Skip to main content

Mythril is an assembler and disassembler for Ethereum VM bytecode

Project description

# Mythril

Mythril is an assembler and disassembler for Ethereum VM bytecode. It was created for low-level testing/fuzzing of EVM implementations.

## Installation

Install from Pypi:

`bash $ pip install mythril `

Or, clone the GitHub repo to install the newest master branch:

`bash $ git clone https://github.com/b-mueller/mythril/ $ cd mythril $ python setup.py install `

## Usage

To disassemble a piece of bytecode, pass it on the command line:

`bash $ mythril -d -c "0x606060405050" PUSH1 0x60 PUSH1 0x40 POP POP `

### Modifying and re-assembling code

Mythril can assemble code from input files that contain one instruction per line. To start from an existing contract, save the disassembly to a text file:

`bash $ mythril -d -c "0x606060405050" -o code.easm `

Edit the instructions in a text editor. For example, we can modify the PUSH instructions from the original example:

` PUSH2 0x4050 PUSH4 0x60708090 POP POP `

Save the file and run Mythril with the -a flag to re-assemble:

` $ mythril -a code.easm 0x61405063607080905050 `

The virtual machine language is described in the [Ethereum Yellowpaper](http://gavwood.com/paper.pdf).

### Tracing EVM execution

You can run a piece of bytecode in the [PyEthereum](https://github.com/ethereum/pyethereum) VM and trace its execution using the -t flag. This will output the instructions executed as well as the state of the stack for every execution step. To run code from the command line, use:

`bash $ ./mythril.py -t -c "0x606060405050" vm stack=[] op=PUSH1 steps=0 pc=b'0' address=b'\x01#Eg\x89\xab\xcd\xef\x01#Eg\x89\xab\xcd\xef\x01#Eg' depth=0 pushvalue=96 gas=b'1000000' storage={'code': '0x', 'nonce': '0', 'balance': '0', 'storage': {}} inst=96 vm stack=[b'96'] op=PUSH1 steps=1 depth=0 pushvalue=64 gas=b'999997' pc=b'2' inst=96 vm stack=[b'96', b'64'] op=POP steps=2 depth=0 gas=b'999994' pc=b'4' inst=80 vm stack=[b'96'] op=POP steps=3 depth=0 gas=b'999992' pc=b'5' inst=80 `

For larger contracts, you might prefer to compile them to a binary file instead:

` $ mythril -a contract.easm -o contract.bin $ mythril --trace -f contract.bin `

### Disassembling a contract from the Ethereum blockchain

You can also load code from an existing contract in the Ethereum blockchain. For this, you need to have a full node running, and the RPC debug interface must be activated. For example, when running geth you can do this as follows:

`bash $ geth --syncmode full --rpc --rpcapi eth,debug `

To load contract code from your node, pass the TxID of the transaction that created the contract:

`bash $ mythril -d --txid 0x23112645da9ae684270de843faaeb44918c79a09e019d3a6cf8b87041020340e -o some_contract.easm `

Note: If you want to get code from the Ethereum mainnet, it is easier to download it from [Etherscan](https://etherscan.io).

## Credit

JSON RPC library is adapted from [ethjsonrpc](https://github.com/ConsenSys/ethjsonrpc) (it doesn’t seem to be maintained anymore, and I needed to make some changes to it).

Project details


Release history Release notifications | RSS feed

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

mythril-0.1.2.tar.gz (9.2 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page