Skip to content

One click magically working Foundry + Medusa + Echidna Starter

Notifications You must be signed in to change notification settings

Recon-Fuzz/create-chimera-app

Repository files navigation

Create Chimera App

This Foundry template allows you to bootstrap a fuzz testing suite using a scaffolding provided by the Recon tool.

It extends the default Foundry template used when running forge init to include example property tests using assertion tests and boolean property tests supported by Echidna and Medusa.

Broken properties can be turned into unit tests for easier debugging with Recon (for Echidna/for Medusa) and added to the CryticToFoundry contract.

Usage

To initialize a new Foundry repo using this template run the following command in the terminal.

forge init --template https://github.com/Recon-Fuzz/create-chimera-app

Build

forge build

Foundry Testing

forge test

This will run all unit, fuzz and invariant tests in the CounterTest and CryticToFoundry contracts.

Echidna Property Testing

echidna . --contract CryticTester --config echidna.yaml

Assertion mode is enabled by default in the echidna.yaml config file.

To test in property mode enable testMode: "property" in echidna.yaml).

Medusa Property Testing

medusa fuzz

Assertion and property mode are enabled by default in the medusa.json config file meaning the fuzzer will check assertion and property tests.

To test only in property mode disable assertion mode using:

"assertionTesting": {
    "enabled": false
}  

in medusa.json.

Uploading Fuzz Job To Recon

You can offload your fuzzing job to Recon to run long duration jobs and share test results with collaborators using the jobs page on Recon:

Medusa

  1. Select Medusa as the job type using the radio buttons at the top of the page.
  2. Add the link for this repo in the Enter GitHub Repo URL form field (this will prefill the remaining form fields)
  1. Specify the medusa.json config file in the Medusa config filename field.
  1. Optional: to override the timeout value in the Medusa config file for longer duration runs enter a value (in seconds) into the Test Time Limit field.

Echidna

  1. Select Echidna as the job type using the radio buttons at the top of the page.

  2. Add the link for this repo in the Enter GitHub Repo URL form field (this will prefill the remaining form fields)

  1. Add the following path to the test contract, config filename and test contract name to the corresponding form fields. Optional: to override the timeout and testLimit from the config file use the corresponding form fields.

  1. Clicking the Run Job button will upload the job to Recon's cloud fuzz runner service. You'll see info about your job in the Job Details section and you'll be able to view your job in the All Jobs section.
  1. Clicking View Details button for a job lets you see the fuzzer logs and coverage report (only generated after the run is complete). You can share a fuzz run with any collaborators using the Share Job Results button.