consensys / mythril Goto Github PK

Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Rootstock, Tron and other EVM-compatible blockchains.

Home Page: https://mythx.io/

License: MIT License

Python 94.48% Shell 0.32% HTML 0.24% Dockerfile 0.58% Solidity 3.86% Jinja 0.43% HCL 0.10%

security-analysis ethereum blockchain smart-contracts solidity program-analysis security symbolic-execution

mythril's Introduction

Mythril

Mythril is a security analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains. It uses symbolic execution, SMT solving and taint analysis to detect a variety of security vulnerabilities.

Whether you want to contribute, need support, or want to learn what we have cooking for the future, you can checkout diligence-mythx channel in ConsenSys Discord server.

Installation and setup

Get it with Docker:

$ docker pull mythril/myth

Install from Pypi (Python 3.7-3.10):

$ pip3 install mythril

See the docs for more detailed instructions.

Usage

Run:

$ myth analyze <solidity-file>

Or:

$ myth analyze -a <contract-address>

Specify the maximum number of transactions to explore with -t <number>. You can also set a timeout with --execution-timeout <seconds>.

Here is an example of running Mythril on the file killbilly.sol which is in the solidity_examples directory for 3 transactions:

> myth a killbilly.sol -t 3
==== Unprotected Selfdestruct ====
SWC ID: 106
Severity: High
Contract: KillBilly
Function name: commencekilling()
PC address: 354
Estimated Gas Usage: 974 - 1399
Any sender can cause the contract to self-destruct.
Any sender can trigger execution of the SELFDESTRUCT instruction to destroy this contract account and withdraw its balance to an arbitrary address. Review the transaction trace generated for this issue and make sure that appropriate security controls are in place to prevent unrestricted access.
--------------------
In file: killbilly.sol:22

selfdestruct(msg.sender)

--------------------
Initial State:

Account: [CREATOR], balance: 0x2, nonce:0, storage:{}
Account: [ATTACKER], balance: 0x1001, nonce:0, storage:{}

Transaction Sequence:

Caller: [CREATOR], calldata: , decoded_data: , value: 0x0
Caller: [ATTACKER], function: killerize(address), txdata: 0x9fa299cc000000000000000000000000deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, decoded_data: ('0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef',), value: 0x0
Caller: [ATTACKER], function: activatekillability(), txdata: 0x84057065, value: 0x0
Caller: [ATTACKER], function: commencekilling(), txdata: 0x7c11da20, value: 0x0

Instructions for using Mythril are found on the docs.

For support or general discussions please checkout diligence-mythx channel in ConsenSys Discord server..

Building the Documentation

Mythril's documentation is contained in the docs folder and is published to Read the Docs. It is based on Sphinx and can be built using the Makefile contained in the subdirectory:

cd docs
make html

This will create a build output directory containing the HTML output. Alternatively, PDF documentation can be built with make latexpdf. The available output format options can be seen with make help.

Vulnerability Remediation

Visit the Smart Contract Vulnerability Classification Registry to find detailed information and remediation guidance for the vulnerabilities reported.

mythril's People

Contributors

Stargazers

Watchers

Forkers

hotelzululima raz0r own2pwn wflk hunslater-coin step21 maurelian somethingnew2-0 chriseth agemanning scvsh devops398 androolloyd intrepid-technology minkione knooow arusdef polyglot0027 davidp94 alisheikh gnsps csxqli mikedillion kayuri alessiodallapiazza bonedaddy egodigitus doduytrung w1r2p1 pblin pgorsira yevlakhov aiolos404 mbeacom genecoin-science lbotsch fivetwentyseven destenson adonairc takayuki5168 opt9 vasart wanming2008 reserve-protocol vug1uskr shkodskihk feoliveira 5up3rc vdrg fingerleakers teranos chaitanyaphalak bmanop20 stephica jupitertoken panickervinod kursh 6egic carblock-io amitkumarj441 birdofpreyru 0rand concorde89 spetsmash gitter-badger lifenrun softpatagonia nextwallet-svr stefannarrow nfhbar joranhonig iberrry wucaishi deadlyelder bernardpeh techamazed atikur viethtran suppermancool diegslva computervisionhistogramof3dfacets ruide cryptomental avarta thebkr7 thec00n ecek93 wellcomez cryptob0t lazzarello zzzxxxbbb nextwallet dappsec koceila1991 porkchop tintinweb bigdot123456 rtu joewww arunbvp

mythril's Issues

ImportError: Cannot import name compile_solidity (preventing startup)

Hello, just recently upgaded my mythril installation, and since then have been unable to launch myth (by itself, or passing in the -x flag)

System Specs:
mythril v0.12.5
Python 3.6
Ubuntu 17.10

$ myth -x TokenTemplate.sol 
Traceback (most recent call last):
  File "/usr/local/bin/myth", line 10, in <module>
    from mythril.ether.util import compile_solidity
ImportError: cannot import name 'compile_solidity

Issue running --init-db, NoneType Object is not scriptable

When trying to initialize the contract database I receive the following error.
Note this was installed by cloning the master branch of this repo, and running sudo python3.6 setup.py install

 myth --init-db --infura-rinkeby
Starting synchronization from latest block: 1560817
Traceback (most recent call last):
  File "/usr/bin/myth", line 4, in <module>
    __import__('pkg_resources').run_script('mythril==0.8.27', 'myth')
  File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 750, in run_script
    self.require(requires)[0].run_script(script_name, ns)
  File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 1527, in run_script
    exec(code, namespace, namespace)
  File "/usr/lib/python3.6/site-packages/mythril-0.8.27-py3.6.egg/EGG-INFO/scripts/myth", line 168, in <module>
    contract_storage.initialize(eth, args.sync_all)
  File "/usr/lib/python3.6/site-packages/mythril-0.8.27-py3.6.egg/mythril/ether/contractstorage.py", line 67, in initialize
    for tx in block['transactions']:
TypeError: 'NoneType' object is not subscriptable

Install failure

Pulled the repository from github and ran python3.6 setup.py install

Got the following error:

Installed /usr/lib/python3.6/site-packages/ZODB-5.3.0-py3.6.egg
Searching for ethereum>=2.0.4
Reading https://pypi.python.org/simple/ethereum/
Downloading https://pypi.python.org/packages/3f/09/4147180567abc6364d68a1620d50f81dd313765297065efcc9b42029c5bd/ethereum-2.2.0.tar.gz#md5=7a8b56336dedc3e91bb4442aae028cb7
Best match: ethereum 2.2.0
Processing ethereum-2.2.0.tar.gz
Writing /tmp/easy_install-m923oopg/ethereum-2.2.0/setup.cfg
Running ethereum-2.2.0/setup.py -q bdist_egg --dist-dir /tmp/easy_install-m923oopg/ethereum-2.2.0/egg-dist-tmp-aq7km6uq
error: Setup script exited with error in ethereum setup command: 'tests_require' must be a string or list of strings containing valid project/version requirement specifiers; Unordered types are not allowed

Error when installing

Hi, the package doesn't properly install for me. Any ideas?

Traceback (most recent call last):
    File "<string>", line 1, in <module>
    File "/private/var/folders/81/2r7bsh810jd7yrt90z9x1xgh0000gn/T/pip-build-1s_rFU/mythril/setup.py", line 163, in <module>
      scripts=['mythril']
    File "/usr/local/Cellar/python/2.7.14/Frameworks/Python.framework/Versions/2.7/lib/python2.7/distutils/core.py", line 151, in setup
      dist.run_commands()
    File "/usr/local/Cellar/python/2.7.14/Frameworks/Python.framework/Versions/2.7/lib/python2.7/distutils/dist.py", line 953, in run_commands
      self.run_command(cmd)
    File "/usr/local/Cellar/python/2.7.14/Frameworks/Python.framework/Versions/2.7/lib/python2.7/distutils/dist.py", line 972, in run_command
      cmd_obj.run()
    File "/usr/local/lib/python2.7/site-packages/wheel/bdist_wheel.py", line 257, in run
      self.distinfo_dir)
    File "/usr/local/lib/python2.7/site-packages/wheel/bdist_wheel.py", line 427, in egg2dist
      distribution=self.distribution)
    File "/usr/local/lib/python2.7/site-packages/wheel/metadata.py", line 130, in pkginfo_to_dict
      payload = payload.decode('utf-8')
    File "/usr/local/Cellar/python/2.7.14/Frameworks/Python.framework/Versions/2.7/lib/python2.7/encodings/utf_8.py", line 16, in decode
      return codecs.utf_8_decode(input, errors, True)
  UnicodeDecodeError: 'utf8' codec can't decode byte 0x89 in position 1757: invalid start byte

Ability to specify compiler version

If you try to run myth -x MyContract.sol and MyContract.sol specifies any pragma version < latest:

Source file requires different compiler version (current compiler is 0.4.19-develop.2017.11.22+commit.ea18bed3.Linux.g++ - note that nightly builds are considered to be strictly less than the released version
pragma solidity 0.4.17;
^---------------------^

If there is a way to specify the compiler version, I did not find it, so sorry in advance.

Install Failure

When I try to run
python setup.py install
it returns these warnings:
warning: no previously-included files matching '.dll' found anywhere in distribution
warning: no previously-included files matching '.pyc' found anywhere in distribution
warning: no previously-included files matching '.pyo' found anywhere in distribution
warning: no previously-included files matching '.so' found anywhere in distribution
warning: no previously-included files matching 'coverage.xml' found anywhere in distribution
no previously-included directories found matching 'docs_build'
no previously-included directories found matching 'persistent_pycache_'
error: Setup script exited with error: [WinError 2] The system cannot find the file specified

I am using Python 3.5
Any and all help is appreciated.

Add line number to output

Current output is:

==== CALL with gas to dynamic address ====
Type: Warning
Contract: Migrations
Function name: upgrade(address)
PC address: 529
The function upgrade(address) contains a function call to an address provided as a function argument. The available gas is forwarded to the called contract. Make sure that the logic of the calling contract is not adversely affected if the called contract misbehaves (e.g. reentrancy).
--------------------
In file: Migrations.sol


upgraded.setCompleted(last_completed_migration)

As some files are quite large, it would be a nice convenience if the line number we included, so something like:

In file:line: /relative/path/to/Migrations.sol:21

Then my terminal would allow me to open the file right to the line.

Removal of removed functions

As per this thread ethereum/go-ethereum#311 the db functions have been removed in Geth 1.4
Assuming there is not a reason why someone would still run an older version, could we remove the db functions from the ipc/rpc parts?

Ability to specify entry point contract by name

The title is pretty self-explanatory. 😄

The motivation for asking this is:
Mythril doesn't currently handle the dependencies from Dapphub's dapp tool and when using a merger tool to solve dependencies (like solidity-merger) the contract being analyzed is always the last one (per solc requirements).
If we could specify the entry point the merging tools would be a working solution!

requirements.txt need update

in setup.py, laser-ethereum>=0.1.7 is specified, while in requirements.txt, the version is 0.1.4.

Please pip freeze and update the latest pip list,
(Plus, the actual package list should be much longer since the dependency list of mythril package is huge.)
Thanks!

Symbolic execution error

When running Mythril on some of my smart contracts I get back

Symbolic exection error: non-hexadecimal number found in fromhex() arg at position 4990

I'm not quite sure what this means. I would suggest a more helpful error message here or a mention in the docs saying what the common cause might be.

Print success message if no issues are found

Provide some feedback when no issues are detected.

KeyError error when building callgraph for contracts with external calls

(venv3) ❯ ./myth -g "test.html" -l --infura-mainnet -a 0x49fddeae0b521dab8d0c4b77e7161094f971320d
Traceback (most recent call last):
  File "./myth", line 251, in <module>
    states = StateSpace(contracts, dynloader=DynLoader(eth), simplified=True)
  File "/home/raz0r/Projects/mythril/mythril/analysis/symbolic.py", line 25, in __init__
    self.svm.sym_exec(contracts[0].address)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 186, in sym_exec
    node = self._sym_exec(context, State())
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 841, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth+1, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 774, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth+1, constraints=constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 841, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth+1, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 989, in _sym_exec
    new_node = self._sym_exec(callee_context, State(), depth=depth+1, constraints=constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 827, in _sym_exec
    if jump_addr not in self.addr_visited[context.module['address']]:
KeyError: '0x1d3b2638a7cc9f2cb3d298a3da7a90b67e5506ed'

venv3) ❯ ./myth -g "test2.html" -l --infura-mainnet -a 0xd780ae2bf04cd96e577d3d014762f831d97129d0
Traceback (most recent call last):
  File "./myth", line 251, in <module>
    states = StateSpace(contracts, dynloader=DynLoader(eth), simplified=True)
  File "/home/raz0r/Projects/mythril/mythril/analysis/symbolic.py", line 25, in __init__
    self.svm.sym_exec(contracts[0].address)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 186, in sym_exec
    node = self._sym_exec(context, State())
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 864, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 864, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 864, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 864, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 864, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 864, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 864, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 864, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 864, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 864, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 864, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 864, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 841, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth+1, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 841, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth+1, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 774, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth+1, constraints=constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 774, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth+1, constraints=constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 841, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth+1, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 841, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth+1, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 841, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth+1, constraints=new_constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 989, in _sym_exec
    new_node = self._sym_exec(callee_context, State(), depth=depth+1, constraints=constraints)
  File "/home/raz0r/venv3/lib/python3.5/site-packages/laser/ethereum/svm.py", line 827, in _sym_exec
    if jump_addr not in self.addr_visited[context.module['address']]:
KeyError: '0x1d3b2638a7cc9f2cb3d298a3da7a90b67e5506ed'

Various type-related issues

I installed mythril from the git code. When I use "python3 myth --init-db", I get the following error:
File ".../mythril/mythril/ether/ethcontract.py", line 18, in init
code = re.sub(r'(+[A-Za-z0-9]++)', 'aa' * 20, code)
File "/usr/lib/python3.5/re.py", line 182, in sub
return _compile(pattern, flags).sub(repl, string, count)
TypeError: cannot use a string pattern on a bytes-like object

Fixing this with a small change:
old: code = re.sub(r'(+[A-Za-z0-9]++)', 'aa' * 20, code)
new: code = re.sub(b'(+[A-Za-z0-9]++)', 'aa' * 20, code)

makes the db init work (at least it indexes the contracts..)

But searching the contracts does not work as well:

sudo python3 myth --search "func#demo(address)#" leads to the following error:

File ".../mythril/mythril/ether/util.py", line 14, in safe_decode
if (hex_encoded_string.startswith("0x")):
TypeError: startswith first arg must be bytes or a tuple of bytes, not str

And it goes on with new issues, after fixing an issue.

I am not a python dev. so I really don't know where the problem could be. All the problems seem to be Types related and it seems like only the files in the mythril/mythril/ether/ folder have these issues.

pip install fails on Ubuntu 16.04 x86_64

$ pip install mythril
Collecting mythril
  Using cached mythril-0.4.4.tar.gz
Collecting ethereum>=2.0.4 (from mythril)
Collecting web3 (from mythril)
Collecting ZODB>=5.3.0 (from mythril)
Collecting graphviz>=0.8 (from mythril)
  Using cached graphviz-0.8.1-py2.py3-none-any.whl
Collecting z3-solver>=4.5 (from mythril)
  Using cached z3_solver-4.5.1.0.post2-py2-none-manylinux1_x86_64.whl
Collecting laser-ethereum (from mythril)
  Using cached laser_ethereum-0.1.2-py2.py3-none-any.whl
Collecting pbkdf2 (from ethereum>=2.0.4->mythril)
Collecting scrypt (from ethereum>=2.0.4->mythril)
Collecting PyYAML (from ethereum>=2.0.4->mythril)
Collecting repoze.lru (from ethereum>=2.0.4->mythril)
Collecting pysha3>=1.0.1 (from ethereum>=2.0.4->mythril)
  Using cached pysha3-1.0.2-cp27-cp27mu-manylinux1_x86_64.whl
Collecting coincurve>=5.0.1 (from ethereum>=2.0.4->mythril)
  Using cached coincurve-6.0.0-cp27-cp27mu-manylinux1_x86_64.whl
Collecting pycryptodome==3.4.6 (from ethereum>=2.0.4->mythril)
Collecting py-ecc (from ethereum>=2.0.4->mythril)
Collecting pyethash (from ethereum>=2.0.4->mythril)
Collecting rlp>=0.4.7 (from ethereum>=2.0.4->mythril)
Collecting ethereum-tester~=0.1.0b2 (from web3->mythril)
Collecting pylru>=1.0.9 (from web3->mythril)
Collecting ethereum-utils>=0.5.0 (from web3->mythril)
Collecting toolz>=0.8.2 (from web3->mythril)
Collecting ethereum-abi-utils>=0.4.3 (from web3->mythril)
Collecting cytoolz>=0.8.2 (from web3->mythril)
Collecting requests>=2.12.4 (from web3->mythril)
  Using cached requests-2.18.4-py2.py3-none-any.whl
Collecting zope.interface (from ZODB>=5.3.0->mythril)
  Using cached zope.interface-4.4.3-cp27-cp27mu-manylinux1_x86_64.whl
Collecting zodbpickle>=0.6.0 (from ZODB>=5.3.0->mythril)
Collecting six (from ZODB>=5.3.0->mythril)
  Using cached six-1.11.0-py2.py3-none-any.whl
Collecting persistent>=4.2.0 (from ZODB>=5.3.0->mythril)
  Using cached persistent-4.2.4.2-cp27-cp27mu-manylinux1_x86_64.whl
Collecting BTrees>=4.2.0 (from ZODB>=5.3.0->mythril)
  Using cached BTrees-4.4.1-cp27-cp27mu-manylinux1_x86_64.whl
Collecting transaction>=2.0.3 (from ZODB>=5.3.0->mythril)
  Using cached transaction-2.1.2-py2.py3-none-any.whl
Collecting zc.lockfile (from ZODB>=5.3.0->mythril)
Collecting ZConfig (from ZODB>=5.3.0->mythril)
  Using cached ZConfig-3.2.0-py2.py3-none-any.whl
Collecting cffi>=1.3.0 (from coincurve>=5.0.1->ethereum>=2.0.4->mythril)
  Using cached cffi-1.11.2-cp27-cp27mu-manylinux1_x86_64.whl
Collecting asn1crypto (from coincurve>=5.0.1->ethereum>=2.0.4->mythril)
  Using cached asn1crypto-0.23.0-py2.py3-none-any.whl
Collecting ethereum-keys>=0.1.0-alpha.7 (from ethereum-tester~=0.1.0b2->web3->mythril)
Collecting semantic-version>=2.6.0 (from ethereum-tester~=0.1.0b2->web3->mythril)
Collecting urllib3<1.23,>=1.21.1 (from requests>=2.12.4->web3->mythril)
  Using cached urllib3-1.22-py2.py3-none-any.whl
Collecting idna<2.7,>=2.5 (from requests>=2.12.4->web3->mythril)
  Using cached idna-2.6-py2.py3-none-any.whl
Collecting chardet<3.1.0,>=3.0.2 (from requests>=2.12.4->web3->mythril)
  Using cached chardet-3.0.4-py2.py3-none-any.whl
Collecting certifi>=2017.4.17 (from requests>=2.12.4->web3->mythril)
  Using cached certifi-2017.7.27.1-py2.py3-none-any.whl
Collecting setuptools (from zope.interface->ZODB>=5.3.0->mythril)
  Using cached setuptools-36.6.0-py2.py3-none-any.whl
Collecting pycparser (from cffi>=1.3.0->coincurve>=5.0.1->ethereum>=2.0.4->mythril)
Building wheels for collected packages: mythril
  Running setup.py bdist_wheel for mythril ... error
  Complete output from command /usr/bin/python -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-u5aVKD/mythril/setup.py';exec(compile(getattr(tokenize, 'open', open)(__file__).read().replace('\r\n', '\n'), __file__, 'exec'))" bdist_wheel -d /tmp/tmpjIDTZEpip-wheel- --python-tag cp27:
  /usr/lib/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution option: 'python_requires'
    warnings.warn(msg)
  running bdist_wheel
  running build
  running build_py
  creating build
  creating build/lib.linux-x86_64-2.7
  creating build/lib.linux-x86_64-2.7/mythril
  copying mythril/__init__.py -> build/lib.linux-x86_64-2.7/mythril
  creating build/lib.linux-x86_64-2.7/laser
  copying laser/__init__.py -> build/lib.linux-x86_64-2.7/laser
  creating build/lib.linux-x86_64-2.7/mythril/ether
  copying mythril/ether/asm.py -> build/lib.linux-x86_64-2.7/mythril/ether
  copying mythril/ether/__init__.py -> build/lib.linux-x86_64-2.7/mythril/ether
  copying mythril/ether/ethcontract.py -> build/lib.linux-x86_64-2.7/mythril/ether
  copying mythril/ether/contractstorage.py -> build/lib.linux-x86_64-2.7/mythril/ether
  copying mythril/ether/util.py -> build/lib.linux-x86_64-2.7/mythril/ether
  copying mythril/ether/evm.py -> build/lib.linux-x86_64-2.7/mythril/ether
  creating build/lib.linux-x86_64-2.7/mythril/ipc
  copying mythril/ipc/utils.py -> build/lib.linux-x86_64-2.7/mythril/ipc
  copying mythril/ipc/exceptions.py -> build/lib.linux-x86_64-2.7/mythril/ipc
  copying mythril/ipc/__init__.py -> build/lib.linux-x86_64-2.7/mythril/ipc
  copying mythril/ipc/constants.py -> build/lib.linux-x86_64-2.7/mythril/ipc
  copying mythril/ipc/client.py -> build/lib.linux-x86_64-2.7/mythril/ipc
  creating build/lib.linux-x86_64-2.7/mythril/disassembler
  copying mythril/disassembler/callgraph.py -> build/lib.linux-x86_64-2.7/mythril/disassembler
  copying mythril/disassembler/__init__.py -> build/lib.linux-x86_64-2.7/mythril/disassembler
  copying mythril/disassembler/disassembly.py -> build/lib.linux-x86_64-2.7/mythril/disassembler
  creating build/lib.linux-x86_64-2.7/mythril/rpc
  copying mythril/rpc/utils.py -> build/lib.linux-x86_64-2.7/mythril/rpc
  copying mythril/rpc/exceptions.py -> build/lib.linux-x86_64-2.7/mythril/rpc
  copying mythril/rpc/__init__.py -> build/lib.linux-x86_64-2.7/mythril/rpc
  copying mythril/rpc/constants.py -> build/lib.linux-x86_64-2.7/mythril/rpc
  copying mythril/rpc/client.py -> build/lib.linux-x86_64-2.7/mythril/rpc
  creating build/lib.linux-x86_64-2.7/laser/ethereum
  copying laser/ethereum/utils.py -> build/lib.linux-x86_64-2.7/laser/ethereum
  copying laser/ethereum/laserfree.py -> build/lib.linux-x86_64-2.7/laser/ethereum
  copying laser/ethereum/__init__.py -> build/lib.linux-x86_64-2.7/laser/ethereum
  copying laser/ethereum/svm.py -> build/lib.linux-x86_64-2.7/laser/ethereum
  copying laser/ethereum/cfg.py -> build/lib.linux-x86_64-2.7/laser/ethereum
  creating build/lib.linux-x86_64-2.7/laser/ethereum/modules
  copying laser/ethereum/modules/unchecked_send.py -> build/lib.linux-x86_64-2.7/laser/ethereum/modules
  copying laser/ethereum/modules/__init__.py -> build/lib.linux-x86_64-2.7/laser/ethereum/modules
  running egg_info
  writing requirements to mythril.egg-info/requires.txt
  writing mythril.egg-info/PKG-INFO
  writing top-level names to mythril.egg-info/top_level.txt
  writing dependency_links to mythril.egg-info/dependency_links.txt
  warning: manifest_maker: standard file '-c' not found
  
  reading manifest file 'mythril.egg-info/SOURCES.txt'
  reading manifest template 'MANIFEST.in'
  writing manifest file 'mythril.egg-info/SOURCES.txt'
  copying mythril/disassembler/signatures.json -> build/lib.linux-x86_64-2.7/mythril/disassembler
  running build_scripts
  creating build/scripts-2.7
  copying and adjusting myth -> build/scripts-2.7
  changing mode of build/scripts-2.7/myth from 664 to 775
  installing to build/bdist.linux-x86_64/wheel
  running install
  running install_lib
  creating build/bdist.linux-x86_64
  creating build/bdist.linux-x86_64/wheel
  creating build/bdist.linux-x86_64/wheel/mythril
  creating build/bdist.linux-x86_64/wheel/mythril/ether
  copying build/lib.linux-x86_64-2.7/mythril/ether/asm.py -> build/bdist.linux-x86_64/wheel/mythril/ether
  copying build/lib.linux-x86_64-2.7/mythril/ether/__init__.py -> build/bdist.linux-x86_64/wheel/mythril/ether
  copying build/lib.linux-x86_64-2.7/mythril/ether/ethcontract.py -> build/bdist.linux-x86_64/wheel/mythril/ether
  copying build/lib.linux-x86_64-2.7/mythril/ether/contractstorage.py -> build/bdist.linux-x86_64/wheel/mythril/ether
  copying build/lib.linux-x86_64-2.7/mythril/ether/util.py -> build/bdist.linux-x86_64/wheel/mythril/ether
  copying build/lib.linux-x86_64-2.7/mythril/ether/evm.py -> build/bdist.linux-x86_64/wheel/mythril/ether
  creating build/bdist.linux-x86_64/wheel/mythril/ipc
  copying build/lib.linux-x86_64-2.7/mythril/ipc/utils.py -> build/bdist.linux-x86_64/wheel/mythril/ipc
  copying build/lib.linux-x86_64-2.7/mythril/ipc/exceptions.py -> build/bdist.linux-x86_64/wheel/mythril/ipc
  copying build/lib.linux-x86_64-2.7/mythril/ipc/__init__.py -> build/bdist.linux-x86_64/wheel/mythril/ipc
  copying build/lib.linux-x86_64-2.7/mythril/ipc/constants.py -> build/bdist.linux-x86_64/wheel/mythril/ipc
  copying build/lib.linux-x86_64-2.7/mythril/ipc/client.py -> build/bdist.linux-x86_64/wheel/mythril/ipc
  copying build/lib.linux-x86_64-2.7/mythril/__init__.py -> build/bdist.linux-x86_64/wheel/mythril
  creating build/bdist.linux-x86_64/wheel/mythril/disassembler
  copying build/lib.linux-x86_64-2.7/mythril/disassembler/callgraph.py -> build/bdist.linux-x86_64/wheel/mythril/disassembler
  copying build/lib.linux-x86_64-2.7/mythril/disassembler/__init__.py -> build/bdist.linux-x86_64/wheel/mythril/disassembler
  copying build/lib.linux-x86_64-2.7/mythril/disassembler/disassembly.py -> build/bdist.linux-x86_64/wheel/mythril/disassembler
  copying build/lib.linux-x86_64-2.7/mythril/disassembler/signatures.json -> build/bdist.linux-x86_64/wheel/mythril/disassembler
  creating build/bdist.linux-x86_64/wheel/mythril/rpc
  copying build/lib.linux-x86_64-2.7/mythril/rpc/utils.py -> build/bdist.linux-x86_64/wheel/mythril/rpc
  copying build/lib.linux-x86_64-2.7/mythril/rpc/exceptions.py -> build/bdist.linux-x86_64/wheel/mythril/rpc
  copying build/lib.linux-x86_64-2.7/mythril/rpc/__init__.py -> build/bdist.linux-x86_64/wheel/mythril/rpc
  copying build/lib.linux-x86_64-2.7/mythril/rpc/constants.py -> build/bdist.linux-x86_64/wheel/mythril/rpc
  copying build/lib.linux-x86_64-2.7/mythril/rpc/client.py -> build/bdist.linux-x86_64/wheel/mythril/rpc
  creating build/bdist.linux-x86_64/wheel/laser
  copying build/lib.linux-x86_64-2.7/laser/__init__.py -> build/bdist.linux-x86_64/wheel/laser
  creating build/bdist.linux-x86_64/wheel/laser/ethereum
  copying build/lib.linux-x86_64-2.7/laser/ethereum/utils.py -> build/bdist.linux-x86_64/wheel/laser/ethereum
  copying build/lib.linux-x86_64-2.7/laser/ethereum/laserfree.py -> build/bdist.linux-x86_64/wheel/laser/ethereum
  creating build/bdist.linux-x86_64/wheel/laser/ethereum/modules
  copying build/lib.linux-x86_64-2.7/laser/ethereum/modules/unchecked_send.py -> build/bdist.linux-x86_64/wheel/laser/ethereum/modules
  copying build/lib.linux-x86_64-2.7/laser/ethereum/modules/__init__.py -> build/bdist.linux-x86_64/wheel/laser/ethereum/modules
  copying build/lib.linux-x86_64-2.7/laser/ethereum/__init__.py -> build/bdist.linux-x86_64/wheel/laser/ethereum
  copying build/lib.linux-x86_64-2.7/laser/ethereum/svm.py -> build/bdist.linux-x86_64/wheel/laser/ethereum
  copying build/lib.linux-x86_64-2.7/laser/ethereum/cfg.py -> build/bdist.linux-x86_64/wheel/laser/ethereum
  running install_egg_info
  Copying mythril.egg-info to build/bdist.linux-x86_64/wheel/mythril-0.4.4.egg-info
  running install_scripts
  creating build/bdist.linux-x86_64/wheel/mythril-0.4.4.data
  creating build/bdist.linux-x86_64/wheel/mythril-0.4.4.data/scripts
  copying build/scripts-2.7/myth -> build/bdist.linux-x86_64/wheel/mythril-0.4.4.data/scripts
  changing mode of build/bdist.linux-x86_64/wheel/mythril-0.4.4.data/scripts/myth to 775
  Traceback (most recent call last):
    File "<string>", line 1, in <module>
    File "/tmp/pip-build-u5aVKD/mythril/setup.py", line 270, in <module>
      scripts=['myth']
    File "/usr/lib/python2.7/distutils/core.py", line 151, in setup
      dist.run_commands()
    File "/usr/lib/python2.7/distutils/dist.py", line 953, in run_commands
      self.run_command(cmd)
    File "/usr/lib/python2.7/distutils/dist.py", line 972, in run_command
      cmd_obj.run()
    File "/usr/lib/python2.7/dist-packages/wheel/bdist_wheel.py", line 232, in run
      self.distinfo_dir)
    File "/usr/lib/python2.7/dist-packages/wheel/bdist_wheel.py", line 399, in egg2dist
      distribution=self.distribution)
    File "/usr/lib/python2.7/dist-packages/wheel/metadata.py", line 129, in pkginfo_to_dict
      payload = payload.decode('utf-8')
    File "/usr/lib/python2.7/encodings/utf_8.py", line 16, in decode
      return codecs.utf_8_decode(input, errors, True)
  UnicodeDecodeError: 'utf8' codec can't decode bytes in position 3563-3564: invalid continuation byte
  
  ----------------------------------------
  Failed building wheel for mythril
  Running setup.py clean for mythril
Failed to build mythril
Installing collected packages: pbkdf2, scrypt, PyYAML, repoze.lru, pysha3, pycparser, cffi, asn1crypto, coincurve, pycryptodome, py-ecc, pyethash, rlp, ethereum, toolz, cytoolz, ethereum-utils, ethereum-keys, semantic-version, ethereum-tester, pylru, ethereum-abi-utils, urllib3, idna, chardet, certifi, requests, web3, setuptools, zope.interface, zodbpickle, six, persistent, BTrees, transaction, zc.lockfile, ZConfig, ZODB, graphviz, z3-solver, laser-ethereum, mythril
Segmentation fault

Init-db doesn't seem to do anything

Hello,

I run a nod synced using geth --syncmode "fast". It finished syncing, but when I run myth --init-db it outputs

Starting synchronization from latest block: 0

and ends without any error right after.

I've tried to use the --sync-all and --rpc options but I get the same result. The .fs files in ~/.mythril/ are very small and myth --search "func#changeMultisig(address)#" doesn't find anything.

start_addr = disassembly.instruction_list[state.pc]['address']- List index out of range

ENV specs:

Ubuntu 16.04 LTS
Python 3.5.2 [GCC 5.4.0 20160609]
Virtualenv 15.1.0

Installation output:

Building wheels for collected packages: mythril, ZODB, z3-solver, zc.lockfile, zodbpickle
Running setup.py bdist_wheel for mythril ... done
Stored in directory: /home/user/.cache/pip/wheels/06/b1/2e/ea5e2a3adcd7a0f68e6cc2ebbb58b18274fa69d42723594253
Running setup.py bdist_wheel for ZODB ... done
Stored in directory: /home/user/.cache/pip/wheels/4e/68/8c/f3ced7e225af0e7cc316c7a0755ef4201ae4b769affd5201e3
Running setup.py bdist_wheel for z3-solver ... done
Stored in directory: /home/user/.cache/pip/wheels/43/c7/d7/f37a4aa4cd2d081bdc8712f38943a372cce36f1920bfbc5926
Running setup.py bdist_wheel for zc.lockfile ... done
Stored in directory: /home/user/.cache/pip/wheels/1b/e1/63/8f77ec76bd7500ea412506af130751c030c642556d106fb307
Running setup.py bdist_wheel for zodbpickle ... done
Stored in directory: /home/user/.cache/pip/wheels/bf/ac/c1/1053fb885519d41f368ea46917a90fff8d127abffd121a5f17
Successfully built mythril ZODB z3-solver zc.lockfile zodbpickle
Installing collected packages: zope.interface, persistent, BTrees, ZConfig, transaction, zc.lockfile, zodbpickle, ZODB, z3-solver, laser-ethereum, mythril
Successfully installed BTrees-4.4.1 ZConfig-3.2.0 ZODB-5.3.0 laser-ethereum-0.2.16 mythril-0.8.10 persistent-4.2.4.2 transaction-2.1.2 z3-solver-4.5.1.0.post2 zc.lockfile-1.2.1 zodbpickle-0.7.0 zope.interface-4.4.3

PIP list output:

asn1crypto (0.23.0)
BTrees (4.4.1)
certifi (2017.11.5)
cffi (1.11.2)
chardet (3.0.4)
coincurve (6.0.0)
cytoolz (0.8.2)
decorator (4.1.2)
ethereum (2.1.2)
ethereum-abi-utils (0.4.4)
ethereum-keys (0.1.0a7)
ethereum-tester (0.1.0b2)
ethereum-utils (0.6.0)
future (0.16.0)
idna (2.6)
ipython (6.2.1)
ipython-genutils (0.2.0)
jedi (0.11.0)
laser-ethereum (0.2.16)
mythril (0.8.10)
parso (0.1.0)
pbkdf2 (1.3)
persistent (4.2.4.2)
pexpect (4.3.0)
pickleshare (0.7.4)
pip (9.0.1)
prompt-toolkit (1.0.15)
ptyprocess (0.5.2)
py-ecc (1.4.2)
pycparser (2.18)
pycryptodome (3.4.6)
pyethash (0.1.27)
Pygments (2.2.0)
pylru (1.0.9)
pysha3 (1.0.2)
PyYAML (3.12)
repoze.lru (0.7)
requests (2.18.4)
rlp (0.6.0)
scrypt (0.8.0)
semantic-version (2.6.0)
setuptools (36.7.2)
simplegeneric (0.8.1)
six (1.11.0)
toolz (0.8.2)
traitlets (4.3.2)
transaction (2.1.2)
urllib3 (1.22)
wcwidth (0.1.7)
web3 (3.16.2)
wheel (0.30.0)
z3-solver (4.5.1.0.post2)
zc.lockfile (1.2.1)
ZConfig (3.2.0)
ZODB (5.3.0)
zodbpickle (0.7.0)
zope.interface (4.4.3)

Command:
$ myth -g ./graph.html -a 0x9a642d6b3368ddc662CA244bAdf32cDA716005BC

0x9a642d6b3368ddc662CA244bAdf32cDA716005BC - Qtum Contract.

Traceback:

Traceback (most recent call last):
File "/home/user/.virtualenvs/web3py/bin/myth", line 218, in
states = StateSpace(contracts, simplified=True)
File "/home/user/.virtualenvs/web3py/lib/python3.5/site-packages/mythril/analysis/symbolic.py", line 25, in init
self.svm.sym_exec(contracts[0].address)
File "/home/user/.virtualenvs/web3py/lib/python3.5/site-packages/laser/ethereum/svm.py", line 183, in sym_exec
node = self._sym_exec(context, State())
File "/home/user/.virtualenvs/web3py/lib/python3.5/site-packages/laser/ethereum/svm.py", line 196, in _sym_exec
start_addr = disassembly.instruction_list[state.pc]['address']
IndexError: list index out of range

hello

Hi, nice to see this project. For more general analysis, I was investigating https://github.com/alex-miller-0/Ethereum_Blockchain_Parser before. I was also thinking about trying to port it to ipc, I think it should def be faster. Alternatively, maybe some parallelization could also speed things up or writing things to an intermediary db like for example the above project is doing (instead of one big file like mythril seems to be doing, thought they import all blocks to mongodb). (not sure if that is actually faster, but at least more convenient once imported)
I'll see what I can make of mythril, maybe if I use it I can help to make it use ipc or similar optimizations.

Implement native contracts in SVM

0x1: ecrecover
0x2: sha2 256
0x3: ripdemd 160
0x4: identity function

Web3 package breaks dependencies

Currently, web3 locks in old versions of several Ethereum-related packages. E.g.:

eth-utils<1.0.0,>=0.7.1
eth-abi<0.6.0,>=0.5.0

Newer versions of eth-xxx seem to implement changes that break Mythril, see also. As a result, Mythril breaks for users who have current eth packages installed, see also #67.

Users also report pkg_resources.ContextualVersionConflict errors when launching the myth tool related to the eth-utils and eth-abi packages.

We need to get rid of the web3 dependency and make Mythril compatible with current eth-xxx packages.

@step21, I think I remember you mentioning a way of getting rid of the web3 dependency for IPC calls? Can't remember exactly in what context.

Intsall failed

I tried to install with this pip install mythril and got this result:

@./mythril:jrush>$ pip install mythril
Collecting mythril
Downloading mythril-0.1.6.tar.gz
Collecting ethereum==2.0.4 (from mythril)
Downloading ethereum-2.0.4.tar.gz (139kB)
100% |████████████████████████████████| 143kB 2.5MB/s
Collecting repoze.lru (from ethereum==2.0.4->mythril)
Downloading repoze.lru-0.7.tar.gz
Requirement already satisfied: PyYAML in /usr/local/lib/python2.7/site-packages (from ethereum==2.0.4->mythril)
Collecting pbkdf2 (from ethereum==2.0.4->mythril)
Downloading pbkdf2-1.3.tar.gz
Collecting bitcoin (from ethereum==2.0.4->mythril)
Downloading bitcoin-1.1.42.tar.gz
Collecting pycryptodome>=3.3.1 (from ethereum==2.0.4->mythril)
Downloading pycryptodome-3.4.7.tar.gz (6.5MB)
100% |████████████████████████████████| 6.5MB 194kB/s
Collecting scrypt (from ethereum==2.0.4->mythril)
Downloading scrypt-0.8.0-cp27-cp27m-macosx_10_11_x86_64.whl
Collecting pysha3>=1.0.1 (from ethereum==2.0.4->mythril)
Downloading pysha3-1.0.2.tar.gz (829kB)
100% |████████████████████████████████| 829kB 1.4MB/s
Collecting rlp>=0.4.7 (from ethereum==2.0.4->mythril)
Downloading rlp-0.6.0.tar.gz
Collecting pyethash (from ethereum==2.0.4->mythril)
Downloading pyethash-0.1.27.tar.gz
Building wheels for collected packages: mythril, ethereum, repoze.lru, pbkdf2, bitcoin, pycryptodome, pysha3, rlp, pyethash
Running setup.py bdist_wheel for mythril ... error
Complete output from command /usr/local/opt/python/bin/python2.7 -u -c "import setuptools, tokenize;file='/private/var/folders/20/42k6jhsj325_yl419srn69280000gn/T/pip-build-l7NqpX/mythril/setup.py';f=getattr(tokenize, 'open', open)(file);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, file, 'exec'))" bdist_wheel -d /var/folders/20/42k6jhsj325_yl419srn69280000gn/T/tmpPIUqU8pip-wheel- --python-tag cp27:
running bdist_wheel
running build
running build_py
creating build
creating build/lib
creating build/lib/ether
copying ether/init.py -> build/lib/ether
copying ether/asm.py -> build/lib/ether
copying ether/evm.py -> build/lib/ether
copying ether/util.py -> build/lib/ether
creating build/lib/rpc
copying rpc/init.py -> build/lib/rpc
copying rpc/client.py -> build/lib/rpc
copying rpc/constants.py -> build/lib/rpc
copying rpc/exceptions.py -> build/lib/rpc
copying rpc/utils.py -> build/lib/rpc
running build_scripts
creating build/scripts-2.7
copying and adjusting mythril -> build/scripts-2.7
changing mode of build/scripts-2.7/mythril from 644 to 755
installing to build/bdist.macosx-10.12-x86_64/wheel
running install
running install_lib
creating build/bdist.macosx-10.12-x86_64
creating build/bdist.macosx-10.12-x86_64/wheel
creating build/bdist.macosx-10.12-x86_64/wheel/ether
copying build/lib/ether/init.py -> build/bdist.macosx-10.12-x86_64/wheel/ether
copying build/lib/ether/asm.py -> build/bdist.macosx-10.12-x86_64/wheel/ether
copying build/lib/ether/evm.py -> build/bdist.macosx-10.12-x86_64/wheel/ether
copying build/lib/ether/util.py -> build/bdist.macosx-10.12-x86_64/wheel/ether
creating build/bdist.macosx-10.12-x86_64/wheel/rpc
copying build/lib/rpc/init.py -> build/bdist.macosx-10.12-x86_64/wheel/rpc
copying build/lib/rpc/client.py -> build/bdist.macosx-10.12-x86_64/wheel/rpc
copying build/lib/rpc/constants.py -> build/bdist.macosx-10.12-x86_64/wheel/rpc
copying build/lib/rpc/exceptions.py -> build/bdist.macosx-10.12-x86_64/wheel/rpc
copying build/lib/rpc/utils.py -> build/bdist.macosx-10.12-x86_64/wheel/rpc
running install_egg_info
running egg_info
writing requirements to mythril.egg-info/requires.txt
writing mythril.egg-info/PKG-INFO
writing top-level names to mythril.egg-info/top_level.txt
writing dependency_links to mythril.egg-info/dependency_links.txt
reading manifest file 'mythril.egg-info/SOURCES.txt'
writing manifest file 'mythril.egg-info/SOURCES.txt'
Copying mythril.egg-info to build/bdist.macosx-10.12-x86_64/wheel/mythril-0.1.6-py2.7.egg-info
running install_scripts
creating build/bdist.macosx-10.12-x86_64/wheel/mythril-0.1.6.data
creating build/bdist.macosx-10.12-x86_64/wheel/mythril-0.1.6.data/scripts
copying build/scripts-2.7/mythril -> build/bdist.macosx-10.12-x86_64/wheel/mythril-0.1.6.data/scripts
changing mode of build/bdist.macosx-10.12-x86_64/wheel/mythril-0.1.6.data/scripts/mythril to 755
Traceback (most recent call last):
File "", line 1, in
File "/private/var/folders/20/42k6jhsj325_yl419srn69280000gn/T/pip-build-l7NqpX/mythril/setup.py", line 163, in
scripts=['mythril']
File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/distutils/core.py", line 151, in setup
dist.run_commands()
File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/distutils/dist.py", line 953, in run_commands
self.run_command(cmd)
File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/distutils/dist.py", line 972, in run_command
cmd_obj.run()
File "/usr/local/lib/python2.7/site-packages/wheel/bdist_wheel.py", line 232, in run
self.distinfo_dir)
File "/usr/local/lib/python2.7/site-packages/wheel/bdist_wheel.py", line 399, in egg2dist
distribution=self.distribution)
File "/usr/local/lib/python2.7/site-packages/wheel/metadata.py", line 129, in pkginfo_to_dict
payload = payload.decode('utf-8')
File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/encodings/utf_8.py", line 16, in decode
return codecs.utf_8_decode(input, errors, True)
UnicodeDecodeError: 'utf8' codec can't decode byte 0x89 in position 1757: invalid start byte

Failed building wheel for mythril
Running setup.py clean for mythril
Running setup.py bdist_wheel for ethereum ... done
Stored in directory: /Users/jrush/Library/Caches/pip/wheels/ff/ee/fd/d155ede9dba88b679720c87975f2eeab21befc43da2b7b075e
Running setup.py bdist_wheel for repoze.lru ... done
Stored in directory: /Users/jrush/Library/Caches/pip/wheels/f2/f9/a7/f5c72abc5a083f4ef4b2e3eb4c4721300cf0735ac06958a2e7
Running setup.py bdist_wheel for pbkdf2 ... done
Stored in directory: /Users/jrush/Library/Caches/pip/wheels/4a/1a/64/4dd31676e41ecf2917a870a96a874c860508d3b5d1b440b52b
Running setup.py bdist_wheel for bitcoin ... done
Stored in directory: /Users/jrush/Library/Caches/pip/wheels/15/d9/46/0029939110ce681cbcb1b94b8952f475eb3562e65cd99d311f
Running setup.py bdist_wheel for pycryptodome ... done
Stored in directory: /Users/jrush/Library/Caches/pip/wheels/f7/cb/16/1ed6dc50b92888af9051bda6f59f335dfd966a1ce5edd8a4af
Running setup.py bdist_wheel for pysha3 ... done
Stored in directory: /Users/jrush/Library/Caches/pip/wheels/00/06/c3/ad27a11d795e4400ebaf0242a5b316820f33b6633e19435ee5
Running setup.py bdist_wheel for rlp ... done
Stored in directory: /Users/jrush/Library/Caches/pip/wheels/00/27/d0/354150ba37723f2469f6eb69b07ccdce983a3cd572584d9e8c
Running setup.py bdist_wheel for pyethash ... done
Stored in directory: /Users/jrush/Library/Caches/pip/wheels/4c/a1/67/af345dfb35e42a2b0f9d0a5d7b5996ac5959a1b05e286664b0
Successfully built ethereum repoze.lru pbkdf2 bitcoin pycryptodome pysha3 rlp pyethash
Failed to build mythril
Installing collected packages: repoze.lru, pbkdf2, bitcoin, pycryptodome, scrypt, pysha3, rlp, pyethash, ethereum, mythril
Exception:
Traceback (most recent call last):
File "/usr/local/lib/python2.7/site-packages/pip/basecommand.py", line 215, in main
status = self.run(options, args)
File "/usr/local/lib/python2.7/site-packages/pip/commands/install.py", line 342, in run
prefix=options.prefix_path,
File "/usr/local/lib/python2.7/site-packages/pip/req/req_set.py", line 784, in install
**kwargs
File "/usr/local/lib/python2.7/site-packages/pip/req/req_install.py", line 851, in install
self.move_wheel_files(self.source_dir, root=root, prefix=prefix)
File "/usr/local/lib/python2.7/site-packages/pip/req/req_install.py", line 1064, in move_wheel_files
isolated=self.isolated,
File "/usr/local/lib/python2.7/site-packages/pip/wheel.py", line 377, in move_wheel_files
clobber(source, dest, False, fixer=fixer, filter=filter)
File "/usr/local/lib/python2.7/site-packages/pip/wheel.py", line 323, in clobber
shutil.copyfile(srcfile, destfile)
File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/shutil.py", line 83, in copyfile
with open(dst, 'wb') as fdst:
IOError: [Errno 13] Permission denied: '/usr/local/LICENSE'

And the myth command line toold does not install.

Simulate gas accurately

As the title says.

Add a JSON output option

Enable JSON-formatted output for easier API integration.

disassemble -d -c "bytecode": swarm hash in bytecode misinterpreted as INVALID opcode

Exactly the same issue with another issue I reported for manticore project, but the underlying reason/problem is the same, hope it helps.

Specifically, to reproduce such bug, (just an example):

Copy the code of any contract code, save as local file.
run solc --bin fileName.sol, copy the bytecode and feed into myth -d -c _bytecode_ .
Result: noticing the output ends with

14289 STOP
14290 LOG1
14291 PUSH6 0x627a7a723058
14298 SHA3
14299 MULMOD
14300 INVALID
14301 MSTORE
14302 GASPRICE
14303 INVALID
14304 PUSH14 0xa9dbe23d1653684c888c4d7719d9
14319 INVALID
14320 INVALID
14321 INVALID
14322 NUMBER
14323 SSTORE
14324 INVALID
14325 AND
14326 INVALID
14327 MULMOD
14328 SLOAD
14329 EQ
14330 SWAP12
14331 STOP
14332 INVALID

After STOP, everything after that should be swarm hash, instead of "invalid"

Thanks!

Ability to point analysis on a directory with multiple contracts

Atm, you have to specify analysis on a file or a list of files (file by file as arguments).
What is the recommended way to point myth -x ... at a directory?

starting geth

Just wondering, at first I had just started geth with geth --maxpeers 0 --rpc without activating the admin and debug parts of rpc, but there was no complaint. Would there be a complaint if something was not available?

SVM cannot explore some paths

Function playerRollDice in contract https://etherscan.io/address/0xe6517b766e6ee07f91b517435ed855926bcb1aae#code ends with a REVERT, probably some conditions in modifiers are not resolved.

Docker build fails on laser-ethereum

Installed /tmp/easy_install-4c46iyaa/py-solc-2.1.0/.eggs/pypandoc-1.4-py3.6.egg
file solc.py (for module solc) not found
warning: no files found matching 'requirements.txt'
warning: no previously-included files matching '__pycache__' found under directory '*'
warning: no previously-included files matching '*.py[co]' found under directory '*'
file solc.py (for module solc) not found
file solc.py (for module solc) not found
creating /usr/local/lib/python3.6/dist-packages/py_solc-2.1.0-py3.6.egg
Extracting py_solc-2.1.0-py3.6.egg to /usr/local/lib/python3.6/dist-packages
Adding py-solc 2.1.0 to easy-install.pth file

Installed /usr/local/lib/python3.6/dist-packages/py_solc-2.1.0-py3.6.egg
Searching for laser-ethereum==0.4.3
Reading https://pypi.python.org/simple/laser-ethereum/
No local packages or working download links found for laser-ethereum==0.4.3
error: Could not find suitable distribution for Requirement.parse('laser-ethereum==0.4.3')
The command '/bin/sh -c apt-get update   && apt-get install -y software-properties-common python-software-properties   && add-apt-repository ppa:ethereum/ethereum   && apt-get update   && apt-get install -y solc   && apt-get install -y libssl-dev   && apt-get install -y python3-pip python3-dev   && ln -s /usr/bin/python3 /usr/local/bin/python   && pip3 install --upgrade pip   && apt-get install -y pandoc   && apt-get install -y git   && pip3 install laser-ethereum   && python setup.py install' returned a non-zero code: 1

-

Detect Tautologies

Example contract:


contract MyContract {

  function foo(uint256 a) returns(uint256) {
    if(a >= 0){ //this will never be false
      return 0;
    }
    return 1;
  }
}```

Mythril should detect a comparison which is always true, at least one as simple as this.

Less awkward representation of execution states

Currently, states are represented rather awkwardly in the form of node objects. The symbolic execution system should be re-designed to represent states as state objects and allow for KLEE-like statements, such as:

if (s1["owner"] != s2["owner"] && s1["msg.sender"] != s1["owner"]) {
    print("violation found");
}

This is a major change to laser-ethereum and Mythril and will also require the analysis modules to be rewritten.

Contract db

There are two types of contracts in blockchain.

Contracts created by normal addresses
Contracts created by other contracts

The first are easy to get from node. Just get every transaction in every block and check if it creates a contract. This takes aproximatellly a day and a half

The second is complicated
You can take every transaction in every block. Check its destination address and check it code. If code is not empty, then this is contract. So you will get all contracts, created by other contracts.
But you will not get any contract, that is interacted with by other contracts only.

The complete solution is to trace every transaction in blockchain and see if it results in contract creation.

Another solution is to directly read LevelDb. Don't know if it is possible.

What way does Mythril use to build contract db?

Handle interface contracts gracefully

I have this unimplemented interface contract, in the same folder as a contract that inherits it.

pragma solidity ^0.4.18;
contract Interface{    
    function transfer(address _to, uint _value, bytes _data) public returns (bool);
    event Transfer(address indexed _from, address indexed _to, uint256 indexed _value, bytes _data);
}

The dir structure is something like:

contracts/
├── Interface.sol
├── Implemented.sol
├── SomethingElse.sol

So, I'd like to be able to run myth -x contracts/*.sol, but when I do, I get:

  File "/Users/primary/.pyenv/versions/3.6.1/bin/myth", line 205, in <module>
    name, bytecode = compile_solidity(solc_binary, file)
  File "/Users/primary/.pyenv/versions/3.6.1/lib/python3.6/site-packages/mythril/ether/util.py", line 36, in compile_solidity
    return [m.group(1), m.group(2)]
AttributeError: 'NoneType' object has no attribute 'group'

Add option to specify solc include path

Generating ABIs for raw contract opcodes

I'm looking at generating ABIs for raw contract opcode and mythril looks like a good base to build this on. Let me know if this is something you'd like to include in mythril and I'll submit a PR when it's ready.

PR: using ipc as an option

I made some changes to add an --ipc flag that uses ipc via web3.py.
Everything seems to work so far. Would you like/accept a pull request for that?

Z3 sort mismatch error

From within this directory: https://github.com/Modular-Network/ethereum-libraries/tree/audits/CrowdsaleLib/IICOLib/truffle/contracts

I tried with and without the -l flag:

$ myth -x -l InteractiveCrowdsaleTestContract.sol
Traceback (most recent call last):
  File "/Users/primary/.pyenv/versions/3.6.1/bin/myth", line 284, in <module>
    states = StateSpace(contracts, dynloader=DynLoader(eth), max_depth=args.max_depth)
  File "/Users/primary/.pyenv/versions/3.6.1/lib/python3.6/site-packages/mythril/analysis/symbolic.py", line 30, in __init__
    self.svm.sym_exec(contracts[0].address)
  File "/Users/primary/.pyenv/versions/3.6.1/lib/python3.6/site-packages/laser/ethereum/svm.py", line 185, in sym_exec
    node = self._sym_exec(context, State())
  File "/Users/primary/.pyenv/versions/3.6.1/lib/python3.6/site-packages/laser/ethereum/svm.py", line 853, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth, constraints=new_constraints)
  File "/Users/primary/.pyenv/versions/3.6.1/lib/python3.6/site-packages/laser/ethereum/svm.py", line 853, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth, constraints=new_constraints)
  File "/Users/primary/.pyenv/versions/3.6.1/lib/python3.6/site-packages/laser/ethereum/svm.py", line 830, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth+1, constraints=new_constraints)
  File "/Users/primary/.pyenv/versions/3.6.1/lib/python3.6/site-packages/laser/ethereum/svm.py", line 772, in _sym_exec
    new_node = self._sym_exec(context, new_state, depth=depth+1, constraints=constraints)
  File "/Users/primary/.pyenv/versions/3.6.1/lib/python3.6/site-packages/laser/ethereum/svm.py", line 286, in _sym_exec
    state.stack.append(state.stack.pop() & state.stack.pop())
  File "/Users/primary/.pyenv/versions/3.6.1/lib/python3.6/site-packages/z3/z3.py", line 3214, in __rand__
    a, b = _coerce_exprs(self, other)
  File "/Users/primary/.pyenv/versions/3.6.1/lib/python3.6/site-packages/z3/z3.py", line 1016, in _coerce_exprs
    s = _coerce_expr_merge(s, b)
  File "/Users/primary/.pyenv/versions/3.6.1/lib/python3.6/site-packages/z3/z3.py", line 1006, in _coerce_expr_merge
    _z3_assert(False, "sort mismatch")
  File "/Users/primary/.pyenv/versions/3.6.1/lib/python3.6/site-packages/z3/z3.py", line 91, in _z3_assert
    raise Z3Exception(msg)
z3.z3types.Z3Exception: sort mismatch

I get a similar result for all files in that dir, except for LinkedListLib.sol and Array256Lib.sol.

No script named 'myth'

Hi! :)
I'm working on Ubuntu 17.10 amd64.
I tried to install mythril with pip3 install mythril but, at the end of the installation (without any errors), when i write "myth --init-db" nothing happen. So, I tried to install it with

$ git clone https://github.com/b-mueller/mythril/
$ cd mythril
$ python3 setup.py install

Now, when I try to execute myth --init-db ( or any other kind of command starting with myth) , I got

Traceback (most recent call last):
File "/usr/local/bin/myth", line 4, in
import('pkg_resources').run_script('mythril==0.7.7', 'myth')
File "/home/pippo/.local/lib/python3.6/site-packages/pkg_resources/init.py", line 748, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/home/pippo/.local/lib/python3.6/site-packages/pkg_resources/init.py", line 1509, in run_script
raise ResolutionError("No script named %r" % script_name)
pkg_resources.ResolutionError: No script named 'myth'

Can you help me? I really need mythril...

list error on disassembly

When trying to test stuff after my changes, I noticed that I got an error on one of the examples. This is unrelated to the pull request as it happens with an unmodified version too. (unless related to corrupted data)

Traceback (most recent call last):
  File "/usr/local/bin/myth", line 75, in <module>
    disassembly = Disassembly(encoded_bytecode)
  File "/usr/local/lib/python3.5/dist-packages/mythril/disassembler/disassembly.py", line 92, in __init__
    current_block.update_length(blocklen)
  File "/usr/local/lib/python3.5/dist-packages/mythril/disassembler/disassembly.py", line 16, in update_length
    self.start_addr = self.instruction_list[0]['address']
IndexError: list index out of range

This was for myth -d -a "0x2a0c0dbecc7e4d658f48e01e3fa353f44050c208"

(I didn't look into it yet, but maybe you have encountered it before)

IPC RPC

Interaction with geth node via IPC is much more than 10 times faster than by http.
Tested on my home PC.
Reading and wiriting to ipc is easy as RW to a stream or file (geth.ipc on windows)

pip error code 1 when installing

I have Python 3.5.4 and am installing via pip install mythril. This results in the following:

Command "c:\users\miles\appdata\local\programs\python\python35\python.exe -u -c "import setuptools, tokenize;__file__='C:\\Users\\Miles\\AppData\\Local\\Temp\\pip-build-we8v1cge\\pyethash\\setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record C:\Users\Miles\AppData\Local\Temp\pip-tu1z0vz3-record\install-record.txt --single-version-externally-managed --compile" failed with error code 1 in C:\Users\Miles\AppData\Local\Temp\pip-build-we8v1cge\pyethash\

Globs only test the first contract

Issue:

myth -x contracts/*.sol

Will return results for the first contract in the contracts dir, and ignore all others.

This can lead to the mistaken belief that all contracts have been analysed.

Error during installation

During installation of mythril in virtualenv (macos):

Collecting mythril
  Downloading mythril-0.8.17.tar.gz (119kB)
    100% |████████████████████████████████| 122kB 2.4MB/s 
Collecting ethereum>=2.0.4 (from mythril)
  Downloading ethereum-2.2.0.tar.gz (152kB)
    100% |████████████████████████████████| 153kB 2.7MB/s 
    Complete output from command python setup.py egg_info:
    error in ethereum setup command: 'tests_require' must be a string or list of strings containing valid project/version requirement specifiers; Unordered types are not allowed
    
    ----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /private/var/folders/7n/hxxf2pwx7fncw6v113t0hy480000gn/T/pip-build-c0mjlp_k/ethereum/

leveldb support

This is just to say I am working on this. As you know it is a bit more complex then just querying rpc or ipc, but would be nice to have. If I have something to share I would post it here, but if you would prefer to close this issue until there is something to see that is also fine.

Provide recent or own signatures.json file

Would be great to be able to provide a path for a more recent or manually modified signature.json file without having to rebuild the application.

Flag to detect all external calls

Background

External calls are often worth examining, but in most cases don't represent an actual vuln.

Request

Add a flag which could be set to locate all external calls.

Z3Exception when analyzing solidity code

I'm trying to analyze the solidity source code of this contract by running

myth -x ./PonziTokenV3.sol

The error is

z3.z3types.Z3Exception: Symbolic expressions cannot be cast to concrete Boolean values.

I've noticed this error only when --max-depth > 7

I'm on a mac using the pip3 version of mythril

License conflict between mythril and laser-ethereum

Hi,

mythril is apparently released under the MIT license according to the LICENSE file (in which Dan Abramov is mentioned as the sole copyright owner even though he didn't contribute to this project AFAIK).

laser-ethereum, which is a dependency, is released under a "Free for non-commercial use" license according to the setup.py file and the resulting package page (no LICENSE file in the github repository).

I would have thought that a project using a library under this "Free for non-commercial use" license could not be released under the MIT license, which is free including for commercial use. If my interpretation is correct, one of these two projects should be relicensed to be compatible with the other (so mythril into "Free for non-commercial use" or laser-ethereum into MIT license).

IndexError: list index out of range

Hello, firstly thanks for this great tool!

I'm having some issues with it, not sure if it comes from my side or not. I can scan some contracts without any problem but for most I get this error:

[unkn0wn@archie mythril]$ myth -x -a  0x234c402dbbf436259117e85aca506a0638d7b318 -v1
INFO:root:SVM initialized with dynamic loader: None
Traceback (most recent call last):
  File "/usr/bin/myth", line 4, in <module>
    __import__('pkg_resources').run_script('mythril==0.8.14', 'myth')
  File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 750, in run_script
    self.require(requires)[0].run_script(script_name, ns)
  File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 1524, in run_script
    exec(code, namespace, namespace)
  File "/usr/lib/python3.6/site-packages/mythril-0.8.14-py3.6.egg/EGG-INFO/scripts/myth", line 236, in <module>
    states = StateSpace(contracts, simplified=False)
  File "/usr/lib/python3.6/site-packages/mythril-0.8.14-py3.6.egg/mythril/analysis/symbolic.py", line 25, in __init__
    self.svm.sym_exec(contracts[0].address)
  File "/usr/lib/python3.6/site-packages/laser/ethereum/svm.py", line 183, in sym_exec
    node = self._sym_exec(context, State())
  File "/usr/lib/python3.6/site-packages/laser/ethereum/svm.py", line 196, in _sym_exec
    start_addr = disassembly.instruction_list[state.pc]['address']
IndexError: list index out of range

Here's another contract which gives the same error: 0x0422fc05fe2306e7acfb373d977ad9def3ec86d3
And here's one for which it works fine: 0xfb9e9d3cbb2156353d6cce3296c33a274f133f03

I'm running a Parity node and the host is Archlinux

Thank you

Unhandled exception in analyze_truffle_project

Reproduce:
myth -v2 --truffle
Let me know if the project is required to reproduce the issue.

Output:

INFO:root:Executing <module 'weak_random' from '/Users/lol/.pyenv/versions/3.6.4/lib/python3.6/site-packages/mythril-0.10.13-py3.6.egg/mythril/analysis/modules/weak_random.py'> DEBUG:root:Executing module: WEAK_RANDOM Traceback (most recent call last): File "/Users/lol/.pyenv/versions/3.6.4/bin/myth", line 4, in <module> __import__('pkg_resources').run_script('mythril==0.10.13', 'myth') File "/Users/lol/.pyenv/versions/3.6.4/lib/python3.6/site-packages/pkg_resources/__init__.py", line 743, in run_script self.require(requires)[0].run_script(script_name, ns) File "/Users/lol/.pyenv/versions/3.6.4/lib/python3.6/site-packages/pkg_resources/__init__.py", line 1498, in run_script exec(code, namespace, namespace) File "/Users/lol/.pyenv/versions/3.6.4/lib/python3.6/site-packages/mythril-0.10.13-py3.6.egg/EGG-INFO/scripts/myth", line 146, in <module> analyze_truffle_project() File "/Users/lol/.pyenv/versions/3.6.4/lib/python3.6/site-packages/mythril-0.10.13-py3.6.egg/mythril/support/truffle.py", line 72, in analyze_truffle_project for key, issue in report.issues.items(): AttributeError: 'list' object has no attribute 'issues'