MythX (The Bug’s Shadow) Symbolic Execution for Smart Contracts Analysis. — Tool Comparison. Websamuraidev Follow Apr 8 · 8 min read

When it comes to Smart Contracts, you wouldn’t like to ‘play games’ literally, with your code. In fact, it puts your business logic at risk.

We made an analysis of some latest tools to help you enhance your Smart Contracts security under Symbolic Execution & other techniques. We found MythX to be the leader choice for Smart Contracts security as it fast, intuitive, and you can run it in a variety of different ways. Offering high-risk level security analysis performance for your Smart Contracts.

MythX Smart Contracts Analyzer

We use a “Betting Fair-Play Game” Smart Contract as we undoubtedly think this contract require high security and user always shall argue if is fair or not to “play” this certain type of games, adding a level of trust by the user because of the Blockchain. Which we think it’s important for our analysis. This contract is Free to use and Open Source.

Third-Party Fair Games under Ethereum, Can we trust it without analyzing?

We also use a simple-test Smart Contract (Guess the Number) which we think it’s fun and shows accuracy on MythX detecting Smart Contract Vulnerability.

MythX Ease of Setup:

Choose your flavor to begin and you’ll be running your Smart Contract analysis in less than 30 minutes if not less:

Remix MythX Plugin (The fastest setup!)

MythX CLI (tasty-cli)

Truffle Plugin (Easy installation for Truffle Lovers)

VSCODE Remix Code (All in One-Place)

Extensible easy of use language libraries:

MythXJS — MythX JavaScript library.

— MythX JavaScript library. PythX — A Python library for the MythX platform.

Running MythX on Remix in a blink.

Plugin Manager on Remix

MythX Security Module on Remix

Remix MythX plugin doing some magic:

We found a SWC-104 Unchecked Call Return Value, on our Smart Contract test audit this contract was designed using a necessary fallback but an exception handling for it’s not implemented. Could potentially cause malfunctioning of the Smart Contract.