mythril/security_checks.md

# Mythril Detection Capabilities

Detection modules, ideas collection and wish list. Contributions are welcome!

| Issue | Description | Mythril Detection Module(s) | References |
|------:|-------------|------------|----------|
|Unprotected functions| Critical functions such as sends with non-zero value or suicide() calls are callable by anyone, or msg.sender is compared against an address in storage that can be written to. E.g. Parity wallet bugs. | [unchecked_suicide](mythril/analysis/modules/unchecked_suicide.py), [ether_send](mythril/analysis/modules/ether_send.py)          | |
|Missing check on CALL return value|  | [unchecked_retval](mythril/analysis/modules/unchecked_retval.py) | [Handle errors in external calls](https://consensys.github.io/smart-contract-best-practices/recommendations/#use-caution-when-making-external-calls) |
|Re-entrancy| Genreally, contract state should never be relied on if untrusted contracts are called. State changes after external calls should be avoided. | [external calls to untrusted contract](mythril/analysis/modules/external_calls.py) | [Call external functions last](https://consensys.github.io/smart-contract-best-practices/known_attacks/#reentrancy) [Avoid state changes after external calls](https://consensys.github.io/smart-contract-best-practices/recommendations/#avoid-state-changes-after-external-calls)|
|Multiple sends in a single transaction| External calls can fail accidentally or deliberately. Avoid combining multiple send() calls in a single transaction. |           |   [Favor pull over push for external calls](https://consensys.github.io/smart-contract-best-practices/recommendations/#favor-pull-over-push-for-external-calls) |
|External call to untrusted contract|       |           [external call to untrusted contract](mythril/analysis/modules/call_to_dynamic_with_gas.py) | |
|Delegatecall or callcode to untrusted contract|                   | [delegatecall_forward](mythril/analysis/modules/delegatecall_forward.py), [delegatecall_to_dynamic.py](mythril/analysis/modules/delegatecall_to_dynamic.py) |  |
|Integer overflow/underflow|                | [integer_underflow](mythril/analysis/modules/integer_underflow.py)   | [Validate arithmetic](https://consensys.github.io/smart-contract-best-practices/known_attacks/#integer-overflow-and-underflow) |
|Timestamp dependence|                      |           | [Miner time manipulation](https://consensys.github.io/smart-contract-best-practices/known_attacks/#timestamp-dependence) |
|Payable transaction does not revert in case of failure | | |   |
|Use of `tx.origin`|                        | [tx_origin](mythril/analysis/modules/depreciated_ops.py)       | [Solidity documentation](https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin), [Avoid using tx.origin](https://consensys.github.io/smart-contract-best-practices/recommendations/#avoid-using-txorigin) |
|Type confusion|                            |           |  |
|Predictable RNG|                           | [Dependence on predictable variables](mythril/analysis/modules/dependence_on_predictable_vars.py) | |
|Transaction order dependence|              |           | [Front Running](https://consensys.github.io/smart-contract-best-practices/known_attacks/#transaction-ordering-dependence-tod-front-running) |
|Information exposure|                      |           |   |
|Complex fallback function (uses more than 2,300 gas) | A too complex fallback function will cause send() and transfer() from other contracts to fail. To implement this we first need to fully implement gas simulation. | | 
|Use require() instead of assert() | Use `assert()` only to check against states which should be completely unreachable.  | [Exceptions](mythril/analysis/modules/exceptions.py)          | [Solidity docs](https://solidity.readthedocs.io/en/develop/control-structures.html#error-handling-assert-require-revert-and-exceptions)|
|Use of depreciated functions | Use `revert()` instead of `throw()`, `selfdestruct()` instead of `suicide()`, `keccak256()` instead of `sha3()` |           | |
|Detect tautologies| Detect comparisons that always evaluate to 'true', see also [#54](https://github.com/ConsenSys/mythril/issues/54) |  |
|Call depth attack| Depreciated             |           | [EIP 150 Hard Fork](https://consensys.github.io/smart-contract-best-practices/known_attacks/#call-depth-attack-deprecated)|
Update security_checks.md 7 years ago			`# Mythril Detection Capabilities`

Update security_checks.md 7 years ago			`Detection modules, ideas collection and wish list. Contributions are welcome!`
Create security_checks.md 7 years ago
Update security_checks.md 7 years ago			`\| Issue \| Description \| Mythril Detection Module(s) \| References \|`
			`\|------:\|-------------\|------------\|----------\|`
			`\|Unprotected functions\| Critical functions such as sends with non-zero value or suicide() calls are callable by anyone, or msg.sender is compared against an address in storage that can be written to. E.g. Parity wallet bugs. \| [unchecked_suicide](mythril/analysis/modules/unchecked_suicide.py), [ether_send](mythril/analysis/modules/ether_send.py) \| \|`
			`\|Missing check on CALL return value\| \| [unchecked_retval](mythril/analysis/modules/unchecked_retval.py) \| [Handle errors in external calls](https://consensys.github.io/smart-contract-best-practices/recommendations/#use-caution-when-making-external-calls) \|`
Update security_checks.md 7 years ago			\|Re-entrancy\| Genreally, contract state should never be relied on if untrusted contracts are called. State changes after external calls should be avoided. \| [external calls to untrusted contract](mythril/analysis/modules/external_calls.py) \| [Call external functions last](https://consensys.github.io/smart-contract-best-practices/known_attacks/#reentrancy) [Avoid state changes after external calls](https://consensys.github.io/smart-contract-best-practices/recommendations/#avoid-state-changes-after-external-calls)\|
Update security_checks.md 7 years ago			`\|Multiple sends in a single transaction\| External calls can fail accidentally or deliberately. Avoid combining multiple send() calls in a single transaction. \| \| [Favor pull over push for external calls](https://consensys.github.io/smart-contract-best-practices/recommendations/#favor-pull-over-push-for-external-calls) \|`
Update security_checks.md 7 years ago			`\|External call to untrusted contract\| \| [external call to untrusted contract](mythril/analysis/modules/call_to_dynamic_with_gas.py) \| \|`
Update security_checks.md 7 years ago			`\|Delegatecall or callcode to untrusted contract\| \| [delegatecall_forward](mythril/analysis/modules/delegatecall_forward.py), [delegatecall_to_dynamic.py](mythril/analysis/modules/delegatecall_to_dynamic.py) \| \|`
update security readme 7 years ago			`\|Integer overflow/underflow\| \| [integer_underflow](mythril/analysis/modules/integer_underflow.py) \| [Validate arithmetic](https://consensys.github.io/smart-contract-best-practices/known_attacks/#integer-overflow-and-underflow) \|`
			`\|Timestamp dependence\| \| \| [Miner time manipulation](https://consensys.github.io/smart-contract-best-practices/known_attacks/#timestamp-dependence) \|`
Update security_checks.md 7 years ago			`\|Payable transaction does not revert in case of failure \| \| \| \|`
Update security_checks.md 7 years ago			\|Use of `tx.origin`\| \| [tx_origin](mythril/analysis/modules/depreciated_ops.py) \| [Solidity documentation](https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin), [Avoid using tx.origin](https://consensys.github.io/smart-contract-best-practices/recommendations/#avoid-using-txorigin) \|
update security readme 7 years ago			`\|Type confusion\| \| \| \|`
Update security_checks.md 7 years ago			`\|Predictable RNG\| \| [Dependence on predictable variables](mythril/analysis/modules/dependence_on_predictable_vars.py) \| \|`
update security readme 7 years ago			`\|Transaction order dependence\| \| \| [Front Running](https://consensys.github.io/smart-contract-best-practices/known_attacks/#transaction-ordering-dependence-tod-front-running) \|`
			`\|Information exposure\| \| \| \|`
Update security_checks.md 7 years ago			`\|Complex fallback function (uses more than 2,300 gas) \| A too complex fallback function will cause send() and transfer() from other contracts to fail. To implement this we first need to fully implement gas simulation. \| \|`
Update security_checks.md 7 years ago			\|Use require() instead of assert() \| Use `assert()` only to check against states which should be completely unreachable. \| [Exceptions](mythril/analysis/modules/exceptions.py) \| [Solidity docs](https://solidity.readthedocs.io/en/develop/control-structures.html#error-handling-assert-require-revert-and-exceptions)\|
Update security_checks.md 7 years ago			\|Use of depreciated functions \| Use `revert()` instead of `throw()`, `selfdestruct()` instead of `suicide()`, `keccak256()` instead of `sha3()` \| \| \|
Update security_checks.md 7 years ago			`\|Detect tautologies\| Detect comparisons that always evaluate to 'true', see also [#54](https://github.com/ConsenSys/mythril/issues/54) \| \|`
Update security_checks.md 7 years ago			`\|Call depth attack\| Depreciated \| \| [EIP 150 Hard Fork](https://consensys.github.io/smart-contract-best-practices/known_attacks/#call-depth-attack-deprecated)\|`
Update security_checks.md 7 years ago