In my previous article, I wrote about the core concepts of mutation testing. With this post, I will show you the mutation testing theory can be applied in practice using the mutation testing tool Vertigo.
To start with mutation testing, we need to do three things:
Install Truffle and ganache by executing the following commands:
$ npm install -g truffle
$ npm install -g ganache-cli
Then install Vertigo by executing the following command:
$ pip3 install eth_vertigo
With that out of the way, the only thing left to do is to get a Truffle project to run our mutation testing on. …
Recently I released a mutation testing tool for smart contracts on GitHub called Vertigo.
In this series of blog posts, I hope to do the following things:
In this first post, we will review the concepts, and more importantly, the motivation behind mutation testing.
There is no shortage of stories on the security incidents that have occurred with smart contract systems (the DAO Hack, Parity Wallet Hack, batchOverflow, … ). The high stakes, high-risk environment has sparked the development of many tools and techniques that help increase the security of smart contract projects ( e.g. …
Mythril is a cool symbolic execution tool that comes pre-loaded with several detection modules that check for bugs like integer overflows and reentrancy vulnerabilities. I’m one of the core team members of the MythX platform team; maintaining, improving, and buidling Mythril.