Skip to content

rappie/fuzz-vs-fv

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
comet
comet
 
 
fund-eq-of-dai-certora
fund-eq-of-dai-certora
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Description

The purpose of this repository is to demonstrate that fuzzing is easily able to catch the bug mentioned here with the invariant mentioned here.

Link to fuzzing code.

Changes to the Fuzzing Suite

  • Added function to fuzz price feed in order to allow absorb pass
  • Introduced actors to significantly boost fuzzing efficiency
  • Removed fuzzing repeat functionality
  • Clamp transfer ERC20 token amounts to not exceed user balances

Prerequisites

  1. Install Echidna, follow the steps here: Installation Guide using the latest master branch

  2. Install dependencies with yarn install

Instructions

Run with

cd comet
echidna . --contract TestComet --config config.yaml

Broken Invariant Sequence

test_bit_per_balance(): failed!💥
  Call sequence:
    TestComet.supply(33599713855354106078310737180879058197,334849891882189)
    TestComet.supplyTo(1,188910566290528870039435775673750114489269716245,1002095)
    TestComet.withdrawBaseToken(1000144)
    TestComet.setPrice(2,0)
    TestComet.absorb(0)
    TestComet.test_bit_per_balance()

Original Readme

https://github.com/Certora/fuzz-vs-fv/blob/main/README.md

About

Solution to Certora's Fuzzing Challenge

x.com/CertoraInc/status/1821588679955198319

Topics

solidity fuzzing echidna formalverification

Resources

Readme
Activity

Stars

2 stars

Watchers

0 watching

Forks

1 fork
Report repository

Languages

  • TypeScript 81.5%
  • Solidity 17.6%
  • Other 0.9%