Closed marsrobertson closed 5 years ago
Hi @marsrobertson, thanks for the report. We were experiencing some load issues with the API which should be resolved now. Results might come in a bit slow right due to the high load. LMK how it goes!
$ truffle run verify
You are currently running MythX in Trial mode. This mode reports only a partial analysis of your smart contracts, limited to three vulnerabilities. To get a complete analysis, sign up for a free MythX account at https://mythx.io.
? Would you like to continue with a partial analysis [Y/n]?
Continuing with MythX Trial mode...
ERC20 |*********************************************************************************| 100% || Elapsed: 133.4s ✓ completed
SafeMath |*********************************************************************************| 100% || Elapsed: 131.4s ✓ completed
TrustlessTokenTransferTrade |**********************************************************************************| 100% || Elapsed: 49.9s ✓ completed
/Users/ms/Stuff/trustless-token-trade/contracts/ERC20.sol
-1:0 warning MythX API Trial Mode N/A
1:0 warning A floating pragma is set SWC-103
/Users/ms/Stuff/trustless-token-trade/contracts/SafeMath.sol
-1:0 warning MythX API Trial Mode N/A
3:0 warning A floating pragma is set SWC-103
53:20 error The binary addition can overflow SWC-101
/Users/ms/Stuff/trustless-token-trade/contracts/TrustlessTokenTransfer.sol
1:0 warning A floating pragma is set SWC-103
✖ 6 problems (1 error, 5 warnings)
You are currently running MythX in Trial mode, which returns a maximum of three vulnerabilities per contract. Sign up for a free account at https://mythx.io to run a complete report.
Awesome!
One thing note is that MythX still reports the overflow in SafeMath
which a false positive (kind of) because this overflow is caught in assertion. This will be improve in one of the next updates.
https://github.com/genesisdotre/trustless-token-transfer-trade
Following the instructions: https://docs.mythx.io/en/latest/tooling/truffle.html
npm install -g truffle-security
Add
plugins: [ "truffle-security" ]
totruffle-config
truffle run verify