Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Feature request: Please allow to specify initial state when analysing

See original GitHub issue

Currently, anaylysis are performed with [SOMEGUY] and [ATTACKER] having initally a balance of 0 and no storage in the target smart contract (which can also means a token balances of 0).

But almost all smart contract real bug founds initally required buying a tiny amount of the token on an exchange or attacker sending an amount of ether in order to withdraw way more than he should.

Issue Analytics

State:
Created 4 years ago
Comments:26

Top GitHub Comments

2reactions

ytrezqcommented, Oct 18, 2019

@norhh : oh ! Simple : Etherrol ! For such on‑chain contract, mythril base it’s permissions on creator actions whereas the adress which has real owner priviliges isn’t controlled by creator but by a off‑chain robot and thus mythril doesn’t use the address controlled by the bot in analysis (where the address of the robot was specified in constructor and isn’t modifiable).

0reactions

norhhcommented, Nov 6, 2019

I mean mythril uses onchain storage if you are accessing onchain contract, something like myth analyze --rpc infura-mainnet -a <address> only works only if the address is specified in the source code Or if you specify that address as a command line argument. Anyway, after multi level transactions I suppose it makes it’s simulation based it’s own previous simulated storage changes, correct I am not sure what it means, mythril creates a contract from the source code and then executes multiple sequence of transactions locally which mutates the local storage.