From 6135856f7f5367defd1e377e6c21c04c7574c7f6 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Tue, 27 Jun 2023 14:27:45 +0200 Subject: [PATCH 01/26] Initial medusa support for CI --- .../workflows/{examples.yaml => echidna.yaml} | 0 .github/workflows/medusa.yaml | 38 +++++++++++ tests/ERC20/hardhat/medusa-config.json | 63 +++++++++++++++++++ 3 files changed, 101 insertions(+) rename .github/workflows/{examples.yaml => echidna.yaml} (100%) create mode 100644 .github/workflows/medusa.yaml create mode 100644 tests/ERC20/hardhat/medusa-config.json diff --git a/.github/workflows/examples.yaml b/.github/workflows/echidna.yaml similarity index 100% rename from .github/workflows/examples.yaml rename to .github/workflows/echidna.yaml diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml new file mode 100644 index 0000000..3da60b6 --- /dev/null +++ b/.github/workflows/medusa.yaml @@ -0,0 +1,38 @@ +name: Test examples + +on: + push: + branches: + - main + pull_request: + branches: + - "*" + +env: + FOUNDRY_PROFILE: ci + +jobs: + hardhat: + name: Test Hardhat examples + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v3 + with: + submodules: recursive + + - name: Set up Nodejs + uses: actions/setup-node@v3 + with: + node-version: 16 + + - name: Install dependencies and compile ERC20 example + working-directory: tests/ERC20/hardhat + run: | + npm ci + npx hardhat compile --force + + - name: Run Echidna for Internal tests + working-directory: tests/ERC20/hardhat + run: | + medusa fuzz --target . --deployment-order CryticERC20InternalHarness --config medusa-config.json diff --git a/tests/ERC20/hardhat/medusa-config.json b/tests/ERC20/hardhat/medusa-config.json new file mode 100644 index 0000000..d9b590f --- /dev/null +++ b/tests/ERC20/hardhat/medusa-config.json @@ -0,0 +1,63 @@ +{ + "fuzzing": { + "workers": 10, + "workerResetLimit": 50, + "timeout": 0, + "testLimit": 0, + "callSequenceLength": 100, + "corpusDirectory": "tests/medusa-corpus", + "coverageEnabled": true, + "deploymentOrder": [], + "constructorArgs": {}, + "deployerAddress": "0x10000", + "senderAddresses": [ + "0x10000", + "0x20000", + "0x30000" + ], + "blockNumberDelayMax": 60480, + "blockTimestampDelayMax": 604800, + "blockGasLimit": 125000000, + "transactionGasLimit": 12500000, + "testing": { + "stopOnFailedTest": true, + "stopOnFailedContractMatching": true, + "stopOnNoTests": true, + "testAllContracts": false, + "onlyCallFromDeploymentOrder": false, + "traceAll": false, + "assertionTesting": { + "enabled": true, + "testViewMethods": false + }, + "propertyTesting": { + "enabled": false, + "testPrefixes": [ + "fuzz_" + ] + }, + "optimizationTesting": { + "enabled": false, + "testPrefixes": [ + "optimize_" + ] + } + }, + "chainConfig": { + "codeSizeCheckDisabled": true, + "cheatCodes": { + "cheatCodesEnabled": true, + "enableFFI": false + } + } + }, + "compilation": { + "platform": "crytic-compile", + "platformConfig": { + "target": ".", + "solcVersion": "", + "exportDirectory": "", + "args": [] + } + } +} From d9c39047f88690c472598ba44b4a44d7236f0b32 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Tue, 27 Jun 2023 14:31:04 +0200 Subject: [PATCH 02/26] Do not forget to actually install medusa --- .github/workflows/medusa.yaml | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index 3da60b6..7385756 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -32,7 +32,20 @@ jobs: npm ci npx hardhat compile --force - - name: Run Echidna for Internal tests + - name: Go setup + - uses: actions/setup-go@v4 + with: + go-version: "^1.18.1" + + - name: Install and run medusa + run: | + git clone https://github.com/crytic/medusa.git + cd medusa + go build -o medusa -v . + go install -v . + sudo cp medusa /usr/bin + + - name: Run Medusa for Internal tests working-directory: tests/ERC20/hardhat run: | medusa fuzz --target . --deployment-order CryticERC20InternalHarness --config medusa-config.json From 0b9578984a136b909746361aa8b29a58e2c6ece6 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Tue, 27 Jun 2023 14:38:23 +0200 Subject: [PATCH 03/26] fix medusa ci --- .github/workflows/echidna.yaml | 2 +- .github/workflows/medusa.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/echidna.yaml b/.github/workflows/echidna.yaml index 4dba0e5..410be24 100644 --- a/.github/workflows/echidna.yaml +++ b/.github/workflows/echidna.yaml @@ -1,4 +1,4 @@ -name: Test examples +name: Test examples using Echidna on: push: diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index 7385756..55cda28 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -1,4 +1,4 @@ -name: Test examples +name: Test examples using Medusa on: push: @@ -33,7 +33,7 @@ jobs: npx hardhat compile --force - name: Go setup - - uses: actions/setup-go@v4 + uses: actions/setup-go@v4 with: go-version: "^1.18.1" From 3aab99752a937126295387d03c324a58e5fd1a9b Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Tue, 27 Jun 2023 14:43:02 +0200 Subject: [PATCH 04/26] fix medusa ci --- .github/workflows/medusa.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index 55cda28..7bacca2 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -37,13 +37,14 @@ jobs: with: go-version: "^1.18.1" - - name: Install and run medusa + - name: Install medusa run: | git clone https://github.com/crytic/medusa.git cd medusa go build -o medusa -v . go install -v . sudo cp medusa /usr/bin + pip install crytic-compile - name: Run Medusa for Internal tests working-directory: tests/ERC20/hardhat From feec7c509e4c7eddfe9b45fa9927632cafc8c70f Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Tue, 27 Jun 2023 14:53:55 +0200 Subject: [PATCH 05/26] execute external tests in ci --- .github/workflows/medusa.yaml | 5 ++ tests/ERC20/hardhat/medusa-config-ext.json | 63 ++++++++++++++++++++++ tests/ERC20/hardhat/medusa-config.json | 2 +- 3 files changed, 69 insertions(+), 1 deletion(-) create mode 100644 tests/ERC20/hardhat/medusa-config-ext.json diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index 7bacca2..fb5b7d9 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -50,3 +50,8 @@ jobs: working-directory: tests/ERC20/hardhat run: | medusa fuzz --target . --deployment-order CryticERC20InternalHarness --config medusa-config.json + + - name: Run Medusa for External tests + working-directory: tests/ERC20/hardhat + run: | + medusa fuzz --target . --deployment-order CryticERC20ExternalHarness --config medusa-config.json diff --git a/tests/ERC20/hardhat/medusa-config-ext.json b/tests/ERC20/hardhat/medusa-config-ext.json new file mode 100644 index 0000000..2498b74 --- /dev/null +++ b/tests/ERC20/hardhat/medusa-config-ext.json @@ -0,0 +1,63 @@ +{ + "fuzzing": { + "workers": 10, + "workerResetLimit": 50, + "timeout": 0, + "testLimit": 500000, + "callSequenceLength": 100, + "corpusDirectory": "tests/medusa-corpus-ext", + "coverageEnabled": true, + "deploymentOrder": [], + "constructorArgs": {}, + "deployerAddress": "0x10000", + "senderAddresses": [ + "0x10000", + "0x20000", + "0x30000" + ], + "blockNumberDelayMax": 60480, + "blockTimestampDelayMax": 604800, + "blockGasLimit": 125000000, + "transactionGasLimit": 12500000, + "testing": { + "stopOnFailedTest": true, + "stopOnFailedContractMatching": true, + "stopOnNoTests": true, + "testAllContracts": false, + "onlyCallFromDeploymentOrder": false, + "traceAll": false, + "assertionTesting": { + "enabled": true, + "testViewMethods": false + }, + "propertyTesting": { + "enabled": false, + "testPrefixes": [ + "fuzz_" + ] + }, + "optimizationTesting": { + "enabled": false, + "testPrefixes": [ + "optimize_" + ] + } + }, + "chainConfig": { + "codeSizeCheckDisabled": true, + "cheatCodes": { + "cheatCodesEnabled": true, + "enableFFI": false + } + } + }, + "compilation": { + "platform": "crytic-compile", + "platformConfig": { + "target": ".", + "solcVersion": "", + "exportDirectory": "", + "args": [] + } + } +} diff --git a/tests/ERC20/hardhat/medusa-config.json b/tests/ERC20/hardhat/medusa-config.json index d9b590f..ff58561 100644 --- a/tests/ERC20/hardhat/medusa-config.json +++ b/tests/ERC20/hardhat/medusa-config.json @@ -3,7 +3,7 @@ "workers": 10, "workerResetLimit": 50, "timeout": 0, - "testLimit": 0, + "testLimit": 500000, "callSequenceLength": 100, "corpusDirectory": "tests/medusa-corpus", "coverageEnabled": true, From f8f42a040b1b4aace863ba6f16d25e5137940aad Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Tue, 27 Jun 2023 15:10:53 +0200 Subject: [PATCH 06/26] more tests --- .github/workflows/medusa.yaml | 11 +++-- tests/ERC4626/hardhat/medusa-config.json | 61 ++++++++++++++++++++++++ 2 files changed, 69 insertions(+), 3 deletions(-) create mode 100644 tests/ERC4626/hardhat/medusa-config.json diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index fb5b7d9..6b4b9ff 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -46,12 +46,17 @@ jobs: sudo cp medusa /usr/bin pip install crytic-compile - - name: Run Medusa for Internal tests + - name: Run Medusa for Internal ERC20 tests working-directory: tests/ERC20/hardhat run: | medusa fuzz --target . --deployment-order CryticERC20InternalHarness --config medusa-config.json - - name: Run Medusa for External tests + - name: Run Medusa for External ERC20 tests working-directory: tests/ERC20/hardhat run: | - medusa fuzz --target . --deployment-order CryticERC20ExternalHarness --config medusa-config.json + medusa fuzz --target . --deployment-order CryticERC20ExternalHarness --config medusa-config-ext.json + + - name: Run Medusa for External ERC4626 tests + working-directory: tests/ERC4626/hardhat + run: | + medusa fuzz --target . --deployment-order CryticERC4626Harness --config medusa-config.json diff --git a/tests/ERC4626/hardhat/medusa-config.json b/tests/ERC4626/hardhat/medusa-config.json new file mode 100644 index 0000000..fc71aeb --- /dev/null +++ b/tests/ERC4626/hardhat/medusa-config.json @@ -0,0 +1,61 @@ +{ + "fuzzing": { + "workers": 10, + "workerResetLimit": 50, + "timeout": 0, + "testLimit": 500000, + "callSequenceLength": 100, + "corpusDirectory": "tests/medusa-corpus", + "coverageEnabled": true, + "deploymentOrder": [], + "constructorArgs": {}, + "deployerAddress": "0x10000", + "senderAddresses": [ + "0x10000" + ], + "blockNumberDelayMax": 60480, + "blockTimestampDelayMax": 604800, + "blockGasLimit": 125000000, + "transactionGasLimit": 12500000, + "testing": { + "stopOnFailedTest": true, + "stopOnFailedContractMatching": true, + "stopOnNoTests": true, + "testAllContracts": false, + "onlyCallFromDeploymentOrder": false, + "traceAll": false, + "assertionTesting": { + "enabled": true, + "testViewMethods": false + }, + "propertyTesting": { + "enabled": false, + "testPrefixes": [ + "fuzz_" + ] + }, + "optimizationTesting": { + "enabled": false, + "testPrefixes": [ + "optimize_" + ] + } + }, + "chainConfig": { + "codeSizeCheckDisabled": true, + "cheatCodes": { + "cheatCodesEnabled": true, + "enableFFI": false + } + } + }, + "compilation": { + "platform": "crytic-compile", + "platformConfig": { + "target": ".", + "solcVersion": "", + "exportDirectory": "", + "args": [] + } + } +} From 1b7b3df7462bd61822aaafa276bddaa235dda72e Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Tue, 27 Jun 2023 15:24:12 +0200 Subject: [PATCH 07/26] fix --- .github/workflows/medusa.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index 6b4b9ff..f093523 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -32,6 +32,12 @@ jobs: npm ci npx hardhat compile --force + - name: Install dependencies and compile ERC4626 example + working-directory: tests/ERC4626/hardhat + run: | + npm ci + npx hardhat compile --force + - name: Go setup uses: actions/setup-go@v4 with: From ba0dd0926f7746a8646d1b4f1c2fa0bcbd25ec93 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Tue, 27 Jun 2023 15:35:44 +0200 Subject: [PATCH 08/26] added foundry tests --- .github/workflows/medusa.yaml | 53 +++++++++++++++++- tests/ERC20/foundry/medusa-config-ext.json | 63 ++++++++++++++++++++++ tests/ERC20/foundry/medusa-config.json | 63 ++++++++++++++++++++++ tests/ERC4626/foundry/medusa-config.json | 61 +++++++++++++++++++++ 4 files changed, 239 insertions(+), 1 deletion(-) create mode 100644 tests/ERC20/foundry/medusa-config-ext.json create mode 100644 tests/ERC20/foundry/medusa-config.json create mode 100644 tests/ERC4626/foundry/medusa-config.json diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index f093523..be3bc57 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -12,7 +12,58 @@ env: FOUNDRY_PROFILE: ci jobs: - hardhat: + foundry: + name: Test Foundry examples + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v3 + with: + submodules: recursive + + - name: Install Foundry + uses: foundry-rs/foundry-toolchain@v1 + with: + version: nightly + + - name: Go setup + uses: actions/setup-go@v4 + with: + go-version: "^1.18.1" + + - name: Install medusa + run: | + git clone https://github.com/crytic/medusa.git + cd medusa + go build -o medusa -v . + go install -v . + sudo cp medusa /usr/bin + pip install crytic-compile + + - name: Compile ERC20 Foundry example + working-directory: tests/ERC20/foundry + run: forge build --build-info + + - name: Compile ERC4646 Foundry example + working-directory: tests/ERC4626/foundry + run: forge build --build-info + + - name: Run Medusa for Internal ERC20 tests + working-directory: tests/ERC20/hardhat + run: | + medusa fuzz --target . --deployment-order CryticERC20InternalHarness --config medusa-config.json + + - name: Run Medusa for External ERC20 tests + working-directory: tests/ERC20/hardhat + run: | + medusa fuzz --target . --deployment-order CryticERC20ExternalHarness --config medusa-config-ext.json + + - name: Run Medusa for External ERC4626 tests + working-directory: tests/ERC4626/hardhat + run: | + medusa fuzz --target . --deployment-order CryticERC4626Harness --config medusa-config.json + + hardhat: name: Test Hardhat examples runs-on: ubuntu-latest steps: diff --git a/tests/ERC20/foundry/medusa-config-ext.json b/tests/ERC20/foundry/medusa-config-ext.json new file mode 100644 index 0000000..2498b74 --- /dev/null +++ b/tests/ERC20/foundry/medusa-config-ext.json @@ -0,0 +1,63 @@ +{ + "fuzzing": { + "workers": 10, + "workerResetLimit": 50, + "timeout": 0, + "testLimit": 500000, + "callSequenceLength": 100, + "corpusDirectory": "tests/medusa-corpus-ext", + "coverageEnabled": true, + "deploymentOrder": [], + "constructorArgs": {}, + "deployerAddress": "0x10000", + "senderAddresses": [ + "0x10000", + "0x20000", + "0x30000" + ], + "blockNumberDelayMax": 60480, + "blockTimestampDelayMax": 604800, + "blockGasLimit": 125000000, + "transactionGasLimit": 12500000, + "testing": { + "stopOnFailedTest": true, + "stopOnFailedContractMatching": true, + "stopOnNoTests": true, + "testAllContracts": false, + "onlyCallFromDeploymentOrder": false, + "traceAll": false, + "assertionTesting": { + "enabled": true, + "testViewMethods": false + }, + "propertyTesting": { + "enabled": false, + "testPrefixes": [ + "fuzz_" + ] + }, + "optimizationTesting": { + "enabled": false, + "testPrefixes": [ + "optimize_" + ] + } + }, + "chainConfig": { + "codeSizeCheckDisabled": true, + "cheatCodes": { + "cheatCodesEnabled": true, + "enableFFI": false + } + } + }, + "compilation": { + "platform": "crytic-compile", + "platformConfig": { + "target": ".", + "solcVersion": "", + "exportDirectory": "", + "args": [] + } + } +} diff --git a/tests/ERC20/foundry/medusa-config.json b/tests/ERC20/foundry/medusa-config.json new file mode 100644 index 0000000..ff58561 --- /dev/null +++ b/tests/ERC20/foundry/medusa-config.json @@ -0,0 +1,63 @@ +{ + "fuzzing": { + "workers": 10, + "workerResetLimit": 50, + "timeout": 0, + "testLimit": 500000, + "callSequenceLength": 100, + "corpusDirectory": "tests/medusa-corpus", + "coverageEnabled": true, + "deploymentOrder": [], + "constructorArgs": {}, + "deployerAddress": "0x10000", + "senderAddresses": [ + "0x10000", + "0x20000", + "0x30000" + ], + "blockNumberDelayMax": 60480, + "blockTimestampDelayMax": 604800, + "blockGasLimit": 125000000, + "transactionGasLimit": 12500000, + "testing": { + "stopOnFailedTest": true, + "stopOnFailedContractMatching": true, + "stopOnNoTests": true, + "testAllContracts": false, + "onlyCallFromDeploymentOrder": false, + "traceAll": false, + "assertionTesting": { + "enabled": true, + "testViewMethods": false + }, + "propertyTesting": { + "enabled": false, + "testPrefixes": [ + "fuzz_" + ] + }, + "optimizationTesting": { + "enabled": false, + "testPrefixes": [ + "optimize_" + ] + } + }, + "chainConfig": { + "codeSizeCheckDisabled": true, + "cheatCodes": { + "cheatCodesEnabled": true, + "enableFFI": false + } + } + }, + "compilation": { + "platform": "crytic-compile", + "platformConfig": { + "target": ".", + "solcVersion": "", + "exportDirectory": "", + "args": [] + } + } +} diff --git a/tests/ERC4626/foundry/medusa-config.json b/tests/ERC4626/foundry/medusa-config.json new file mode 100644 index 0000000..fc71aeb --- /dev/null +++ b/tests/ERC4626/foundry/medusa-config.json @@ -0,0 +1,61 @@ +{ + "fuzzing": { + "workers": 10, + "workerResetLimit": 50, + "timeout": 0, + "testLimit": 500000, + "callSequenceLength": 100, + "corpusDirectory": "tests/medusa-corpus", + "coverageEnabled": true, + "deploymentOrder": [], + "constructorArgs": {}, + "deployerAddress": "0x10000", + "senderAddresses": [ + "0x10000" + ], + "blockNumberDelayMax": 60480, + "blockTimestampDelayMax": 604800, + "blockGasLimit": 125000000, + "transactionGasLimit": 12500000, + "testing": { + "stopOnFailedTest": true, + "stopOnFailedContractMatching": true, + "stopOnNoTests": true, + "testAllContracts": false, + "onlyCallFromDeploymentOrder": false, + "traceAll": false, + "assertionTesting": { + "enabled": true, + "testViewMethods": false + }, + "propertyTesting": { + "enabled": false, + "testPrefixes": [ + "fuzz_" + ] + }, + "optimizationTesting": { + "enabled": false, + "testPrefixes": [ + "optimize_" + ] + } + }, + "chainConfig": { + "codeSizeCheckDisabled": true, + "cheatCodes": { + "cheatCodesEnabled": true, + "enableFFI": false + } + } + }, + "compilation": { + "platform": "crytic-compile", + "platformConfig": { + "target": ".", + "solcVersion": "", + "exportDirectory": "", + "args": [] + } + } +} From 601ae91f9830d8df306417cabbccd14aa9da024a Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Tue, 27 Jun 2023 15:42:35 +0200 Subject: [PATCH 09/26] fix --- .github/workflows/medusa.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index be3bc57..29dd212 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -49,17 +49,17 @@ jobs: run: forge build --build-info - name: Run Medusa for Internal ERC20 tests - working-directory: tests/ERC20/hardhat + working-directory: tests/ERC20/foundry run: | medusa fuzz --target . --deployment-order CryticERC20InternalHarness --config medusa-config.json - name: Run Medusa for External ERC20 tests - working-directory: tests/ERC20/hardhat + working-directory: tests/ERC20/foundry run: | medusa fuzz --target . --deployment-order CryticERC20ExternalHarness --config medusa-config-ext.json - name: Run Medusa for External ERC4626 tests - working-directory: tests/ERC4626/hardhat + working-directory: tests/ERC4626/foundry run: | medusa fuzz --target . --deployment-order CryticERC4626Harness --config medusa-config.json From ba757bbb817fc27a4f4773b88b0a881f2145cfec Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Tue, 27 Jun 2023 15:54:19 +0200 Subject: [PATCH 10/26] fix --- .github/workflows/medusa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index 29dd212..777dba1 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -61,7 +61,7 @@ jobs: - name: Run Medusa for External ERC4626 tests working-directory: tests/ERC4626/foundry run: | - medusa fuzz --target . --deployment-order CryticERC4626Harness --config medusa-config.json + medusa fuzz --target . --deployment-order CryticERC4626InternalHarness --config medusa-config.json hardhat: name: Test Hardhat examples From de27448791cace6089ac8b513b28ec5476e6966d Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Wed, 28 Jun 2023 10:48:54 +0200 Subject: [PATCH 11/26] disable failing CI tests --- .github/workflows/medusa.yaml | 9 +++++---- README.md | 2 +- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index 777dba1..e028a5b 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -58,10 +58,11 @@ jobs: run: | medusa fuzz --target . --deployment-order CryticERC20ExternalHarness --config medusa-config-ext.json - - name: Run Medusa for External ERC4626 tests - working-directory: tests/ERC4626/foundry - run: | - medusa fuzz --target . --deployment-order CryticERC4626InternalHarness --config medusa-config.json + # The following test is disabled until X is resolved + #- name: Run Medusa for External ERC4626 tests + # working-directory: tests/ERC4626/foundry + # run: | + # medusa fuzz --target . --deployment-order CryticERC4626InternalHarness --config medusa-config.json hardhat: name: Test Hardhat examples diff --git a/README.md b/README.md index d81e866..12ea838 100644 --- a/README.md +++ b/README.md @@ -417,7 +417,7 @@ Run the test suite using `echidna . --contract CryticABDKMath64x64Harness --seq- ## Additional resources - [Building secure contracts](https://secure-contracts.com/program-analysis/index.html) -- Our [EmpireSlacking](https://empireslacking.herokuapp.com/) slack server, channel #ethereum +- Our [EmpireSlacking](https:://slack.empirehacking.nyc) slack server, channel #ethereum - Watch our [fuzzing workshop](https://www.youtube.com/watch?v=QofNQxW_K08&list=PLciHOL_J7Iwqdja9UH4ZzE8dP1IxtsBXI) # Helper functions From bca1c8913dd0c2d0eeffa12d8d750798c550dd72 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Wed, 28 Jun 2023 10:55:53 +0200 Subject: [PATCH 12/26] disable failing CI tests --- .github/workflows/medusa.yaml | 9 ++++----- CONTRIBUTING.md | 2 +- tests/ERC4626/foundry/medusa-config.json | 2 +- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index e028a5b..777dba1 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -58,11 +58,10 @@ jobs: run: | medusa fuzz --target . --deployment-order CryticERC20ExternalHarness --config medusa-config-ext.json - # The following test is disabled until X is resolved - #- name: Run Medusa for External ERC4626 tests - # working-directory: tests/ERC4626/foundry - # run: | - # medusa fuzz --target . --deployment-order CryticERC4626InternalHarness --config medusa-config.json + - name: Run Medusa for External ERC4626 tests + working-directory: tests/ERC4626/foundry + run: | + medusa fuzz --target . --deployment-order CryticERC4626InternalHarness --config medusa-config.json hardhat: name: Test Hardhat examples diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index d7bebae..f6e3c7b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -10,7 +10,7 @@ Bug reports and feature suggestions can be submitted to our issue tracker. For b ## Questions -Questions can be submitted to the issue tracker, but you may get a faster response if you ask in our [chat room](https://empireslacking.herokuapp.com/) (in the #ethereum channel). +Questions can be submitted to the issue tracker, but you may get a faster response if you ask in our [chat room](https://slack.empirehacking.nyc) (in the #ethereum channel). ## Code diff --git a/tests/ERC4626/foundry/medusa-config.json b/tests/ERC4626/foundry/medusa-config.json index fc71aeb..1fc397c 100644 --- a/tests/ERC4626/foundry/medusa-config.json +++ b/tests/ERC4626/foundry/medusa-config.json @@ -19,7 +19,7 @@ "transactionGasLimit": 12500000, "testing": { "stopOnFailedTest": true, - "stopOnFailedContractMatching": true, + "stopOnFailedContractMatching": false, "stopOnNoTests": true, "testAllContracts": false, "onlyCallFromDeploymentOrder": false, From d8adacb3a7997363ac142a9690fe2f47eaa6d16b Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Wed, 28 Jun 2023 10:56:53 +0200 Subject: [PATCH 13/26] fix --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 12ea838..611cf14 100644 --- a/README.md +++ b/README.md @@ -417,7 +417,7 @@ Run the test suite using `echidna . --contract CryticABDKMath64x64Harness --seq- ## Additional resources - [Building secure contracts](https://secure-contracts.com/program-analysis/index.html) -- Our [EmpireSlacking](https:://slack.empirehacking.nyc) slack server, channel #ethereum +- Our [EmpireSlacking](https://slack.empirehacking.nyc) slack server, channel #ethereum - Watch our [fuzzing workshop](https://www.youtube.com/watch?v=QofNQxW_K08&list=PLciHOL_J7Iwqdja9UH4ZzE8dP1IxtsBXI) # Helper functions From f4828ee129f1c5bb6a60e0cc9f5593ce032656a1 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Tue, 28 May 2024 16:31:06 +0200 Subject: [PATCH 14/26] use target contracts command line --- .github/workflows/medusa.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index 777dba1..bccde76 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -51,17 +51,17 @@ jobs: - name: Run Medusa for Internal ERC20 tests working-directory: tests/ERC20/foundry run: | - medusa fuzz --target . --deployment-order CryticERC20InternalHarness --config medusa-config.json + medusa fuzz --target-contracts CryticERC20InternalHarness --config medusa-config.json - name: Run Medusa for External ERC20 tests working-directory: tests/ERC20/foundry run: | - medusa fuzz --target . --deployment-order CryticERC20ExternalHarness --config medusa-config-ext.json + medusa fuzz --target-contracts CryticERC20ExternalHarness --config medusa-config-ext.json - name: Run Medusa for External ERC4626 tests working-directory: tests/ERC4626/foundry run: | - medusa fuzz --target . --deployment-order CryticERC4626InternalHarness --config medusa-config.json + medusa fuzz --target-contracts CryticERC4626InternalHarness --config medusa-config.json hardhat: name: Test Hardhat examples @@ -106,14 +106,14 @@ jobs: - name: Run Medusa for Internal ERC20 tests working-directory: tests/ERC20/hardhat run: | - medusa fuzz --target . --deployment-order CryticERC20InternalHarness --config medusa-config.json + medusa fuzz --target-contracts CryticERC20InternalHarness --config medusa-config.json - name: Run Medusa for External ERC20 tests working-directory: tests/ERC20/hardhat run: | - medusa fuzz --target . --deployment-order CryticERC20ExternalHarness --config medusa-config-ext.json + medusa fuzz --target-contracts CryticERC20ExternalHarness --config medusa-config-ext.json - name: Run Medusa for External ERC4626 tests working-directory: tests/ERC4626/hardhat run: | - medusa fuzz --target . --deployment-order CryticERC4626Harness --config medusa-config.json + medusa fuzz --target-contracts CryticERC4626Harness --config medusa-config.json From d237e2b9ab7960dc7881f4be2ce7e7b075b6004e Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Tue, 28 May 2024 17:12:51 +0200 Subject: [PATCH 15/26] updated medusa config --- tests/ERC20/foundry/medusa-config-ext.json | 29 +++++++++++++++++----- tests/ERC20/foundry/medusa-config.json | 29 +++++++++++++++++----- 2 files changed, 46 insertions(+), 12 deletions(-) diff --git a/tests/ERC20/foundry/medusa-config-ext.json b/tests/ERC20/foundry/medusa-config-ext.json index 2498b74..33a6791 100644 --- a/tests/ERC20/foundry/medusa-config-ext.json +++ b/tests/ERC20/foundry/medusa-config-ext.json @@ -7,7 +7,8 @@ "callSequenceLength": 100, "corpusDirectory": "tests/medusa-corpus-ext", "coverageEnabled": true, - "deploymentOrder": [], + "targetContracts": [], + "targetContractsBalances": [], "constructorArgs": {}, "deployerAddress": "0x10000", "senderAddresses": [ @@ -21,19 +22,30 @@ "transactionGasLimit": 12500000, "testing": { "stopOnFailedTest": true, - "stopOnFailedContractMatching": true, + "stopOnFailedContractMatching": false, "stopOnNoTests": true, "testAllContracts": false, - "onlyCallFromDeploymentOrder": false, "traceAll": false, "assertionTesting": { "enabled": true, - "testViewMethods": false + "testViewMethods": false, + "panicCodeConfig": { + "failOnCompilerInsertedPanic": false, + "failOnAssertion": true, + "failOnArithmeticUnderflow": false, + "failOnDivideByZero": false, + "failOnEnumTypeConversionOutOfBounds": false, + "failOnIncorrectStorageAccess": false, + "failOnPopEmptyArray": false, + "failOnOutOfBoundsArrayAccess": false, + "failOnAllocateTooMuchMemory": false, + "failOnCallUninitializedVariable": false + } }, "propertyTesting": { "enabled": false, "testPrefixes": [ - "fuzz_" + "property_" ] }, "optimizationTesting": { @@ -59,5 +71,10 @@ "exportDirectory": "", "args": [] } + }, + "logging": { + "level": "info", + "logDirectory": "", + "noColor": false } -} +} \ No newline at end of file diff --git a/tests/ERC20/foundry/medusa-config.json b/tests/ERC20/foundry/medusa-config.json index ff58561..0a7a27d 100644 --- a/tests/ERC20/foundry/medusa-config.json +++ b/tests/ERC20/foundry/medusa-config.json @@ -7,7 +7,8 @@ "callSequenceLength": 100, "corpusDirectory": "tests/medusa-corpus", "coverageEnabled": true, - "deploymentOrder": [], + "targetContracts": [], + "targetContractsBalances": [], "constructorArgs": {}, "deployerAddress": "0x10000", "senderAddresses": [ @@ -21,19 +22,30 @@ "transactionGasLimit": 12500000, "testing": { "stopOnFailedTest": true, - "stopOnFailedContractMatching": true, + "stopOnFailedContractMatching": false, "stopOnNoTests": true, "testAllContracts": false, - "onlyCallFromDeploymentOrder": false, "traceAll": false, "assertionTesting": { "enabled": true, - "testViewMethods": false + "testViewMethods": false, + "panicCodeConfig": { + "failOnCompilerInsertedPanic": false, + "failOnAssertion": true, + "failOnArithmeticUnderflow": false, + "failOnDivideByZero": false, + "failOnEnumTypeConversionOutOfBounds": false, + "failOnIncorrectStorageAccess": false, + "failOnPopEmptyArray": false, + "failOnOutOfBoundsArrayAccess": false, + "failOnAllocateTooMuchMemory": false, + "failOnCallUninitializedVariable": false + } }, "propertyTesting": { "enabled": false, "testPrefixes": [ - "fuzz_" + "property_" ] }, "optimizationTesting": { @@ -59,5 +71,10 @@ "exportDirectory": "", "args": [] } + }, + "logging": { + "level": "info", + "logDirectory": "", + "noColor": false } -} +} \ No newline at end of file From d5adb02141972f08bb449a3b2fd8b53c74419ebe Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Tue, 28 May 2024 17:44:06 +0200 Subject: [PATCH 16/26] updated README --- README.md | 50 +++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 47 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 9c3c9ca..3641f42 100644 --- a/README.md +++ b/README.md @@ -33,11 +33,11 @@ The goals of these properties are to: - Ensure adherence to relevant standards - Provide educational guidance for writing invariants -The properties can be used through unit tests or through fuzzing with [Echidna](https://github.com/crytic/echidna). +The properties can be used through unit tests or through fuzzing with [Echidna](https://github.com/crytic/echidna) or [Medusa](https://github.com/crytic/medusa). ## Testing the properties with fuzzing -1. Install [Echidna](https://github.com/crytic/echidna#installation). +1. Install [Echidna](https://github.com/crytic/echidna#installation) or [Medusa](https://github.com/crytic/medusa/blob/master/docs/src/getting_started/installation.md#installation). 2. Import the properties into to your project: - In case of using Hardhat, use: `npm install https://github.com/crytic/properties.git` or `yarn add https://github.com/crytic/properties.git` @@ -118,6 +118,8 @@ contract CryticTokenMock is MyToken, PropertiesConstants { #### Configuration +**Echidna** + Create the following Echidna config file ```yaml @@ -138,15 +140,57 @@ To perform more than one test, save the files with a descriptive path, to identi The above configuration will start Echidna in assertion mode. Contract will be deployed from address `0x10000`, and transactions will be sent from the owner and two different users (`0x20000` and `0x30000`). There is an initial limit of `100000` tests, but depending on the token code complexity, this can be increased. Finally, once Echidna finishes the fuzzing campaign, corpus and coverage results will be available in the `tests/crytic/erc20/echidna-corpus-internal` directory. +**Medusa** + +Create the following Medusa config file: + +```json +{ + "fuzzing": { + "corpusDirectory": "tests/medusa-corpus", + "deployerAddress": "0x10000", + "senderAddresses": [ + "0x10000", + "0x20000", + "0x30000" + ], + "assertionTesting": { + "enabled": true + }, + "propertyTesting": { + "enabled": false + }, + "optimizationTesting": { + "enabled": false, + }, + }, + "compilation": { + "platform": "crytic-compile", + "platformConfig": { + "target": ".", + "solcVersion": "", + "exportDirectory": "", + "args": [] + } + } +} +``` + #### Run -Run Echidna: +**Echidna** - For internal testing: `echidna . --contract CryticERC20InternalHarness --config tests/crytic/erc20/echidna-internal.yaml` - For external testing: `echidna . --contract CryticERC20ExternalHarness --config tests/crytic/erc20/echidna-external.yaml` Finally, inspect the coverage report in `tests/crytic/erc20/echidna-corpus-internal` or `tests/crytic/erc20/echidna-corpus-external` when it finishes. +**Medusa** + +- Go to the directory `cd tests/crytic/erc20` +- For internal testing: `medusa fuzz --target-contracts CryticERC20InternalHarness --config medusa-internal.yaml` +- For external testing: `medusa fuzz --target-contracts CryticERC20ExternalHarness --config medusa-external.yaml` + #### Example: Output for a compliant token If the token under test is compliant and no properties will fail during fuzzing, the Echidna output should be similar to the screen below: From 05308f8d97395f1406a23a4269342e47a57aab69 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Tue, 28 May 2024 17:55:40 +0200 Subject: [PATCH 17/26] updated medusa config --- tests/ERC20/hardhat/medusa-config.json | 27 +++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) diff --git a/tests/ERC20/hardhat/medusa-config.json b/tests/ERC20/hardhat/medusa-config.json index ff58561..317cdc8 100644 --- a/tests/ERC20/hardhat/medusa-config.json +++ b/tests/ERC20/hardhat/medusa-config.json @@ -7,7 +7,8 @@ "callSequenceLength": 100, "corpusDirectory": "tests/medusa-corpus", "coverageEnabled": true, - "deploymentOrder": [], + "targetContracts": [], + "targetContractsBalances": [], "constructorArgs": {}, "deployerAddress": "0x10000", "senderAddresses": [ @@ -24,16 +25,27 @@ "stopOnFailedContractMatching": true, "stopOnNoTests": true, "testAllContracts": false, - "onlyCallFromDeploymentOrder": false, "traceAll": false, "assertionTesting": { "enabled": true, - "testViewMethods": false + "testViewMethods": false, + "panicCodeConfig": { + "failOnCompilerInsertedPanic": false, + "failOnAssertion": true, + "failOnArithmeticUnderflow": false, + "failOnDivideByZero": false, + "failOnEnumTypeConversionOutOfBounds": false, + "failOnIncorrectStorageAccess": false, + "failOnPopEmptyArray": false, + "failOnOutOfBoundsArrayAccess": false, + "failOnAllocateTooMuchMemory": false, + "failOnCallUninitializedVariable": false + } }, "propertyTesting": { "enabled": false, "testPrefixes": [ - "fuzz_" + "property_" ] }, "optimizationTesting": { @@ -59,5 +71,10 @@ "exportDirectory": "", "args": [] } + }, + "logging": { + "level": "info", + "logDirectory": "", + "noColor": false } -} +} \ No newline at end of file From 0b6fd4505ec1f989616e5c1b49fc36593ab873b4 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Wed, 29 May 2024 10:55:20 +0200 Subject: [PATCH 18/26] test to debug --- .github/workflows/medusa.yaml | 1 + tests/ERC20/foundry/medusa-config.json | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index bccde76..11a6112 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -51,6 +51,7 @@ jobs: - name: Run Medusa for Internal ERC20 tests working-directory: tests/ERC20/foundry run: | + cd tests/ERC20/foundry medusa fuzz --target-contracts CryticERC20InternalHarness --config medusa-config.json - name: Run Medusa for External ERC20 tests diff --git a/tests/ERC20/foundry/medusa-config.json b/tests/ERC20/foundry/medusa-config.json index 0a7a27d..317cdc8 100644 --- a/tests/ERC20/foundry/medusa-config.json +++ b/tests/ERC20/foundry/medusa-config.json @@ -22,7 +22,7 @@ "transactionGasLimit": 12500000, "testing": { "stopOnFailedTest": true, - "stopOnFailedContractMatching": false, + "stopOnFailedContractMatching": true, "stopOnNoTests": true, "testAllContracts": false, "traceAll": false, From 76577883d561b7f16b8d90cd53067ca07020ae46 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Wed, 29 May 2024 11:00:24 +0200 Subject: [PATCH 19/26] test to debug --- .github/workflows/medusa.yaml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index 11a6112..26d10fa 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -44,21 +44,22 @@ jobs: working-directory: tests/ERC20/foundry run: forge build --build-info - - name: Compile ERC4646 Foundry example - working-directory: tests/ERC4626/foundry - run: forge build --build-info - - - name: Run Medusa for Internal ERC20 tests - working-directory: tests/ERC20/foundry - run: | - cd tests/ERC20/foundry - medusa fuzz --target-contracts CryticERC20InternalHarness --config medusa-config.json +# - name: Run Medusa for Internal ERC20 tests +# working-directory: tests/ERC20/foundry +# run: | +# ls +# medusa fuzz --target-contracts CryticERC20InternalHarness --config medusa-config.json - name: Run Medusa for External ERC20 tests working-directory: tests/ERC20/foundry run: | + ls medusa fuzz --target-contracts CryticERC20ExternalHarness --config medusa-config-ext.json + - name: Compile ERC4646 Foundry example + working-directory: tests/ERC4626/foundry + run: forge build --build-info + - name: Run Medusa for External ERC4626 tests working-directory: tests/ERC4626/foundry run: | From 9ffc36ee9097a27cb8c3ee7090959105dbcf95d1 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Wed, 29 May 2024 11:05:25 +0200 Subject: [PATCH 20/26] test to debug --- .github/workflows/medusa.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index 26d10fa..f02add2 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -53,7 +53,8 @@ jobs: - name: Run Medusa for External ERC20 tests working-directory: tests/ERC20/foundry run: | - ls + crytic-compile . + ls out -R medusa fuzz --target-contracts CryticERC20ExternalHarness --config medusa-config-ext.json - name: Compile ERC4646 Foundry example From 9ea1ff306b060e475ec7409ca6f84e6543f35d14 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Wed, 29 May 2024 11:10:25 +0200 Subject: [PATCH 21/26] test to debug --- .github/workflows/medusa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index f02add2..2559a30 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -53,7 +53,7 @@ jobs: - name: Run Medusa for External ERC20 tests working-directory: tests/ERC20/foundry run: | - crytic-compile . + crytic-compile . --foundry-compile-all ls out -R medusa fuzz --target-contracts CryticERC20ExternalHarness --config medusa-config-ext.json From 6dbd704e7177b469c47edaeaf3b8895d0f796d3e Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Wed, 29 May 2024 11:17:18 +0200 Subject: [PATCH 22/26] test to debug --- tests/ERC20/foundry/medusa-config.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/ERC20/foundry/medusa-config.json b/tests/ERC20/foundry/medusa-config.json index 317cdc8..236c875 100644 --- a/tests/ERC20/foundry/medusa-config.json +++ b/tests/ERC20/foundry/medusa-config.json @@ -69,7 +69,7 @@ "target": ".", "solcVersion": "", "exportDirectory": "", - "args": [] + "args": ["--foundry-compile-all"] } }, "logging": { From e1cc265336785960b5f1152c148cdde58906ab93 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Wed, 29 May 2024 11:37:47 +0200 Subject: [PATCH 23/26] test to debug --- .github/workflows/medusa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index 2559a30..f1d0af7 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -24,7 +24,7 @@ jobs: - name: Install Foundry uses: foundry-rs/foundry-toolchain@v1 with: - version: nightly + version: 5be158ba6dc7c798a6f032026fe60fc01686b33b - name: Go setup uses: actions/setup-go@v4 From 8911b575c6d15d366afd1be93a3bcd9586268648 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Wed, 29 May 2024 11:41:41 +0200 Subject: [PATCH 24/26] test to debug --- .github/workflows/medusa.yaml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index f1d0af7..1328b1c 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -23,8 +23,6 @@ jobs: - name: Install Foundry uses: foundry-rs/foundry-toolchain@v1 - with: - version: 5be158ba6dc7c798a6f032026fe60fc01686b33b - name: Go setup uses: actions/setup-go@v4 @@ -44,11 +42,11 @@ jobs: working-directory: tests/ERC20/foundry run: forge build --build-info -# - name: Run Medusa for Internal ERC20 tests -# working-directory: tests/ERC20/foundry -# run: | -# ls -# medusa fuzz --target-contracts CryticERC20InternalHarness --config medusa-config.json + - name: Run Medusa for Internal ERC20 tests + working-directory: tests/ERC20/foundry + run: | + ls out -R + medusa fuzz --target-contracts CryticERC20InternalHarness --config medusa-config.json - name: Run Medusa for External ERC20 tests working-directory: tests/ERC20/foundry From 2dfdb56724aff524ca2ef60ffc8ae83a7fcfe5b6 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Wed, 29 May 2024 11:48:43 +0200 Subject: [PATCH 25/26] fix medusa erc20 tests --- .github/workflows/medusa.yaml | 3 --- README.md | 2 +- tests/ERC20/foundry/medusa-config-ext.json | 2 +- tests/ERC4626/foundry/medusa-config.json | 2 +- 4 files changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/workflows/medusa.yaml b/.github/workflows/medusa.yaml index 1328b1c..c4ca71d 100644 --- a/.github/workflows/medusa.yaml +++ b/.github/workflows/medusa.yaml @@ -45,14 +45,11 @@ jobs: - name: Run Medusa for Internal ERC20 tests working-directory: tests/ERC20/foundry run: | - ls out -R medusa fuzz --target-contracts CryticERC20InternalHarness --config medusa-config.json - name: Run Medusa for External ERC20 tests working-directory: tests/ERC20/foundry run: | - crytic-compile . --foundry-compile-all - ls out -R medusa fuzz --target-contracts CryticERC20ExternalHarness --config medusa-config-ext.json - name: Compile ERC4646 Foundry example diff --git a/README.md b/README.md index 3641f42..d121575 100644 --- a/README.md +++ b/README.md @@ -170,7 +170,7 @@ Create the following Medusa config file: "target": ".", "solcVersion": "", "exportDirectory": "", - "args": [] + "args": ["--foundry-compile-all"] } } } diff --git a/tests/ERC20/foundry/medusa-config-ext.json b/tests/ERC20/foundry/medusa-config-ext.json index 33a6791..0a5a478 100644 --- a/tests/ERC20/foundry/medusa-config-ext.json +++ b/tests/ERC20/foundry/medusa-config-ext.json @@ -69,7 +69,7 @@ "target": ".", "solcVersion": "", "exportDirectory": "", - "args": [] + "args": ["--foundry-compile-all"] } }, "logging": { diff --git a/tests/ERC4626/foundry/medusa-config.json b/tests/ERC4626/foundry/medusa-config.json index 1fc397c..ca87a6d 100644 --- a/tests/ERC4626/foundry/medusa-config.json +++ b/tests/ERC4626/foundry/medusa-config.json @@ -55,7 +55,7 @@ "target": ".", "solcVersion": "", "exportDirectory": "", - "args": [] + "args": ["--foundry-compile-all"] } } } From 4f3ca42a1756f51e7187fdb4ff4368e0fdef7448 Mon Sep 17 00:00:00 2001 From: ggrieco-tob Date: Wed, 29 May 2024 13:10:25 +0200 Subject: [PATCH 26/26] fixes in README and configs --- README.md | 23 ++++++++-------- tests/ERC20/foundry/medusa-config-ext.json | 2 +- tests/ERC20/hardhat/medusa-config-ext.json | 31 +++++++++++++++++----- 3 files changed, 36 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index d121575..0c0cebf 100644 --- a/README.md +++ b/README.md @@ -128,18 +128,10 @@ testMode: assertion testLimit: 100000 deployer: "0x10000" sender: ["0x10000", "0x20000", "0x30000"] +# Uncomment the following line for external testing +#allContracts: true ``` -If you're using external testing, you will also need to specify: - -```yaml -allContracts: true -``` - -To perform more than one test, save the files with a descriptive path, to identify what test each file or corpus belongs to. For these examples, we use `tests/crytic/erc20/echidna-internal.yaml` and `tests/crytic/erc20/echidna-external.yaml` for the Echidna tests for ERC20. We recommended to modify the `corpusDir` for external tests accordingly. - -The above configuration will start Echidna in assertion mode. Contract will be deployed from address `0x10000`, and transactions will be sent from the owner and two different users (`0x20000` and `0x30000`). There is an initial limit of `100000` tests, but depending on the token code complexity, this can be increased. Finally, once Echidna finishes the fuzzing campaign, corpus and coverage results will be available in the `tests/crytic/erc20/echidna-corpus-internal` directory. - **Medusa** Create the following Medusa config file: @@ -147,6 +139,7 @@ Create the following Medusa config file: ```json { "fuzzing": { + "testLimit": 100000, "corpusDirectory": "tests/medusa-corpus", "deployerAddress": "0x10000", "senderAddresses": [ @@ -164,6 +157,10 @@ Create the following Medusa config file: "enabled": false, }, }, +// Uncomment the following lines for external testing +// "testing": { +// "testAllContracts": true +// }, "compilation": { "platform": "crytic-compile", "platformConfig": { @@ -176,6 +173,10 @@ Create the following Medusa config file: } ``` +To perform more than one test, save the files with a descriptive path, to identify what test each file or corpus belongs to. For instace, for these examples, we use `tests/crytic/erc20/echidna-internal.yaml` and `tests/crytic/erc20/echidna-external.yaml` for the Echidna tests for ERC20. We recommended to modify the corpus directory config opction for external tests accordingly. + +The above configuration will start Echidna or Medusa in assertion mode. The target contract(s) will be deployed from address `0x10000`, and transactions will be sent from the owner as well as two different users (`0x20000` and `0x30000`). There is an initial limit of `100000` tests, but depending on the token code complexity, this can be increased. Finally, once our fuzzing tools finish the fuzzing campaign, corpus and coverage results will be available in the specified corpus directory. + #### Run **Echidna** @@ -183,8 +184,6 @@ Create the following Medusa config file: - For internal testing: `echidna . --contract CryticERC20InternalHarness --config tests/crytic/erc20/echidna-internal.yaml` - For external testing: `echidna . --contract CryticERC20ExternalHarness --config tests/crytic/erc20/echidna-external.yaml` -Finally, inspect the coverage report in `tests/crytic/erc20/echidna-corpus-internal` or `tests/crytic/erc20/echidna-corpus-external` when it finishes. - **Medusa** - Go to the directory `cd tests/crytic/erc20` diff --git a/tests/ERC20/foundry/medusa-config-ext.json b/tests/ERC20/foundry/medusa-config-ext.json index 0a5a478..99b94fa 100644 --- a/tests/ERC20/foundry/medusa-config-ext.json +++ b/tests/ERC20/foundry/medusa-config-ext.json @@ -24,7 +24,7 @@ "stopOnFailedTest": true, "stopOnFailedContractMatching": false, "stopOnNoTests": true, - "testAllContracts": false, + "testAllContracts": true, "traceAll": false, "assertionTesting": { "enabled": true, diff --git a/tests/ERC20/hardhat/medusa-config-ext.json b/tests/ERC20/hardhat/medusa-config-ext.json index 2498b74..a77d593 100644 --- a/tests/ERC20/hardhat/medusa-config-ext.json +++ b/tests/ERC20/hardhat/medusa-config-ext.json @@ -7,7 +7,8 @@ "callSequenceLength": 100, "corpusDirectory": "tests/medusa-corpus-ext", "coverageEnabled": true, - "deploymentOrder": [], + "targetContracts": [], + "targetContractsBalances": [], "constructorArgs": {}, "deployerAddress": "0x10000", "senderAddresses": [ @@ -21,19 +22,30 @@ "transactionGasLimit": 12500000, "testing": { "stopOnFailedTest": true, - "stopOnFailedContractMatching": true, + "stopOnFailedContractMatching": false, "stopOnNoTests": true, - "testAllContracts": false, - "onlyCallFromDeploymentOrder": false, + "testAllContracts": true, "traceAll": false, "assertionTesting": { "enabled": true, - "testViewMethods": false + "testViewMethods": false, + "panicCodeConfig": { + "failOnCompilerInsertedPanic": false, + "failOnAssertion": true, + "failOnArithmeticUnderflow": false, + "failOnDivideByZero": false, + "failOnEnumTypeConversionOutOfBounds": false, + "failOnIncorrectStorageAccess": false, + "failOnPopEmptyArray": false, + "failOnOutOfBoundsArrayAccess": false, + "failOnAllocateTooMuchMemory": false, + "failOnCallUninitializedVariable": false + } }, "propertyTesting": { "enabled": false, "testPrefixes": [ - "fuzz_" + "property_" ] }, "optimizationTesting": { @@ -59,5 +71,10 @@ "exportDirectory": "", "args": [] } + }, + "logging": { + "level": "info", + "logDirectory": "", + "noColor": false } -} +} \ No newline at end of file