tool support for smart contracts (inc. testing, debugging)

[monperrus]

https://ethereum.org/en/developers/docs/smart-contracts/testing/

lots of tools at https://github.com/bkrem/awesome-solidity

[monperrus]

https://github.com/ConsenSys/mythril

[monperrus]

https://github.com/sc-forks/solidity-coverage

[monperrus]

Mutation testing for Solidity:

https://github.com/MorenaBarboni/SuMo-SOlidity-MUtator https://github.com/JoranHonig/vertigo

[monperrus]

n-version programming for smart-contracts:

• Enter the Hydra: Towards Principled Bug Bounties and Exploit-Resistant Smart Contracts
• Dissimilar redundancy in defi

[monperrus]

Detecting functional and security‐related issues in smart contracts: A systematic literature review

[monperrus]

Combine sliced joint graph with graph neural networks for smart contract vulnerability detection

[monperrus]

smock: The Solidity mocking library https://github.com/defi-wonderland/smock

cc/ @Deee92

[monperrus]

The foundry toolchain in Rust: https://github.com/foundry-rs/foundry/

Anvil is a local testnet node shipped with Foundry. https://book.getfoundry.sh/anvil/

[monperrus]

Echidna: Ethereum smart contract fuzzer https://github.com/crytic/echidna

[bbaudry]

Challenges and Common Solutions in Smart Contract Development http://ieeexplore.ieee.org/document/9555611

[bbaudry]

Pluto: Exposing Vulnerabilities in Inter-Contract Scenarios http://ieeexplore.ieee.org/document/9562567

[monperrus]

Challenges and Common Solutions in Smart Contract Development

[monperrus]

Not so immutable: Upgradeability of Smart Contracts on Ethereum https://arxiv.org/pdf/2206.00716.pdf

[monperrus]

How contract migration works Alternative to upgradability mechanism - moving data to a new contract

[bbaudry]

https://smartbugs.github.io/ A Framework for Analysing Ethereum Smart Contracts

[monperrus]

for blockchain automation, Seth is a base for deploy scripts, integration tests, and bots. https://github.com/crytic/dapptools/tree/master/src/seth

[bbaudry]

Leveraging Architectural Approaches in Web3 Applications -- A DAO Perspective Focused. http://arxiv.org/abs/2212.05314

[bbaudry]

Inferring Needless Write Memory Accesses on Ethereum Bytecode https://arxiv.org/pdf/2301.04757

[monperrus]

Inferring Needless Write Memory Accesses on Ethereum Bytecode https://arxiv.org/pdf/2301.04757

[monperrus]

Guiding Automated Test Case Generation for Transaction-Reverting Statements in Smart Contracts.

[monperrus]

SAILFISH: Vetting Smart Contract State-Inconsistency Bugs in Seconds https://arxiv.org/abs/2104.08638

[bbaudry]

Large-Scale Empirical Study of Inline Assembly on 7.6 Million Ethereum Smart Contracts http://ieeexplore.ieee.org/document/9745341

[monperrus]

Security Threat Mitigation For Smart Contracts: A Survey https://arxiv.org/pdf/2302.07347.pdf

[monperrus]

Test-Case Generation for Data Flow Testing of Smart Contracts Based on Improved Genetic Algorithm https://ieeexplore.ieee.org/document/9778269

[monperrus]

Invariants in https://github.com/crytic/properties

ERC20 token: mintable, burnable, pausable and transferable invariants (25 properties). ERC4626 vaults: strict specification and additional security invariants (37 properties). ABDKMath64x64 fixed-point library invariants (106 properties).

[monperrus]

Enhancing Ethereum smart-contracts static analysis by computing a precise Control-Flow Graph of Ethereum bytecode

[monperrus]

Metamorphic Testing for Smart Contract Vulnerabilities Detection

[monperrus]

Truffle / Ganache / Drizzle: https://github.com/trufflesuite/

[monperrus]

gambit mutation generator for Solidity https://github.com/Certora/gambit

see usage in https://medium.com/certora/gambit-23ef5cab02f5

cc/ @chandrakananandi

[chandrakananandi]

gambit mutation generator for Solidity https://github.com/Certora/gambit

see usage in https://medium.com/certora/gambit-23ef5cab02f5

cc/ @chandrakananandi

Thanks @monperrus for posting about gambit! We are really excited about it and actively working on adding more features and improvements too :)

[monperrus]

Woke is a Python-based development and testing framework for Solidity. https://github.com/Ackee-Blockchain/woke

[monperrus]

EtherSolve

• paper EtherSolve: Computing an Accurate Control-Flow Graph from Ethereum Bytecode
• code https://github.com/SeUniVr/EtherSolve

[monperrus]

Brownie: A Python-based development and testing framework for smart contracts targeting the Ethereum Virtual Machine. https://github.com/eth-brownie/brownie

[monperrus]

Hardhat is a development environment to compile, deploy, test, and debug your Ethereum software (aka buidler) https://github.com/NomicFoundation/hardhat.

[monperrus]

Embark: Framework for serverless Decentralized Applications using Ethereum, IPFS and other platforms https://github.com/embarklabs/embark

[monperrus]

Waffle advanced framework for testing smart contracts in Typescript https://github.com/TrueFiEng/Waffle

[bbaudry]

Super-optimization of Smart Contracts https://dl.acm.org/doi/full/10.1145/3506800

[monperrus]

Solhint linting utility for Solidity code https://github.com/protofire/solhint

[bbaudry]

Harvey: A greybox fuzzer for smart contracts

[bbaudry]

injecting faults in the ethereum blockchain https://ieeexplore.ieee.org/iel7/6287639/8948470/09229414.pdf

[bbaudry]

Towards Saving Blockchain Fees via Secure and Cost-Effective Batching of Smart-Contract Invocations https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10018598

[monperrus]

Surya is an utility tool for smart contract systems. It provides a number of visual outputs and information about the contracts' structure.

https://github.com/ConsenSys/surya

[monperrus]

More mocking Solidity mocking provider for testing https://github.com/cleanunicorn/mockprovider

[bbaudry]

SigRec: Automatic Recovery of Function Signatures in Smart Contracts. http://arxiv.org/abs/2305.07067

[bbaudry]

Rust WebAssembly smart contract for NEAR with Javascript runtime https://github.com/petersalomonsen/quickjs-rust-near

[monperrus]

SmartMark: Software Watermarking Scheme for Smart Contracts https://arxiv.org/abs/2303.13733

[bbaudry]

ReSuMo: a regression strategy and tool for mutation testing of solidity smart contracts M Barboni, A Morichetta, A Polini, F Casoni. Software Quality Journal

[bbaudry]

Correct-by-Design Interacting Smart Contracts and a Systematic Approach for Verifying ERC20 and ERC721 Contracts With VeriSolid http://ieeexplore.ieee.org/document/9864250 TDSC 2023

[bbaudry]

Towards Web3 Applications: Easing the Access and Transition. http://arxiv.org/abs/2210.05903

[bbaudry]

Capturing Smart Contract Design with DCR Graphs. http://arxiv.org/abs/2305.04581