Giters

rappie / fuzz-vs-fv

Solution to Certora's Fuzzing Challenge

Home Page:https://x.com/CertoraInc/status/1821588679955198319

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

echidnaformalverificationfuzzingsolidity

Description

The purpose of this repository is to demonstrate that fuzzing is easily able to catch the bug mentioned here with the invariant mentioned here.

Link to fuzzing code.

Changes to the Fuzzing Suite

  • Added function to fuzz price feed in order to allow absorb pass
  • Introduced actors to significantly boost fuzzing efficiency
  • Removed fuzzing repeat functionality
  • Clamp transfer ERC20 token amounts to not exceed user balances

Prerequisites

  1. Install Echidna, follow the steps here: Installation Guide using the latest master branch

  2. Install dependencies with yarn install

Instructions

Run with

cd comet
echidna . --contract TestComet --config config.yaml

Broken Invariant Sequence

test_bit_per_balance(): failed!💥
  Call sequence:
    TestComet.supply(33599713855354106078310737180879058197,334849891882189)
    TestComet.supplyTo(1,188910566290528870039435775673750114489269716245,1002095)
    TestComet.withdrawBaseToken(1000144)
    TestComet.setPrice(2,0)
    TestComet.absorb(0)
    TestComet.test_bit_per_balance()

Original Readme

https://github.com/Certora/fuzz-vs-fv/blob/main/README.md

About

Solution to Certora's Fuzzing Challenge

https://x.com/CertoraInc/status/1821588679955198319

echidnaformalverificationfuzzingsolidity

Languages

Language:TypeScript 81.5%Language:Solidity 17.6%Language:Python 0.5%Language:JavaScript 0.4%Language:Makefile 0.0%