Link to this headingFuzzing
Link to this headingFuzzing with Medusa
Setup:
brew install medusa
cd project
medusa init
Fuzzing:
>>> medusa fuzz --target-contracts "VaultV1_3" --test-limit 1000000
⇾ Reading the configuration file at: /Users/user1/Projects/vault/medusa.json
⇾ Compiling targets with crytic-compile
⇾ Running command:
/opt/homebrew/bin/crytic-compile . --export-format solc
⇾ Finished compiling targets in 2s
⇾ Using cached Slither results found at slither_results.json
⇾ Initializing corpus
⇾ Setting up test chain
⇾ Finished setting up test chain
⇾ Fuzzing with 10 workers
⇾ [NOT STARTED] Assertion Test: VaultV1_3.upgradeToAndCall(address,bytes)
⇾ [NOT STARTED] Assertion Test: VaultV1_3.renounceRole(bytes32,address)
⇾ [NOT STARTED] Assertion Test: VaultV1_3.grantRole(bytes32,address)
⇾ [NOT STARTED] Assertion Test: VaultV1_3.revokeRole(bytes32,address)
⇾ [NOT STARTED] Assertion Test: VaultV1_3.swap(bytes,uint256)
⇾ [NOT STARTED] Assertion Test: VaultV1_3.withdrawERC20(address,uint256)
⇾ fuzz: elapsed: 0s, calls: 0 (0/sec), seq/s: 0, branches hit: 16, corpus: 0, failures: 0/0, gas/s: 0
⇾ [NOT STARTED] Assertion Test: VaultV1_3.withdrawNative(uint256)
⇾ [NOT STARTED] Assertion Test: VaultV1_3.initialize(address,address,address)
⇾ fuzz: elapsed: 3s, calls: 255572 (85190/sec), seq/s: 850, branches hit: 207, corpus: 9, failures: 0/2551, gas/s: 2132347638
⇾ fuzz: elapsed: 6s, calls: 512374 (85566/sec), seq/s: 855, branches hit: 207, corpus: 9, failures: 0/5118, gas/s: 2140952486
⇾ fuzz: elapsed: 9s, calls: 767925 (85182/sec), seq/s: 852, branches hit: 207, corpus: 9, failures: 0/7676, gas/s: 2131435341
⇾ fuzz: elapsed: 12s, calls: 1021893 (84655/sec), seq/s: 845, branches hit: 207, corpus: 9, failures: 0/10214, gas/s: 2118621205
⇾ Transaction test limit reached, halting now...
⇾ Fuzzer stopped, test results follow below ...
⇾ [PASSED] Assertion Test: VaultV1_3.grantRole(bytes32,address)
⇾ [PASSED] Assertion Test: VaultV1_3.initialize(address,address,address)
⇾ [PASSED] Assertion Test: VaultV1_3.renounceRole(bytes32,address)
⇾ [PASSED] Assertion Test: VaultV1_3.revokeRole(bytes32,address)
⇾ [PASSED] Assertion Test: VaultV1_3.swap(bytes,uint256)
⇾ [PASSED] Assertion Test: VaultV1_3.upgradeToAndCall(address,bytes)
⇾ [PASSED] Assertion Test: VaultV1_3.withdrawERC20(address,uint256)
⇾ [PASSED] Assertion Test: VaultV1_3.withdrawNative(uint256)
⇾ Test summary: 8 test(s) passed, 0 test(s) failed
⇾ html report(s) saved to: crytic-export/coverage/coverage_report.html
⇾ lcov report(s) saved to: crytic-export/coverage/lcov.info