We’re excited to announce that we have launched a subscription plan for MythX, the premier security analysis service and platform for Ethereum smart contracts.
This post will tell you all that you need to know.
But first, a little background.
From Mythril to MythX
Over two years ago, our founder and “Chief Hacking Officer”, Bernhard Mueller, created the open source tool Mythril to provide symbolic analysis for smart contracts. To date, this tool has been downloaded over 420,000 times, so clearly there was some demand for it.
But running security tools locally is a difficult and resource-intensive process, and new vulnerabilities and techniques are being found all the time. Our team soon realized that in order to keep pace with the technical needs for comprehensive smart contract analysis, we had to build a service including a range of tools, including not only symbolic analysis, but also static and dynamic analysis with fuzzing, all working in concert.
As a solution to this problem, we built MythX.
MythX accurately detects security vulnerabilities in smart contract source code and bytecode, and provides an in-depth analysis report. With plugins to all major development tools such as Truffle and Remix, and a vibrant ecosystem of world-class integration partners, MythX can be utilized throughout the entire smart contract development lifecycle, helping to mitigate the risks associated with deploying smart contracts on the Ethereum network.
We launched a beta of this service back in March of 2019. Since then, we have had hundreds of beta users initiating over a million requests on our API. (That last part has led to some slight hitches, such as the need to re-architect our entire infrastructure. But that’s why they call it beta, right?)
Building a sustainable product
As we built this product, we asked ourselves, how can we offer this service to the community and make it sustainable? We looked into the SaaS (software-as-a-service) model, as it was well-tested in the web2 world.
The only problem there was that, at least for Ethereum, a suitable model for subscription payments didn’t exist.
So, working with our friends at Daisy Payments, we built one.
Using the DAI stablecoin, you will soon be able to purchase a subscription to the MythX service. Consider it our special brand of mixing cutting-edge tools with time-tested and easy-to-understand business practices — the best of both worlds.
Our service is now live on the Ethereum mainnet, and as of September 9th, 2019, we have launched our paid subscription service.
If you’re a current user of MythX, you probably have questions about how your MythX experience might change. And if you haven’t yet used MythX, you might have questions about how it can help your smart contract development.
So let’s talk.
Q: Will I still be able to use MythX for free?
A: Yes. We are offering the ability to run MythX security analysis for free on an ongoing basis. Our goal is to build a safer Ethereum ecosystem, and so we want to help make every smart contract as secure as possible. Having a free option allows every developer to make security a part of their development lifecycle.
Q: What’s the difference between the free plan and MythX Pro?
The free plan uses our comprehensive security analysis platform to test for ten of the most crucial smart contract vulnerabilities, or SWCs. The free plan also lets you run “quick” scans for a maximum of 120 seconds in length. MythX Pro tests for over two dozen SWCs , and can run “full” scans for up to 30 minutes.
The result is that MythX Pro looks deeper into your code and allows you to find more potential problems, which is what you really need when deploying a smart contract.
Q: What’s an SWC?
SWC stands for Smart Contract Weakness Classification, and it’s the Ethereum analogue to the Common Weakness Enumeration, or CWE. It’s basically a catalog of type of smart contract vulnerabilities. You can look at the latest list of SWC’s by going to the SWC Registry.
Q: I signed up during the beta. Do I get anything special?
A: Yes! In addition to our gratitude for testing out our service and providing feedback, we are giving you one month of MythX Pro for free, automatically. In addition, we will be offering you the opportunity to take 25% off your first purchase of a subscription for MythX Pro. (This is a limited time offer though, so make sure you have added your email address to your profile, so we can email you the deal!)
Q: I haven’t signed up yet, but I want that discount. Is it too late?
A: N̶o̶t̶ ̶y̶e̶t̶,̶ ̶b̶u̶t̶ ̶y̶o̶u̶’̶l̶l̶ ̶h̶a̶v̶e̶ ̶t̶o̶ ̶h̶u̶r̶r̶y̶.̶ ̶W̶e̶ ̶a̶r̶e̶ ̶o̶f̶f̶e̶r̶i̶n̶g̶ ̶o̶u̶r̶ ̶f̶r̶e̶e̶ ̶m̶o̶n̶t̶h̶ ̶o̶f̶ ̶M̶y̶t̶h̶X̶ ̶P̶r̶o̶ ̶a̶n̶d̶ ̶2̶5̶%̶ ̶o̶f̶f̶ ̶y̶o̶u̶r̶ ̶f̶i̶r̶s̶t̶ ̶p̶a̶i̶d̶ ̶s̶u̶b̶s̶c̶r̶i̶p̶t̶i̶o̶n̶ ̶t̶o̶ ̶a̶n̶y̶o̶n̶e̶ ̶w̶h̶o̶ ̶s̶i̶g̶n̶s̶ ̶u̶p̶ ̶f̶o̶r̶ ̶t̶h̶e̶ ̶s̶e̶r̶v̶i̶c̶e̶ ̶b̶e̶f̶o̶r̶e̶ ̶S̶e̶p̶t̶e̶m̶b̶e̶r̶ ̶9̶t̶h̶,̶ ̶2̶0̶1̶9̶.̶ ̶S̶o̶ ̶m̶a̶y̶b̶e̶ ̶j̶u̶s̶t̶ ̶i̶n̶ ̶c̶a̶s̶e̶,̶ ̶c̶l̶i̶c̶k̶ ̶h̶e̶r̶e̶ ̶a̶n̶d̶ ̶d̶o̶ ̶t̶h̶a̶t̶ ̶n̶o̶w̶.̶ Unfortunately, this deal has passed. But if you got in before the deadline, we’ll be contacting you!
Q: Did you say that I have to pay in DAI?
A: As proponents of the Ethereum ecosystem, we want to encourage usage of the platform. And using DAI, a stablecoin with a value equivalent to the U.S. dollar, allows us to bypass fiat payment options entirely, allowing for easy on-chain payment.
Q: What if I don’t have DAI?
A: We’ll be writing more about how to fund an Ethereum wallet with DAI in the coming weeks. But rest assured, it’s not that hard.
Q: Can I use an invoice to pay for MythX? What if I want some other custom offering not mentioned above?
A: Manual invoicing and other custom integrations are available with an Enterprise plan. Please email us at email@example.com and we’ll figure out a plan that’s best for you. You can also submit a request right through our website by clicking the “Help” button at the bottom of the page.
Q: How do I sign up for MythX?
A: Glad you asked! Just head on over to https://mythx.io and click “Sign up”. All you need is an email address and an Ethereum address active in MetaMask. (For MythX Pro, you’ll want to make sure that your account has DAI in it.)
Q: Where can I get more questions answered?
A: We have an FAQ on the MythX site.
We’re here for you
We want this transition to be as seamless and easy for everyone as possible. Because of this, if you are a current user of MythX, no action is required on your part.
That said, if you have any questions about MythX or our new subscription plans, we want to hear from you. You can join our Discord, or go to our website, click the “Help” button, and send us a message. You can also tweet us at @mythx_platform, or find us on LinkedIn.
We all have a responsibility to help make the Ethereum ecosystem secure and to encourage its growth and adoption. We believe MythX is our way of making a difference.
It’s been an exciting journey so far, and the adventure is just beginning. We hope you’ll join us as we continue #MakingEthereumSecure.
(Note: Article was updated to reflect launch.)