Bernhard Mueller
Feb 22 · 3 min read

Build MythX smart contract security tools that help Ethereum developers. We’ll share 25% of subscription revenues back to our community of buidlers.

Once upon a time, ConsenSys Diligence announced plans for building an easy-to-use smart contract security verification API (a.k.a. the “INFURA for smart contract security”) that would make it easy for developers to detect security bugs. Well, MythX is now here and it packs a punch: By combining static code analysis, guided grey-box fuzzing and symbolic execution it covers twice as many security weaknesses than the Mythril open-source tool, is 10 times faster, and integrates directly with the Ethereum developer tools and CI pipelines.

However, the real kicker is the MythX tool ecosystem. We’re currently working paid API subscription plans that will go live sometime during 2019. In the meantime, you can already start building tools on MythX API. We’re planning to share 25% of API revenues back to tool buidlers.

We’ll keep track of your tool’s user numbers by tracking its tool id which must be included in the clientToolName field of every API request. If and when paying MythX subscribers use your tool you’ll earn a share of the subscription fee pool. The share will be calculated based on your daily active paying users, and will be paid out to your Ethereum account in Dai.

There’s no limitations on what you can build. IDE plugins, Github apps, CI tools, extensions for code editors, web apps and dashboards are all fair game. The only thing that matters is that users of your tool need to sign up for a MythX API account (we’ll offer both individual licenses and volume licenses).

Example: MythX Plugin for Truffle Framework

We’ve created a couple of tools ourselves to show the capabilities of MythX. The MythX plugin for Truffle Framework runs security analysis directly from the Truffle enviroment.

What’s particularly nice about this plugin is that it takes only a couple of minutes to set up and “just works”. Here’s a screen recoding of how analyzing some vulnerable contracts with Truffle Security looks like.

All tools & libraries built by the MythX team are open source and we’ve started an awesome list to keep track of them (don’t forget adding your own tools to that list).

Roadmap

The next milestone on the MythX roadmap is our public beta launch at the beginning of March. During the beta, which will tentatively last two months, access to the API will remain completely free.

During beta, we’ll be focusing heavily on improving the user experience and optimizing the design of our free and paid license plans. Together with Token Foundry, we’re also building a new Ethereum-powered subscription system that will allow users to conveniently purchase plans and enable recurring payments.

How to Get Started Buidling

Our primary communication channel is Discord. You’ll usually find some team and community members online around the clock.

Check out the MythX tools developer guide to get started. If you want to receive revenue share, you’ll also need to register your tool ID and Ethereum wallet address.We’re currently building an awesome website where you can register and show off your tool, but until that’s done, please sign up via the Google form.

ConsenSys Diligence

ConsenSys Diligence has the mission of solving Ethereum smart contract security. Contact us for an audit at diligence@consensys.net.

Bernhard Mueller

Written by

Product Engineer @ConsenSys Diligence

ConsenSys Diligence

ConsenSys Diligence has the mission of solving Ethereum smart contract security. Contact us for an audit at diligence@consensys.net.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade