benchmark mode: until first bug or until timeout

SoftSec-KAIST / Smartian

Smartian: Enhancing Smart Contract Fuzzing with Static and Dynamic Data-Flow Analyses (ASE '21)

MIT License

140 stars 21 forks source link

benchmark mode: until first bug or until timeout #6

Open f0rki opened 1 year ago

f0rki commented 1 year ago

useful for benchmarking smartian and comparing to other tools according to "time-to-bug".

jchoi2022 commented 4 months ago

Thank you for the suggestion.

However, it seems challenging to decide whether the fuzzer had really found the bug that we originally targeted. Since there may exist multiple bugs (and different kind of bugs) in one contract, I'm concerned that it can be incorrect to use this mode to estimate the time-to-exposure of a specific bug.

f0rki commented 4 months ago

@jchoi2022 I agree. However, I used this primarily to test on smart contracts that only contain a single bug. Then you don't have this problem at all.