The aim of this tutorial is to show how to use Echidna to automatically test smart contracts.
The first part introduces how to write a property for Echidna. The second part is a set of exercises to solve.
Table of contents:
- Introduction
- Installation
- Introduction to fuzzing: Brief introduction to fuzzing
- How to test a property: How to test a property with Echidna
- Basic
- How to filter functions: How to filters the functions to be fuzzed
- How to test assertions: How to test assertions with Echidna
- Advanced
- How to collect a corpus: How to use Echidna to collect a corpus of transactions
- How to detect high gas consumption: How to find functions with high gas consumption.
- How to perform smart contract fuzzing at a large scale: How to use Echidna to run long fuzzing campaign in complex smart contracts.
- How to test a library: How Echidna was used to test the a library in Set Protocol (blogpost)
- How to test bytecode-only contracts: How to fuzz a contracts without bytecode, or to perform differential fuzzing between Solidity and Vyper
- How to seed Echidna with unit tests: How to use existing unit tests to seed Echidna
- Fuzzing tips: General fuzzing tips
- Exercises
- Exercise 1: Testing token's balance
- Exercise 2: Testing access control
- Exercise 3: Testing with custom initialization
- Exercise 4: Testing with
assert
Join the team on Slack at: https://empireslacking.herokuapp.com/ #ethereum
Echidna can be installed through docker or using the pre-compiled binary.
docker pull trailofbits/eth-security-toolbox
docker run -it -v "$PWD":/home/training trailofbits/eth-security-toolbox
The last command runs eth-security-toolbox in a docker that has access to your current directory. You can change the files from your host, and run the tools on the files from the docker
Inside docker, run :
solc-select 0.5.11
cd /home/training
https://github.com/crytic/echidna/releases/tag/v1.6.0
solc 0.5.11 is recommended for the exercises.