echidna

Echidna is a weird creature that eats bugs and is highly electrosensitive (with apologies to Jacob Stanley)

More seriously, Echidna is a Haskell program designed for fuzzing/property-based testing of Ethereum smarts contracts. It uses sophisticated grammar-based fuzzing campaigns based on a contract ABI to falsify user-defined predicates or Solidity assertions. We designed Echidna with modularity in mind, so it can be easily extended to include new mutations or test specific contracts in specific cases.

Features

• Generates inputs tailored to your actual code
• Optional corpus collection, mutation and coverage guidance to find deeper bugs
• Optional Slither integration to extract useful information before the fuzzing campaign
• Curses-based retro UI, text-only or JSON output
• Automatic testcase minimization for quick triage
• Seamless integration into the development workflow
• Maximum gas usage reporting of the fuzzing campaign
• Support for a complex contract initialization with Etheno and Truffle

Changelog v1.7

• Coverage guided-fuzzing enabled by default (no need to use coverage: true)
• New mutators for transactions and arrays to discover even more interesting paths in your code
• Source code integration to collect and visualize coverage (enabled using corpusDir)
• An new approach for end-to-end testing using Etheno, as described in our new tutorial in the building-secure-smart-contracts repository

This release also includes several internal refactorings, fixes in our CI tests and improved Nix support. The Echidna team would also like to thank @elopez for their fixes submitted as PRs.

Added

• Enabled use of coverage by default (#605) [BREAKING CHANGE]
• More corpus and array mutations implemented (#372)
• Source coverage is printed after fuzzing campaign (#516)

Fixed

• Coverage filenames are not overwritten (#620)
• Nix improvements and fixes (#603, #604, #608, #612)

Refactored

• Refactored and improved etheno support to be more useful (#615)
• Refactored the mutator code (#618)
• Run echidna tests in parallel (#571)
• Simplified slither information parsing (#543)

Installation

docker is recommended to install Echidna.

docker pull trailofbits/echidna
docker run trailofbits/echidna

for example

docker run -v `pwd`:/src trailofbits/echidna echidna-test /src/solidity/cli.sol

If you’d prefer to build from source, use Stack. stack install . should build and compile echidna-test in ~/.local/bin You will need to link against libreadline and libsecp256k1 (built with recovery enabled), which should be installed with the package manager of your choosing. If you’re getting errors building related to linking, try tinkering with –extra-include-dirs and –extra-lib-dirs.

Use

Copyright (C) 2018 trailofbits