https://github.com/crytic/medusa

Parallelized, coverage-guided, mutational Solidity smart contract fuzzing, powered by go-ethereum
https://github.com/crytic/medusa

Last synced: about 1 month ago
JSON representation

Parallelized, coverage-guided, mutational Solidity smart contract fuzzing, powered by go-ethereum

• Host: GitHub
• URL: https://github.com/crytic/medusa
• Owner: crytic
• License: agpl-3.0
• Created: 2021-08-31T19:03:08.000Z (about 4 years ago)
• Default Branch: master
• Last Pushed: 2025-05-07T17:33:57.000Z (7 months ago)
• Last Synced: 2025-05-07T23:35:38.211Z (7 months ago)
• Language: Go
• Homepage: https://secure-contracts.com/program-analysis/medusa/docs/src/
• Size: 2.53 MB
• Stars: 375
• Watchers: 22
• Forks: 60
• Open Issues: 113
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Codeowners: CODEOWNERS

Awesome Lists containing this project

• awesome-smart-contract-analysis-tools - Medusa
• evm-fuzzing-resources - Medusa
• awesome-advanced-smart-contracts-testing-and-verification - **Medusa | Property-based fuzzer based on Echidna written in go**
• awesome-solidity - Medusa - Parallel fuzzing engine for smart contracts with advanced techniques (Security Analysis Tools)

README

          
# medusa

`medusa` is a cross-platform [go-ethereum](https://github.com/ethereum/go-ethereum/)-based smart contract fuzzer inspired by [Echidna](https://github.com/crytic/echidna).

It provides parallelized fuzz testing of smart contracts through CLI, or its Go API that allows custom user-extended testing methodology.

**Disclaimer**: The Go-level testing API is still **under development** and is subject to breaking changes.

## Features

`medusa` provides support for:

- ✔️**Parallel fuzzing and testing** methodologies across multiple workers (threads)

- ✔️**Assertion and property testing**: built-in support for writing basic Solidity property tests and assertion tests

- ✔️**Mutational value generation**: fed by compilation and runtime values.

- ✔️**Coverage collecting**: Coverage increasing call sequences are stored in the corpus

- ✔️**Coverage guided fuzzing**: Coverage increasing call sequences from the corpus are mutated to further guide the fuzzing campaign

- ✔️**Extensible low-level testing API** through events and hooks provided throughout the fuzzer, workers, and test chains.

- ❌ **Extensible high-level testing API** allowing for the addition of per-contract or global post call/event property tests with minimal effort.

## Documentation

To learn more about how to install and use `medusa`, please refer to our [documentation](./docs/src/SUMMARY.md).

For a better viewing experience, we recommend you install [mdbook](https://rust-lang.github.io/mdBook/guide/installation.html)

and then running the following steps from medusa's source directory:

```bash

cd docs

mdbook serve

```

## Install

Run the following command to install the latest version of `medusa`:

```shell

go install github.com/crytic/medusa@latest

```

For more information on building from source, using package managers, or obtaining binaries for Windows and Linux,

please refer to the [installation guide](./docs/src/getting_started/installation.md).

## Contributing

For information about how to contribute to this project, check out the [CONTRIBUTING](./CONTRIBUTING.md) guidelines.

## License

`medusa` is licensed and distributed under the [AGPLv3](./LICENSE).