Echidna: Effective, usable, and fast fuzzing for smart contracts

Gustavo Grieco, Will Song, Artur Cygan, Josselin Feist, Alex Groce

Research output: Chapter in Book/Report/Conference proceedingConference contribution

136 Scopus citations

Abstract

Ethereum smart contracts - -autonomous programs that run on a blockchain - -often control transactions of financial and intellectual property. Because of the critical role they play, smart contracts need complete, comprehensive, and effective test generation. This paper introduces an open-source smart contract fuzzer called Echidna that makes it easy to automatically generate tests to detect violations in assertions and custom properties. Echidna is easy to install and does not require a complex configuration or deployment of contracts to a local blockchain. It offers responsive feedback, captures many property violations, and its default settings are calibrated based on experimental data. To date, Echidna has been used in more than 10 large paid security audits, and feedback from those audits has driven the features and user experience of Echidna, both in terms of practical usability (e.g., smart contract frameworks like Truffle and Embark) and test generation strategies. Echidna aims to be good at finding real bugs in smart contracts, with minimal user effort and maximal speed.

Original languageEnglish (US)
Title of host publicationISSTA 2020 - Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis
EditorsSarfraz Khurshid, Corina S. Pasareanu
PublisherAssociation for Computing Machinery, Inc
Pages557-560
Number of pages4
ISBN (Electronic)9781450380089
DOIs
StatePublished - Jul 18 2020
Event29th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2020 - Virtual, Online, United States
Duration: Jul 18 2020Jul 22 2020

Publication series

NameISSTA 2020 - Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis

Conference

Conference29th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2020
Country/TerritoryUnited States
CityVirtual, Online
Period7/18/207/22/20

Keywords

  • fuzzing
  • smart contracts
  • test generation

ASJC Scopus subject areas

  • Software

Fingerprint

Dive into the research topics of 'Echidna: Effective, usable, and fast fuzzing for smart contracts'. Together they form a unique fingerprint.

Cite this