Mythril is a security analysis tool for smart contracts running on EVM-compatible blockchains (targeting the EVM one way or another). It was introduced at HITBSecConf 2018 and detects a range of known and documented security issues and vulnerabilities such as integer underflows, exceptions, deprecated opcodes, untrusted delegate calls, etc. It is not designed or meant for analyzing the financial or business logic of contracts and decentralized applications per se but and mostly just looks for vulnerabilities such as those reported and documented in the Smart Contract Vulnerability Classification Registry.

Mythril makes use of symbolic execution, SMT solving (Satisfiability modulo theories) and taint analysis in detecting a variety of possible vulnerabilities in a contract (whether source code, bytecode, on-chain or off-chain). It's used/included (in combination w/ other tooling) in the MythX security analysis platform and integrated developer tools for Ethereum smart contracts development. If a developer, it is recommended that one uses the MythX tooling as it is optimized for usability while covering a range of security issues encountered in Ethereum contracts.

Other more functionally oriented DSLs (domain-specific languages) such as those implemented for contracts in Tezos and Cardano (OCaml and Haskell based, respectively) make it possible that formal methods be applied and provers verify the mathematical correctness of the contract code before proceeding to deploying it on-chain. Ethereum hasn't implemented anything of the sort and its contracts compile to EVM bytecode, regardless whether in Solidity or the more constrained, simple and secure Vyper (who adopts a more python-like syntax and style of reading/writing).

Installation:

Install from Pypi:

$ pip3 install mythril

Usage:

As straightforward as:

$ myth analyze <solidity-file>

If analyzing a .sol file. To work with Solidity source code contracts/files, the solc command line compiler needs to be installed and in PATH. Otherwise for on-chain contracts:

$ myth analyze -a <contract-address>

Specify the maximum number of transaction to explore w/ -t <number>. Can also set timeout with --execution-timeout <seconds>.

$ myth analyze ether_send.sol

==== Unprotected Ether Withdrawal ==== SWC ID: 105 Severity: High Contract: Crowdfunding Function name: withdrawfunds() PC address: 730 Estimated Gas Usage: 1132 - 1743 Anyone can withdraw ETH from the contract account. Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having

sent an equivalent amount of ETH to it. This is likely to be a vulnerability. -------------------- In file: tests/testdata/input_contracts/ether_send.sol:21 msg.sender.transfer(address(this).balance) --------------------

Full documentation available here.

And the original paper and specification from 2018 by Bernard Mueller here.