forked from crytic/medusa
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Migrate to mdbook (crytic#223) Co-authored-by: Zach McManus <[email protected]> Co-authored-by: Damilola Edwards <[email protected]>
- Loading branch information
1 parent
992aa9d
commit c7c4edd
Showing
67 changed files
with
3,057 additions
and
91 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,4 +20,7 @@ | |
*node_modules/ | ||
|
||
# Medusa binary | ||
medusa | ||
medusa | ||
|
||
# Medusa docs | ||
docs/book |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
[book] | ||
title = "medusa" | ||
authors = ["Trail of Bits"] | ||
language = "en" | ||
multilingual = false | ||
src = "src" | ||
description = "This repository, brought to you by Trail of Bits, contains the documentation files for the medusa fuzzer." | ||
|
||
[output.html] | ||
git-repository-url = "https://github.com/crytic/medusa" | ||
edit-url-template = "https://github.com/crytic/medusa/edit/master/docs/{path}" | ||
additional-css = ["src/static/custom.css"] | ||
default-theme = "light" | ||
|
||
[output.html.fold] | ||
enable = true | ||
level = 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
![medusa_logo](./static/medusa_logo.png) | ||
|
||
`medusa` is a cross-platform go-ethereum-based smart contract fuzzer inspired by Echidna. It provides parallelized fuzz | ||
testing of smart contracts through CLI, or its Go API that allows custom user-extended testing methodology. | ||
|
||
## Table of Contents | ||
|
||
- [Getting Started](./getting_started/installation.md): Learn how to install `medusa` and how to set it up for your first project. | ||
- [Project Configuration](./project_configuration/overview.md): Learn how to set up `medusa` for your project as well as | ||
the vast number of configuration options that can be set up based on your project needs. | ||
- [Command Line Interface](./cli/overview.md): Learn how to use `medusa`'s CLI. | ||
- [Writing Tests](./testing/overview.md): Learn how to write tests with `medusa` | ||
- [API (WIP)](./api/api_overview.md): Learn about `medusa`'s Go API that can be used to perform advanced testing | ||
methodologies and extend `medusa`'s capabilities. | ||
- Appendices | ||
- [Cheatcodes](./cheatcodes/cheatcodes_overview.md): Learn about the various cheatcodes that are supported by `medusa`. | ||
- [Console Logging](./console_logging.md): Learn about how to use `console.log` with `medusa`. | ||
- [FAQ](./faq.md) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
# Summary | ||
|
||
[Introduction](./README.md) | ||
|
||
# Getting Started | ||
|
||
- [Installation](./getting_started/installation.md) | ||
- [First Steps](./getting_started/first_steps.md) | ||
|
||
# Project Configuration | ||
|
||
- [Configuration Overview](project_configuration/overview.md) | ||
- [Fuzzing Configuration](project_configuration/fuzzing_config.md) | ||
- [Testing Configuration](project_configuration/testing_config.md) | ||
- [Chain Configuration](project_configuration/chain_config.md) | ||
- [Compilation Configuration](project_configuration/compilation_config.md) | ||
- [Logging Configuration](project_configuration/logging_config.md) | ||
|
||
# Command Line Interface (CLI) | ||
|
||
- [CLI Overview](./cli/overview.md) | ||
- [init](./cli/init.md) | ||
- [fuzz](./cli/fuzz.md) | ||
- [completion](./cli/completion.md) | ||
|
||
# Writing Tests | ||
|
||
- [Testing Overview](./testing/overview.md) | ||
- [The Fuzzing Lifecycle](./testing/fuzzing_lifecycle.md) | ||
- [Types of Invariants](./testing/invariants.md) | ||
- [Writing Function-Level Invariants](./testing/writing-function-level-invariants.md) | ||
- [Writing System-Level Invariants (WIP)](./testing/writing-system-level-invariants.md) | ||
- [Coverage Reports (WIP)](./testing/coverage_reports.md) | ||
|
||
# API | ||
|
||
- [API Overview (WIP)](api/api_overview.md) | ||
|
||
# Appendices | ||
|
||
- [Cheatcodes](cheatcodes/cheatcodes_overview.md) | ||
- [warp](./cheatcodes/warp.md) | ||
- [roll](./cheatcodes/roll.md) | ||
- [fee](./cheatcodes/fee.md) | ||
- [difficulty](./cheatcodes/difficulty.md) | ||
- [chainId](./cheatcodes/chain_id.md) | ||
- [store](./cheatcodes/store.md) | ||
- [load](./cheatcodes/load.md) | ||
- [etch](./cheatcodes/etch.md) | ||
- [deal](./cheatcodes/deal.md) | ||
- [snapshot](./cheatcodes/snapshot.md) | ||
- [getNonce](./cheatcodes/get_nonce.md) | ||
- [setNonce](./cheatcodes/set_nonce.md) | ||
- [coinbase](./cheatcodes/coinbase.md) | ||
- [prank](./cheatcodes/prank.md) | ||
- [prankHere](./cheatcodes/prank_here.md) | ||
- [ffi](./cheatcodes/ffi.md) | ||
- [addr](./cheatcodes/addr.md) | ||
- [sign](./cheatcodes/sign.md) | ||
- [toString](./cheatcodes/to_string.md) | ||
- [parseBytes](./cheatcodes/parse_bytes.md) | ||
- [parseBytes32](./cheatcodes/parse_bytes32.md) | ||
- [parseInt](./cheatcodes/parse_int.md) | ||
- [parseUint](./cheatcodes/parse_uint.md) | ||
- [parseBool](./cheatcodes/parse_bool.md) | ||
- [parseAddress](./cheatcodes/parse_address.md) | ||
- [Console Logging](./console_logging.md) | ||
|
||
[FAQ](./faq.md) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
> **Definition**: Stateful fuzzing is the process of maintaining EVM state across multiple fuzzed transactions. | ||
Stateful fuzzing is an incredibly powerful feature because it allows medusa to test your system **end-to-end**. Let's | ||
take, for example, a staking system where you have the ability to `deposit`, `stake`, `unstake`, and `withdraw`. Because | ||
medusa can execute an array of transactions, medusa can call [`deposit`, `stake`, `unstake`, `withdraw`] inorder and test the | ||
whole system in one fell swoop. It is very important to note that medusa was not _forced_ to call those functions in | ||
sequence. Medusa, over time, will identify that calling deposit allows it to stake tokens and having a staked balance | ||
allows it to unstake, and so on. | ||
|
||
In contrast, having a call sequence length of 1 is called **stateless fuzzing**. | ||
|
||
> **Definition**: Stateless fuzzing is the process of executing a single transaction before resetting the EVM state. | ||
Stateless fuzzing is useful for arithmetic libraries or isolated functions where state does not need to be maintained | ||
across transactions. Stateless fuzzing, although faster, is not useful for larger systems that have many code paths with | ||
nuanced and complex invariants. |
Oops, something went wrong.