echidna v2.0.2 releases: Ethereum fuzz testing framework
Echidna is a weird creature that eats bugs and is highly electrosensitive (with apologies to Jacob Stanley)
More seriously, Echidna is a Haskell program designed for fuzzing/property-based testing of Ethereum smarts contracts. It uses sophisticated grammar-based fuzzing campaigns based on a contract ABI to falsify user-defined predicates or Solidity assertions. We designed Echidna with modularity in mind, so it can be easily extended to include new mutations or test specific contracts in specific cases.
- Generates inputs tailored to your actual code
- Optional corpus collection, mutation and coverage guidance to find deeper bugs
- Optional Slither integration to extract useful information before the fuzzing campaign
- Curses-based retro UI, text-only or JSON output
- Automatic testcase minimization for quick triage
- Seamless integration into the development workflow
- Maximum gas usage reporting of the fuzzing campaign
- Support for a complex contract initialization with Etheno and Truffle
This release eases the custom deployment of contracts at fixed addresses, improves the fuzzing’s shrinking and fixes a crash the EVM emulation:
deployContracts: [["0x42", "ContractA"], ["0x43", "ContractB"]] deployBytecodes: [["0x44", "60806.."]]
All the contracts are deployed using the
deployer address and will produce an error if they fail.
- Added support for deployment of certain contracts or bytecode in specific addresses (#758)
- Added support for detection and handling of ancient solc versions (#675)
- Added explicit static flag and removed pthread one from ghc options (#768)
- Improved shrinking of dynamic arrays (#775)
- Fixed git attribute to support building docker containers in Windows (#773)
- Fixed crash when the EVM execution triggers more than one query (#760)
docker is recommended to install Echidna.
docker pull trailofbits/echidna
docker run trailofbits/echidna
docker run -v `pwd`:/src trailofbits/echidna echidna-test /src/solidity/cli.sol
If you’d prefer to build from the source, use Stack. stack install . should build and compile echidna-test in ~/.local/bin You will need to link against libreadline and libsecp256k1 (built with recovery enabled), which should be installed with the package manager of your choosing. If you’re getting errors building related to linking, try tinkering with –extra-include-dirs and –extra-lib-dirs.
Copyright (C) 2018