Smart Contract Vulnerability Coverage
MythX currently detects most SWCs found in the SWC Registry. Below you can find the types of vulnerabilities MythX covers.
Assertions and Property Checking
DETECTOR | ANALYSES TYPE | SWC-ID |
Solidity assert violation | Symbolic analysis, fuzzing (bytecode) | SWC-110 |
MythX assertion violation (AssertionFailed event) | Symbolic analysis, fuzzing (bytecode) | SWC-110 |
Byte-code Safety
DETECTOR | ANALYSES TYPE | SWC-ID |
Integer overflow in arithmetic operation | Symbolic analysis, fuzzing (bytecode) | SWC-101 |
Integer underflow in arithmetic operation | Symbolic analysis, fuzzing (bytecode) | SWC-110 |
Caller can redirect execution to arbitrary locations | Symbolic analysis, fuzzing (bytecode) | SWC-127 |
Caller can write to arbitrary storage locations | Symbolic analysis, fuzzing (bytecode) | SWC-124 |
Dangerous use of uninitialized storage variables | Solidity code analysis | SWC-109 |
Authorization Controls
DETECTOR | ANALYSES TYPE | SWC-ID |
Any sender can withdraw ETH from the contract account | Symbolic analysis, fuzzing (bytecode) | SWC-105 |
Any sender can trigger SELFDESTRUCT | Symbolic analysis, fuzzing (bytecode) | SWC-106 |
Use of "tx.origin" as a part of authorization control | Solidity code analysis | SWC-115 |
Control Flow
DETECTOR | ANALYSES TYPE | SWC-ID |
Delegatecall to a user-supplied address | Symbolic analysis, fuzzing (bytecode) | SWC-112 |
Call to a user-supplied address | Symbolic analysis, fuzzing (bytecode) | SWC-107 |
Unchecked return value from external call | Solidity code analysis | SWC-104 |
Block timestamp influences a control flow decision | Taint analysis (bytecode) | SWC-116 |
Environment variables influence a control flow decisions | Taint analysis (bytecode) | SWC-120 |
Loop over unbounded data structure | Solidity code analysis | SWC-128 |
Implicit loop over unbounded data structure | Solidity code analysis | SWC-128 |
Usage of "continue" in "do-while" | Solidity code analysis | N/A |
Multiple calls are executed in the same transaction | Static analysis (bytecode) | SWC-113 |
Persistent state read following external call | Symbolic analysis, fuzzing (bytecode) | SWC-107 |
Persistent state write following external call | Symbolic analysis, fuzzing (bytecode) | SWC-107 |
Account state accessed after call to user-defined address | Symbolic analysis (bytecode) | SWC-107 |
Return value of an external call is not checked | Static analysis (bytecode) | SWC-104 |
Potential weak source of randonmness | Solidity code analysis | SWC-120 |
Requirement violation | Fuzzing (bytecode) | SWC-123 |
Call with hardcoded gas amount | Solidity code analysis | SWC-134 |
ERC Standards
DETECTOR | ANALYSES TYPE | SWC-ID |
Incorrect ERC20 implementation | Solidity code analysis | N/A |
Solidity Coding Best Practices
DETECTOR | ANALYSES TYPE | SWC-ID |
Outdated compiler version | Solidity code analysis | SWC-102 |
No or floating compiler version set | Solidity code analysis | SWC-103 |
Use of right-to-left-override control character | Solidity code analysis | SWC-130 |
Shadowing of built-in symbol | Solidity code analysis | SWC-119 |
Incorrect constructor name | Solidity code analysis | SWC-118 |
State variable shadows another state variable | Solidity code analysis | SWC-119 |
Local variable shadows a state variable | Solidity code analysis | SWC-119 |
Function parameter shadows a state variable | Solidity code analysis | SWC-119 |
Named return value shadows a state variable | Solidity code analysis | SWC-119 |
Unary operation without effect | Solidity code analysis | SWC-129 |
Unary operation directly after assignment | Solidity code analysis | SWC-129 |
Unused state variable | Solidity code analysis | SWC-131 |
Unused local variable | Solidity code analysis | SWC-131 |
Function visibility is not set | Solidity code analysis | SWC-100 |
State variable visibility is not set | Solidity code analysis | SWC-108 |
Use of deprecated functions: callcode(), sha3(), ... | Solidity code analysis | SWC-111 |
Use of deprecated global variables (msg.gas, ...) | Solidity code analysis | SWC-111 |
Use of deprecated keywords (throw, var) | Solidity code analysis | SWC-111 |
Incorrect function state mutability | Solidity code analysis | N/A |