search

crytic / medusa

Parallelized, coverage-guided, mutational Solidity smart contract fuzzing, powered by go-ethereum
https://www.trailofbits.com/
GNU Affero General Public License v3.0
273 stars 33 forks source link

Consume arguments emitted from events to be used in the fuzzing test #311

Open 0xicingdeath opened 4 months ago

0xicingdeath commented 4 months ago

Feature Request: support parsing of event data after a function has been called to pull intermediate / updated values mid-execution

For the following code snippet, it becomes non-trivial to find the output of updatedVarA and updatedVarB, which is necessary in some cases to figure out how much allowance to grant a specific user, or how many funds to actually allocate in order to have a successful transaction. 

function X() public { 
  _a(); 
  _b(); 
} 

function _a() private {
   // insert random calculations here 
   emit ValuesUpdated(updatedVarA, updatedVarB)
}

This ends up slowing down invariant development, because helper contracts // functions need to be added to calculate hypothetical values, which is challenging especially in cases where the codebase is reaching max contract size.

rappie commented 4 months ago

I would love to see this added, I believe it can be very powerful.

Echidna equivalent: https://github.com/crytic/echidna/issues/883