https://github.com/crytic/echidna - Echidna 2.2.7

What's Changed

• UI is now more responsive and can be scrolled using the keyboard (arrow keys, PgUp/Down, Tab)
• Text mode now reports gas/s during a fuzzing campaign.
• The docker container and static binaries are now also built for ARM Linux.
• Users can now give a friendly name to a project through the config file and it will show in the UI.
• Bugs squashed when shrinking, generating random integers, collecting contract addresses into the internal dictionary, and counting gas usage.
• Echidna is now built with GHC 9.8.4
• hevm has been upgraded to release/0.55.0
  • This hevm release includes multiple fixes and performance improvements, including a fix for multiple contract deployments under a prank.
  • Full hevm changelog: https://github.com/ethereum/hevm/compare/037ff11779d0089378f01cb103db1171dc642be2...2931f09fcbbca68911421fbe2f2f21ebebdb5332

Deprecation notice

[!IMPORTANT]
The following features will be removed from future Echidna releases. This will be the last release supporting: * Etheno integration, and the initialize configuration option * Gas estimation (estimateGas configuration option) * Concolic execution (symExecConcolic configuration option)

New Contributors

• @figtracer made their first contribution in https://github.com/crytic/echidna/pull/1357

Full Changelog: https://github.com/crytic/echidna/compare/v2.2.6...v2.2.7

- Haskell
Published by elopez 7 months ago

https://github.com/crytic/echidna - Echidna 2.2.6

What's Changed

• Users can now turn off the Slither integration with the disableSlither config option or the --disable-slither command-line flag (#1327).
  • This is only intended for development, and we do not recommend doing this as it degrades fuzzing efficiency.
  • Additionally, the UI now shows a visible warning when the Slither integration fails to execute for any reason.
• More statistics on exit: Echidna now prints the total call count (#1328)
• Precompiles now work correctly on Windows (#1333)
• hevm has been upgraded to release/0.54.2 (#1331)
  • This hevm release includes fixes for prank and startPrank. Pranking now applies to contract creation, and startPrank behavior now matches Foundry's.
  • Full hevm changelog: https://github.com/ethereum/hevm/compare/f1f45d3c0d9767a38df04f398d1eab8b66dbe7fc...037ff11779d0089378f01cb103db1171dc642be2

Full Changelog: https://github.com/crytic/echidna/compare/v2.2.5...v2.2.6

- Haskell
Published by github-actions[bot] about 1 year ago

https://github.com/crytic/echidna - Echidna 2.2.5

What's Changed

• Support Ethereum Cancun upgrade, including MCOPY (#1317, #1309, #1300)
• Print a warning if an assert isn't hit in assert mode (#1110)
• Add support for the vm.label cheatcode when printing call sequences (#1314)
• Add support for other cheatcodes: startPrank, stopPrank, setEnv, and env{Bool,Uint,Int,Address,Bytes32,String,Bytes} (#1300)
• Collect coverage during contract deployment (#1304)
• Fix overflow behavior: overflows now revert the transaction, rather than causing Echidna to error (#1293)
• Add documentation (#1298)

Full Changelog: https://github.com/crytic/echidna/compare/v2.2.4...v2.2.5

- Haskell
Published by samalws-tob over 1 year ago

https://github.com/crytic/echidna - Echidna 2.2.4

Echidna 2.2.4 is an exciting release that brings a host of improvements in fuzzing speed and user experience. This update:

• Boosts performance through optimized shrinking and multicore fuzzing. Adjustments made to our multi-worker implementation will provide increased performance when multiple workers are in use, meaning you can now have a faster and more scalable fuzzing experience. Echidna will now by default run between one to four workers, based on the available CPU cores. While we have set an intelligent default logic, you can continue to manually control the number of workers with the workers config option or --workers CLI switch. Another welcome tweak is in the shrinking process where a single worker now handles a shrinking task to minimize contention.

• Enhances user interface with handy shortcuts, added metrics, more informative messages, and clearer error responses. The new shortcuts allow for swiftly toggling the visibility of the tests and log panels (t and l). The newly introduced performance metric gas/s should be a more user-friendly indicator of execution performance than its predecessor calls/s. Expect insightful time measurements when saving coverage and an added message upon saving reproducers. Last but not least, we improved the error messages in various conditions, for better clarity and ease of understanding.

• Adds initial support to TLOAD/TSTORE opcodes as we continue our work towards achieving full compatibility with Cancun. Note that other new opcodes from Cancun are still not supported, so we recommend working with solc 0.8.24 or older for the time being.

• Introduces more configuration options including the ability to specify the Etherscan API key via the config file.

Take a peek at Echidna v2.2.4 in action fuzzing assert.sol:

The full changelog is provided below:

Added

• Toggle tests and log panes on t and l by @arcz in https://github.com/crytic/echidna/pull/1197
• Use measureIO when saving coverage by @samalws-tob in https://github.com/crytic/echidna/pull/1202
• Adjust default GC allocation area by @elopez in https://github.com/crytic/echidna/pull/1228
• Update filterFallbacks to be selective rather than all-or-nothing by @samalws-tob in https://github.com/crytic/echidna/pull/1200
• Add symbolic execution by @samalws-tob in https://github.com/crytic/echidna/pull/1216
• Support configuring Etherscan API key via config file by @elopez in https://github.com/crytic/echidna/pull/1227
• Allow to use specific filter for direct symexec by @ggrieco-tob in https://github.com/crytic/echidna/pull/1251
• Display assertion failure immediately once falsified in text mode by @samalws-tob in https://github.com/crytic/echidna/pull/1271
• Emit log message when saving reproducers by @samalws-tob in https://github.com/crytic/echidna/pull/1273
• Emit "saved reproducer" log message as event rather than putStrLn by @samalws-tob in https://github.com/crytic/echidna/pull/1274
• Show gas per second in the UI by @samalws-tob in https://github.com/crytic/echidna/pull/1279
• Show trace on UnknownFailure by @samalws-tob in https://github.com/crytic/echidna/pull/1283
• Initial support for tstore/tload by @ggrieco-tob in https://github.com/crytic/echidna/pull/1286
• Raise default number of workers by @elopez on https://github.com/crytic/echidna/pull/1288 [BREAKING CHANGE]

Fixed

• Improve delay shrinking by @arcz in https://github.com/crytic/echidna/pull/1196
• Improved shrinking removing reverts from reproducers by @ggrieco-tob in https://github.com/crytic/echidna/pull/1250
• Shrink on one worker by @arcz in https://github.com/crytic/echidna/pull/1280
• Fix Windows support after crytic-compile changes by @elopez in https://github.com/crytic/echidna/pull/1235
• ci, release: pin macOS runners to the correct architectures by @elopez in https://github.com/crytic/echidna/pull/1244
• Avoid a crash when invalid filtering is used and provide a better error message by @ggrieco-tob in https://github.com/crytic/echidna/pull/1258
• Improve max code size error message by @arcz in https://github.com/crytic/echidna/pull/1269
• Fix MVar issue by @samalws-tob in https://github.com/crytic/echidna/pull/1281
• Minor change for symExecTimeout comments by @samalws-tob in https://github.com/crytic/echidna/pull/1285
• chore: fix some typos by @yetyear in https://github.com/crytic/echidna/pull/1215
• Fix typos by @xiaoxianBoy in https://github.com/crytic/echidna/pull/1217
• chore: remove repetitive word by @findseat in https://github.com/crytic/echidna/pull/1232
• Fix some typos in comments by @momantech in https://github.com/crytic/echidna/pull/1238
• chore: fix some comments by @cangqiaoyuzhuo in https://github.com/crytic/echidna/pull/1272
• Fix typos by @omahs in https://github.com/crytic/echidna/pull/1287
• Docs improvement by @nnsW3 in https://github.com/crytic/echidna/pull/1278

Updated

• Bump softprops/action-gh-release from 0.1.15 to 2.0.3 by @dependabot in https://github.com/crytic/echidna/pull/1203
• Bump softprops/action-gh-release from 2.0.3 to 2.0.4 by @dependabot in https://github.com/crytic/echidna/pull/1220
• Bump softprops/action-gh-release from 2.0.4 to 2.0.5 by @dependabot in https://github.com/crytic/echidna/pull/1255
• Bump softprops/action-gh-release from 2.0.5 to 2.0.6 by @dependabot in https://github.com/crytic/echidna/pull/1277
• Bump cachix/install-nix-action from 25 to 26 by @dependabot in https://github.com/crytic/echidna/pull/1204
• Bump cachix/install-nix-action from 26 to 27 by @dependabot in https://github.com/crytic/echidna/pull/1263
• Bump DeterminateSystems/magic-nix-cache-action from 3 to 4 by @dependabot in https://github.com/crytic/echidna/pull/1222
• Bump DeterminateSystems/magic-nix-cache-action from 4 to 6 by @dependabot in https://github.com/crytic/echidna/pull/1257
• Bump DeterminateSystems/magic-nix-cache-action from 6 to 7 by @dependabot in https://github.com/crytic/echidna/pull/1267
• Bump DeterminateSystems/nix-installer-action from 9 to 10 by @dependabot in https://github.com/crytic/echidna/pull/122
• Bump DeterminateSystems/nix-installer-action from 10 to 11 by @dependabot in https://github.com/crytic/echidna/pull/1256
• Bump DeterminateSystems/nix-installer-action from 11 to 12 by @dependabot in https://github.com/crytic/echidna/pull/1268
• Bump cachix/cachix-action from 14 to 15 by @dependabot in https://github.com/crytic/echidna/pull/1262
• Bump docker/build-push-action from 5 to 6 by @dependabot in https://github.com/crytic/echidna/pull/1275
• Bump sigstore/gh-action-sigstore-python from 2.1.1 to 3.0.0 by @dependabot in https://github.com/crytic/echidna/pull/1289
• Upgrade hevm to latest echidna-patches commit by @elopez in https://github.com/crytic/echidna/pull/1243

New Contributors

• @yetyear made their first contribution in https://github.com/crytic/echidna/pull/1215
• @xiaoxianBoy made their first contribution in https://github.com/crytic/echidna/pull/1217
• @findseat made their first contribution in https://github.com/crytic/echidna/pull/1232
• @momantech made their first contribution in https://github.com/crytic/echidna/pull/1238
• @cangqiaoyuzhuo made their first contribution in https://github.com/crytic/echidna/pull/1272
• @nnsW3 made their first contribution in https://github.com/crytic/echidna/pull/1278

Full Changelog: https://github.com/crytic/echidna/compare/v2.2.3...v2.2.4

- Haskell
Published by elopez over 1 year ago

https://github.com/crytic/echidna - Echidna 2.2.3

What's Changed

• Bump actions/cache from 3 to 4 by @dependabot in https://github.com/crytic/echidna/pull/1173
• Refactor BuildOutput by @arcz in https://github.com/crytic/echidna/pull/1174
• Validate corpus while replaying by @arcz in https://github.com/crytic/echidna/pull/1177
• Refactor by @arcz in https://github.com/crytic/echidna/pull/1178
• Save traces for every transaction in reproducer by @arcz in https://github.com/crytic/echidna/pull/1180
• Display contract names in UI by @arcz in https://github.com/crytic/echidna/pull/1181
• Fix faulty corpus transaction detection by @arcz in https://github.com/crytic/echidna/pull/1184
• Bump DeterminateSystems/magic-nix-cache-action from 2 to 3 by @dependabot in https://github.com/crytic/echidna/pull/1186
• nix: enhance TERMINFO for Linux builds by @elopez in https://github.com/crytic/echidna/pull/1187
• Update hevm to 0.53.0 by @arcz in https://github.com/crytic/echidna/pull/1189
• Update README.md by @0xicingdeath in https://github.com/crytic/echidna/pull/1190
• Speed up shrinking in some cases by @samalws-tob in https://github.com/crytic/echidna/pull/1192
• feat: add CLI commands for RPC URL and block number by @penandlim in https://github.com/crytic/echidna/pull/1194
• Echidna 2.2.3 by @arcz in https://github.com/crytic/echidna/pull/1195

New Contributors

• @penandlim made their first contribution in https://github.com/crytic/echidna/pull/1194

Full Changelog: https://github.com/crytic/echidna/compare/v2.2.2...v2.2.3

- Haskell
Published by github-actions[bot] almost 2 years ago

https://github.com/crytic/echidna - Echidna 2.2.2

What's Changed

• Save corpus and reproducers continuously (#1167)
• Deliver status information using server-sent events (#1131)
• Performance improvements for coverage collection (#1160)
• Make slither optional (#1159)
• Rich trace printing (#1157)
• Static builds and release workflow (#1133)
• Re-enables using slither for vyper files (#1108)
• Dependency updates (#1153, #1096, #1154)

Full Changelog: https://github.com/crytic/echidna/compare/v2.2.1...v2.2.2

- Haskell
Published by github-actions[bot] about 2 years ago

https://github.com/crytic/echidna - Echidna 2.2.1

What's Changed

• Shanghai fork support with hevm 0.51.3 (#1090)
• Fixed coverage collection for delegatecalls (#1083)
• Added events to JSON output (#1069)
• Changed event sequence to be displayed on new lines (#1079)
• Improved "No tests found in ABI" error message (#1077)
• Refactored code (#1070, #1074)

Full Changelog: https://github.com/crytic/echidna/compare/v2.2.0...v2.2.1

- Haskell
Published by arcz over 2 years ago

https://github.com/crytic/echidna - Echidna 2.2.0

Echidna 2.2.0 contains significant improvements to the fuzzing speed and UX: * Multicore fuzzing & optimized coverage collection. Those combined delivered up to 20x fuzzing speed improvement on a real-world internal benchmark. The number of workers can be configured with workers config option or --workers CLI switch. Echidna runs only one worker by default, but this might change in future releases. * Lcov support. It is output by default and can be controlled with the coverageFormats config option. This enables external coverage tools such as genhtml or VSCode plugins. * More configuration options. Added --timeout <seconds> CLI switch. RPC URL and block number can now be also specified in the config file for on-chain fuzzing. * UI improvements. Echidna now outputs an event log for any fuzzing breakthrough, such as new coverage. The interactive UI was significantly reworked to accommodate all the changes from this release (see the screenshot below).

Note, we changed the way reverts are shown in coverage reports. Now, only the line where a revert happened is marked, instead of the whole path.

The full changelog:

Added

• Multicore fuzzing (#963, #1033, #1026, #1035)
• Lcov format support (#1029)
• Experimental power number generator for uints (#892)

Changed

• Coverage collection optimization (#1003, #1041)
• On-chain fuzzing improvements (#1017)
• Refactored code (#1020, #1021)
• Updated dependencies (#1022, #1023)
• UI improvements (#1031, #1032, #1034, #1040)
• Readme improvements (#1019)

- Haskell
Published by arcz almost 3 years ago

https://github.com/crytic/echidna - Echidna 2.1.1

This is a release focused on fixes and minor features. User facing changes include:

• Optimized the memory usage during the fuzzing campaign.
• Added initial compatibility with invariant mode from Foundry.
• Added additional information on how Echidna spend time during startup.
• Fixed several small rare crashes.

This release also include a number of refactoring changes to make the code easier to improve in future.

Added

• Added missing space in ProcessorNotFound message (#977)
• Added measurement and log of external actions (#988)
• Avoid using cheat code address to form fuzzing call sequences (#993)
• Implemented invariant testing from foundry (#989)

Changed

• hevm upgraded to 0.50.4 (#986)
• Cleaned and improved codebase (#990, #994, #995, #997)
• Make frequently modified fields strict (#1000)
• Force corpus evaluation (#1002)
• Improved text/headless UI (#991, #1006, #1007, #1009)

- Haskell
Published by ggrieco-tob almost 3 years ago

https://github.com/crytic/echidna - Echidna 2.1.0

Echidna 2.1.0 introduces on-chain fuzzing. Echidna can now run starting with an existing state provided by an external RPC service (Infura, Alchemy, local node, etc). This enables users to speed up the fuzzing setup when using already deployed contracts. For instance:

solidity contract TestCompoundEthMint { constructor() { hevm.roll(16771449); // sets the correct block number hevm.warp(1678131671); // sets the expected timestamp for the block number } … Compound comp = Compound(0x4Ddc2D193948926D02f9B1fE9e1daa0718270ED5); function assertNoBalance() public payable { require(comp.balanceOf(address(this)) == 0); comp.mint{value: msg.value}(); assert(comp.balanceOf(address(this)) == 0); } }

We can specify the RPC endpoint for Echidna to use before running the fuzzing campaign with the following environment variables:

export ECHIDNA_RPC_URL=http://.. ECHIDNA_RPC_BLOCK=16771449

And then Echidna can be executed as usual. At the end of the execution, if the source code mapping of any executed on-chain contract is available on Etherscan, it will be automatically fetched for the coverage report. Optionally, an Etherscan key can be provided using the ETHERSCAN_API_KEY environment variable.

This release also provides experimental support for Windows binaries.

Additionally, this release also includes fixes and a large refactor of several parts of the code that will facilitate the tool development and performance improvements. Other important changes are:

• echidna-test executable was renamed as echidna
• multi-abi config keyword was renamed to allContracts. multi-abi still works but will be removed in future.
• FFI cheat code to allow execute execution from Solidity
• Special UI screen to show when there is a crash in Echidna

Added

• On-chain fuzzing (#927, #971) [EXPERIMENTAL]
• Added Windows support (#943) [EXPERIMENTAL]
• Added scrollbar to the UI (#915)
• Added crash display to the UI (#944)
• Added human-friendly errors for panic codes (#965)
• Added support for the FFI cheatcode (#750)

Changed

• Refactored code (#903, #906, #908, #924, #925, #928, #946, #956, #966, #968)
• Updated dependencies (#942, #948)
• Build and CI improvements (#912, #914, #917, #952, #967)
• Renamed echidna-test binary to echidna (#826)
• Renamed multi-abi mode to allContracts, multi-abi still works but will be removed in future (#934)

Removed

• Removed generation of negative seeds (#933) [BREAKING CHANGE]

Fixed

• Fixed method filtering in multi-abi mode (#950, #954)
• Fixed config parsing for too large values (#935)
• Fixed parsing string constants that start with 0x (#958)

- Haskell
Published by ggrieco-tob almost 3 years ago

https://github.com/crytic/echidna - Echidna 2.0.5

This release migrates Echidna to the new hevm implementation. Echidna can now use the prank cheat code that we recently added to hevm. It lets you override the msg.sender value for the next external call:

```solidity interface Hevm { ... function prank(address) external; }

contract Test { Hevm hevm = Hevm(0x7109709ECfa91a80626fF3989D68f67F5b1DD12D); function echidna_test() { hevm.prank(0x123..); contract.f(); // msg.sender will be 0x123.. contract.g(); // msg.sender will be address(this) .. } } ```

Prank should be used carefully since it can introduce false positives if used to simulate calls from contracts. Please refer to this documentation for the complete list of cheat codes.

The release also refactors several parts of the code to facilitate further Echidna development.

Added

• Added saving and loading of reproducers for every test (#858)
• Added events and revert reasons for any failure in the constructor (#871)

Fixed

• Optimized constant generation (#898, #900)
• Fixed how address are displayed in events (#891)
• Update hevm to 0.50 (#884, #894, #896, #897, #901)
• Fixed uninitialized sender addresses from etheno transactions (#823)
• Fixed crash when minimizing inputs during optimization tests (#837)
• Refactored code and removed useless dependencies (#856, #857, #874, #878, #895, #903)

- Haskell
Published by ggrieco-tob about 3 years ago

https://github.com/crytic/echidna - Echidna 2.0.4

This release introduces coverage reports as HTML files. This will ease the detection of uncovered code during fuzzing campaigns. It also includes bug fixes as well as a large refactor of several parts of the code. This means that new features and optimizations are easier to implement.

Echidna 2.0.4 will automatically generate a coverage report in HTML in the corpus directory following the same approach as the text file report (e.g. covered.X.html). The report will show colors to signal which lines are covered either without errors (green), with a revert (yellow) or not covered at all (red).

Additionally, lines with no color are not included in the bytecode.

Added

• Added colored html for coverage output code (#816)
• Added Homebrew installation instructions (#848)

Fixed

• Fixed crash when parsing solc versions (#835)
• Fixed long transactions and event lines in UI (#832)
• Moved all nix stuff to flake and use nix-bundle-exe for macOS release (#851)
• Updated codebase to GHC 9.0.2 (#846)
• Refactored code and removed useless dependencies (#854, #853, #829, #827, #828)

Watch our live streaming series to learn how to use Echidna like a pro (see our recent blogpost: "We're streamers now")

- Haskell
Published by ggrieco-tob over 3 years ago

https://github.com/crytic/echidna - Echidna 2.0.3

This release focuses on getting enhanced coverage during a fuzzing campaign when handling non-utf8 strings, extreme signed integers and the fallback function. It also improved the scripts to build Docker containers.

Fixed

• Avoid resetting accounts if there is a deployed contract (#795)
• Fixed decoding non-utf8 strings from slither printer (#799)
• Fixed generation and mutation of extreme signed integers (#791)
• Removed fallback from signature map when it is not defined (#772)
• Refactored Docker scripts and tests (#706)

- Haskell
Published by ggrieco-tob over 3 years ago

https://github.com/crytic/echidna - Echidna 2.0.2

This release eases the custom deployment of contracts at fixed addresses, improves the fuzzing's shrinking and fixes a crash the EVM emulation:

yaml deployContracts: [["0x42", "ContractA"], ["0x43", "ContractB"]] deployBytecodes: [["0x44", "60806.."]]

All the contracts are deployed using the deployer address and will produce an error if they fail.

Added

• Added support for deployment of certain contracts or bytecode in specific addresses (#758)
• Added support for detection and handling of ancient solc versions (#675)
• Added explicit static flag and removed pthread one from ghc options (#768)

Fixed

• Improved shrinking of dynamic arrays (#775)
• Fixed git attribute to support building docker containers in Windows (#773)
• Fixed crash when the EVM execution triggers more than one query (#760)

- Haskell
Published by ggrieco-tob almost 4 years ago

https://github.com/crytic/echidna - Echidna 2.0.1

This release adds support for dapp/foundry properties, improves the input generation and fixes multiple minor bugs.

Echidna supports writing properties/invariants using three different APIs: ```solidity function echidna_property() public returns (bool) { // A specially named function with no arguments is required // The following statement can trigger a failure depending on the returned value. Reverts will force a failure return ..; } // side effects are not preserved

function checkInvariant(..) public { // A function with any number of arguments is supported using "--testMode assertion" assert(..); // The following statement will always trigger a failure emits AssertionFailure(..);
} // side effects are preserved

function checkDappTest(..) public { // A function with one or more arguments are required using "--testMode dapptest" // Any revert will cause a failure, otherwise it passes ... } // side effects are preserved (but usually this runs in stateless mode) ```

Every testing mode can be stateful (by default) or stateless (using --seqLen 1). Review our documentation for more details on how to use these APIs and the difference between stateful and stateless fuzzing.

Added

• New testing mode: "dapptest" to run foundry and dapptool fuzz tests (#733, #745) (see an example here)
• Generate more values closer to the maximum (#736)

Fixed

• Expanded and improved command-line help (#741)
• Fixed TERMINFO path for Nix release builds (#731)
• Mitigated large memory consumption when replaying corpus (#725)
• Fixed --shrink-limit to change shrink limit instead of test limit (#728)
• Correctly show lines with multiple types of coverage
• Restored nix support (#717, #743)

Removed

• Optimized stateless fuzzing removing some specific mutators (#747)

- Haskell
Published by ggrieco-tob almost 4 years ago

https://github.com/crytic/echidna - Echidna 2.0.0

Echidna 2.0.0 is a new major release of our fuzzing tool for smart contracts. All users of Echidna should move to version 2.0.0. We will not provide support for older releases.

Major new features

• Detection of assertion failures in Solidity 0.8.x or greater, including automatic detection of integer overflows, zero division, invalid casts, and more
• Automatic discovery of maximum values for functions that compute a value (e.g., int256) with --test-mode optimization

• Automatic integer over- and underflow detection in Solidity 0.8.x or greater with --test-mode overflow. This mode detects integer issues across all functions of the tested contract. It shows inputs that cause under- or overflows without any additional configuration. For instance, it will detect an overflow in this code snippet without outside assistance: solidity function f(uint x, uint y) public { uint z = x + y; ... }

• Automatic detection of contract destruction using testDestruction (which usually should trigger failures in other tests)

• Assertion tests using events (e.g., AssertionFailure(...)) are improved to work even if the execution reverts

Enhanced user experience

Echidna now shares why a test failed and what state the contract was in when it failed. Echidna now displays:

• The cause that triggers a failure in a property or assertion (e.g., a revert in a property test) to help quickly detect unexpected failures in properties
• A list of events or custom errors collected during the transaction that triggers a failure, which lets users print any state variable or computation using only events

Simplified test configuration

Echidna 2.0.0 features a simplified interface, using a "test mode" to specify the type of tests performed. These are configured via --test-mode (CLI) or testMode (config file):

• (Default for no arguments) Run user-defined property tests: echidna-test contract.sol --test-mode property
• Detect integer overflows (Solidity 0.8.x+): echidna-test contract.sol --test-mode overflow
• Find the maximum value for a function: echidna-test contract.sol --test-mode optimization
• Execute every line of code without any testing target ("unconstrained execution"): echidna-test contract.sol --test-mode exploration
• Detect assertion failures (previously checkAsserts): echidna-test contract.sol --test-mode assertion

checkAsserts and benchmarkMode options have been removed.

Changelog

Added

• Complete support for assertion detection in Solidity 0.8 and greater
• New testing modes: function optimization
• New testing mode: Integer under and overflow detection in solc 0.8 and greater
• Events and cause of failure are now displayed
• Added a new self-destruction test to check if any contract was destroyed
• Added a new config option to enable or disabled all self-destruction tests using testDestruction

Removed

• checkAsserts and benchmarkMode were removed in favor of testMode [BREAKING CHANGE]

Fixed

• Revert cleans all the events
• Incorrect handling of negative constants (#636)
• Incorrect filtering of functions when using assertion mode (#690)
• Value generation can fail in multi-abi mode (#579)
• psender and deployer address are changed to be 0x10000 and 0x30000 for readability [BREAKING CHANGE]
• Upgraded to hevm 0.49

Refactored

• Refactored campaign and test internal data structures and code
• Refactored unit test code and moved the related files to the tests directory
• Refactored UI code

- Haskell
Published by ggrieco-tob about 4 years ago

https://github.com/crytic/echidna - Echidna 1.7.3

This is a small release with some minor bugfixes and quality of life improvements. User facing changes include:

• removal of old compilation artifacts before starting another campaign
• fixed incorrect function filtering in assertion mode
• improved handling of negative constants
• fixed source line printing within coverage

Some less important changes are a version bump to hevm 0.48.0 and some nix improvements regarding slither.

- Haskell
Published by incertia about 4 years ago

https://github.com/crytic/echidna - Echidna 2.0.0 (beta 2)

Echidna 2.0.0 (beta 2) is the second beta release of the new version of our fuzzing tool for smart contracts, which continues with the new features, fixes and breaking changes. This release brings the following new major features:

• Automatic integer overflow or underflow detection for solc 0.8.x or greater using --test-mode overflow. This mode detects integer issues across all the functions of the tested contract to show inputs cause under or overflows without modifying or adding anything in your code. For instance, it will detect an overflow here: solidity function f(uint x, uint y) public { uint z = x + y; ... }
• Self destruction tests include any contract destruction (and not just the testing one). Additionally, they are disabled by default, making the UI easier to read.

Additionally, the psender and deployer addresses were changed to 0x10000 and 0x30000 respectively to be more readable. Please double check your properties to see if they work as expected.

Added

• New testing mode: Integer under and overflow detection in solc 0.8 and greater [UNSTABLE FEATURE]
• Added a new self-destruction test to check if any contract was destroyed.
• Added new config options to enable or disabled all self-destruction tests using testDestruction [BREAKING CHANGE]

Removed

• Self-destruction tests are disabled by default. [BREAKING CHANGE]

Fixed

• psender and deployer address are changed to be 0x10000 and 0x30000, to be more readable [BREAKING CHANGE]
• Upgraded to hevm 0.48.

- Haskell
Published by ggrieco-tob over 4 years ago

https://github.com/crytic/echidna - Echidna 2.0.0 (beta 1)

Echidna 2.0.0 (beta 1) is the first beta release of the new version of our fuzzing tool for smart contracts, which brings a number of new features and breaking changes. If you need a stable release right now, please use v1.7.2, otherwise, we encourage everyone to test this new beta.

Echidna 2.0 has the following new major features:

• Full support for solc 0.8.x or greater to detect assertion failures, including automatic detection of integer overflows, zero division, invalid casts, and others.
• Assertion tests using events (e.g. AssertionFailure(...)) are improved to work even if the execution reverts.
• Value optimization tests, where there is a function that computes a value (int256) and Echidna tries to find a maximum.
  
• Automatic detection of contract destruction (which usually should trigger failures in other tests).

On top of that, Echidna will show us valuable information regarding why the test is failing and what is the state of the contract when it failed:

• The cause that triggers a failure in a property or assertion (e.g. a revert in a property test). This allows auditors to quickly detect unexpected failures in properties.
• The list of events collected during the transaction that trigger a test failure (or that provides the maximum value of a certain function if optimization is used). This allows users to print any state variable or computation just using events.

This new release also features a simplified interface, using a "test mode" to specify what type of tests you want. This can be used directly in the command-line:

• To test assertions and enable the automatic detection of integer overflows (if solc 0.8.x is used):

echidna-test contract.sol --test-mode assertion

• To run a value optimization and find the maximum value in some function:

echidna-test contract.sol --test-mode optimization

• To run unconstrained exploration mode, where echidna will try to execute every line of code without any testing target:

echidna-test contract.sol --test-mode exploration

Finally, by default, --test-mode is assumed to be property. This new version also removes checkAssertion and benchmarkMode config options. Instead, users should specify testMode in the yaml file which can be one the values previously detailed.

Added

• Complete support for assertion detection and other in solc 0.8 and greater
• New testing modes: function optimization [UNSTABLE FEATURE]
• Events and cause of failure is now displayed [UNSTABLE FEATURE]
• Automatic detection of destructed contracts

Removed

• checkAssertion and benchmarkMode were removed in favor of testMode [BREAKING CHANGE]

Fixed

• Revert cleans all the events
• Incorrect handling of negative constants (#636)
• Incorrect filtering of functions when using assertion mode (#690)
• Value generation can fail in multi-abi mode (#579)

Refactored

• Refactored campaign and execution code (#615)
• Refactored integration test code
• Refactored UI code [UNSTABLE FEATURE]

- Haskell
Published by ggrieco-tob over 4 years ago

https://github.com/crytic/echidna - Echidna 1.7.2

Echidna 1.7.2 is a minor release that brings a variety of fixes and small improvements, including improved command-line options and fixes when using hardhat/brownie to test contracts. It relies on hevm 0.46 for the EVM emulation. This release requires to use crytic-compile 0.2.0 or later but otherwise contains no breaking changes.

Fixed

• Fixed check-asserts and multi-abi cli switches (#665)
• Support for loading multiple files with compiled contracts from hardhat/brownie (#659)

Refactored

• Updated to hevm 0.4.6 (#660)

- Haskell
Published by ggrieco-tob over 4 years ago

https://github.com/crytic/echidna - Echidna 1.7.1

Echidna 1.7.1 is a minor release that brings a variety of fixes and small improvements, including better mutations, two new command-line options, --corpus-dir and --check-asserts, correct initialization of new addresses and extended notion of coverage to include EVM frames. This release contains no breaking changes.

Added

• Documented known issues and limitations (#655)
• Improved coverage to count number of EVM frames (#624)
• Added two CLI options: --corpus-dir and --check-asserts (#640)

Fixed

• Tweaked mutators and improved test stability (#628)
• Automatically initialize addresses when used (#657)
• Avoid mutations to generate inputs outside their expected ABI range (#650)
• Various small fixes to run Vyper contracts (#645)
• Fixed link to macOS binary in binaries.soliditylang.org (#629)
• Fixed UI to fit long function calls (#635)
• Fixed default.nix to use 1.7.0 as version (#623)

Refactored

• Refactored shrinkSeq to improve readability (#639)
• Refactored Test type (#622)
• Refactored coverage types and added corpus size in UI (#627)

- Haskell
Published by ggrieco-tob almost 5 years ago

https://github.com/crytic/echidna - Echidna 1.7.0

Echidna 1.7.0 is a major release that brings a few major features: * Coverage guided-fuzzing enabled by default (no need to use coverage: true) * New mutators for transactions and arrays to discover even more interesting paths in your code * Source code integration to collect and visualize coverage (enabled using corpusDir) * An new approach for end-to-end testing using Etheno, as described in our new tutorial in the building-secure-smart-contracts repository

This release also includes several internal refactorings, fixes in our CI tests and improved Nix support. The Echidna team would also like to thank @elopez for their fixes submitted as PRs.

Added

• Enabled use of coverage by default (#605) [BREAKING CHANGE]
• More corpus and array mutations implemented (#372)
• Source coverage is printed after fuzzing campaign (#516)

Fixed

• Coverage filenames are not overwritten (#620)
• Nix improvements and fixes (#603, #604, #608, #612)

Refactored

• Refactored and improved etheno support to be more useful (#615)
• Refactored the mutator code (#618)
• Run echidna tests in parallel (#571)
• Simplified slither information parsing (#543)

- Haskell
Published by ggrieco-tob about 5 years ago

https://github.com/crytic/echidna - Echidna 1.6.1

Echidna 1.6.1 is a minor release that, most importantly, allows using compiler metadata to detect which contracts are deployed, avoiding any issues when the bytecode modifies its own code (e.g., when they use the immutable keyword). This release also contains performance optimizations when executing properties, speeding up the testing when the EVM reverts, and lets users be more precise when whitelisting or blacklisting functions by specifying the full contract name and ABI.

The Echidna team would also like to thank @elopez and @KurogeWashu for their fixes submitted as PRs.

Fixed

• Use a sensible default value for block.gaslimit (#596)
• Use metadata to detect deployed contracts (#593)
• Fixed wait bug when shrinking (#584)
• Small fixes in the macOS CI (#597), the README (#590) and Nix scripts (#581)

Added

• Semver integration for improving testing with different solc versions (#594)
• Added some performance improvement in property execution (#576)
• Added funwithnumbers example from Sabre (#565)
• Improved function filtering to be more precise (#570) [BREAKING CHANGE]

- Haskell
Published by ggrieco-tob about 5 years ago

https://github.com/crytic/echidna - Echidna 1.6.0

Echidna 1.6.0 introduces integration with Slither, now a required dependency for Echidna to function properly. Slither can help Echidna understand the structure of Solidity contracts which we use to explore more interesting code paths. This release also updates hevm to version 0.42, improves shrinking and pretty-printing of results, and includes a variety of bugfixes and refactoring. Finally, the Echidna team would also like to thank @elopez, @erivas, and @bingen for their work on squashing some annoying issues.

Added

• Remove code size restriction (disable EIP-170) by default. Users can restore it using the codeSize config (#544)
• Improved shrinking and pretty printing (#518)
• Integrate slither results (#451) [BREAKING CHANGE]
• HEVM updated to 150dddc67b6cbad75fd4ae5a689452892f55ea26
• Make stack limit exceeded a revert (#517)
• Various Github Actions improvements (#527, #554)

Fixed

• Made sure that gets mapped correctly, fixing #474 (#503)
• Fix library timestamp/block delay issue (#510)
• Make large constants work better with dictionaries (#523)
• Fix "flanky" corpus tests (#537)
• Fix negative address bug (#552)

Refactored

• Reorganized MonadState and MonadReader (#545, #513)
• Multiple code simplification (#548, #549, #513)
• Add some default transaction constants (#532)

- Haskell
Published by ggrieco-tob over 5 years ago

https://github.com/crytic/echidna - Echidna 1.5.1

This minor release focuses on stability. We improved the handling of timestamp and block number to make testing of code depending on these easier and more effective. Additionally, we fixed some corner cases in the handling of contract deployments, we improved the UI to be easier to use, refactored some internal code and added more unit tests. Finally, the Echidna team would also like to thank @elopez, our external contributor for their work on squashing some annoying issues.

Added

• Seed to UI (#456)
• Initial timestamp and block number (#455)
• DockerHub containers in addition to GitHub (#445)

Fixed

• Timestamp and block delays having the initial timestamp/block added to them (#460, #469)
• GitHub actions due to new macOS image (#468)
• Extcodesize by creating contracts correctly (#453, #454, #465)
• Detect contract deployment failures (#447)
• Brought back print reporting after exiting the UI (#441)

Refactored

• Relax package.yaml constraints (#466)
• Refactor unit tests (#457)
• Better README (#450)
• Code simplifications (#448)
• Refactor Tx (#437)

- Haskell
Published by ggrieco-tob over 5 years ago

https://github.com/crytic/echidna - Echidna 1.5.0

With this release of Echidna we are changing the version format to a 3-number format to be more in line with pre-existing tools and away from the slightly more arcane 4-number Haskell format. With vX.Y.Z, one can expect bumps in Z to not significantly impact any pre-existing echidna installations and scripts. Changes in Y may require a small amount of manual intervention and changes in X will definitely require manual intervention. Please check the release notes when updating to determine what needs to be changed.

This release introduces a generic list mutation engine that is used to mutate transaction lists, especially those loaded from a previous Echidna corpus. It also introduces a new JSON output format for use in headless environments. Use the --format json command line switch to see it in action. The existing CLI interface remains unchanged. Please consult the changelog for further details.

As always, we release a MacOS binary as well as a static binary compiled on Ubuntu. Please note that for macOS it is dynamically linked and libsecp256k1 was installed from this recipe and that libff was built from source and installed to /usr/local/lib. You can now find Docker autobuilds under our package registry. This release may be found here.

On behalf of the Echidna team I would also like to thank our external contributors for their work on quashing some annoying issues.

erivas elopez

Echidna is now bundled within Crytic CI, which can automatically run Echidna as well as other tools like Slither automatically for you for super easy Github integration. Also check out building-secure-contracts to learn how to write properties and use Echidna's advanced features.

- Haskell
Published by incertia almost 6 years ago

https://github.com/crytic/echidna - Echidna 1.4.0.1

This is a minor update to 1.4.0.0. We have bumped the HEVM version so contracts may be compiled with Solidity 0.6.

- Haskell
Published by incertia almost 6 years ago

https://github.com/crytic/echidna - Echidna 1.4.0.0

This is the fifth release of Echidna. With this release, we introduce two new features which can be enabled via various configuration flags:

• Filtering functions either blacklisting or whitelisting functions to call during a fuzzing campaign using this configuration to blacklist:

yaml filterBlacklist: true filterFunctions: ["f1", "f2", "f3"]

or this one to whitelist:

yaml filterBlacklist: false filterFunctions: ["f1", "f2", "f3"]

• Saving and loading a corpus of transactions (in JSON format) using this configuration:

yaml coverage: true corpusDir: "corpus"

Note that the corpus directory should be already created.

- Haskell
Published by ggrieco-tob almost 6 years ago

https://github.com/crytic/echidna - Echidna 1.3.0.0

This is the fourth release of Echidna. With this release, we introduce several new features which can be enabled via various config flags. Some of the major ones are:

```yaml

multi-abi enables the calling of all known contract ABIs passed to echidna at runtime,

rather than just fuzzing the target contract. e.g. echidna can discover how to falsify

contract A {

uint256 public flag = 0;

function setflag(uint256 x) public {

flag = x;

}

}

contract B {

A public a;

constructor() public {

a = new A();

}

function echidna_test() public {

return a.flag() == 1;

}

}

multi-abi: true

Given a JSON file describing how to set up an initial blockchain,

echidna can load these transactions and start fuzzing from there.

See examples/solidity/basic_multicontract/export.json for more details.

Leave this null to disable.

initialize: "/path/to/file"

Turns on the worst case gas estimator. This causes echidna to print the maximum gas usage it saw.

estimateGas: true ```

Please note that this release introduces a breaking change from previous releases. The tested contract is now specified with --contract rather than being the 2nd argument. This lets us pass more contracts to the command line driver for multi ABI support. See echidna-test --help for more details.

As always, the full changelog may be viewed here. Attached to this release are a statically built Ubuntu binary from the Docker package and a macOS Catalina binary. You can also find this on Dockerhub under incertia/echidna while we sort out automatic builds on the official repository.

- Haskell
Published by incertia about 6 years ago

https://github.com/crytic/echidna - Echidna 1.2.0.0

This is the third stable release of Echidna. We provide binaries for MacOS Catalina and Ubuntu. We recommend either using the docker container or building from source instead of the binaries, which are much less portable. Note that the standalone binaries do require crytic-compile and solc to work. You can install crytic-compile via pip (pip install crytic-compile).

This release's changelog has some conflicts with the previous Github release, because the changelog was not religiously kept up to date. Future releases should have more accurate changelog information. You can read it here.

- Haskell
Published by incertia about 6 years ago

https://github.com/crytic/echidna - v1.1.0.0

Second stable release

• Provides a statically compiled Linux binary tested in Ubuntu 18.04 (x86_64)
• Mac OS binary is use-at-your-own-risk, may not be portable to other environments

Note that the standalone binaries do require crytic-compile and solc to work. You can install crytic-compile via pip (pip install crytic-compile).

Major changes since 1.0.0.0:

• Support for catching assertion violations
• Support for maximum gas limits for properties and transactions
• Support for generation of block number and time changes between transactions
• Constant extraction for return values
• Multisender testing is now default
• Other improvements to default configuration to tune test generation, comments on default config

• In particular, note that by default the property sender and the caller of the contract constructor (thus, often, the owner) are the same now, which can change the behavior of some properties

• Various bug-fixes and minor improvements

- Haskell
Published by agroce over 6 years ago

https://github.com/crytic/echidna - v1.0.0.0

First stable release of Echidna based on hevm 0.30.

We provide a statically compiled Linux binary tested in Ubuntu 18.04 (x86_64)

- Haskell
Published by ggrieco-tob over 6 years ago

https://github.com/crytic/echidna - https://github.com/crytic/echidna/releases/tag/d934170

- Haskell
Published by japesinator over 7 years ago

https://github.com/crytic/echidna - https://github.com/crytic/echidna/releases/tag/a850fb2

- Haskell
Published by japesinator over 7 years ago

https://github.com/crytic/echidna - https://github.com/crytic/echidna/releases/tag/aa472a1

- Haskell
Published by japesinator over 7 years ago

https://github.com/crytic/echidna - https://github.com/crytic/echidna/releases/tag/e395687

- Haskell
Published by japesinator over 7 years ago