Sabre

Sabre is a minimum viable MythX client. It analyzes a Solidity smart contracts using the MythX cloud service.

Usage

Installation

$ npm install -g sabre-mythx

API Credentials

Use Metamask or a web3-enabled browser to sign up for a free account on the MythX website and set your API password. Set up your environment using the Ethereum address you signed up with as the username (for increased convenience add those two lines into your .bashrc or .bash_profile).

export MYTHX_ETH_ADDRESS=0x(...)
export MYTHX_PASSWORD=password

Usage

$ sabre [options] <solidity_file>

OPTIONS:
    --mode <quick/full>             Analysis mode (default=quick)
    --clientToolName <string>       Override clientToolNames
    --noCacheLookup                 Deactivate MythX cache lookups
    --sendAST                       Submit AST instead of source code
    --debug                         Print MythX API request and response

This analysis should take about 60 to 90 seconds to finish.

Example

$ sabre contracts/token.sol
  ✔ Compiled with solc v0.5.7 successfully
  
  token.sol
    13:4  error  The binary subtraction can underflow  https://smartcontractsecurity.github.io/SWC-registry/docs/SWC-101
    14:4  error  The binary addition can overflow      https://smartcontractsecurity.github.io/SWC-registry/docs/SWC-101
  
  ✖ 2 problems (2 errors, 0 warnings)

Writing your own MythX Tools

MythX tool builders will earn revenue share in Dai when we go live with paid subscription plans. Details will be released soon. Ping us on Discord if you'd like to get involved.

Some links:

• MythX Documentation
• Awesome MythX Tools
• The Tech Behind MythX Smart Contract Security Analysis
• A Deep Dive into the MythX API
• Detecting the Top 4 Critical Smart Contract Vulnerabilities With MythX