24 - Fuzzing
Fuzzing or fuzz testing is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program. The program is then monitored for exceptions such as crashes, failing built-in code assertions, or potential memory leaks
- Fuzzing is especially relevant to smart contracts because anyone can interact with them on the blockchain with random inputs without necessarily having a valid reason or expectation (arbitrary byzantine behaviour)
- Echidna and Harvey are two popular tools for smart contract fuzzing
- Software Testing
- Random/Invalid Inputs
- Monitor Crashes/Failures/Leaks
- E.g.: Echidna, Harvey