Skip to content

Echidna 2.1.0
Compare
Choose a tag to compare
@ggrieco-tob ggrieco-tob released this 10 Mar 18:13
· 133 commits to master since this release
v2.1.0
b9db53c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Echidna 2.1.0 introduces on-chain fuzzing. Echidna can now run starting with an existing state provided by an external RPC service (Infura, Alchemy, local node, etc). This enables users to speed up the fuzzing setup when using already deployed contracts. For instance:

contract TestCompoundEthMint {
 constructor() {
    hevm.roll(16771449);  // sets the correct block number
    hevm.warp(1678131671); // sets the expected timestamp for the block number
  }
  …
  Compound comp = Compound(0x4Ddc2D193948926D02f9B1fE9e1daa0718270ED5);
  function assertNoBalance() public payable {
    require(comp.balanceOf(address(this)) == 0);
    comp.mint{value: msg.value}();
    assert(comp.balanceOf(address(this)) == 0);
  }
}

We can specify the RPC endpoint for Echidna to use before running the fuzzing campaign with the following environment variables:

export ECHIDNA_RPC_URL=http://.. ECHIDNA_RPC_BLOCK=16771449

And then Echidna can be executed as usual. At the end of the execution, if the source code mapping of any executed on-chain contract is available on Etherscan, it will be automatically fetched for the coverage report. Optionally, an Etherscan key can be provided using the ETHERSCAN_API_KEY environment variable.

This release also provides experimental support for Windows binaries.

Additionally, this release also includes fixes and a large refactor of several parts of the code that will facilitate the tool development and performance improvements. Other important changes are:

  • echidna-test executable was renamed as echidna
  • multi-abi config keyword was renamed to allContracts. multi-abi still works but will be removed in future.
  • FFI cheat code to allow execute execution from Solidity
  • Special UI screen to show when there is a crash in Echidna

Added

  • On-chain fuzzing (#927, #971) [EXPERIMENTAL]
  • Added Windows support (#943) [EXPERIMENTAL]
  • Added scrollbar to the UI (#915)
  • Added crash display to the UI (#944)
  • Added human-friendly errors for panic codes (#965)
  • Added support for the FFI cheatcode (#750)

Changed

Removed

  • Removed generation of negative seeds (#933) [BREAKING CHANGE]

Fixed

  • Fixed method filtering in multi-abi mode (#950, #954)
  • Fixed config parsing for too large values (#935)
  • Fixed parsing string constants that start with 0x (#958)
Assets 10