The aim of this tutorial is to show how to use Echidna to automatically test smart contracts.
The first part introduces how to write properties for Echidna. The second part is a set of exercises to solve.
Table of contents:
- Introduction
- Installation
- Introduction to fuzzing: Brief introduction to fuzzing
- How to test a property: How to test a property with Echidna
- Basic
- How to select the most suitable testing mode: How to select the most suitable testing mode
- How to select the best testing approach: How to select the best testing approach
- How to filter functions: How to filters the functions to be fuzzed
- How to test assertions: How to test assertions with Echidna
- How to write good properties step by step: How to iteratively improve property testing
- Frequently Asked Questions: Answers to common questions about Echidna
- Advanced
- How to collect a corpus: How to use Echidna to collect a corpus of transactions
- How to detect high gas consumption: How to find functions with high gas consumption.
- How to perform smart contract fuzzing at a large scale: How to use Echidna to run a long fuzzing campaign for complex smart contracts.
- How to test a library: How Echidna was used to test the library in Set Protocol (blogpost)
- How to test bytecode-only contracts: How to fuzz a contract without bytecode or to perform differential fuzzing between Solidity and Vyper
- How to use hevm cheats to test permit: How to test code that depends on ecrecover signatures using hevm cheat codes
- How to seed Echidna with unit tests: How to use existing unit tests to seed Echidna
- Fuzzing tips: General fuzzing tips
- Exercises
- Exercise 1: Testing token balances
- Exercise 2: Testing access control
- Exercise 3: Testing with custom initialization
- Exercise 4: Testing with
assert
- Exercise 5: Solving Damn Vulnerable DeFi - Unstoppable
- Exercise 6: Solving Damn Vulnerable DeFi - Naive Receiver
- Exercise 7: Solving Damn Vulnerable DeFi - Side Entrance
Join the team on Slack at: https://empireslacking.herokuapp.com/ #ethereum
Echidna can be installed through docker or using the pre-compiled binary.
You can install Echidna with brew install echidna
.
docker pull trailofbits/eth-security-toolbox
docker run -it -v "$PWD":/home/training trailofbits/eth-security-toolbox
The last command runs eth-security-toolbox in a docker container that has access to your current directory. You can change the files from your host and run the tools on the files through the container
Inside docker, run :
solc-select use 0.5.11
cd /home/training
https://github.com/crytic/echidna/releases/tag/v2.0.2
The solc version is important to ensure that these exercises work as expected, we tested them using version 0.5.11.