diff --git a/mythril/analysis/modules/tx_origin.py b/mythril/analysis/modules/tx_origin.py index 6e358f54..41d7d52a 100644 --- a/mythril/analysis/modules/tx_origin.py +++ b/mythril/analysis/modules/tx_origin.py @@ -11,19 +11,19 @@ Check for constraints on tx.origin (i.e., access to some functionality is restri def execute(statespace): - logging.debug("Executing module: TX_ORIGIN") + logging.debug("Executing module: DEPRECIATED OPCODES") issues = [] for k in statespace.nodes: node = statespace.nodes[k] - for constraint in node.constraints: + for instruction in node.instruction_list: - if(re.search(r'origin', str(constraint))): + if(instruction['opcode'] == "ORIGIN"): issue = Issue(node.module_name, node.function_name, None, "Use of tx.origin", "Warning", \ - "Access to the function " + node.function_name + " is granted based on tx.origin. Use tx.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin" + "Function " + node.function_name + " retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use tx.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin" ) issues.append(issue)