Skip to content

PoeAudits/chimera-app-template

Repository files navigation

PoeAudits Chimera Template

This is a version of Recon-Fuzz create-chimera-app I personalized for myself. It is free to use as is, and make sure to check out the original linked below.

This is a work in progress and subject to change.

A few of the changes I made:

  • Removed the counter contracts
  • Replaced with a singleton contract to delegate call into implementations: Idea from https://www.youtube.com/watch?v=ZM6479HeI5U
  • Added foundry.toml settings I typically use
    • verbosity 3
    • ignored_error_codes
    • localhost endpoint
    • fuzz, invariant, fmt profiles
  • Added Makefile with some basic actions
  • Removed remappings
    • My setup does not work with remappings and I prefer absolute imports

Create Chimera App

This Foundry template allows you to bootstrap a fuzz testing suite using a scaffolding provided by the Recon tool.

It extends the default Foundry template used when running forge init to include example property tests using assertion tests and boolean property tests supported by Echidna and Medusa.

Broken properties can be turned into unit tests for easier debugging with Recon (for Echidna/for Medusa) and added to the CryticToFoundry contract.

Usage

To initialize a new Foundry repo using this template run the following command in the terminal.

forge init --template https://github.com/Recon-Fuzz/create-chimera-app

Build

forge build

Foundry Testing

forge test

This will run all unit, fuzz and invariant tests in the CounterTest and CryticToFoundry contracts.

Echidna Property Testing

echidna . --contract CryticTester --config echidna.yaml

Assertion mode is enabled by default in the echidna.yaml config file meaning the fuzzer will check assertion and property tests.

To test only in property mode enable testMode: "property" in echidna.yaml).

Medusa Property Testing

medusa fuzz

Assertion mode is enabled by default in the medusa.json config file meaning the fuzzer will check assertion and property tests.

To test only in property mode disable assertion mode using:

"assertionTesting": {
    "enabled": true
}  

in medusa.json.

Uploading Fuzz Job To Recon

You can offload your fuzzing job to Recon to run long duration jobs and share test results with collaborators using the jobs page on Recon:

Medusa

  1. Select Medusa as the job type using the radio buttons at the top of the page.
  2. Add the link for this repo in the Enter GitHub Repo URL form field (this will prefill the remaining form fields)
  1. Specify the medusa.json config file in the Medusa config filename field.
  1. Optional: to override the timeout value in the Medusa config file for longer duration runs enter a value (in seconds) into the Test Time Limit field.

Echidna

  1. Select Echidna as the job type using the radio buttons at the top of the page.

  2. Add the link for this repo in the Enter GitHub Repo URL form field (this will prefill the remaining form fields)

  1. Add the following path to the test contract, config filename and test contract name to the corresponding form fields. Optional: to override the timeout and testLimit from the config file use the corresponding form fields.

  1. Clicking the Run Job button will upload the job to Recon's cloud fuzz runner service. You'll see info about your job in the Job Details section and you'll be able to view your job in the All Jobs section.
  1. Clicking View Details button for a job lets you see the fuzzer logs and coverage report (only generated after the run is complete). You can share a fuzz run with any collaborators using the Share Job Results button.

About

Personal Chimera Template

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages