MythXJS is a Javascript based library for the Mythx smart contract security analysis platform.
The library works out of the box on Node and modern browsers.
npm install mythxjs
Creating a new instance of the library using ES6 modules and pass in a config object
import { Client } from 'mythxjs'
const mythx = new Client({
username: '<your registered MythX email or EthAddress>',
apiKey: '<your mythx API key. see https://docs.mythx.io/#using-your-account for help>'
});
Submitting an analysis using bytecode only
const bytecode = '0xfe'
await mythx.submitBytecode(bytecode)
Getting a list of detected issues
await mythx.getDetectedIssues('1111-2222-3333-4444')
In order to keep MythXJS as lean as possible we do not handle MetaMask integration ourself. Instead we provide two methods: getChallenge() and loginWithSignature() and leave the user handle the MetaMask integration the way they better prefer on their front end. This also lets the user work with their preffered version of web3.
Example using react app and web3@1.0.0-beta.37:
const handleSignMessage = (account, data) => {
try {
return new Promise((resolve) => {
const {value} = data.message
if (!account) {
console.error('no-account')
}
const params = [account, JSON.stringify(data)]
web3.currentProvider.send(
{ method: 'eth_signTypedData_v3', params, from: account },
(err, result) => {
if (err || result.error) {
console.error('Error with handling signature.', err)
}
resolve(value + '.' + result.result)
}
)
}).catch((error) => {
console.error(error)
})
} catch(err) {
console.error(err)
}
}
const loginWithMM = async () => {
const accounts = await web3.eth.getAccounts();
const account = accounts[0]
const data = await mythx.getChallenge(account.toLowerCase())
handleSignMessage(account, data).then(
async (message) => {
// Returns set of tokens
const result = await mythx.loginWithSignature(message)
}
).catch(err => console.error(err))
}
For a complete list of functionality available on the library please check our docs
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
For the versions available, see the tags on this repository.
FAQs
Mythxjs is a library for the MythX smart contract security analysis platform.
We found that mythxjs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket’s new Tier 1 Reachability filters out up to 80% of irrelevant CVEs, so security teams can focus on the vulnerabilities that matter.
Research
/Security News
Ongoing npm supply chain attack spreads to DuckDB: multiple packages compromised with the same wallet-drainer malware.
Security News
The MCP Steering Committee has launched the official MCP Registry in preview, a central hub for discovering and publishing MCP servers.