Skip to content

A Python library for the MythX smart contract security analysis platform

License

Notifications You must be signed in to change notification settings

Consensys/pythx

Repository files navigation

PythX

https://travis-ci.org/dmuhs/pythx.svg?branch=master https://readthedocs.org/projects/pythx/badge/?version=latest https://coveralls.io/repos/github/dmuhs/pythx/badge.svg?branch=master

PythX is a library for the MythX smart contract security analysis platform.

MythX is a security analysis API that allows anyone to create purpose-built security tools for smart contract developers. Tools built on MythX integrate seamlessly into the development environments and continuous integration pipelines used throughout the Ethereum ecosystem.

PythX runs on Python 3.6+ and PyPy3.

To get started, simply run

$ pip3 install pythx

Alternatively, clone the repository and run

$ pip3 install .

Or directly through Python's setuptools:

$ python3 setup.py install

PythX aims to provide an easy-to-use interface to the official MythX API. Its goal is to turbocharge tool development and make it easy to deal with even complex use cases.

from pythx import Client


c = Client(api_key="...")

# submit bytecode, source files, their AST and more!
resp = c.analyze(bytecode="0xfe")

# wait for the analysis to finish
while not c.analysis_ready(resp.uuid):
    time.sleep(1)

# have all your security report data at your fingertips
for issue in c.report(resp.uuid):
    print(issue.swc_title or "Undefined", "-", issue.description_short)

# Output:
# Assert Violation - A reachable exception has been detected.

Originally, the PythX CLI was a proof of concept to display to interested developers what can be done using the library. The interest in the CLI grew so large that a lot of developers contacted me and asked for support and new features.

This is the PSA that I will no longer maintain the PythX CLI. But wait! There's more!

Because a PoC is not exactly what you would call future-proof and maintainable software, I have decided to do a complete revamp. It is called mythx-cli and incorporates all feature requests I have gotten so far. Check it out here and let me know what you think!

Enjoy! :)