{"id":19830749,"url":"https://github.com/crytic/secureum-medusa","last_synced_at":"2025-05-01T15:30:47.688Z","repository":{"id":184992760,"uuid":"671853062","full_name":"crytic/secureum-medusa","owner":"crytic","description":null,"archived":true,"fork":false,"pushed_at":"2023-08-24T12:18:54.000Z","size":61,"stargazers_count":46,"open_issues_count":0,"forks_count":10,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-30T05:32:16.701Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Solidity","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/crytic.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-07-28T09:38:34.000Z","updated_at":"2025-03-23T14:53:46.000Z","dependencies_parsed_at":"2024-11-12T11:29:33.438Z","dependency_job_id":"1e7b4fe3-ca18-4671-bb43-3c9c32890b62","html_url":"https://github.com/crytic/secureum-medusa","commit_stats":null,"previous_names":["crytic/secureum-medusa"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crytic%2Fsecureum-medusa","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crytic%2Fsecureum-medusa/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crytic%2Fsecureum-medusa/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crytic%2Fsecureum-medusa/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/crytic","download_url":"https://codeload.github.com/crytic/secureum-medusa/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251898549,"owners_count":21661841,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-12T11:25:11.560Z","updated_at":"2025-05-01T15:30:43.057Z","avatar_url":"https://github.com/crytic.png","language":"Solidity","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# Secureum Medusa workshop\n\nThe goals of this workshop are to:\n- Learn about invariants development\n- Become familar with the medusa fuzzer\n\nMedusa is a [new experimental fuzzer](https://github.com/crytic/medusa). Do not hesitate to ask questions on secureum's discord, or create [github issues](https://github.com/crytic/medusa/issues/new) if you encounter any issue.\n\n## Before starting\n\nTo install medusa, follow [the installation instructions](https://github.com/crytic/medusa/#installation).\n\n### Solc\n\nSolc 0.8.19 is used for this workshop. We recommend [solc-select](https://github.com/crytic/solc-select) to easily switch between solc versions:\n```\npip3 install solc-select\nsolc-select install 0.8.19\nsolc-select use 0.8.19\n```\n\n## The contest\n\nThe goals of the contest is to write invariants for three targets (`SignedWadMath`, `FixedPointMathLib`, `ERC20Burn`). All the contracts are inspired from [solmate](https://github.com/transmissions11/solmate).\n\n\n### Helper\n- [`helper`](./contracts/helper.sol) comes from the [properties](https://github.com/crytic/properties) repo, and contains helpers to ease the creation of invariants. In particular we recommend to use:\n  - `asssertX` (`Eq`, `Neq`, `Gte`, `Gt`, `Lte`, `Lt`) to test assertion between values\n  - `clampX` ( `Between`, `Lt`, `Lte`, `Gt`, `Gte` ) to restraint the inputs' values \n\n### SignedWadMath\n- [`SignedWadMath`](./contracts/SignedWadMath.sol) is a signed 18 decimal fixed point (wad) arithmetic library.\n- [`SignedWadMathTest`](./contracts/SignedWadMathTest.sol) is an example of test for `SignedWadMath` \n  - `testtoWadUnsafe` is an example of invariant to help you\n\n### FixedPointMathLib\n- [`FixedPointMathLib`](./contracts/FixedPointMathLib.sol) is an arithmetic library with operations for fixed-point numbers.\n- [`FixedPointMathLibTest`](./contracts/FixedPointMathLibTest.sol) is an example of test for `SignedWadMath` \n  - `testmulDivDown` is an example of invariant to help you\n\n### ERC20Burn\n- [`ERC20`](./contracts/ERC20.sol) is a standard ERC20 token.\n- [`ERC20Burn`](./contracts/ERC20Burn.sol) extends `ERC20`  with a burn function\n- [`ERC20Test`](./contracts/ERC20Test.sol) is an example of test for `ERC20Burn` \n  - `fuzz_Supply` is an example of invariant to help you\n- [`ERC20TestAdvanced`](./contracts/ERC20TestAdvanced.sol) is an example of an advanced test for `ERC20Burn` \n   - `ERC20TestAdvanced` uses the [external testing approach](https://secure-contracts.com/program-analysis/echidna/basic/common-testing-approaches.html#external-testing) and uses a proxy contract to simulate a user. This approach is more complex to use, but allows to test for more complex scenario\n   - `testTransferFrom`  is an example of invariant to help you\n\n### ERC20Burn\n\n\n## How to start\n\nA few pointers to start:\n\n- Read the documentation\n- Start small, and create simple invariants first\n  -  Start with `SignedWadMath`\n- Consider when operation should or it should not revert\n- Some properties could require to use certain tolerance\n-  `ERC20TestAdvanced` is recommended only for users that have already explored the other contracts\n- Do not hesitate to introduce bugs in your code to verify that your invariants can catch them\n\n\nTo start a fuzzing campagn\n```bash\nmedusa fuzz --target contracts/NAME.sol --deployment-order CONTRACT_NAME\n```\nReplace `NAME.sol` and `CONTRACT_NAME`.\n\n## Expected Results and Evaluation\n\nUser should be able to fully test the contracts. It is worth mentioning that the code is unmodified and there are no known issues. If you find some security or correctness issue in the code do NOT post it in this repository nor upstream, since these are public messages. Instead, [contact us](mailto:josselin@trailofits.com) to confirm the issue and discuss how to proceed.\n\nFor Secureum, the resulting properties will be evaluated introducing an artificial bug in the code and running a short fuzzing campaign.\n\nWe encourage you to try different approaches and invariants. Invariants based development is a powerful tool for developer and auditors that require practices and experience to master it. \n\n## Configuration\n[medusa.json](./medusa.json) was generated with `medusa init`. The following changes were applied:\n- `testAllContracts` was set to true\n- `corpusDirectory` was set to \"corpus\"\n- `assertionTesting/enabled` was set to true\n\n## Documentation\n- [Medusa configuration](https://github.com/crytic/medusa/wiki/Project-Configuration)\n- [Fuzzing workshop](https://www.youtube.com/watch?v=QofNQxW_K08\u0026list=PLciHOL_J7Iwqdja9UH4ZzE8dP1IxtsBXI)\n- [Fuzzing training](https://secure-contracts.com/program-analysis/echidna/index.html)\n\n## Self-Evaluation\nSee [Evaluation](./Evaluation.md)","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcrytic%2Fsecureum-medusa","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcrytic%2Fsecureum-medusa","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcrytic%2Fsecureum-medusa/lists"}