-
Notifications
You must be signed in to change notification settings - Fork 359
184 lines (174 loc) · 6.83 KB
/
medusa.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
name: Run Medusa tests
on:
push:
paths:
- ".github/workflows/medusa.yml"
- "program-analysis/echidna/**/*.sol"
- "program-analysis/echidna/**/*.yml"
branches:
- master
pull_request:
paths:
- ".github/workflows/medusa.yml"
- "program-analysis/echidna/**/*.sol"
- "program-analysis/echidna/**/*.yml"
schedule:
# run CI every day even if no PRs/merges occur
- cron: "0 12 * * *"
jobs:
tests:
name: ${{ matrix.name }}
continue-on-error: ${{ matrix.flaky == true }}
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
include:
- name: Exercise 1
workdir: program-analysis/echidna/exercises/exercise1/
files: solution.sol
contract: TestToken
outcome: failure
expected: 'echidna_test_balance()\" failed after the following call sequence'
- name: Exercise 2
workdir: program-analysis/echidna/exercises/exercise2/
files: solution.sol
contract: TestToken
outcome: failure
expected: 'echidna_no_transfer()\" failed after the following call sequence'
- name: Exercise 3
workdir: program-analysis/echidna/exercises/exercise3/
files: solution.sol
contract: TestToken
outcome: failure
expected: 'echidna_test_balance()\" failed after the following call sequence'
- name: Exercise 4
workdir: program-analysis/echidna/exercises/exercise4/
files: solution.sol
contract: TestToken
outcome: failure
expected: 'transfer(address,uint256)\" resulted in an assertion failure after the following call sequence:'
# - name: Exercise 5
# workdir: dvdefi/
# files: .
# config: naivereceiver.yaml
# crytic-args: --hardhat-ignore-compile
# contract: NaiveReceiverEchidna
# outcome: failure
# expected: 'echidna_test_contract_balance:\s*failed'
# - name: Exercise 6
# workdir: dvdefi/
# files: .
# config: unstoppable.yaml
# crytic-args: --hardhat-ignore-compile
# contract: UnstoppableEchidna
# outcome: failure
# expected: 'echidna_testFlashLoan:\s*failed'
# - name: Exercise 7
# workdir: dvdefi/
# files: .
# config: sideentrance.yaml
# crytic-args: --hardhat-ignore-compile
# contract: SideEntranceEchidna
# outcome: failure
# expected: 'testPoolBalance():\s*failed'
- name: TestToken
workdir: program-analysis/echidna/example/
files: testtoken.sol
contract: TestToken
outcome: failure
expected: 'echidna_balance_under_1000()\" failed after the following call sequence'
- name: Multi
workdir: program-analysis/echidna/example/
files: multi.sol
contract: C
config: filter.yaml
outcome: failure
expected: 'echidna_state4()\" failed after the following call sequence'
- name: Assert
workdir: program-analysis/echidna/example/
files: assert.sol
config: assert.yaml
contract: Incrementor
outcome: failure
expected: 'inc(uint256)\" resulted in an assertion failure after the following call sequence'
- name: PopsicleBroken
workdir: program-analysis/echidna/example/
files: PopsicleBroken.sol
solc-version: 0.8.4
contract: PopsicleBroken
outcome: failure
expected: 'PopsicleBroken.totalBalanceAfterTransferIsPreserved(address,uint256)\" resulted in an assertion failure after the following call sequence'
- name: PopsicleFixed
workdir: program-analysis/echidna/example/
files: PopsicleFixed.sol
solc-version: 0.8.4
contract: PopsicleFixed
outcome: success
expected: '\[PASSED\] Assertion Test: PopsicleFixed.totalBalanceAfterTransferIsPreserved(address,uint256)'
- name: TestDepositWithPermit
workdir: program-analysis/echidna/example/
files: TestDepositWithPermit.sol
solc-version: 0.8.0
config: testdeposit.yaml
contract: TestDepositWithPermit
outcome: success
expected: '\[PASSED\] Assertion Test: TestDepositWithPermit.testERC20PermitDeposit(uint256)'
# - name: MultiABI
# workdir: program-analysis/echidna/example/
# files: allContracts.sol
# solc-version: 0.8.0
# config: allContracts.yaml
# contract: EchidnaTest
# outcome: failure
# expected: 'test_flag_is_false():\s*failed'
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Checkout Damn Vulnerable DeFi solutions
uses: actions/checkout@v4
if: startsWith(matrix.workdir, 'dvdefi')
with:
repository: crytic/damn-vulnerable-defi-echidna
ref: solutions
path: ${{ matrix.workdir }}
- name: Set up Nodejs
uses: actions/setup-node@v3
if: startsWith(matrix.workdir, 'dvdefi')
with:
node-version: 16
- name: Install dependencies and compile
if: startsWith(matrix.workdir, 'dvdefi')
run: |
yarn install --frozen-lockfile
npx hardhat compile --force
working-directory: ${{ matrix.workdir }}
- name: Go setup
uses: actions/setup-go@v5
with:
go-version: "^1.18.1"
- name: Install medusa
run: |
git clone https://github.com/crytic/medusa.git
cd medusa
go build -o medusa -v .
go install -v .
sudo cp medusa /usr/bin
pip install crytic-compile solc-select
- name: Run Medusa
continue-on-error: true
working-directory: ${{ matrix.workdir }}
run: |
solc-select install ${{ matrix.solc-version || '0.8.0' }}
solc-select use ${{ matrix.solc-version || '0.8.0' }}
medusa fuzz --compilation-target ${{ matrix.files }} --target-contracts ${{ matrix.contract }} --no-color --test-limit 100000 --config medusa.json > ${{ matrix.files }}.out || true
- name: Verify that the output is correct
working-directory: ${{ matrix.workdir }}
run: |
if grep -q "${{ matrix.expected }}" "${{ matrix.files }}.out"; then
echo "Output matches"
else
echo "Output mismatch. Expected something matching '${{ matrix.expected }}'. Got the following:"
cat "${{ matrix.files }}.out"
exit 1
fi