Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

sabre-mythx

Package Overview
Dependencies
Maintainers
4
Versions
57
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

sabre-mythx

Client for the MythX smart contract security analysis service

  • 0.9.9
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
9
increased by200%
Maintainers
4
Weekly downloads
 
Created
Source

Sabre

Discord

Sabre is a security analysis tool for smart contracts written in Solidity. It uses the MythX cloud service which detects a wide range of security issues.

Warning: This client is not officially supported by MythX and may not return optimal results. Please use the MythX command line client in production environments .

Usage

Installation

$ npm install -g sabre-mythx

Setting up an Account

Sign up for a free account on the MythX website to generate an API key. Set the MYTHX_API_KEY enviroment variable by adding the following to your .bashrc or .bash_profile):

export MYTHX_API_KEY=eyJhbGciOiJI(...)

Analyzing a Solidity File

Run sabre analyze <solidity-file> [contract-name] to submit a smart contract for analysis. The default mode is "quick" analysis which returns results after approximately 2 minutes. You'll also get a dashboard link where you can monitor the progress and view the report later.

Analysis mode
--mode <quick/standard/deep>

MythX integrates various analysis methods including static analysis, input fuzzing and symbolic execution. In the backend, each incoming analysis job is distributed to a number of workers that perform various tasks in parallel. There are two analysis modes, "quick", "standard" and "deep", that differ in the amount of resources dedicated to the analysis.

Report format
--format <text/stylish/compact/table/html/json>

Select the report format. By default, Sabre outputs a verbose text report. Other options stylish, compact, table, html and json. Note that you can also view reports for past analyses on the dashboard.

Client tool name
--clientToolName <string>

You can integrate Sabre into your own MythX tool and become eligible for a share of API revenues. In that case, you'll want to use the --clientToolName argument to override the tool id which is used by the API to identify your tool.

--debug

Dump the API request and reponse when submitting an analysis.

Other commands

Besides analyze the following commands are available.

- list              Get a list of submitted analyses.
- status <UUID>     Get the status of an already submitted analysis
- version           Print Sabre Version
- apiVersion        Print MythX API version

Keywords

FAQs

Package last updated on 06 Jun 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc