Symbolic-execution and SMT-solving security analyzer for EVM bytecode. Detects integer issues, unprotected selfdestruct/delegatecall, reachable assertion violations, and exception states by exploring execution paths with Z3.
- 01bytecode-only analysis (verified contracts on-chain)
- 02reachability of `assert` and panic states
- 03delegatecall and selfdestruct safety
- 04integer over/underflow on legacy (<0.8) code
- 05supplementing Slither with path-sensitive checks
- pipx install mythril
- # or: docker pull mythril/myth
- # Requires solc on PATH (use solc-select)
Use Mythril for symbolic analysis when you need path-level reasoning beyond static checks. Run `myth analyze src/Vault.sol --solv 0.8.28 -t 4 -o jsonv2` (the `-t` flag controls transaction depth, 3-4 is typical) and `myth analyze -a 0x... --rpc https://mainnet.infura.io/v3/$KEY` to analyze a deployed contract by address. Use `--execution-timeout 900` for large contracts and `--solver-timeout 60000` to avoid SMT timeouts. Output formats are `text`, `markdown`, `json`, and `jsonv2` — prefer `jsonv2` for tooling.
- ⚑Symbolic execution is exponential — long runs frequently time out and silently miss findings; budget realistic `--execution-timeout` per contract and split large suites.
- ⚑False positives on integer overflow are common in Solidity ≥0.8 (built-in checks) — pass `--no-onchain-storage-access` and exclude SWC-101 when scanning post-0.8 code.
- ⚑Mythril cannot reason about external-call return data symbolically beyond a few hops; deep cross-contract bugs are out of scope and need Echidna or Certora.
- ⚑Requires the exact compiler version that produced the bytecode (`--solv`); a mismatched solc yields phantom panics from PUSH0/CANCUN opcode confusion.
- ⚑The `myth disassemble` output is for inspection only — do not feed it into other tools as ground truth, the SSA is internal-format.