mythril/README.md

# Mythril

<p align="center">
	<img src="/static/mythril_new.png" height="320px"/>
</p>

[![Discord](https://img.shields.io/discord/697535391594446898)](https://discord.com/channels/697535391594446898/712829485350649886)
[![PyPI](https://badge.fury.io/py/mythril.svg)](https://pypi.python.org/pypi/mythril)
[![Read the Docs](https://readthedocs.org/projects/mythril-classic/badge/?version=master)](https://mythril-classic.readthedocs.io/en/develop/)
[![CircleCI](https://dl.circleci.com/status-badge/img/gh/Consensys/mythril/tree/develop.svg?style=shield&circle-token=fd6738fd235f6c2d8e10234259090e3b05190d0e)](https://dl.circleci.com/status-badge/redirect/gh/Consensys/mythril/tree/develop)
[![Sonarcloud - Maintainability](https://sonarcloud.io/api/project_badges/measure?project=mythril&metric=sqale_rating)](https://sonarcloud.io/dashboard?id=mythril)
[![Pypi Installs](https://static.pepy.tech/badge/mythril)](https://pepy.tech/project/mythril)
[![DockerHub Pulls](https://img.shields.io/docker/pulls/mythril/myth.svg)](https://cloud.docker.com/u/mythril/repository/docker/mythril/myth)

Mythril is a security analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains. It uses symbolic execution, SMT solving and taint analysis to detect a variety of security vulnerabilities. It's also used (in combination with other tools and techniques) in the [MythX](https://mythx.io) security analysis platform.

If you are a smart contract developer, we recommend using [MythX tools](https://github.com/b-mueller/awesome-mythx-smart-contract-security-tools) which are optimized for usability and cover a wider range of security issues.

Whether you want to contribute, need support, or want to learn what we have cooking for the future, you can checkout diligence-mythx channel in [ConsenSys Discord server](https://discord.gg/consensys).

## Installation and setup

Get it with [Docker](https://www.docker.com):

```bash
$ docker pull mythril/myth
```

Install from Pypi (Python 3.7-3.10):

```bash
$ pip3 install mythril
```

See the [docs](https://mythril-classic.readthedocs.io/en/master/installation.html) for more detailed instructions. 

## Usage

Run:

```
$ myth analyze <solidity-file>
```

Or:

```
$ myth analyze -a <contract-address>
```

Specify the maximum number of transactions to explore with `-t <number>`. You can also set a timeout with `--execution-timeout <seconds>`.

Here is an example of running Mythril on the file `killbilly.sol` which is in the `solidity_examples` directory for `3` transactions:

```
> myth a killbilly.sol -t 3
==== Unprotected Selfdestruct ====
SWC ID: 106
Severity: High
Contract: KillBilly
Function name: commencekilling()
PC address: 354
Estimated Gas Usage: 974 - 1399
Any sender can cause the contract to self-destruct.
Any sender can trigger execution of the SELFDESTRUCT instruction to destroy this contract account and withdraw its balance to an arbitrary address. Review the transaction trace generated for this issue and make sure that appropriate security controls are in place to prevent unrestricted access.
--------------------
In file: killbilly.sol:22

selfdestruct(msg.sender)

--------------------
Initial State:

Account: [CREATOR], balance: 0x2, nonce:0, storage:{}
Account: [ATTACKER], balance: 0x1001, nonce:0, storage:{}

Transaction Sequence:

Caller: [CREATOR], calldata: , decoded_data: , value: 0x0
Caller: [ATTACKER], function: killerize(address), txdata: 0x9fa299cc000000000000000000000000deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, decoded_data: ('0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef',), value: 0x0
Caller: [ATTACKER], function: activatekillability(), txdata: 0x84057065, value: 0x0
Caller: [ATTACKER], function: commencekilling(), txdata: 0x7c11da20, value: 0x0

```


Instructions for using Mythril are found on the [docs](https://mythril-classic.readthedocs.io/en/develop/). 

For support or general discussions please checkout [diligence-mythx channel](https://discord.com/channels/697535391594446898/712829485350649886) in [ConsenSys Discord server](https://discord.gg/consensys)..

## Building the Documentation
Mythril's documentation is contained in the `docs` folder and is published to [Read the Docs](https://mythril-classic.readthedocs.io/en/develop/). It is based on Sphinx and can be built using the Makefile contained in the subdirectory:

```
cd docs
make html
```

This will create a `build` output directory containing the HTML output. Alternatively, PDF documentation can be built with `make latexpdf`. The available output format options can be seen with `make help`.

## Vulnerability Remediation

Visit the [Smart Contract Vulnerability Classification Registry](https://swcregistry.io/) to find detailed information and remediation guidance for the vulnerabilities reported.
Mythril Classic -> Mythril 6 years ago			`# Mythril`
Re-branding :) 6 years ago
			`<p align="center">`
			`<img src="/static/mythril_new.png" height="320px"/>`
			`</p>`

Update README.md 1 year ago			`[![Discord](https://img.shields.io/discord/697535391594446898)](https://discord.com/channels/697535391594446898/712829485350649886)`
Update README.md 7 years ago			`[![PyPI](https://badge.fury.io/py/mythril.svg)](https://pypi.python.org/pypi/mythril)`
Update README.md 1 year ago			`[![Read the Docs](https://readthedocs.org/projects/mythril-classic/badge/?version=master)](https://mythril-classic.readthedocs.io/en/develop/)`
Fix Readme 1 year ago			`[![CircleCI](https://dl.circleci.com/status-badge/img/gh/Consensys/mythril/tree/develop.svg?style=shield&circle-token=fd6738fd235f6c2d8e10234259090e3b05190d0e)](https://dl.circleci.com/status-badge/redirect/gh/Consensys/mythril/tree/develop)`
Add sonarcloud to the readme 6 years ago			`[![Sonarcloud - Maintainability](https://sonarcloud.io/api/project_badges/measure?project=mythril&metric=sqale_rating)](https://sonarcloud.io/dashboard?id=mythril)`
Update Readme.md (#1795) 1 year ago			`[![Pypi Installs](https://static.pepy.tech/badge/mythril)](https://pepy.tech/project/mythril)`
Fix docker badge (#1700) 2 years ago			`[![DockerHub Pulls](https://img.shields.io/docker/pulls/mythril/myth.svg)](https://cloud.docker.com/u/mythril/repository/docker/mythril/myth)`
Add pixelated axe 7 years ago
Fixing a typo in README (#1363) 5 years ago			`Mythril is a security analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains. It uses symbolic execution, SMT solving and taint analysis to detect a variety of security vulnerabilities. It's also used (in combination with other tools and techniques) in the [MythX](https://mythx.io) security analysis platform.`
Update README.md 6 years ago
Update urls (#1345) 5 years ago			`If you are a smart contract developer, we recommend using [MythX tools](https://github.com/b-mueller/awesome-mythx-smart-contract-security-tools) which are optimized for usability and cover a wider range of security issues.`
Update README.md 6 years ago
Update README.md 1 year ago			`Whether you want to contribute, need support, or want to learn what we have cooking for the future, you can checkout diligence-mythx channel in [ConsenSys Discord server](https://discord.gg/consensys).`
Update README.md 6 years ago
Update README.md 7 years ago			`## Installation and setup`
Create README.md 7 years ago
Few extra updates of CI/CD config and Docker releases 7 years ago			`Get it with [Docker](https://www.docker.com):`
Update README 7 years ago
			```bash
Few extra updates of CI/CD config and Docker releases 7 years ago			`$ docker pull mythril/myth`
Update README 7 years ago			```

Update Readme to python 3.7 1 year ago			`Install from Pypi (Python 3.7-3.10):`
Create README.md 7 years ago
			```bash
Update README.md 7 years ago			`$ pip3 install mythril`
Fix messed-up formatting 6 years ago			```
Create README.md 7 years ago
Update wiki links to Read the Docs links 5 years ago			`See the [docs](https://mythril-classic.readthedocs.io/en/master/installation.html) for more detailed instructions.`
CODE: LevelDB support Submission #252303 by N1k1tung to the challenge https://www.topcoder.com/challenges/30063861 7 years ago
Update README.md 7 years ago			`## Usage`
CODE: LevelDB support Submission #252303 by N1k1tung to the challenge https://www.topcoder.com/challenges/30063861 7 years ago
Update README.md 5 years ago			`Run:`

			```
			`$ myth analyze <solidity-file>`
			```

			`Or:`

			```
			`$ myth analyze -a <contract-address>`
			```

Fix Readme 1 year ago			Specify the maximum number of transactions to explore with `-t <number>`. You can also set a timeout with `--execution-timeout <seconds>`.
Update README.md 5 years ago
Fix JSON serialisation issue (#1687) 2 years ago			Here is an example of running Mythril on the file `killbilly.sol` which is in the `solidity_examples` directory for `3` transactions:

Update README.md 5 years ago			```
Update README.md 5 years ago			`> myth a killbilly.sol -t 3`
Update README.md 5 years ago			`==== Unprotected Selfdestruct ====`
			`SWC ID: 106`
			`Severity: High`
			`Contract: KillBilly`
			`Function name: commencekilling()`
Update README.md 5 years ago			`PC address: 354`
Fix JSON serialisation issue (#1687) 2 years ago			`Estimated Gas Usage: 974 - 1399`
			`Any sender can cause the contract to self-destruct.`
			`Any sender can trigger execution of the SELFDESTRUCT instruction to destroy this contract account and withdraw its balance to an arbitrary address. Review the transaction trace generated for this issue and make sure that appropriate security controls are in place to prevent unrestricted access.`
Update README.md 5 years ago			`--------------------`
			`In file: killbilly.sol:22`

			`selfdestruct(msg.sender)`

			`--------------------`
Fix JSON serialisation issue (#1687) 2 years ago			`Initial State:`

			`Account: [CREATOR], balance: 0x2, nonce:0, storage:{}`
			`Account: [ATTACKER], balance: 0x1001, nonce:0, storage:{}`

Update README.md 5 years ago			`Transaction Sequence:`

Fix JSON serialisation issue (#1687) 2 years ago			`Caller: [CREATOR], calldata: , decoded_data: , value: 0x0`
			`Caller: [ATTACKER], function: killerize(address), txdata: 0x9fa299cc000000000000000000000000deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, decoded_data: ('0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef',), value: 0x0`
Update README.md 5 years ago			`Caller: [ATTACKER], function: activatekillability(), txdata: 0x84057065, value: 0x0`
Update README.md 5 years ago			`Caller: [ATTACKER], function: commencekilling(), txdata: 0x7c11da20, value: 0x0`
Fix JSON serialisation issue (#1687) 2 years ago
Update README.md 5 years ago			```


Update README.md 1 year ago			`Instructions for using Mythril are found on the [docs](https://mythril-classic.readthedocs.io/en/develop/).`
CODE: LevelDB support Submission #252303 by N1k1tung to the challenge https://www.topcoder.com/challenges/30063861 7 years ago
Update README.md 1 year ago			`For support or general discussions please checkout [diligence-mythx channel](https://discord.com/channels/697535391594446898/712829485350649886) in [ConsenSys Discord server](https://discord.gg/consensys)..`
Update README.md 6 years ago
Fix typo in README 5 years ago			`## Building the Documentation`
Use docs from develop 3 years ago			Mythril's documentation is contained in the `docs` folder and is published to [Read the Docs](https://mythril-classic.readthedocs.io/en/develop/). It is based on Sphinx and can be built using the Makefile contained in the subdirectory:
Add documentation guide to readme 6 years ago
			```
			`cd docs`
			`make html`
			```

			This will create a `build` output directory containing the HTML output. Alternatively, PDF documentation can be built with `make latexpdf`. The available output format options can be seen with `make help`.

Update README.md 6 years ago			`## Vulnerability Remediation`

Update urls (#1345) 5 years ago			`Visit the [Smart Contract Vulnerability Classification Registry](https://swcregistry.io/) to find detailed information and remediation guidance for the vulnerabilities reported.`