation. Interactions with external contracts are generalized so that we capture all possible vulnerabilities. Sometimes, this means we find a weakness in your smart contract that might not affect your particular setup. That’s because the specific deployment values you use can have a considerable effect on how the system behaves as a whole.

Luckily you can also use Mythril to execute multi-contract analysis and analyze a specific configuration of multiple smart contracts. As a result, you might capture fewer warnings, but the results will be tailor-made to your deployment.

To do multi-contract analysis, we’ll use Mythril’s ability to analyze contracts deployed on an Ethereum network (hint: we’ll use Ganache to launch our private test network). We will deploy our contract on a network, and in doing so, create a possible target for Mythril to analyze.

Read the full how-to on mythx.io

Originally published at https://blog.mythx.io on March 9, 2020.

Easy Multi-Contract Security Analysis Using Mythril was originally published in ConsenSys Media on Medium, where people are continuing the conversation by highlighting and responding to this story.

—Source link—

What do you think?

Argent Wallet Interview: Series A Funding, New Integrations + More!

Crypto Joins Global Markets in Free Fall + MIT Bitcoin Expo