search

Consensys / mythril

Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Rootstock, Tron and other EVM-compatible blockchains.
https://mythx.io/
MIT License
3.77k stars 725 forks source link

Add input option to load ERC190 compliant package file for analysis #265

Open fubuloubu opened 6 years ago

fubuloubu commented 6 years ago

Description:

I am making an educated guess here, but the -t/--truffle option looks like it enables loading compiled bytecode and/or deployed contract addresses (collectively the "smart contract system") for analysis using the mythril engine. I would suggest making a more general option to load ERC190 compliant package files (ethPM spec) for use in this analysis.

This could eventually be merged into a plugin-based system used by Populus such that it becomes part of a Pythonic developer process

Link

https://github.com/ethpm/py-ethpm for the python implementation of ethPM spec

Implementation Notes:

I would suggest -p/--package

muellerberndt commented 6 years ago

That's a great idea! Ideally, we'd integrate Mythril with EthPM so that all packages in the registry get analyzed automatically. This would also make for a great analysis-at-scale project.