Security News
Deno 2.6 + Socket: Supply Chain Defense In Your CLI
Deno 2.6 introduces deno audit with a new --socket flag that plugs directly into Socket to bring supply chain security checks into the Deno CLI.
By Sarah Gooding -  Dec 12, 2025
🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
pymavryk
Artifacts are distributable versions of a package. It typically includes the source code and metadata
Advanced tools
- Version
- 3.14.0
- Maintainers
- 1
PyMavryk
- RPC query engine
- Cryptography
- Building and parsing operations
- Smart contract interaction
- Local forging/packing & vice versa
- Working with Michelson AST
PyMavryk CLI
- Generating contract parameter/storage schema
- Activating and revealing accounts
- Deploying contracts (+ GitHub integration)
Michelson REPL
- Builtin interpreter (reimplemented)
- Set of extra helpers (stack visualization, blockchain context mocking)
Michelson Jupyter kernel
- Custom interpreter with runtime type checker
- Syntax highlighting, autocomplete with
Tab - In-place docstrings with
Shift+Tab - Macros support
- Verbose execution logging
- Debug helpers
Michelson integration testing framework
- Writing integration tests using
unittestpackage - Simulating contract execution using remote intepreter (via RPC) or builtin one
Installation
Make sure you have Python 3.8 to 3.12 installed and set as default in the system.
You also need to install cryptographic packages before installing the library/building the project:
Linux
Ubuntu, Debian and other apt-based distributions
$ sudo apt install libsodium-dev libgmp-dev pkg-config
Arch Linux
$ sudo pacman -Syu --needed libsodium gmp
MacOS
Homebrew needs to be installed.
$ brew install libsodium gmp pkg-config
M1 (ARM)
In case libsodium or gmp cannot find either include or lib paths, try explicitly set environment vars:
export CFLAGS="-I/opt/homebrew/Cellar/gmp/6.2.1_1/include/ -L/opt/homebrew/Cellar/gmp/6.2.1_1/lib/"
export DYLD_LIBRARY_PATH=/opt/homebrew/lib/
pip3 install --user pymavryk
For running tests you might also need to export LD_LIBRARY_PATH:
export LD_LIBRARY_PATH=/opt/homebrew/lib/
Windows
The recommended way is to use WSL and then follow the instructions for Linux, but if you feel lucky you can try to install natively:
- Install MinGW from https://osdn.net/projects/mingw/
- Make sure
C:\MinGW\binis added to yourPATH - Download the latest libsodium-X.Y.Z-msvc.zip from https://download.libsodium.org/libsodium/releases/.
- Extract the Win64/Release/v143/dynamic/libsodium.dll from the zip file
- Copy libsodium.dll to C:\Windows\System32\libsodium.dll
From PyPi
$ pip install wheel setuptools pkginfo cryptography
$ pip install pymavryk
Google Colab
>>> !apt install libsodium-dev libgmp-dev
>>> !pip install pymavryk
Docker container
Verified & minified images for CI/CD https://hub.docker.com/r/mavrykdynamics/pymavryk/tags
$ # 1. Use image from registry
$ docker pull mavrykdynamics/pymavryk
$ # or build it yourself
$ docker build . -t pymavryk
$ # 2. Use included docker-compose.yml
$ docker-compose up -d notebook
Building from sources
Requirements:
- Python 3.8 to 3.12
- libsodium, coincurve, gmp
- make
$ # prepare environment
$ make install
# # run full CI with tests
$ make all
Quick start
Read quick start guide
Learn how to enable Jupyter with Michelson
API reference
Check out a complete API reference
Inline documentation
If you are working in Jupyter/Google Colab or any other interactive console, you can display documentation for a particular class/method:
>>> from pymavryk import pymavryk
>>> pymavryk
Publications
-
Pymavryk 2.0 release with embedded docs and smart contract interaction engine
https://medium.com/coinmonks/high-level-interface-for-michelson-contracts-and-not-only-7264db76d7ae -
Materials from TQuorum:Berlin workshop - building an app on top of PyMavryk and ConseilPy
https://medium.com/coinmonks/atomic-tips-berlin-workshop-materials-c5c8ee3f46aa -
Materials from the EETH hackathon - setting up a local development infrastructure, deploying and interacting with a contract
https://medium.com/tezoscommons/preparing-for-the-tezos-hackathon-with-baking-bad-45f2d5fca519 -
Introducing integration testing engine
https://medium.com/tezoscommons/testing-michelson-contracts-with-pytezos-513718499e93
Contact
- Telegram chat: @baking_bad_chat
- Slack channel: #baking-bad
Credits
- The project was initially started by Arthur Breitman, now it's maintained by Baking Bad team.
- Baking Bad is supported by Tezos Foundation
- Michelson test set from the Mavryk repo is used to ensure the interpreter workability
- Michelson structured documentation by Nomadic Labs is used for inline help
Keywords
FAQs
Python toolkit for Mavryk
We found that pymavryk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
New React Server Components Vulnerabilities: DoS and Source Code Exposure
New DoS and source code exposure bugs in React Server Components and Next.js: what’s affected and how to update safely.
By Sarah Gooding -  Dec 12, 2025
Security News
Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk
Socket CEO Feross Aboukhadijeh joins Software Engineering Daily to discuss modern software supply chain attacks and rising AI-driven security risks.
By Sarah Gooding -  Dec 11, 2025