Easy multi-contract security analysis using Mythril
By Joran Honig | Monday, March 9th, 2020
The MythX platform leverages several internal components to provide the best possible analysis results. One of these components is available open-source; the symbolic executor Mythril. In this article, I’ll demonstrate how you can use Mythril to analyze a set-up of multiple smart contracts.
By default, Mythril will analyze a contract in isolation. Interactions with external contracts are generalized so that we capture all possible vulnerabilities. Sometimes, this means we find a weakness in your smart contract that might not affect your particular setup. That’s because the specific deployment values you use can have a considerable effect on how the system behaves as a whole.
Luckily you can also use Mythril to execute multi-contract analysis and analyze a specific configuration of multiple smart contracts. As a result, you might capture fewer warnings, but the results will be tailor-made to your deployment.
To do multi-contract analysis, we’ll use Mythril’s ability to analyze contracts deployed on an Ethereum network (hint: we’ll use Ganache to launch our private test network). We will deploy our contract on a network, and in doing so, create a possible target for Mythril to analyze.
To perform the multi-contract analysis, we will execute the following steps:
- Deploy a smart contract system to Ganache
- Set up Mythril to load code and world state from Ganache
- ⚡ Fire lasers at the smart contract ⚡
But first, make sure you have everything you need installed:
# The dependencies you will install are: truffle, ganache and mythrilnpm install -g trufflenpm install -g ganache-clipip3 install -U mythril
You will also need to get an example project to try multi-contract analysis on, I’ll be using the simple Metacoin contract.
# These commands create a metacoin directory,# with the metacoin truffle boxmkdir metacoincd metacointruffle unbox metacoin
Deploying your smart contract system to Ganache
We’ll start by getting a test network up and running. This network is where we deploy our contracts and where Mythril will find the smart contract state.
# Execute this command to create a new ganache networkganache-cli -p 7545 --i 5777
With the network set up, we can deploy the contracts; and because we’re using Truffle, this will be quite easy.
This command will execute all the necessary steps to get your contract set up on the test network we provided. (check out the Truffle documentation for more information on this command)
Now search the ouput of the
truffle migrate command for the address where the Metacoin contract (our target) was deployed.
contract address in the
Deploying 'MetaCoin' section.
You can see an example of the output in the image below, where I’ve highlighted the address of the fresh Metacoin Contract: 0x8712c227680bc0c8a4c7a65317C7e7700e5D566f
With the deployment completed, all that is left is to execute the following command (and possibly enjoy a ☕) :
# This command initiates the multi-contract analysismyth a -a <target_address> -l --rpc localhost:7545
As you can see, there are a few options required, here’s a brief explanation of all the elements in this command:
myth a – This is the analyze command that enables the analysis capabilities of Mythril.
-a <target_address> – This option specifies the analysis target, in our case the Metacoin contract account on the test network.
-l – This second option tells Mythril to not just use the code of the target Account, but to use world state data from the Ethereum network whenever possible.
--rpc localhost:7545 – The rpc option tells Mythril where to find an Ethereum node to get all the necessary data. In our case the node is part of our very own test network, which lives on localhost listening on port 7545.
$ myth a -a 0x8712c227680bc0c8a4c7a65317C7e7700e5D566f --rpc localhost:7545 -lThe analysis was completed successfully. No issues were detected.
Luckily there were no bugs in the MetaCoin contract. Unfortunately this is not always the case. Try running multi-contract analysis on your own smart contracts and see what you can find!
Also, let me know if you found a nice vulnerability using multi-contract Mythril! (Nothing beats hearing about how Mythril helped catch a nasty bug 🐛)