-
Notifications
You must be signed in to change notification settings - Fork 28
Release Notes
Sfuzz is a fuzzer for smart contracts on Ethereum platform. It is based on a novel adaptive fuzzing strategy which combines the strategy in the AFL (american fuzzy lop) fuzzer and a lightweight multi-objective adaptive strategy targeting those hard-to-cover branches. It has an extensible design, which allows it to support different vulnerabilities and different Ethereum versions with ease. To automatically test smart contracts, we solved the following three problems:
- The test automation problem (i.e., how to automatically run the test cases),
- The test generation problem (i.e., what test cases do we generate, among all the possible ones),
- The oracle problem (i.e., what are regarded as vulnerabilities).
We have tested 50 thousand contracts and the experiment results reveal that sFuzz is the most efficient fuzzer for smart contracts on the Ethereum platform. It run faster, has higher coverage and discovers more vulnerabilities than state-of-the-art tools.
sFuzz currently supports scanning 9 vulnerabilities:
- Gasless Send
- Exception Disorder
- Block number Dependency
- Timestamp Dependency
- Reentrancy
- Integer Overflow
- Integer Underflow
- Dangerous Delegatecall
- Freezing Ethereum
sFuzz also records other useful information which provide developers a comprehensive view of the scanning smart contract. The information includes control flow, branch coverage, etc. In the future, sFuzz will definitely support more update-to-date vulnerabilities.