Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 
mythril/security_checks.md

4.1 KiB

Mythril Detection Capabilities

Detection modules, ideas collection and wish list.

Issue Description Mythril Detection Module(s) References
Unprotected functions Critical functions such as sends with non-zero value or suicide() calls are callable by anyone, or msg.sender is compared against an address in storage that can be written to. E.g. Parity wallet bugs. unchecked_suicide, ether_send
Missing check on CALL return value unchecked_retval Handle errors in external calls
Re-entrancy call to untrusted contract with gas Call external functions last
Multiple sends in a single transaction External calls can fail accidentally or deliberately. Avoid combining multiple send() calls in a single transaction. Favor pull over push for external calls
Function call to untrusted contract call to untrusted contract with gas
Delegatecall or callcode to untrusted contract delegatecall_forward, delegatecall_to_dynamic.py
Integer overflow/underflow integer_underflow Validate arithmetic
Timestamp dependence Miner time manipulation
Payable transaction does not revert in case of failure
Use of tx.origin tx_origin Solidity documentation, Avoid using tx.origin
Type confusion
Predictable RNG weak_random
Transaction order dependence Front Running
Information exposure
Complex fallback function (uses more than 2,300 gas) A too complex fallback function will cause send() and transfer() from other contracts to fail. To implement this we first need to fully implement gas simulation.
Call depth attack Deprecated! EIP 150 Hard Fork
Use require() instead of assert() Use assert() only to check against states which should be completely unreachable. This facilitates static analysis using solidity's built-in SMTChecker. For more information, refer to the documentation. Solidity docs
Use of depreciated functions Use revert() instead of throw(), selfdestruct() instead of suicide(), keccak256() instead of sha3()
Detect tautologies Detect comparisons that always evaluate to 'true', see also #54