Echidna: effective, usable, and fast fuzzing for smart contracts

Ethereum smart contracts---autonomous programs that run on a blockchain---often control transactions of financial and intellectual property. Because of the critical role they play, smart contracts need complete, comprehensive, and effective test generation. This paper introduces an open-source smart contract fuzzer called Echidna that makes it easy to automatically generate tests to detect violations in assertions and custom properties. Echidna is easy to install and does not require a complex configuration or deployment of contracts to a local blockchain. It offers responsive feedback, captures many property violations, and its default settings are calibrated based on experimental data. To date, Echidna has been used in more than 10 large paid security audits, and feedback from those audits has driven the features and user experience of Echidna, both in terms of practical usability (e.g., smart contract frameworks like Truffle and Embark) and test generation strategies. Echidna aims to be good at finding real bugs in smart contracts, with minimal user effort and maximal speed.

[1]  Heejo Lee,et al.  VERISMART: A Highly Precise Safety Verifier for Ethereum Smart Contracts , 2019, 2020 IEEE Symposium on Security and Privacy (SP).

[2]  Alex Groce,et al.  What are the Actual Flaws in Important Smart Contracts (and How Can We Find Them)? , 2020, Financial Cryptography.

[3]  Alex Groce,et al.  An Extensible, Regular-Expression-Based Tool for Multi-language Mutant Generation , 2018, 2018 IEEE/ACM 40th International Conference on Software Engineering: Companion (ICSE-Companion).

[4]  Ye Liu,et al.  ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection , 2018, 2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE).

[5]  Vitalik Buterin A NEXT GENERATION SMART CONTRACT & DECENTRALIZED APPLICATION PLATFORM , 2015 .

[6]  Alex Groce,et al.  Swarm testing , 2012, ISSTA 2012.

[7]  Koen Claessen,et al.  QuickCheck: a lightweight tool for random testing of Haskell programs , 2000, ICFP.

[8]  Gerard J. Holzmann,et al.  The SPIN Model Checker - primer and reference manual , 2003 .

[9]  Alex Groce,et al.  Swarm Verification Techniques , 2011, IEEE Transactions on Software Engineering.

[10]  Michael D. Ernst,et al.  Feedback-Directed Random Test Generation , 2007, 29th International Conference on Software Engineering (ICSE'07).

[11]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[12]  Alex Groce,et al.  Slither: A Static Analysis Framework for Smart Contracts , 2019, 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB).

[13]  Ying Fu,et al.  GasFuzz: Generating High Gas Consumption Inputs to Avoid Out-of-Gas Vulnerability , 2019, ArXiv.

[14]  Albert Rubio,et al.  GASOL: Gas Analysis and Optimization for Ethereum Smart Contracts , 2014, TACAS.

[15]  Alex Groce,et al.  Random Test Run Length and Effectiveness , 2008, 2008 23rd IEEE/ACM International Conference on Automated Software Engineering.

[16]  Yves Le Traon,et al.  Chapter Six - Mutation Testing Advances: An Analysis and Survey , 2019, Adv. Comput..

[17]  Valentin Wüstholz,et al.  Targeted Greybox Fuzzing with Static Lookahead Analysis , 2019, 2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE).

[18]  Dawn Xiaodong Song,et al.  PerfFuzz: automatically generating pathological inputs , 2018, ISSTA.

[19]  Massimo Bartoletti,et al.  A Survey of Attacks on Ethereum Smart Contracts (SoK) , 2017, POST.